EVE-NG in Azure

Reading Time: 6 minutes

During the last months, I was regularly asked to build up a quick demo for partners and/or customers. As I cannot do this at home with limited hardware available I came across EVE-NG. EVE-NG can simulate network devices like the ArubaOS CX switches or the VSR with Comware 7. You can even run Netedit, ClearPass and virtual Controllers (VMC’s).

But as this needs a lot of resources which I do not have at home I came to the idea to do this in Azure. To help others doing this kind of setup as well, the following post describes the installation of EVE-NG in Azure.

The installation itself follows more or less the manual for installing EVE-NG on a bare server. But there are some things to consider.

Create the VM for EVE-NG in Azure

As EVE-NG will virtualize different network devices the first thing to consider is nested virtualization. Before starting the setup, make sure, to check which VM in Azure is capable of nested virtualization. I used the following page to get this information:

https://docs.microsoft.com/en-us/azure/virtual-machines/acu

The page contains a list of available Azure VM sizes but not all are capable of nested virtualization. Look for the following comment and VM sizes with “***”:

***Hyper-threaded and capable of running nested virtualization

Now you can log in to Azure and create a new VM for EVE-NG. I assume you know how to work with Azure. Below is the summary of the VM I created for this test:

EVE-NG in Azure - VM Settings
EVE-NG in Azure – VM Settings

The most important part is the “Image”, which should be “Ubuntu Server 16.04 LTS – Gen1” and the “Size”. Remember to use a size, which is enabled for nested virtualization. Click “Create” to create the VM. If you have selected “SSH public key” for “Authentication type” which is my recommendation, download the public key from Azure right after you clicked “Create”. Now you need to wait until Azure has deployed the VM.

After the VM is deployed connect to the VM using its public IP. If you do not know this IP look for the “Connect” link on the VM object:

EVE-NG in Azure - Connect to VM
EVE-NG in Azure – Connect to VM

Actually, you just need to replace the “<private key path>” with the actual path to the private key, downloaded during VM creation above and you can connect. At least for Linux (OSX) users. If you use Windows or a different SSH client check there for using a key file.

First I would install the latest patches for the system:

 sudo apt update && sudo apt upgrade

After all packages are up to date let’s start preparing the VM.

Prepare the VM to run EVE-NG in Azure

First, you need to set the hostname for the VM. Open the “/etc/hostname” file and set the hostname of your choice:

vi /etc/hostname

In my case it is “eve-ng-lab”.

Next, you need to adjust the “hosts” file to reflect the hostname and the domain. Open the “/etc/hosts” file and add the entry for your host (the second line in the output):

127.0.0.1 localhost
127.0.0.1 eve-ng-lab.flomain.local      eve-ng-lab

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

The next step is to modify Grub, the boot loader, like this:

[email protected]:~$ sudo sed -i -e 's/GRUB_CMDLINE_LINUX_DEFAULT=.*/GRUB_CMDLINE_LINUX_DEFAULT="net.ifnames=0 noquiet"/' /etc/default/grub
[email protected]:~$ sudo update-grub
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.15.0-1098-azure
Found initrd image: /boot/initrd.img-4.15.0-1098-azure
done

Afterwards reboot the VM.

After the VM is up and running again connect again to the VM. This time you need to change to the root user and change the password for the root user:

[email protected]:~$ sudo su
[email protected]:/home/eve-ng-user# passwd
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

Now you allow to login via SSH using the root user. You will revert this setting in the end. Open the file “/etc/ssh/sshd_config” and change the line “PermitRootLogin” to “yes”. Also set “PasswordAuthentication” to “yes”.

Restart the ssh daemon afterwards:

[email protected]:/home/eve-ng-user# /etc/init.d/ssh restart
[ ok ] Restarting ssh (via systemctl): ssh.service.
[email protected]:/home/eve-ng-user# 

Now you can check if the login using the root user with password authentication works. If yes, go ahead to the next step.

Install EVE-NG in Azure

Now we can start to install EVE-NG. Login to the VM using the root user (or use the session from the step above) and issue this command:

[email protected]:/home/eve-ng-user# wget -O - http://www.eve-ng.net/repo/install-eve.sh | bash -i

It will take some time to install all the needed packages. Simply wait for the process to finish.

Afterwards we need to install some Azure specific packages:

[email protected]:/home/eve-ng-user# apt install kernel-common linux-image-4.20.17-eve-ng-azure+

If you where asked about the “kernel-img.conf” select “keep the local version currently installed”:

EVE-NG in Azure - Keep Config
EVE-NG in Azure – Keep Config

Next, you need to remove the unused packages:

[email protected]:/home/eve-ng-user# sudo apt autoremove

Afterwards, re-run the installer to make sure everything is installed:

[email protected]:/home/eve-ng-user# wget -O - http://www.eve-ng.net/repo/install-eve.sh | bash -i

Now, you can reboot the VM.

Configure EVE-NG in Azure

You should now connect to the VM using the root user. This will start the initial wizard. First, you need to set the root password (again). I use the same as before:

EVE-NG in Azure - Change Root Password
EVE-NG in Azure – Change Root Password

The next screen is asking for the hostname:

EVE-NG in Azure - Set Hostname
EVE-NG in Azure – Set Hostname

and also for the domain:

EVE-NG in Azure -Set Domain
EVE-NG in Azure -Set Domain

Leave the IP address setting as “DHCP”:

EVE-NG in Azure - Set IP to DHCP
EVE-NG in Azure – Set IP to DHCP

You do not need a NTP server:

EVE-NG in Azure - Set NTP
EVE-NG in Azure – Set NTP

The VM has also a direct connection to the internet:

EVE-NG in Azure - Set Internet Access
EVE-NG in Azure – Set Internet Access

Afterward, reconfigure the SSH daemon to deny root login and login with a password. Open the “/etc/ssh/sshd_config” and change the “PermitRootLogin” from “yes” to “prohibit-password” and “PasswordAuthentication” from “yes” to “no”. Afterward, reboot the server.

When the server is back online, you can check if everything has worked. Login to the server using the public key user from above:

ssh -L 8080:eve-ng-lab.flomain.local:80 -i Downloads/eve-ng-lab_key.pem [email protected]

I also added the “-L 8080:eve-ng-lab.flomain.local:80” option to tunnel port 8080 to port 80 in the VM in order to access the WEB UI. In this case, I use the URL “http://localhost:8080” and could access the EVE UI.

EVE-NG in Azure last Steps

One thing to consider. In order to save some money. I stop the VM every time I do not need the VM. In order to really save money, you not just need to shut down the VM but “Stop” the VM from the Azure GUI. First, shut down the VM from the CLI:

shutdown -hP now

Afterwards, stop the VM from the Azure GUI:

EVE-NG in Azure - Stop VM
EVE-NG in Azure – Stop VM

Wait until the VM is in the “Status” “Stopped (deallocated)”.

Another thing to consider, if the defined OS disk is too small. The VM I have chosen has only 30G. If the VM is in the “Status” above you can easily expand the size to your needs. Simply go to “Disks” and select the “OS disk”. Here you can change the size in the “Size + performance” settings.

The VM will automatically use the additional space.

You should now be ready to start creating virtual networks.

If you find this post useful, leave me a comment and share it with your friends. If you don’t like the post, leave me a comment and tell me what you don’t like. But whatever you do, leave me a comment.

1 thought on “EVE-NG in Azure”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: