-
Notifications
You must be signed in to change notification settings - Fork 1
/
Step 2. Setup Vyos Router in Lab.ps1
487 lines (424 loc) · 18.9 KB
/
Step 2. Setup Vyos Router in Lab.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
<#
.SYNOPSIS
Set vyos router
.DESCRIPTION
Set VyOS router in Hyper-V
.NOTES
1. Creates New VHD file
2. Create new General 1 VM and attached the VHD
3. Mounts vyOS IOS to VM
4. Configures Hyper-V networks for VLANID
5. Boots VM and requires manual input for install
6. Unmounts ISO, Reboots VM and requires lan setup
7. Setup external network and SSH
8. Adds LAN networks to router and sets up LAN configuration
#>
#Requires -RunAsAdministrator
param(
[Parameter(Mandatory = $false)]
[ArgumentCompleter( {
param ( $commandName,
$parameterName,
$wordToComplete,
$commandAst,
$fakeBoundParameters )
$Configs = Get-Childitem $_ -Filter configs* | Where Extension -eq '.ps1' | Select -ExpandProperty Name
$Configs | Where-Object {
$_ -like "$wordToComplete*"
}
} )]
[Alias("config")]
[string]$ConfigurationFile = "configs.ps1",
[bool]$NoAzureCheck = $true,
[switch]$SkipInitialSetup
)
#region Grab Configurations
If($PSScriptRoot.ToString().length -eq 0)
{
Write-Host ("File not ran as script; Assuming its opened in ISE. ") -ForegroundColor Red
Write-Host (" Run configuration file first (eg: . .\$ConfigurationFile)") -ForegroundColor Yellow
Break
}
Else{
Write-Host ("Loading {0}..." -f "$PSScriptRoot\$ConfigurationFile") -ForegroundColor Yellow -NoNewline
. "$PSScriptRoot\$ConfigurationFile" -NoAzureCheck
}
#start transcript
$LogfileName = "$LabPrefix-VYOSRouterSetup-$(Get-Date -Format 'yyyy-MM-dd_Thh-mm-ss-tt').log"
Try{Start-transcript "$PSScriptRoot\Logs\$LogfileName" -ErrorAction Stop}catch{Start-Transcript "$PSScriptRoot\$LogfileName"}
If(-Not(Test-Path $VyOSConfig.ISOLocation)){Write-Host ("Unable to find VyOS ISO: [{0}]. Please update config and rerun setup" -f $VyOSConfig.ISOLocation) -ForegroundColor Red;Break}
#check drive space availability
$DriveLetter = (Get-Item $HyperVConfig.VirtualHardDiskLocation).PSDrive.Name
$disk = Get-WmiObject Win32_LogicalDisk -Filter "DeviceID='$($DriveLetter):'" | Select-Object *
If($disk.FreeSpace/1GB -le 2){
Write-Host ("Unable to create VHD: [{0}]. Not enough drive space [{1}GB]" -f $VHDxFilePath,[int]($disk.FreeSpace/1GB).ToString()) -ForegroundColor Black -BackgroundColor Red
Break
}
#region Create VyOS VM
$VM = Get-VM -Name $VyOSConfig.VMName -ErrorAction SilentlyContinue
If(!$SkipInitialSetup -or !$VM){
If($null -eq $VM)
{
Write-Host ("Creating a VM [{0}]..." -f $VyOSConfig.VMName) -ForegroundColor White -NoNewline
$VHDxFilePath = ($HyperVConfig.VirtualHardDiskLocation + '\'+ $VyOSConfig.VMName +'.vhdx')
Try{
If(Get-VHD -Path $VHDxFilePath -ErrorAction SilentlyContinue ){
Remove-Item $VHDxFilePath -Confirm -Force -ErrorAction Stop
}
New-VHD -Path $VHDxFilePath -SizeBytes 3GB -Dynamic -ErrorAction stop | Out-Null
}
Catch{
Write-Host ("Unable to manage VHD: [{0}]. {1}" -f $VHDxFilePath ,$_.Exception.Message) -ForegroundColor Black -BackgroundColor Red
Break
}
Try{
$VmSwitchExternal = Get-VMSwitch -SwitchType External | Select -ExpandProperty Name -First 1
New-VM -Name $VyOSConfig.VMName -VHDPath $VHDxFilePath `
-SwitchName $VmSwitchExternal -MemoryStartupBytes 256MB -Generation 1 -ErrorAction Stop | Out-Null
Set-VM -Name $VyOSConfig.VMName -AutomaticCheckpointsEnabled $false -Notes 'StartupOrder: 1' `
-AutomaticStartAction Start -AutomaticStopAction ShutDown -CheckpointType Disabled `
-DynamicMemory -ErrorAction Stop | Out-Null
#Remove-VMCheckpoint -VMName $VyOSConfig.VMName -ErrorAction SilentlyContinue
#$FileName = Split-Path $VyOSConfig.ISOLocation -Leaf
#Copy-Item $VyOSConfig.ISOLocation -Destination "$env:temp\$FileName" -ErrorAction SilentlyContinue -Force |Out-Null
#Connect ISO
If($VyOSConfig.ISOLocation -like '.*'){
Set-VMDvdDrive -VMName $VyOSConfig.VMName -Path ($VyOSConfig.ISOLocation -replace '^.',$PSScriptRoot) -ErrorAction Stop
}Else{
Set-VMDvdDrive -VMName $VyOSConfig.VMName -Path $VyOSConfig.ISOLocation -ErrorAction Stop
}
#$VmSwitchExternal = Get-VMSwitch -SwitchType External | Select -ExpandProperty Name -First 1
#Get-VMNetworkAdapter -VMName $VyOSConfig.VMName | Connect-VMNetworkAdapter -SwitchName $VmSwitchExternal -ErrorAction Stop
}
Catch{
Write-Host ("Unable to build the VM: [{0}]. {1}" -f $VyOSConfig.VMName,$_.Exception.Message) -ForegroundColor Black -BackgroundColor Red
Break
}
Write-Host "Done" -ForegroundColor Green
}
Else{
Write-Host ("VM Already created named [{0}]..." -f $VM.Name) -ForegroundColor Green -NoNewline
#always stop VM before attaching iso
If($VM.State -eq 'Running'){
Write-Host ("in [{0}] State...stopping" -f $VM.State) -ForegroundColor Red
Stop-VM $VyOSConfig.VMName -ErrorAction SilentlyContinue -Force
}
Else{
Write-Host ("in [{0}] State" -f $VM.State) -ForegroundColor Green
}
#always remount ISO if found mounted already
If( ($MountedIsoPath = Get-VMDvdDrive -VMName $VyOSConfig.VMName).Path -ne $VyOSConfig.ISOLocation)
{
Set-VMDvdDrive -VMName $VyOSConfig.VMName -Path $VyOSConfig.ISOLocation -ErrorAction Stop
}
}
#endregion
#Trunk HyperV Network for internal networks; determine if VLAN needs to be used.
#https://docs.microsoft.com/en-us/powershell/module/hyper-v/set-vmnetworkadaptervlan?view=windowsserver2019-ps
If($HyperVConfig.ConfigureForVLAN)
{
Get-VMNetworkAdapter -VMName $VyOSConfig.VMName | Where-Object {$_.SwitchName -ne $VmSwitchExternal} |
Set-VMNetworkAdapterVlan -Trunk -NativeVlanId $HyperVConfig.VLANID -AllowedVlanIdList $VyOSConfig.AllowedvLanIdRange
}
Else{
Get-VMNetworkAdapter -VMName $VyOSConfig.VMName | Where-Object {$_.SwitchName -ne $VmSwitchExternal} |
Set-VMNetworkAdapterVlan -Untagged
}
#start VM
Write-Host "Starting router for initial settings, please wait..." -ForegroundColor Yellow
If($VM.State -ne "Running"){Start-VM -Name $VyOSConfig.VMName -ErrorAction Stop
Start-Sleep 45
}
#region INSTALL VyOS
Write-Host "↓↓↓ PLEASE FOLLOW THE STEPS BELOW ↓↓↓" -ForegroundColor Black -BackgroundColor Cyan
$VyOSSteps = @"
`n
Installing an image onto the virtual router
Connect to router and answer the questions below:
=================================================
VyOS login: vyos
Password: vyos
VyOS@VyOS:~$ install image
Would you like to continue? (Yes/No) [Yes]: [Enter]
Partition (Auto/Parted/Skip) [Auto]: [Enter]
Install the image on? [sda]: [Enter]
Continue? (Yes/No) [No]: Yes
How big of a root partition should I create? (1000MB - 2147MB) [2147]MB: [Enter]
What would you like to name this image? [1.1.8]: [Enter]
Which one should I copy to sda? [/config/config.boot]: [Enter]
Enter password for user 'vyos': [Type in a password]
Retype password for user 'vyos': [Confirm password]
Which drive should GRUB modify the boot partition on? [sda]: [Enter]
"@
do {
#cls
Write-Host $VyOSSteps -ForegroundColor Gray
Write-Host "`nNOTE: To get out of console, hit [CTRL+ALT+LEFT ARROW]" -ForegroundColor Yellow
$CompleteFirstStep = Read-host "Did you complete the steps above? [Y or N]"
} until ($CompleteFirstStep -eq 'Y')
Write-Host "`nPreparing router for next configurations, please wait..." -ForegroundColor Yellow
Stop-VM $VyOSConfig.VMName -ErrorAction SilentlyContinue
#always dismount ISO
Get-VMDvdDrive -VMName $VyOSConfig.VMName | Remove-VMDvdDrive
Start-VM -Name $VyOSConfig.VMName -ErrorAction SilentlyContinue
Start-Sleep 45
#endregion
#region Setup VyOS SSH
Write-Host "↓↓↓ PLEASE FOLLOW THE STEPS BELOW ↓↓↓" -ForegroundColor Black -BackgroundColor Cyan
$VyOSSteps = @"
`n
Enable network and SSH on the virtual router
Connect to router and answer the questions below:
=================================================
vyos login: vyos
Password: [Your new password]
vyos@vyos:~$ configure
vyos@vyos# set interfaces ethernet eth0 address dhcp
vyos@vyos# set service ssh port 22
vyos@vyos# commit
vyos@vyos# save
vyos@vyos# exit
vyos@vyos:~$ show int
"@
do {
#cls
Write-Host $VyOSSteps -ForegroundColor Gray
Write-Host "`nMake sure there is an IP address for interface eth0" -ForegroundColor Yellow
Write-Host "TAKE NOTE OF IP" -BackgroundColor Yellow -ForegroundColor Black
$CompleteSecondStep = Read-host "Did you complete the steps above? [Y or N]"
} until ($CompleteSecondStep -eq 'Y')
Write-Host "If steps completed successfully, You will be able to ssh into the router instead of connecting VM console" -ForegroundColor White
#endregion
}
Else{
Write-Host "Check IP by running command in router [" -ForegroundColor Red -NoNewline
Write-Host "show int" -ForegroundColor Yellow -NoNewline
Write-Host "]" -ForegroundColor Red
}
#region Prompt for external interface for router
$ping = 0
do {
If(Test-Path "$env:temp\$($LabPrefix)-VyOSextip.txt"){
$VyOSExistingIP = Get-Content "$env:temp\$($LabPrefix)-VyOSextip.txt"
$IsRightIP = Read-host "Is your $($VM.Name) eth0 IP Address [$VyOSExistingIP]? [Y or N]"
}
If($IsRightIP -eq 'Y'){
$VyOSExternalIP = $VyOSExistingIP
}Else{
$VyOSExternalIP = Read-host "What is your $($VM.Name)'s eth0 IP Address? [eg. 192.168.1.2]"
}
#remove old recorded IP and CIDR from address (if found)
Remove-Item "$env:temp\$($LabPrefix)-VyOSextip.txt" -Force -ErrorAction SilentlyContinue | Out-Null
If($VyOSExternalIP -match '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$'){
$VyOSExternalIP = $VyOSExternalIP.replace($Matches[4],'')
}
Write-Host "Testing connection to [$VyOSExternalIP]..." -ForegroundColor Yellow -NoNewline
Start-Sleep 5
$ping++
$TestIP = Test-Connection $VyOSExternalIP -Count 1 -Quiet
If (!($TestIP)){
Write-Host "Failed! Check IP and run command in router [" -ForegroundColor Red -NoNewline
Write-Host "show int ethernet eth0 brief" -ForegroundColor white -NoNewline
Write-Host "]" -ForegroundColor Red
}
Else {
Write-Host ("interface is pingable") -ForegroundColor Green
$VyOSConfig.Add('ExternalInterfaceIP',$VyOSExternalIP)
$VyOSExternalIP | Out-File "$env:temp\$($LabPrefix)-VyOSextip.txt" -Force
}
} until ( ($VyOSExternalIP -as [System.Net.IPAddress] -and $TestIP) -or ($ping -eq 10) )
#endregion
Write-Host "`nPreparing router for network configurations, please wait..." -ForegroundColor Yellow
#region Add all internal networks to router
Stop-VM $VyOSConfig.VMName -ErrorAction SilentlyContinue
start-sleep 10
$VM = Get-VM -Name $VyOSConfig.VMName -ErrorAction SilentlyContinue
$VyOSNetworks = $HyperVConfig.VirtualSwitchNetworks.GetEnumerator() | Sort Name
#TEST $Network = $VyOSNetworks[0]
ForEach($Network in $VyOSNetworks)
{
If($Network.Name -in $VM.NetworkAdapters.switchname){
Write-Host ("Network [{0}] is already attached to [{1}]" -f $Network.Name,$VM.VMName) -ForegroundColor Green
}
Else{
Try{
Write-Host ("Attaching network [{0}] to [{1}]..." -f $Network.Name,$VM.VMName) -ForegroundColor White -NoNewline
Add-VMNetworkAdapter -VMName $VM.VMName -SwitchName $Network.Name -ErrorAction Stop
Write-Host ("Done") -ForegroundColor Green
}
Catch{
Write-Host ("{0}" -f $_.Exception.Message) -ForegroundColor Black -BackgroundColor Red
Break
}
}
}
Start-VM -Name $VyOSConfig.VMName -ErrorAction SilentlyContinue
#wait for VM to boot completely
Write-Host "Router is rebooting" -ForegroundColor Yellow -NoNewline
do {
Write-Host "." -ForegroundColor White -NoNewline
Start-Sleep 3
} until(Test-Connection $VyOSExternalIP -Count 1 -ErrorAction SilentlyContinue)
#endregion
Write-Host "Booted" -ForegroundColor Green
#region Build VyOS Lan Configuration Commands
$VyOSLanCmd = @"
#VyOS Extended Configuration Script
configure
#Host Configuration
set system host-name $(($VyOSConfig.HostName).ToLower())
set system domain-name $domain
set system time-zone $($VyOSConfig.TimeZone)
#External Interface Configuration
set interfaces ethernet eth0 description 'External'
#DNS Configuration
set service dns forwarding cache-size '0'
"@
$i=1
#TEST $SubnetCIDR = ($VyOSConfig.LocalSubnetPrefix.GetEnumerator() | Sort Name)[0]
foreach ($SubnetCIDR in $VyOSConfig.LocalSubnetPrefix.GetEnumerator() | Sort Name){
$Description = ("LAN Subnet for {0}" -f $VyOSConfig.LocalSubnetPrefix[$SubnetCIDR.Name])
$IPInfo = Get-NetworkDetails -CidrAddress $SubnetCIDR.Name
$GatewayInfo = Get-TypicalRouterRange -StartIP $IPInfo.StartingIP -EndIP $IPInfo.EndingIP -Gateway $IPInfo.SubnetMask -Position Last
$VyOSLanCmd += @"
`n
#Interface $i Configuration
set interfaces ethernet eth$i address $($IPInfo.EndingIP)/$($IPInfo.Prefix)
set interfaces ethernet eth$i description '$($Description)'
set service dns forwarding listen-on 'eth$($i)'
"@
If($VyOSConfig.EnableDHCP){
$VyOSLanCmd += @"
# Enable DHCP Configuration for eth$i
set service dhcp-server disabled 'false'
set service dhcp-server shared-network-name ETH$($i)_Pool subnet $($SubnetCIDR.Name) start $($GatewayInfo.StartIP) stop $($GatewayInfo.EndIP)
set service dhcp-server shared-network-name ETH$($i)_Pool subnet $($SubnetCIDR.Name) dns-server $NextHop
set service dhcp-server shared-network-name ETH$($i)_Pool subnet $($SubnetCIDR.Name) dns-server $($GatewayInfo.GatewayIP)
set service dhcp-server shared-network-name ETH$($i)_Pool subnet $($SubnetCIDR.Name) default-router $($GatewayInfo.GatewayIP)
set service dhcp-server shared-network-name ETH$($i)_Pool subnet $($SubnetCIDR.Name) lease '86400'
"@
}
$i++
}
switch($VyOSConfig.UseDNSOption){
'External' {$VyOSLanCmd += @"
`n
#forward home network dhcp`n
set service dns forwarding dhcp eth0
"@
}
'Internal' {$VyOSLanCmd += @"
`n
#Set internal dns
"@
foreach ($IP in $VyOSConfig.InternalDNSIP){
$VyOSLanCmd += @"
`n
set service dns forwarding name-server '$($IP)'
"@
}
}
'Internet' {$VyOSLanCmd += @"
#Set internet dns
`n
set service dns forwarding name-server '8.8.8.8'
set service dns forwarding name-server '$($NextHop)'
"@
}
}
If($VyOSConfig.EnablePXERelay){
$i=1
ForEach($Network in $VyOSNetworks){
$VyOSLanCmd += @"
`n
#Enable DHCP relay (PXE boot) for eth$($i):
set service dhcp-relay interface eth$($i)
"@
$i=$i+1
}
If(!$VyOSConfig.EnableDHCP){
$VyOSLanCmd += @"
`n
#If DHCP disabled, Set the IP address of the other DHCP server:
set service dhcp-relay server '$($VyOSConfig.DhcpRelayIP)'
#Discard DHCP packages already containing relay agent
set service dhcp-relay relay-options relay-agents-packets discard
"@
}
}
If($VyOSConfig.EnableNAT){
$VyOSLanCmd += @"
#Enable NAT Configuration
set nat source rule 300 outbound-interface eth0
set nat source rule 300 source address '$($VyOSConfig.LocalCIDRPrefix)'
set nat source rule 300 translation address masquerade
"@
}
$VyOSLanCmd += @"
commit
save
"@
#endregion
#Always output script
#TEST $LogfileName = 'vyostest.log'
$ScriptName = $LogfileName.replace('.log','.script')
Remove-Item "$PSScriptRoot\Logs\$ScriptName" -Force -ErrorAction SilentlyContinue | Out-Null
$VyOSLanCmd | Add-Content "$PSScriptRoot\Logs\$ScriptName" -Force
If($RouterAutomationMode){
Write-Host "Attempting to automatically configure router's lan settings..." -ForegroundColor Yellow
#region Automation Mode
$VyOSLanScript = New-VyattaScript -Value $VyOSLanCmd -AsObject -SetReboot
#temporary set auto logon ssh keys
New-SSHSharedKey -IP $VyOSExternalIP -User 'vyos' -Force -Persistent -Verbose
$Result = Invoke-VyattaScript -IP $VyOSExternalIP -Path $VyOSLanScript.Path -Verbose
$Result
If(!$Result){
Write-Host "Failed to run automation script for vyos router; please use manual process instead" -ForegroundColor Red
$RunManualSteps = $true
}
Else{
#wait for VM to boot completely
Write-Host "Router is rebooting..." -ForegroundColor Yellow -NoNewline
do {
Write-Host "." -ForegroundColor Yellow -NoNewline
Start-Sleep 1
} until(Test-Connection $VyOSExternalIP -Count 1 -ErrorAction SilentlyContinue)
Write-Host "Booted" -ForegroundColor Green
Write-Host "------------------------------------------" -ForegroundColor Gray
Write-Host "Log into router and run command [" -ForegroundColor Gray -NoNewline
Write-Host "show int" -ForegroundColor Yellow -NoNewline
Write-Host "]" -ForegroundColor Gray
Write-Host "------------------------------------------" -ForegroundColor Gray
$VyosInterfacesPrompt = Read-host "Are all interfaces configured with an ip address? [Y or N]"
If($VyosInterfacesPrompt -eq 'y' -or $VyosInterfacesPrompt -eq 'yes'){
Write-Host "====================================" -ForegroundColor Black -BackgroundColor Green
Write-Host " Done configuring router interfaces " -ForegroundColor Black -BackgroundColor Green
Write-Host "====================================" -ForegroundColor Black -BackgroundColor Green
$RunManualSteps = $false
}
Else{
Write-Host "Automation may have failed, try running the commands manually" -ForegroundColor Black -BackgroundColor Red
$RunManualSteps = $true
}
}
#endregion
}
Else{
$RunManualSteps = $true
}
If($RunManualSteps){
#region Copy Paste Mode
Write-Host "--------------------------------------------------------" -ForegroundColor Yellow
Write-Host $VyOSLanCmd -ForegroundColor Gray
Write-Host "--------------------------------------------------------" -ForegroundColor Yellow
Write-Host "`nOpen ssh session for $($VyOSConfig.VMName) by running command [" -ForegroundColor White -NoNewline
Write-Host ("ssh vyos@{0}" -f $VyOSExternalIP) -ForegroundColor Yellow -NoNewline
Write-Host "]" -ForegroundColor White
Write-Host "Then copy the script between the lines or `n from $PSScriptRoot\Logs\$ScriptName" -ForegroundColor White
Write-Host "`nA reboot may be required on $($VyOSConfig.VMName) for updates to take effect" -ForegroundColor Red
Write-Host "In router's ssh session, run command [" -ForegroundColor Gray -NoNewline
Write-Host "reboot now" -ForegroundColor Yellow -NoNewline
Write-Host "] to reboot" -ForegroundColor Gray
#endregion
}
Stop-Transcript