I’ve had a little exposure to GSM in the past and thought I’d give it a fresh try on OpenStack. This isn’t listed as supported but I thought I’d give it a shot. I wasn’t overly familiar with OpenStack either but I feel like I am now!
The 4.2.24 installer ISO doesn’t seem to include the kernel drivers for virtualized disks or Ethernet, which is unusual in this day and age. I had to set the hw_disk_bus=ide and hw_vif_model=e1000 properties against the image before these would work. This is slightly annoying because you can’t hot plug IDE disks and you can’t create OpenStack instances in a stopped state so you have to boot the installer, stop it again, then attach the volume, before booting a final time.
The instructions say that network connectivity is required for the install. Initially I didn’t notice that this wasn’t present but the install seemed to complete anyway. When I had trouble later (see below), I retried and found that I was only able to get a connection by running udhcpc from the shell. Shouldn’t this kick in automatically?
The aforementioned kernel drivers are present in the installed system as it boots and I am able to connect to the web server. However, entering “admin” at the console login prompt does the strangest thing. It spontaneously reboots! Entering any other name is followed by a password prompt and obviously this fails but only “admin” results in a reboot. I can only guess that PID 1 is crashing somehow. SSH refuses to connect and I seem to have no other way of logging in so it’s hard to diagnose. I’ve tried installing several times now but the result is always the same. Any ideas?
It´s simple OpenStack is NOT supported, only Virtual-Box is our reference system. Keep in Mind that any stateful-network stack / firewall will break your GVM installation by filling up the kernel resources. As well you need to bridge RAW to a physical interface. The VM needs all and full capabilities for sending raw packets to the Kernel, this will conflict as well with OpenStack
Heh, oh well. I doubt that’s why it’s rebooting on login but yeah. Having said that, OpenStack seems pretty flexible so I thought you would be able to set it up that way? At my last company, we ran OpenVAS (via Kali) under Xen but it was my colleague who set it up so I don’t know exactly what he did.
Just run GCE within a real Hypervisor that should work. Everything else is up to you. We do not support it that way and won´t support it.
Keep in Mind every NAT/ state full firewall is a bad idea if you run a FULL TCP Scan that might allocate 65535 Sessions per Host And we need full capabilities. It might that PID 1 crashes or can´t fork that might bring you to a reboot … normally you can look into the Journal to see any error as well your OpenStack should provide you ton of debug information as well
Sorry to be pedantic but your argument seems inconsistent. OpenStack supports different hypervisors including KVM, Xen, VMware ESXi, and Hyper-V. Of these, only KVM is not a “real” bare metal hypervisor. Furthermore, VirtualBox isn’t a bare metal hypervisor either, it only runs on top of another OS like Linux or Windows.
I’m not familiar with all of these but I know that at least KVM and Xen, as well as VirtualBox, can bridge to a native physical interface. I’ve seen OpenVAS work with Xen so I can’t think of any reason why it wouldn’t work with KVM.
Perhaps you’re associating OpenStack with LXC containers, which is something it can also manage?
If you are such a expert, i am very confident you bring it up to running.
Greenbone´s commercial products run on Hyper-V as well VMWare, maybe they would fit better for you. The GCE is only supported on Virtual-Box. That´s it for the moment. It works does not mean it will be supported official. If you run into trouble you can´t expect any support. If you wanna run GVM you are on your own and can bring it up to run on any platform You just need to honor the license.
