Today we released version 1.1.0 of the cyrange Cyber Range platform. This version brings an important new feature : scenarios. A scenario allows to define a large scale exercise, involving multiple virtual machines, that can be interconnected using a complex network. Moreover, to run the exercise, the cyrange platform will deploy a copy of each defined VM for each trainee. Let's see how...
Scenarios are available from the "Scenarios" link, on the top of the interface.
A scenario is actually a yaml file, that describes how the different virtual machines must be deployed and interconnected. This yaml has 2 main sections: machines and extra_machines
The format for describing a VM is the same in the machines section and in the extra_machines section:
"#1"
. To help writing the scenario, available images are listed on the right of the screen...- name: router
image: "#1"
configure_guest: true
remote_desktop: true
interfaces:
- mode: bridged
bridge_interface: enp0s31f6
- mode: internal
network_name: intranet
address: 192.168.1.1
mask: 255.255.255.0
dns-nameservers: 8.8.8.8
provision:
# enable packet forwarding
- sudo sysctl -w net.ipv4.ip_forward=1
For each network interface, you must define the type of connection using the mode key:
If nothing else is specified, the network interfaces will be configured using DHCP. Otherwize (and if configure_guest is set to yes), you can specify a manual configuration using the following keys:
The scenario corresponding to this network is illustrated below:
#
# VM's for the trainees (1 per participant)
#
machines:
- name: trainee
image: "#1"
configure_guest: false
remote_desktop: true
interfaces:
- mode: internal
network_name: intranet
#
# VM's for teacher only
#
extra_machines:
# router between the real network (bridge) and the
# intranet network
- name: router
image: "#2"
configure_guest: false
remote_desktop: true
interfaces:
- mode: bridged
bridge_interface: INTERNET
- mode: internal
network_name: intranet
address: 192.168.1.1
mask: 255.255.255.0
provision:
# enable packet forwarding
- sudo sysctl -w net.ipv4.ip_forward=1
# web server, connected to the intranet
# 192.168.1.10
- name: srv01
image: "#2"
configure_guest: false
remote_desktop: true
interfaces:
- mode: internal
network_name: intranet
address: 192.168.1.10
mask: 255.255.255.0
gateway: 192.168.1.1
dns-nameservers: 8.8.8.8
provision:
# install apache
- sudo apt-get -y install apache2
Once the scenario is defined, in can be deployed multiple times...
Each machine will be deployed and connected to the specified network.
And each participant (including the teacher) will receive an email when the machine is up and ready...
This blog post is licensed under CC BY-SA 4.0