How to install Micro Edge on a custom appliance
Micro Edge is based on the OpenWrt operating system. OpenWrt supports a variety of hardware platforms including those based on the Intel x86 architecture. Arista Edge Threat Management officially supports Micro Edge deployments based on either VMware or eSeries appliances. However, you can deploy Micro Edge on x86 based devices that use common components.
Note: Micro Edge supports a limited set of network controllers and other components. We recommend Intel and Marvell based components. If you have requirements for other types of components please submit your requests through our feedback system.
Imaging Micro Edge to a custom x86-based appliance involves the following steps:
- Write the Micro Edge image to a USB drive
- Boot the USB drive on the target system
- Confirm connectivity to the LAN interface
- Copy the Micro Edge image to the running instance of Micro Edge
- Connect to the running instance of Micro Edge
- Identify the target storage device label
- Write the Micro Edge image to the storage device
Write the Micro Edge image to a USB drive
This step involves downloading Micro Edge to your management computer and writing to a USB drive using a disk writing utility such as BalenaEtcher or the dd utility that is built into macOS and Linux based systems.
- Insert a USB drive. Note that all contents and file system will be overwritten.
- Download the e6 image from ETM Dashboard.
- Extract the downloaded gzip file. The file should end with a .img extension.
- Using your image writing utility, image the file onto the USB disk.
See example below using dd on macOS:
sudo dd if=/Downloads/mfw-x86-64-combined.img of=/dev/disk2
- Once the imaging is complete, eject the disk.
Boot the USB drive on the target system
For this step you will need either serial console access or video output to an external display and a connected keyboard.
- Boot the target system with the USB drive inserted.
- Confirm that the BIOS of the device is configured to boot from USB before any other storage device.
- If the device boots properly from the USB image you should see output similar to the image below:
Confirm connectivity to the LAN interface
Micro Edge defaults to 192.168.1.1/24 for the IP address of the internal LAN interface and provides DHCP services. To identify the LAN interface:
- Connect your management device to the first ethernet port of your target device.
- Check the network settings of your management computer to identify if you automatically obtain an IP address in the range of 192.168.1.100 to 192.168.1.200.
- If you do not obtain an IP address in this range, continue to cycle through each ethernet port on the device until you identify the LAN port.
- Once you identify the LAN port you can proceed to the next step.
Copy the Micro Edge image to the running instance of Micro Edge
For this step you need to copy the Micro Edge image to the /tmp directory of the running instance of Micro Edge.
Important: Copy the compressed version of the downloaded file (i.e. the file ending with .img.gz)
To copy the image file you can use the Secure copy protocol built into macOS and Linux systems, or you can use Putty for Windows based systems. The default root password is “passwd”.
See the below example of the command from macOS to secure copy the image file:
scp Downloads/mfw-x86-64-combined.img.gz firstname.lastname@example.org:/tmp
Connect to the running instance of Micro Edge
To image Micro Edge onto the local storage of the target device you must connect to the running instance of Micro Edge via SSH. You can use SSH protocol built into macOS and Linux systems, or you can use Putty for Windows based systems. The default root password is “passwd”.
See the below example of the command from macOS to connect via SSH:
Identify the target storage device label
After you log into Micro Edge via SSH you need to identify the device label of your primary storage device. You can use the following command:
dmesg | grep “logical blocks”
In the example below the device “sdb” is the target storage device based on the disk size.
root@mfw:/# dmesg | grep "logical blocks"
[ 4.888337] sd 2:0:0:0: [sda] 1968128 512-byte logical blocks: (1.01 GB/961 MiB)
[ 5.131603] sd 3:0:0:0: [sdb] 124190720 512-byte logical blocks: (63.6 GB/59.2 GiB)
Write the Micro Edge image to the storage device
Confirm that the image file successfully transferred by listing the /tmp directory.
In the example below the file mfw-x86-64-combined.img.gz successfully saved to the /tmp directory as seen by the output.
root@mfw:/# ls /tmp | grep "mfw"
Once you confirm the target device label and the image file exists on the file system you can write the image to the local storage device using the dd command. In the previous example, the command would be:
gzip -dc mfw-x86-64-combined.img.gz dd of=/dev/sdb
Allow a few minutes for the image to write to the disk.
Once the dd command completes you can remove the USB disk and reboot.
Please sign in to leave a comment.