Installation on VMware ESXi 5.5

This manual describes the steps to configure and prepare VMware ESXi Version 5.x in order to install the IACBOX.

  • A 64-bit host-system is required.
  • It is strongly recommended to use a dedicated physical network interface card for the Surf-LAN.
  • The system must be online at any time in order to synchronize necessary IACBOX registration data with the licensing server.
  • This manual describes the installation of the IACBOX on ESXi, not the ESXi installation itself.
  • The IACBOX is a realtime system. Therefore it is critical to only assign and use resources which are capable of working within the same operational context. For example: If a VM cluster is used, only the CPU cores of one socket may be used for the IACBOX to avoid rapid context switching between multiple sockets, which would lead to intolerable delays and possible system faults.
  • The IACBOX is a closed system, therefore utilities like VMware Tools, which would need full access to the system, can not be installed.
  • Please note the minimum hardware requirements
  • Starting from 250 users a processor with at least 2,50 Ghz or better is required.
  • Virtualized environments generally need more resources due to the nature of virtualization.
  • Functions like the Advanced Web Filter, the Application Control or the Connection Tracking are very CPU-intensive and should therefore be used with caution.
  • In order to use the new DNS based Web Filter at least 4GB of internal memory must be available.

Preparation

Use the VMware vSphere client software to log in on your ESXi server. The client software can be obtained on the VMware homepage by using the following link: http://www.vmware.com/products/vsphere.

image

This manual was created with and for ESXi version 5.5. Other versions may differ slightly from what is demonstrated in this manual. While logging in the first time you may face a certificate warning.

image

  • This certificate warning is normal and not critical upon initial usage.
  • If you face this warning while you’ve already installed the certificate and did not change the ESXi server configuration, then it might be break-in attempt.

After logging in, click on Inventory to get to the configuration menu of the ESXi server.

image

Then navigate to Configuration / Network Adapters. This listing shows the mapping of the virtual/physical network interfaces.

image

Now click on Networking which can be found in the menu on the left side. Here you can see the interfaces of the ESXi server on the default virtual swtich vSwitch0. Click on Properties.

image

In the next window (vSwitch0 Properties) click on Add, then add a Virtual Machine and click Next.

image

Now type in a name for your Office-LAN connection and hit Next. Here you see that the Office-LAN and Management-Network do share the same physical network card.

image

Now click on Next and confirm the summary of the changes with Finish. The next step is about configuration of the Surf-LAN network. Choose Add Networking.

image

As Connection Type choose Virtual Machine and click on Next. In the next window choose Create vSphere standard switch and continue with Next.

image

In the Connection Settings enter the name of the Surf-LAN network and click on Next. After that, confirm the summary screen in the next window and accept by clicking on Finish.

image

Summary of the configured interfaces:

  1. NIC #1 Management Network (vSphere) and Office-LAN
  2. NIC #2 Surf-LAN (Dedicated)

Creating the virtual machine

To create the virtual machine click on File, New and then Virtual Machine. A configuration window will open, choose Custom and continue with Next.

image

In the next step choose a name for the virtual machine and confirm. Now you need to assign the Destination Storage. This setting does not yet allocate any space on the destination storage.

image

In the next menu, select version 8 or higher as Virtual Machine Version. In the Guest Operating System menu choose Linux and then select the most recent SUSE Linux Enterprise version in (64-bit).

image

The CPU and Memory settings must be configured according to the minimum hardware requirements which can be found on top of this document - or better. For the Network settings ensure that you select VMXNET 3 as Adapter type and then enable the Connect at Power On for both network interfaces.

image

In SCSI Controller settings select VMware Paravirtual. This will add two additional configurations to the setup list on the left, so the next step will become Select a Disk. Here just select Create a new virtual disk and continue with Next. If the option for VMware Paravirtual is not available in your ESXi, then select LSI Logic Parallel.

image

For the Create a Disk configuration again note the minimum hardware requirements. Also enable the option Thick Provision Eager Zeroed.

image

The settings in Advanced Options are usually fine by default, continue to Ready to Complete. Verify your configuration and then finish the process by clicking on Finish.

image

image

After the virtual machine creation was done, right click on the new virtual machine and select Properties. Here you can decide how to include the installation medium. Usually in virtualized environments this is done by ISO files, but if the host system has a CD-ROM drive, then a CD can also be used.

Now you can proceed with the installation of the IACBOX. The detailed installation process is described in the installation manual