Azure
Create Azure Vm from Ova

Steps to Create an Azure VM from an OVA File

This guide will walk you through converting an OVA file into an Azure VM, addressing potential issues, including networking and FortiGate VM-specific configuration.

1. Extract the OVA File

An OVA file is essentially a compressed archive containing:

  • .ovf: Descriptor file with VM metadata (e.g., CPU, memory).
  • .vmdk: Virtual disk file(s).
  • Optional metadata files.

Extract the contents of the OVA file using tar:

tar -xvf your_file.ova

You should see the individual files after extraction.

2. Convert the VMDK to a Fixed-Size VHD

Azure requires disks in fixed-size VHD format.

Option 1: Command-Line Tools

  1. Install qemu-img:

  2. Convert the VMDK to VHD:

    qemu-img convert -f vmdk -O vpc -o subformat=fixed your_file.vmdk your_file.vhd
Option 2: Fix Dynamic Disk Issues Using VirtualBox

If you encounter errors about a dynamic disk during conversion, fix it using the VirtualBox GUI:

  1. Open VirtualBox.
  2. Select the VM using the problematic VDI disk.
  3. Go to Settings > Storage.
  4. Select the VDI disk and click Remove (detach it, but do not delete the disk).
  5. Go to File > Virtual Media Manager.
  6. Select the disk and click Copy.
  7. In the dialog, select Fixed size for the new disk and complete the cloning.

After cloning, convert the new fixed-size VDI disk to VHD:

qemu-img convert -f vdi -O vpc -o subformat=fixed your_file.vdi your_file.vhd

3. Upload the Fixed-Size VHD to Azure Storage

Azure requires the VHD to reside in a storage account. Use the Azure CLI to upload the VHD:

  1. Create a Storage Account in Azure:

    az storage account create --name <StorageAccountName> --resource-group <ResourceGroupName> --location <Location> --sku Standard_LRS

  2. Upload the VHD file to a container:

    az storage container create --name vhds --account-name <StorageAccountName>
az storage blob upload --account-name <StorageAccountName> --container-name vhds --name your_file.vhd --file your_file.vhd

    For details, refer to the official Azure Blob Storage docs (opens in a new tab).

4. Create a Managed Disk from the VHD

Once the VHD is uploaded, create a managed disk to use it in your VM.

  1. Create the managed disk: 
    az disk create --resource-group <ResourceGroupName> --name <DiskName> --source https://<StorageAccountName>.blob.core.windows.net/vhds/your_file.vhd
  2. Confirm the disk creation: 
    az disk show --resource-group <ResourceGroupName> --name <DiskName>
    For more information, see Azure Disk Management (opens in a new tab).

5. Create a VM Using the Managed Disk

This step attaches the disk as the VM's OS disk and creates the virtual machine.

  1. Retrieve the Disk ID:
    To attach the managed disk, you need its unique ID:

    az disk show --resource-group <ResourceGroupName> --name <DiskName> --query "id" --output tsv

  2. Create the Virtual Machine:
    Use the following command:

    az vm create --resource-group <ResourceGroupName> --name <VMName> --attach-os-disk "/subscriptions/<SubscriptionID>/resourceGroups/<ResourceGroupName>/providers/Microsoft.Compute/disks/<DiskName>" --os-type Linux
    • Replace <VMName> with the desired name for your VM.
    • Set --os-type to Linux for FortiGate VM images.

  3. Optional Configuration:
    If you require specific sizing, regions, or availability zones, include these options:

    --size <VMSize> --location <Region>

  4. Verify the VM:
    After creation, confirm the VM is running:

    az vm show --resource-group <ResourceGroupName> --name <VMName> --query "provisioningState" --output tsv

    The output should be Succeeded.

6. Configure Networking

Ensure your VM has appropriate networking:

  • Check if a NIC is attached:

    az vm nic list --resource-group <ResourceGroupName> --vm-name <VMName> --output table

  • If no NIC is found:

    1. Create a NIC: 
      az network nic create --resource-group <ResourceGroupName> --name <NICName> --vnet-name <VNetName> --subnet <SubnetName>
    2. Attach the NIC to the VM: 
      az vm nic add --resource-group <ResourceGroupName> --vm-name <VMName> --nics <NICName>

7. Verify Interfaces in the FortiGate VM

Log in to the FortiGate VM console and check the interfaces:

get system interface physical

If no interfaces are listed:

  1. Reboot the VM:

    execute reboot

  2. Reinitialize Interfaces:

    config system interface
edit port1
set mode dhcp
end

  3. Check Logs for Errors:

    diagnose debug enable
diagnose hardware deviceinfo nic

8. Check VM Size and NIC Support

FortiGate VM models often require multiple NICs. Ensure your VM size supports enough NICs. For example:

VM SizeMax NICs Supported
Standard_B1s1
Standard_DS1_v22
Standard_F4s_v24
Standard_D4s_v38

If the VM size is insufficient, resize it:

az vm resize --resource-group <ResourceGroupName> --name <VMName> --size <NewVMSize>

9. Ensure FortiGate VM License Activation

Without a valid license, certain FortiGate VM features (like network interfaces) may not work. Check the license status:

get system status

If unlicensed, upload a license file via the web interface or CLI.

10. Finalize Configuration

  • Assign a public IP if needed: 
    az network public-ip create --resource-group <ResourceGroupName> --name <IPName>
  • Configure the Network Security Group (NSG) to allow necessary ports (e.g., 443 for HTTPS, 22 for SSH).
Ztp1 Eigrp Packet Header