Launch an InstanceΒΆ
Now launch an instance of TNSR:
Install
azure-cli. Instructions can be found at https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latestLogin to your Azure account running:
$ az login
Configure the default location.
$ az configure --defaults location=centralus
Create a resource group to be used to store all TNSR related objects if it does not already exist.
$ az group create -n TNSR-Resource-Group
Create Virtual Network and Subnets.
$ az network vnet create \ -n TNSR-VNet \ -g TNSR-Resource-Group \ --address-prefixes 10.5.0.0/16 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-WAN-Subnet \ --address-prefixes 10.5.0.0/24 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-LAN-Subnet \ --address-prefixes 10.5.1.0/24 $ az network vnet subnet create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ -n TNSR-MGMT-Subnet \ --address-prefixes 10.5.2.0/24
Create Public IPs to be used by WAN and Management interfaces.
$ az network public-ip create \ -g TNSR-Resource-Group \ -n TNSR-WAN-IP $ az network public-ip create \ -g TNSR-Resource-Group \ -n TNSR-MGMT-IP
Create a Network Security Group (NSG).
$ az network nsg create -n TNSR-MGMT-NSG -g TNSR-Resource-Group $ az network nsg rule create \ --name MGMT_Allow_SSH \ --nsg-name TNSR-MGMT-NSG \ -g TNSR-Resource-Group \ --priority 100 \ --access Allow \ --destination-port-ranges 22 \ --direction Inbound \ --protocol Tcp
Create the Management Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-MGMT-Subnet \ -n TNSR-MGMT-nic \ --public-ip-address TNSR-MGMT-IP \ --network-security-group TNSR-MGMT-NSG
Create the WAN Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-WAN-Subnet \ -n TNSR-WAN-nic \ --public-ip-address TNSR-WAN-IP \ --ip-forward \ --accelerated-network
Create the LAN Network Interface.
$ az network nic create \ -g TNSR-Resource-Group \ --vnet-name TNSR-VNet \ --subnet TNSR-LAN-Subnet \ -n TNSR-LAN-nic \ --ip-forward \ --accelerated-network
Choose the VM Size to be used. To get a list of sizes that are able to run TNSR, run the following command and export a variable called TNSR_SIZE with it.
$ az vm list-sizes \ --query "[?numberOfCores >= \`4\`] | [?memoryInMb >= \`8192\`].name | sort(@)" \ --output tsv $ export TNSR_SIZE=<FILL DESIRED SIZE HERE> # EXAMPLE: $ export TNSR_SIZE="Standard_DS4_v2"
Warning
Avoid using TNSR with spot instances as they are not persistent and can lead to instability.
Choose the TNSR image URN to be used from the list obtained with the following command and export a variable called TNSR_URN with it.
$ az vm image list \ --publisher Netgate \ --all \ --query "[?contains(offer,'tnsr')].{Sku:sku, Version:version Urn:urn}" \ --output table $ export TNSR_URN="netgate:netgate-tnsr-azure-fw-vpn-router:netgate-tnsr:20.02.2"
Export a variable called TNSR_SSH_KEY containing a path to a valid SSH public key.
$ export TNSR_SSH_KEY="~/.ssh/id_rsa.pub"
Accept Azure Marketplace terms so that the image can be used to create VMs.
$ az vm image terms accept --urn ${TNSR_URN}
Note
Previous versions of
Azure CLIused the command$ az vm image accept-terms --urn ${TNSR_URN}Create a Storage Account.
$ az storage account create -n tnsrsa -g TNSR-Resource-Group
Create the TNSR Virtual Machine.
$ az vm create \ --admin-username tnsr \ --image ${TNSR_URN} \ --name TNSR-Instance1 \ --nics TNSR-MGMT-nic TNSR-WAN-nic TNSR-LAN-nic \ --os-disk-size-gb 20 \ --resource-group TNSR-Resource-Group \ --size ${TNSR_SIZE} \ --ssh-key-value ${TNSR_SSH_KEY} \ --boot-diagnostics tnsrsa