Please note, these instructions are valid only for a pre-release version of CloudShark 3.9. If you would like to join a limited beta, please contact us.
Launch container
CloudShark running on LXC requires a container running CentOS 7. The following
command will launch a new container running CentOS 7 named cs-lxc-container:
lxc launch images:centos/7 cs-lxc-container
Push files
The CloudShark offline installer contains the RPM packages and creates a
repository to install them from. This installer will install the
cloudshark-tools RPM and create a disabled repository called
cloudshark-offline. To begin installing CloudShark first push this file to
the root users home directory in the newly created CentOS 7 container:
lxc file push <offline_installer> cs-lxc-container/root/
Configure networking
CloudShark uses the nginx webserver and by default starts this on port 80 (http) and port 443 (https) with a self-signed default cert. The following examples will forward these ports from the host to the LXC container:
lxc config device add cs-lxc-container http proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80
lxc config device add cs-lxc-container https proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443
Console into the container
The next steps require running commands in the container. This can either be
done using the lxc exec command or by starting and connecting to a session
running /bin/bash within the container as the root user:
lxc exec cs-lxc-container -- /bin/bash
Required packages
CloudShark requires a few packages that are not included in the default CentOS 7 container image. To install these via yum run:
yum -y install sudo hostname tar less
Run offline installer
The offline installer is a makeself executable that
contains the RPM files needed to install CloudShark and a script to create a
local repository named cloudshark-offline. Running this also installs the
cloudshark-tools package and other software required to run CloudShark.
The container needs access to the CentOS repositories while installing via the offline installer. These can be specified in a comma separated list. If the container is using the default repositories the following command will work:
/root/cloudshark-offline-installer.bin base,updates,extras
Install cloudshark-bundle
Now the CloudShark application code can be installed by running:
yum -y --enablerepo cloudshark-offline install cloudshark-bundle
Start cloudshark-puma service
Next the cloudshark-puma service can be started:
systemctl start cloudshark-puma
Licensing (Updated for Beta #2)
In order for us to properly support running containerized instance,
the CloudShark license server must be run on the host operating system.
We are using a license server called rlm.
This is new, and a change from all previous versions of CloudShark.
In your distribution, you will receive a .tgz containing binaries needed to
run the license server. These need to be unpacked into a directory on the
host and be made executable. We do not recommend running them as root.
Cavaet: You need to run the rlm binary via the full path: i.e
/opt/cloudshark-license-server/rlm
Place your new cloudshark.lic in the same directory as the rlm binary and run
the rlm command.
The guest OS inside the LXC container must be able to communicate with port
5053 on localhost of the Host.
It is also possible to run the license server on a completely separate machine if that makes more sense in your deployment scenario.
Update the license inside the container
If you already have a cloudshark.lic inside the LXC container, it needs to be
replaced with a new file that has only the following line:
HOST <host-name-or-ip-address>
That single line instructs the client on how to contact the license server.
Start cloudshark service
Once the license has been configured and the service restarted you can start the rest of the services CloudShark uses by running:
systemctl start cloudshark
Threat Assessment
The Threat Assessment addon require additional software which can be installed by running the following yum command:
yum --enablerepo cloudshark-offline install cloudshark-addon-threat-assessment
Upgrading
To upgrade CloudShark run the latest offline installer and install the latest cloudshark-bundle package:
/root/cloudshark-offline-installer.bin base,updates,extras
yum -y --enablerepo cloudshark-offline install cloudshark-bundle
After upgrading restart CloudShark and required services:
systemctl restart cloudshark-nginx
systemctl restart cloudshark
Known Bugs
This is still a beta, and there are a couple of features that we have fixed since the initial beta.
Export’s “Download Original” does not work.(Fixed in Beta #2)The AutoImport functionality is also not working.(Fixed in Beta #2)
We don’t know of any issues in this release that will impact users at this time. If there’s anything else that seems to not be functioning as expected, please let us know!