Virtual Machine Deployment

Lacework Edge supports connector deployment by virtual machine as OVA or VHDX-formatted images.

• Open Virtualization Format (OVF) is an open standard for packaging and distributing virtual appliances. Hypervisors such as VMWare, VirtualBox and Xen all support OVF. For this format, follow the steps in Virtual Machine (OVA) Image.
• VHDX is a native file format for Microsoft's Hyper-V hypervisor. For this format, follow the steps in Virtual Machine (VHDX) Image.

Before following these steps, create a connector token as described in Lacework Edge Connectors.

Virtual Machine (OVA) Image

Before starting, download OVA for VMWare/VirtualBox.

Configure with OVF Properties

You can configure the Edge Connector using OVF Properties at the time of VM install/creation. On first VM startup, these values are used to configure and start the Connector.

• Connector Token(key=guestinfo.connector-token): Required, token received when creating the connector in the UI.
• Hostname(key=guestinfo.hostname): Optional, default is eg-connector.
• Static IP Address(key=guestinfo.ip): IPv4 address with prefix length (172.16.38.102/24). If empty defaults to DHCP.
• Gateway(key=guestinfo.gateway): Gateway address used if static IP is configured.
• DNS Servers(key=guestinfo.dns): Comma separated list of IPs (8.8.8.8,8.8.4.4). DHCP configuration used by default.

Configure Manually

If the VM was not set up with OVF parameters, due to not being supported or not being provided upon creation, it can still be configured manually after install, as follows:

1. Connect to the running VM and log in with user and password: root/root

2. To set up a static IP, you can run the following command (otherwise DHCP should be setup by default):

   ./setup-network.sh

   As prompted, enter:

   • Static IPv4 address with prefix length (172.16.38.102/24)
   • Gateway Address
   • Comma-delimited DNS servers (8.8.8.8,8.8.4.4)

3. Enable ssh access by running:

   ./enable-ssh.sh

4. Connect to the VM by ssh and run:

   ./connector-setup.sh

   This will prompt you for:

   • The token you created for this connector.
   • An optional hostname

5. Once you are done, disable ssh access again by running

   ./disable-ssh.sh

Commands

• Check eg-connector status:

  service eg-connector status

• Restart eg-connector service:

  service eg-connector restart

• Stop eg-connector service:

  service eg-connector stop

• Retrieve logs:

  docker logs eg-connector

When finished, verify that the connector appears in the console, as described in Verify Connector State.

Virtual Machine (VHDX) Image

Before starting, download VHDX for Hyper-V and extract the VHDX file from this zip. Then follow these steps:

1. Define a external switch in Hyper-V Manager for the Connector to use, if not already defined.

   • In Hyper-V Manager, under the Actions menu, click Virtual Switch Manager.
   • In the Virtual Switch Manager, click New virtual network switch.
   • In the Create dialog, choose External and click Create Virtual Switch. This will bring up the new switch.
   • Name the new virtual switch, and choose which adapter it should connect to.
   • Check Allow management operating system to share this network adapter if this NIC is already in use by the OS.
   • Click OK.

2. Create a new Virtual Machine in Hyper-V Manager

   • In Hyper-V Manager, under the Actions menu, click New > Virtual Machine.
   • Enter a name, choose where you would like to store the VM if you have a specific place, and click Next.
   • In Specify Generation, choose Generation 1, and click Next.
   • In Assign Memory, you can use the default assignment (1024 MB), click Next.
   • In Configure Networking, choose the Virtual Switch you defined earlier and click Next.
   • In Connect Virtual Hard Disk, choose Attach a virtual hard disk later and click Next.
   • Click through the Summary and Finish.

3. Configure the Virtual Machine in Hyper-V Manager

   • Move the VHDX file you downloaded earlier to the location of the VM you just created.
   • In Hyper-V Manager, right-click the VM and click Settings….
   • In Hardware, click IDE Controller 0. Choose Hard Drive and click Add.
     • In the Media sub-section, choose Virtual Hard Disk, Browse to the VHDX file you just moved into place.
   • If you want the VM to start up with the boot/reboot of the host server, in Management, choose Always start this virtual machine automatically.
   • Click OK.

4. Configure the Connector

   • In Hyper-V Manager, right-click the VM and click Connect….
   • Click Start if the VM is not already started.
   • Once booted, log in as root/root.
   • If setting up a static IP, run ./setup-network.sh, otherwise DHCP should be setup by default. This will prompt you for:
     • Static IPv4 address (i.e. 172.16.38.102)
     • Gateway Address (i.e. 172.16.38.1)
     • Comma-delimited DNS servers (i.e. 8.8.8.8,8.8.4.4)
   • Enable ssh access by running ./enable-ssh.sh.
   • ssh to the VM (Powershell has ssh built-in) and run ./connector-setup.sh. This will prompt you for:
     • The token you created for this connector.
     • (Optional) A hostname for this connector.
   • Restart the eg-connector service: service eg-connector restart.
   • Once you are done, disable ssh access again by running ./disable-ssh.sh.

Verify that the connector appears in the console, as described in Verify Connector State.