Upload Palo Alto VM-Series Image to OCI

Palo Alto is a Leader in Next Generation Firewall according to Gartner and this makes them a very requested network appliance in OCI.

At the time of writing this article, there is no Marketplace image that can be used in order to create a Palo Alto VM.

This article will focus on the import of the Palo Alto VM and creating a custom image in OCI in order to be able to create a VM.

In summary, the Palo Alto image needs to be uploaded to the Object Storage in OCI and from there it can be used to create a custom image that will be used to boot a Palo Alto VM.

The following things are prerequisites:

• A valid Palo Alto account and the rights to download the network appliance image;

• A valid OCI subscription;

• OCI CLI setup - The article will use OCI CLI in order to upload the network appliance image to OCI and it will assume that the reader has the CLI installed.

Bellow are the steps needed in order to have the image uploaded to OCI:

1. Download the Palo Alto VM-Series Firewall KVM baseimage (qcow) from their Customer Support Portal.

2. Login to OCI Console and create an Object Storage bucket.

   
   
   
   

3. Upload the qcow2 file to the bucket:

 oci os object put -ns <tenant name> -bn caandrei-bucket --name <name of the file in the bucket> --file <location of the file on the local computer> --parallel-upload-count 10  --config-file <config file of the OCI CLI> --profile <profile name in the config file>

4. Create a pre-authenticated Request for the file uploaded:

   
   
   

5. Navigate to Compute > Custom Images and Import Image:

   
   

   In the Object Storage URL, paste the pre-authenticated request that you just created.

6. Wait until the Custom Image is imported.

   
   

Once the Image is imported, it can be used to create a Palo Alto Network Appliance.

In the next article I will use the image that i just uploaded in order to create a Palo Alto VM