virt-install --name fortigate-prod \
--ram 8192 --vcpus 4 \
--disk path=/var/lib/libvirt/images/fortios.qcow2,device=disk,bus=virtio \
--import \
--network network=dmz-net,model=virtio \
--network network=wan-net,model=virtio \
--network network=lan-net,model=virtio \
--os-variant generic \
--console pty,target_type=serial
sudo guestmount -a fortios.qcow2 -i --ro /mnt/fortios
Mounting or inspecting a fortios.qcow2 (using guestmount or qemu-nbd) reveals a highly specialized Linux environment. Unlike a general-purpose Ubuntu or CentOS server, FortiOS is a network appliance OS.
sudo virt-copy-out -a fortios.qcow2 /data/config . fortios.qcow2
sudo fdisk -l /dev/nbd0
When finished:
sudo guestunmount /mnt/fortios
Or if using NBD:
sudo umount /mnt/fortios
sudo qemu-nbd --disconnect /dev/nbd0
A raw fortios.qcow2 deployment may suffer from packet loss under load unless optimized. Here are the critical adjustments: virt-install --name fortigate-prod \ --ram 8192 --vcpus 4
The use of FortiOS.qcow2 offers several advantages: