Please note, these instructions are valid only for a pre-release version of CloudShark 3.9. If you would like to join a limited beta, please contact us.
CloudShark running on LXC requires a container running CentOS 7. The following
command will launch a new container running CentOS 7 named
lxc launch images:centos/7 cs-lxc-container
The CloudShark offline installer contains the RPM packages and creates a
repository to install them from. This installer will install the
cloudshark-tools RPM and create a disabled repository called
cloudshark-offline. To begin installing CloudShark first push this file to
root users home directory in the newly created CentOS 7 container:
lxc file push <offline_installer> cs-lxc-container/root/
CloudShark uses the nginx webserver and by default starts this on port 80 (http) and port 443 (https) with a self-signed default cert. The following examples will forward these ports from the host to the LXC container:
lxc config device add cs-lxc-container http proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80 lxc config device add cs-lxc-container https proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443
Console into the container
The next steps require running commands in the container. This can either be
done using the
lxc exec command or by starting and connecting to a session
/bin/bash within the container as the root user:
lxc exec cs-lxc-container -- /bin/bash
CloudShark requires a few packages that are not included in the default CentOS 7 container image. To install these via yum run:
yum -y install sudo hostname tar less
Run offline installer
The offline installer is a makeself executable that
contains the RPM files needed to install CloudShark and a script to create a
local repository named
cloudshark-offline. Running this also installs the
cloudshark-tools package and other software required to run CloudShark.
The container needs access to the CentOS repositories while installing via the offline installer. These can be specified in a comma separated list. If the container is using the default repositories the following command will work:
Now the CloudShark application code can be installed by running:
yum -y --enablerepo cloudshark-offline install cloudshark-bundle
Start cloudshark-puma service
cloudshark-puma service can be started:
systemctl start cloudshark-puma
Licensing (Updated for Beta #2)
In order for us to properly support running containerized instance,
the CloudShark license server must be run on the host operating system.
We are using a license server called
This is new, and a change from all previous versions of CloudShark.
In your distribution, you will receive a
.tgz containing binaries needed to
run the license server. These need to be unpacked into a directory on the
host and be made executable. We do not recommend running them as root.
Cavaet: You need to run the rlm binary via the full path: i.e
Place your new
cloudshark.lic in the same directory as the
rlm binary and run
The guest OS inside the LXC container must be able to communicate with port
localhost of the Host.
It is also possible to run the license server on a completely separate machine if that makes more sense in your deployment scenario.
Update the license inside the container
If you already have a
cloudshark.lic inside the LXC container, it needs to be
replaced with a new file that has only the following line:
That single line instructs the client on how to contact the license server.
Start cloudshark service
Once the license has been configured and the service restarted you can start the rest of the services CloudShark uses by running:
systemctl start cloudshark
The Threat Assessment addon require additional software which can be installed by running the following yum command:
yum --enablerepo cloudshark-offline install cloudshark-addon-threat-assessment
To upgrade CloudShark run the latest offline installer and install the latest cloudshark-bundle package:
/root/cloudshark-offline-installer.bin base,updates,extras yum -y --enablerepo cloudshark-offline install cloudshark-bundle
After upgrading restart CloudShark and required services:
systemctl restart cloudshark-nginx systemctl restart cloudshark
This is still a beta, and there are a couple of features that we have fixed since the initial beta.
Export’s “Download Original” does not work.(Fixed in Beta #2) The AutoImport functionality is also not working.(Fixed in Beta #2)
We don’t know of any issues in this release that will impact users at this time. If there’s anything else that seems to not be functioning as expected, please let us know!