[Tutorial] Building OPNsense virtual machine images

Started by Maurice, August 11, 2023, 04:23:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 11, 2023, 04:23:50 PM
There are (at least) three ways to set up an OPNsense VM:

  • Install from scratch using an installer image,
  • use a preinstalled FreeBSD VM image and convert it to OPNsense using opnsense-bootstrap,
  • build a preinstalled VM image using the OPNsense tools.
I've always preferred the last method and recently streamlined and documented my workflow:

https://github.com/maurice-w/opnsense-vm-images/blob/master/README.md

Thanks a lot to Franco for patiently explaining some of the more obscure build steps!

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
August 11, 2023, 04:37:04 PM #1
Fourth way:

git clone ...
vagrant up

https://github.com/punktDe/vagrant-opnsense
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 11, 2023, 05:03:50 PM #2
Yep, appreciate all your work there! It has specific requirements though (VirtualBox, Vagrant, amd64, UFS only, ...) and is intended primarily for development. Correct me if I'm wrong.

My goal was to provide instructions which work for many (production) environments. I have OPNsense instances running on-prem on Hyper-V (amd64), in the cloud on QEMU (amd64 + aarch64) and I'm exploring other options as well.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
August 11, 2023, 10:17:38 PM #3
For production I don't see a problem with performing a manual installation from distribution iso/img. OPNsense installs in less than five minutes. Depending on your infrastructure (e.g. vSphere) you can create a template from the finished installation with a couple of clicks.

Yes, my small project is not intended for production use, because it uses a desktop hypervisor.

Kind regards,
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 11, 2023, 11:01:24 PM #4
5 minutes is optimistic, more like 10 in my experience. And 30 times 10 minutes is five hours. ;) I just prefer to have a collection of up-to-date VM images in the drawer which can be used to spin up a VM in literally seconds.

Also, an interactive installation can be a real pita in cloud environments, which sometimes don't even have a proper video and / or serial console. Yes, you can create templates from interactively installed VMs, but these have other disadvantages (like not automatically growing the root partition and file system after expanding the image).

For aarch64, I'm not even aware of an interactive installation method. opnsense-bootstrap isn't supported either.

I'm not trying to convince anyone that any particular method is best. I've used all three extensively over the past six years, and that's what works best for me. By far. Other methods might work better for others, absolutely.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
August 11, 2023, 11:21:00 PM #5
Seriously, what's your use case for aarch64?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 11, 2023, 11:45:03 PM #6
Good value for money cloud VMs. All the big players now offer very competitive ARM instances. I'm aware OPNsense-aarch64 is not yet officially supported, but it already works quite well.
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
Print
Go Up Pages1
User actions