2a6cb92f51
Adding Packer Qemu builder: * Packer/answer_files/*_virtio: Install the virtio drivers from the ISO (NOT provided) * windows_*.json needs some manual tweaks to match the virtio drivers ISO path Adding Vagrant-libvirt provider: * Uses the QEMU qcow2 images provided by packer to build the DetectionLab * Vagrantfile needs manual tweaking to match libvirt's host configuration (backing store, network interfaces, etc) README: * Added separate README with instructions for libvirt
3.9 KiB
Detection Lab Libvirt build
Intro
This page contains the instruction to build DetectionLab for Qemu/LibVirt. This is the provider for you if:
- You are familiar with LibVirt, virt-manager and Qemu and prefer this software stack instead of VirtualBox
- You are willing to spend a bit more time thinkering with the build process as it is less hands-off than the official DetectionLab
A step-by-step guide is available here.
Prequisite
LibVirt
The libvirt and virt-manager installation walkthrough and documentation is out of scope of this project. To follow along, you need an already working installation of libvirt, virt-manager, and QEMU+kvm.
Packer
- The Virtio drivers ISO needs to be location in the
DetectionLab/Packer/directory.
- This is a direct link to the latest version of the virtio drivers ISO.
- There's also a "stable" version available here.
- Edit the windows_X.json files
- Make sure the following user-defined variables are pointing to the right thing:
virtio_win_iso: The ISO containing thethe lastest VirtIO driverspacker_build_dir: Where to output the QCOW2 images. It's a temporary directory, the .box files will still be in DetectionLab/Packer
- Build the images
env TMPDIR=/path/to/large/storage/ PACKER_LOG=1 PACKER_LOG_PATH="packer_build.log" packer build --only=qemu windows_2016.json
env TMPDIR=/path/to/large/storage/ PACKER_LOG=1 PACKER_LOG_PATH="packer_build.log" packer build --only=qemu windows_10.json
Vagrant
- Install the necessary plugins:
vagrant plugin install vagrant-reload vagrant-libvirt vagrant-winrm-syncedfolders- See the guide for ubuntu as the vagrant packages comes with a ton on unofficial & outdated plugins that will cause problems
- Add the previously built windows .box files
vagrant box add windows_10_libvirt.box --name windows_10_libvirtvagrant box add windows_2016_libvirt.box --name windows_2016_libvirt
- Build:
vagrant up --provider libvirt --no-parallel --provision
Notes:
The libvirt builder is highly experimental. This sections describes the tradeoffs and the differences between the vanilla DetectionLab.
- No pre-built images and integration with the build.sh script for now. This means building the Windows base boxes with Packer (> 1h) and provisioning with Vagrant manually (> 1h). Fortunately, the process is relatively straightforward.
- The boxes will have two network adapters The vagrant-libvirt provider works by binding to a "management" network adapter IP addresses. The way vagrant finds the VM's IP address is by probing the dnsmasq lease file of libvirt's host. There's probably a better way, but this is the best I could do that just works (tm) so far. Here's what the configuration looks like:
- Management Network: Isolated network, no NAT, no internet access, with DHCP.
- Detectionlab Network: 192.168.38.0/24, with NAT, with internet access, with DHCP.
-
The synced folder is using an old, slow and buggy plugin. While this barely works, it's enough to push the provisioning scripts to the Windows instances. Any modifications to the
vm.synced_folderin the VagrantFile libvirt provider will likely break the provisionning process -
The graphical and input settings assume the use of virt-manager with the SPICE viewer on Windows and the VNC viewer on Linux (logger). The spice agent for copy/pasting and other quality of life improvement, like auto-resolution changes is NOT installed on the Windows hosts. Guacamole is a better way to access your VMs.