May 6, 2022 by Thibault Debatty | 947 views
Today we released version 1.1.0 of the cyrange Cyber Range platform. This version brings an important new feature : scenarios. A scenario allows to define a large scale exercise, involving multiple virtual machines, that can be interconnected using a complex network. Moreover, to run the exercise, the cyrange platform will deploy a copy of each defined VM for each trainee. Let's see how...
Scenarios are available from the "Scenarios" link, on the top of the interface.
A scenario is actually a yaml file, that describes how the different virtual machines must be deployed and interconnected. This yaml has 2 main sections: machines and extra_machines
The format for describing a VM is the same in the machines section and in the extra_machines section:
"#1". To help writing the scenario, available images are listed on the right of the screen...
- name: router image: "#1" configure_guest: true remote_desktop: true interfaces: - mode: bridged bridge_interface: enp0s31f6 - mode: internal network_name: intranet address: 192.168.1.1 mask: 255.255.255.0 dns-nameservers: 18.104.22.168 provision: # enable packet forwarding - sudo sysctl -w net.ipv4.ip_forward=1
For each network interface, you must define the type of connection using the mode key:
If nothing else is specified, the network interfaces will be configured using DHCP. Otherwize (and if configure_guest is set to yes), you can specify a manual configuration using the following keys:
The scenario corresponding to this network is illustrated below:
# # VM's for the trainees (1 per participant) # machines: - name: trainee image: "#1" configure_guest: false remote_desktop: true interfaces: - mode: internal network_name: intranet # # VM's for teacher only # extra_machines: # router between the real network (bridge) and the # intranet network - name: router image: "#2" configure_guest: false remote_desktop: true interfaces: - mode: bridged bridge_interface: INTERNET - mode: internal network_name: intranet address: 192.168.1.1 mask: 255.255.255.0 provision: # enable packet forwarding - sudo sysctl -w net.ipv4.ip_forward=1 # web server, connected to the intranet # 192.168.1.10 - name: srv01 image: "#2" configure_guest: false remote_desktop: true interfaces: - mode: internal network_name: intranet address: 192.168.1.10 mask: 255.255.255.0 gateway: 192.168.1.1 dns-nameservers: 22.214.171.124 provision: # install apache - sudo apt-get -y install apache2
Once the scenario is defined, in can be deployed multiple times...
Each machine will be deployed and connected to the specified network.
And each participant (including the teacher) will receive an email when the machine is up and ready...