This guide is only for assemblers being deployed with a virtual machine in Nutanix. These instructions assume you are using Prism Central. 

Each assembler you created must be deployed via a virtual machine, and then you can add your technology as a security device in Workbench to complete the full integration. For more information about the Expel Assembler or how it works, see the About the Expel Assembler guide.

Prerequisites

  • You must have completed all of the steps in Add a New Assembler for each assembler you wish to deploy.

Quick Start

Setup includes the following steps (click any step for detailed instructions):

  1. Download the CoreOS Ignition File From Workbench
  2. Locate the CoreOS URL and Checksum
  3. Create the CoreOS Image in Nutanix
  4. Configure and Spin Up the Virtual Machine
  5. Verify a “Connected” Status in Workbench

Step 1: Download the CoreOS Ignition File from Workbench

The ignition file enables the virtual machine to read a configuration file, and to provision the Fedora CoreOS system based on the contents of that file. You will use this file when you configure the virtual machine in AWS.

  1. Log in to Workbench.
  2. In the side menu, navigate to Organization Settings > Assemblers.
  3. Find the assembler you created, and click Download the CoreOS Ignition File. This action will download a JSON file that you will need in the next section.

  1. Repeat this process for any additional assemblers. Important: you must keep track of the files, and which came from which assembler, because each assembler has its own unique ignition file.

Step 2: Locate the CoreOS URL and Checksum

Nutanix requires a URL and checksum for the CoreOS image before you can spin up the virtual machine. You may obtain these values via a web browser or via the command line.

Use a Web Browser

  1. Navigate to https://builds.coreos.fedoraproject.org/streams/stable.json.
  2. In the web browser, find "nutanix" in the JSON.
  3. Copy the values from the following two keys for use in the next section:
    • location - this is the URL.
    • sha256 - this is the checksum.
  4. Go to Step 3.

Use the Command Line

  1. Get the URL:
curl -s https://builds.coreos.fedoraproject.org/streams/stable.json | jq -r .architectures.x86_64.artifacts.nutanix.formats.qcow2.disk.location
  1. Get the checksum:
curl -s https://builds.coreos.fedoraproject.org/streams/stable.json | jq -r .architectures.x86_64.artifacts.nutanix.formats.qcow2.disk.sha256
  1. Go to Step 3.

Step 3: Create the CoreOS Image in Nutanix

Now that you have the URL and checksum, you can create the required CoreOS image within Nutanix.

  1. Log in to Nutanix Prism Central.
  2. From the Dashboard, open the menu on the top left and select Compute & Storage > Images.

  1. On the Images page, select Add Image.
  2. For the Image Source:
    • Select URL.
    • Enter the CoreOS URL you saved in Step 2.
    • Select Upload file.
  3. Now you will be asked for more details:
    • Name - leave as is or change it if you wish.
    • Description - optional; you may leave blank.
    • Checksum - enter the CoreOS checksum you saved in Step 2 and use the dropdown menu to change the type to "SHA-256".
    • Select Next.

  1. Select a location for the CoreOS image. You may choose to place the image directly on clusters (you must select the clusters) or use an Image Placement Policy (you must select a category and associated placement policy).
  2. Select Save.
  3. Go to Activity > Tasks to check the status of your image. It must be created before you can move to the next section (this process may take 5-10 minutes).

Step 4: Configure and Spin Up the Virtual Machine

Before you begin, have your ignition file(s) (Step 1) ready and be sure that your CoreOS image was successfully created in Nutanix Prism Central. You can check the status of your image by going to Activity > Tasks

Remember that your VM must have, at minimum, 2 virtual CPUs, 8 GB RAM, and 20 GB disk space.

  1. Still in Nutanix Prism Central, navigate to Compute & Storage > VMs.
  2. On the VMs page, select Create VM.
  3. On the Configuration page:
    • Name - enter a name for your assembler, such as "expel-assembler".
    • Description - optional; you may leave blank.
    • Cluster - select the cluster for your assembler, if applicable.
    • Number of VMs - enter "1". If you are deploying more than one assembler, you will need to repeat this entire section for each assembler; always enter "1" here.
    • CPU - enter "2" to meet Expel's minimum requirements.
    • Cores Per CPU - leave as "1".
    • Memory - enter "8" to meet Expel's minimum requirements.
    • Enable Memory Overcommit - leave unchecked.
    • Select Next.
  4. On the Resources page, select Attach Disk.
    • Type - leave as "Disk".
    • Operation - select "Clone from Image".
    • Image - select the CoreOS image you created in Step 3.
    • Capacity - enter "20" to meet Expel's minimum requirements.
    • Bus type - leave as SCSI.
    • Select Save.
  5. Still on the Resources page, select Attach to Subnet.
    • Subnet - select the subnet for your VM.
    • Network Connection State - leave as "Connected".
    • Assignment Type - select "Assign with DHCP" unless you are using a static IP address (in that case, select "Assign Static IP").
    • IP Address - if using DHCP, leave blank; if using a static IP, enter the IP address.
    • Select Save.
  6. Still on the Resources page:
    • Boot Configuration - you may use either the "Legacy BIOS Mode" or the "UEFI BIOS Mode".
    • Shield VM Security Settings - leave as is.
    • Select Next.
  7. On the Management page:
    • Categories - leave as is. 
    • Timezone - leave as "UTC".
    • Use this VM as an Agent VM - leave unchecked.
    • Guest Customization - select "Cloud-init (Linux)" as the Script Type and leave "Custom Script" as the Configuration Method.
    • Click the Upload Script link just above the text box and upload your ignition file from Step 1; alternatively, you can paste the contents into the text box.
    • Select Next.
  8. Review your configuration and select Create VM to create your virtual machine. You can check the status on the VMs page. 
  9. When creation has completed, make sure to power your VM on:
    • Select the virtual machine by clicking on its name.
    • On the Summary page, go to More > Power On
  10. Repeat this process for any additional virtual machines. You do not have to create another CoreOS image, but you do need to use a different ignition file for each assembler.

Step 5: Verify a “Connected” Status in Workbench

It can take 10 to 15 minutes for the assembler’s status to update in Workbench.

  1. Log in to Workbench.
  2. In the side menu, navigate to Organization Settings > Assemblers. (or, refresh the page if you never logged out).
  3. Find your newly created assembler(s) and verify that the status has changed from “Not Yet Connected” to “Connected.” 
    • If the status has not updated yet, make sure you have waited at least 15 minutes, then refresh the page and check again.

Troubleshooting

If your assembler is still not showing as “Connected” after 15 minutes:

  • Make sure your VM's size meets the required minimums (2 virtual CPUs, 8 GB RAM, and 20 GB disk space). 
  • Make sure your firewall allows the VM to make the connections that we require.

If all firewall and machine size settings are correct and you are still unable to connect the assembler, contact our support team.