DOCSLIB.ORG

Vulnerability Analysis of Vagrant Boxes

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Vulnerability Analysis of Vagrant Boxes DEGREE PROJECT FOR MASTER OF SCIENCE IN ENGINEERING COMPUTER SECURITY Vulnerability Analysis of Vagrant Boxes Andreas Holmqvist | Fredrik Lycke Blekinge Institute of Technology, Karlskrona, Sweden, 2017 Supervisor: Emiliano Casalicchio, Department of Computer Science, BTH Abstract Virtual machines are often considered more secure than regular machines due to the abstraction from the hardware layer. Abstraction does provide some extra security benefits, but many vulnerabilities that exist on a regular machine still exist on virtual machines. Moreover, the sheer amount of virtual machines that are running on many systems makes it difficult to analyse potential vulnerabilities. Vagrant is a management tool for virtual machines packaged in what is called boxes. There are currently no way to automatically scan these Vagrant boxes for vulnerabilities or insecure configurations to determine whether or not they are secure. Therefore we want to establish a method to detect the vulnerabilities of these boxes automatically without launching the box or executing code. There are two main parts in the method used to investigate the boxes. First there is the base box scanning. A base box is an image of which the final box is built upon. This base box is launched, a list of packages is extracted, and the information is then sent to a vulnerability scanner. There is also the analysis of the Vagrantfile. The Vagrantfile is the file that is used to ready the base box with needed software and configurations. The configuration file is written in Ruby and in order to extract information from this file a static code analysis is performed. The result for each box scanned is a list of all the vulnerabilities present on the base box as well as security configurations like SSH settings and shared folders that is retrieved from the Vagrantfile. The results are not completely accurate because the base box is used for the scan, rather than the box itself. Some of the configurations in the Vagrantfiles could not be retrieved because it required code execution or support for configurations done in by other means, like bash. The method does however provide a good indication of how many vulnerabilities a given box possesses. Keywords: Vagrant, Static code analysis, Vulnerability i Sammanfattning Virtuella maskiner anses ofta säkrare än vanliga maskiner på grund av abstraktionen från hårdvarulagret. Abstraktion ger vissa extra säkerhetsfördelar, men många sårbarheter som finns på en vanlig maskin finns fortfarande på virtuella maskiner. Dessutom gör det stora antalet virtuella maskiner som körs på många system det svårt att analysera potentiella sårbarheter. Vagrant är en hanterare för virtuella maskiner förpackade i vad som kallas boxar. Det finns för närvarande ingen möjlighet att automatiskt skanna dessa Vagrant boxar för sårbarheter eller osäkra konfigurationer för att avgöra om de är säkra eller inte. Därför vill vi skapa en metod för att upptäcka sårbarheter för dessa lådor automatiskt och utan att köra boxen eller exekvera kod. Det finns två huvuddelar i metoden som används för att undersöka boxarna. Först finns det basbox-skanningen. En basbox är en avbild som den slutliga boxen är byggd på. Den här basboxen startas, en lista över paket utvinns och informationen skickas sedan till en sårbarhetsscanner. Det utförs också en analys av Vagrantfilen. Vagrantfilen är den fil som används för att konfigurera basboxen med nödvändig programvara och konfigurationer. Konfigurationsfilen är skriven i Ruby, och för att extrahera information från denna fil utförs en statisk kodanalys. Resultatet från varje skannad box är en lista över alla sårbarheter som finns i basboxen samt säkerhetskonfigurationer som SSH-inställningar och delade mappar som hämtas från Vagrantfilen. Resultaten är inte helt korrekta eftersom basboxen används för skanningen, snarare än själva boxen. Vissa av konfigurationerna i Vagrantfilen kunde inte hämtas eftersom det krävdes kodkörning eller stöd för konfigurationer gjorda på annat sätt, som bash. Metoden ger dock en bra indikation på hur många sårbarheter en given box har. Nyckelord: Vagrant, Statisk kodanalys, Sårbarhet iii Preface This thesis marks the end of the five years study in the Master of Science in Engineering: Computer Security programme at Blekinge Institute of Technology, Karlskrona. Acknowledgements: We would like to thank John Stock, Martin Jartelius, and Davide Girardi at Outpost24 for providing the opportunity to do this thesis, and assistance and guidance to complete it. We would also thank our supervisor Emiliano Casalicchio for continuously providing valuable feedback and suggestions during the the thesis work and report writing. v Nomenclature Acronyms AST Abstract Syntax Tree. CVE Common Vulnerability and Exposures. JSON JavaScript Object Notation. vii Table of Contents Abstract i Sammanfattning (Swedish) iii Preface v Nomenclature vii Acronyms ........................................ vii Table of Contents ix List of Figures x List of Tables xi 1 Introduction 1 1.1 Introduction .................................... 1 1.2 Background .................................... 1 1.3 Objectives ..................................... 1 1.4 Delimitations .................................... 2 1.5 Thesis question and technical problem ...................... 2 2 Theoretical Framework 3 2.1 Related work .................................... 3 2.2 Technologies .................................... 3 3 Method 9 3.1 Base box scanning ................................ 9 3.2 Vagrantfile analysis ................................ 10 3.3 Architecture .................................... 11 3.4 Reporting ..................................... 12 4 Results 13 4.1 Vulnerability scanning ............................... 13 4.2 Static code analysis ................................ 13 4.3 Full scan ...................................... 15 5 Discussion 17 5.1 Vulnerability scanning ............................... 17 5.2 Static code analysis ................................ 17 5.3 Full scan ...................................... 18 6 Conclusions 19 7 Recommendations and Future Work 21 References 23 ix List of Figures 2.1 Layered architecture of Vagrant using providers [10]. 5 3.1 Abstract Syntax Tree . 11 3.2 Architecture . 11 4.1 Visualisation of the Vagrantfile JSON. Rendered by [21]. 14 4.2 Visualization of the full scan JSON. Rendered by [21]. 16 x List of Tables 4.1 Vulnerabilities for the first five most downloaded base boxes. 13 xi 1 INTRODUCTION 1.1 Introduction Virtualization has grown in use the last several years. Virtualization enables more efficient use of hardware, with multiple isolated platorms running on a single machine. Currently there are two main types of virtualization, containerisation, and hypervizor-based virtualization. Hypervizor-based virtualization establishes complete virtual machines on top of the host machine in the machine layer, along an entire guest operating system. Containerisation runs at operating system level and uses the host’s kernel to run virtual environments. This means that containers do not need its own individual operating system to run. Vagrant is a platform that is used to manage virtual machines and containers. It can be used to make sure that the same software with the same configuration is used in an environment for multiple users no matter if Linux, Mac OS, or Windows is used as host [1]. Vagrant does not actually provide any kind of virtualization by itself, but rather the management of machines. Instead Vagrant relies on virtualization software, like VMWare and Virtualbox, to run and configure the virtual machines. This allows support for new virtualization techniques to be added more easily. The advantage of using Vagrant as a manager is that it can be used to more easily reproduce and launch virtual environments. Vagrant supports Virtualbox, Hyper-V, and Docker machines by default. Vagrant has some similarities with Docker [2] but Vagrant is a higher level of abstraction. While Docker is a container platform, Vagrant is a manager with multiple providers. As Vagrant is a higher level of abstraction it can even use Docker as a provider. Docker support was available for Vagrant as a plugin for version 1.4 or later but built in support was added in version 1.6 [3]. This thesis looks at different ways to make a vulnerability analysis of a Vagrant box without having to boot it or execute anything on a running machine. A method is chosen and a system is developed to scan boxes. 1.2 Background A user can have multiple Vagrant boxes installed and running silently in the background. These boxes can be hard to keep track of and manage. They can also contain security vulnerabilities such as outdated libraries or insecure configurations. The vulnerabilities can be anything a regular machine can have. This can for example include remote code execution, misconfiguration, and insecure services running. Currently there are no publicly available tools to scan boxes for security vulnerabilities. Because of the lack of tools capable of scanning Vagrant boxes Outpost24 has requested to find a way to create automatic vulnerability analysis of boxes. This project is developed in collaboration with Outpost24 and because of an agreement with them the source code will not be included in this thesis. 1.3 Objectives The objective of the project is to create a system that automatically assembles a list of Vagrant boxes and their information on a computer. The boxes are then scanned for known vulnerabilities. The information gathered is put into a report. Such a report
Load more

Recommended publications
  • Devops with Vagrant and KVM/Qemu Hiroshi Miura (@Miurahr) NTT DATA Corporation
    CloudOpen Japan 2014 DevOps with Vagrant and KVM/qemu Hiroshi Miura (@miurahr) NTT DATA Corporation. Copyright © 2013 NTT DATA Corporation Disclaimer Any product name, service name, software name and other marks are trade mark or registered mark of corresponding companies. This presentation is in a purpose of providing current information on emerging technologies and there is no grantee of correctness and/or persistence of features in any future. A presenter and NTT Data Corporation provide information in as-is basis and have no responsiveness for results that you got according to information in this presentation material. Copyright © 2014 NTT DATA Corporation 2 Who am I? • Production work • OpenStack SI team • Swift object storage • OSS devel: • Vagrant-KVM • Linux Kernel • etc… Github.com/nttdata-osscloud Github.com/miurahr Copyright © 2014 NTT DATA Corporation 3 Agenda 1. What is DevOps 2. Introduction to Vagrant 3. Vagrant-KVM 4. Infrastructure chages 5. Future Copyright © 2014 NTT DATA Corporation 4 What is DevOps? Mike Loukides, 2012, @Velocity conference “If you're going to do operations reliably, you need to make it reproducible and programmatic.” Copyright © 2014 NTT DATA Corporation 5 What is DevOps? • The nature of “operations” Cloud changes • Growing distributed systems • Software development practice • “cooperation and collaboration” between dev and ops Copyright © 2014 NTT DATA Corporation 6 DevOps for developer • Gap between Development and Operations • Goals • Process and approach • Tools • Infrastructure engineering becomes like a development. • Infrastructure as a code • Adoption of Vagrant Copyright © 2014 NTT DATA Corporation 7 Introduction To Vagrant Copyright © 2014 NTT DATA Corporation 8 What is Vagrant • development environment on VM, container or cloud • same • among team members.
    [Show full text]
  • Drifter Documentation Release 1.2.0
    Drifter Documentation Release 1.2.0 Gilles Crettenand, Sylvain Fankhauser, Christian Stocker and contributors Aug 27, 2019 Getting Started 1 Goals 3 2 The idea behind the framework5 3 What this framework is not ?7 4 Intended Public 9 4.1 Requirements...............................................9 4.2 Usage................................................... 10 4.3 Customization.............................................. 11 4.4 Contributing............................................... 11 4.5 System Roles............................................... 11 4.6 Webserver Roles............................................. 13 4.7 Database Roles.............................................. 15 4.8 PHP Roles................................................ 16 4.9 Python Roles............................................... 18 4.10 Ruby Roles................................................ 19 4.11 Java Roles................................................ 20 4.12 Webpack................................................. 21 4.13 Gulp Role................................................. 23 4.14 Browser Roles.............................................. 24 4.15 Other Roles................................................ 25 4.16 PHP.................................................... 26 4.17 CI..................................................... 27 4.18 Running and writing tests........................................ 29 4.19 The future ?................................................ 29 4.20 Create boxes..............................................
    [Show full text]
  • Test Kitchen, Inspec Docker - Fastest Way to Run Stuff (Virtual Virtual Machines) DOCKER
    TEST DRIVEN INFRASTRUCTURE COMPLIANCE AS CODE by Joaquín Menchaca À PROPOS DE MOI ABOUT ME ROCKET LAWYER SENIOR DEVOPS BUILD/RELEASE ENGINEER aka Linux Ninja Pants Automation Engineering Mutant actual photo https://slides.com/devopsstu dio/lisa18_tdi AGENDA 1. Setup 2. Context 3. Chef + InSpec 4. Ansible + InSpec 5. Bonus SETUP THE CODE https://github.com/darkn3rd/lisa18_t est_driven_infra CODE git clone \ https://github.com/darkn3rd/lisa18_test_driven_infra cd lisa18_test_driven_infra # Using Virtual Workstation vagrant up vagrant ssh cd lisa18_test_driven_infra # Using Host (MacOS X or Linux) #### Install Requirements # Using Host (Windows) #### Install Rrequiremnts #### Warning: Might not work, had success w/ Chef THE HOST SETUP must be able to run Docker or Vagrant MINIMUM REQUIRED ChefDK - bundles ruby, test kitchen, inspec Docker - fastest way to run stuff (virtual virtual machines) DOCKER Easiest Path is Docker Desktop DOCKER PACKAGE MANAGERS choco install docker-for-windows https://chocolatey.org/ brew cask install docker https://brew.sh/ DIRECT DOWNLOAD https://www.docker.com/products/docker-desktop DOCKER Debian Package on Ubuntu sudo apt-get update -qq sudo apt-get install -y apt-transport-https \ curl ca-certificates software-properties-common DOCKER_REPO="https://download.docker.com/linux/ubuntu" curl -fsSL ${DOCKER_REPO}/gpg | \ sudo apt-key add - sudo add-apt-repository \ "deb [arch=amd64] ${DOCKER_REPO} \ $(lsb_release -cs) \ stable" sudo apt-get update -qq sudo apt-get install -y docker-ce sudo usermod -aG docker $USER
    [Show full text]
  • Chapter 2 - Local Infrastructure Development: Ansible and Vagrant
    Chapter 2 - Local Infrastructure Development: Ansible and Vagrant Prototyping and testing with local virtual machines Ansible works well with any server to which you can connect—remote or local. For speedier testing and development of Ansible playbooks, and for testing in general, it’s a very good idea to work locally. Local development and testing of infrastructure is both safer and faster than doing it on remote/live machines—especially in production environments! In the past decade, test-driven development (TDD), in one form or another, has become the norm for much of the software industry. Infrastructure development hasn’t been as organized until recently, and best practices dictate that infrastructure (which is becoming more and more important to the software that runs on it) should be thoroughly tested as well. Changes to software are tested either manually or in some automated fash- ion; there are now systems that integrate both with Ansible and with other deployment and configuration management tools, to allow some amount of infrastructure testing as well. Even if it’s just testing a configuration change locally before applying it to production, that approach is a thousand times better than what, in the software development world, would be called ‘cowboy coding’—working directly in a production environment, not documenting or encapsulating changes in code, and not having a way to roll back to a previous version. The past decade has seen the growth of many virtualization tools that allow for flexible and very powerful infrastructure emulation, all from your local workstation! Chapter 2 - Local Infrastructure Development: Ansible and Vagrant 10 It’s empowering to be able to play around with a config file, or to tweak the order of a server update to perfection, over and over again, with no fear of breaking an important server.
    [Show full text]
  • (Php)Storming Wordpress a Remote Debugging Experience Introduction
    (Php)Storming WordPress A remote debugging experience Introduction / Andrea Fuggetta / Senior software engineer at Ndevr, Inc. - https://ndevr.io/ / Some of the projects I worked on: About Us / Since 2015 / Distributed / 50% Located in NY/NJ Metro / Average experience over 15 years Outline / Tools and software / Setting up Xdebug / Setting up PhpStorm / Setting up your terminal / Let’s code! – Debugging case scenarios: / WordPress theme / WP-CLI application / PHPUnit test / References / Q&A Tools and software / PhpStorm / Google Chrome w/ Xdebug helper / Terminal / Vagrant / Xdebug / PHPUnit / WP-CLI Setting up Xdebug / Info on https://xdebug.org/docs/install / Installation on Mac OSX via Homebrew: # brew install <php-version>-xdebug / Installation on Linux via apt-get: # sudo apt-get install <php-version>-xdebug / Php.ini: Add: zend_extension="/path-to/xdebug.so" [Xdebug] xdebug.remote_enable=1 xdebug.remote_port=“9000” Debugging / Breakpoint: line break where an application suspends execution allowing you to examine data / Step-over: runs code in current line and moves to next code statement / Step-into: moves into functions/methods if any are present in current line / Step-out: runs current function/method and returns to previous execution point Listens for connections Setting up PhpStorm / Enable external connections and set correct port / More info can be found at https://www.jetbrains.com/help/phpstorm/2016.2/configuring-xdebug.html Setting up PhpStorm / Zero-configuration debugging / Create a new remote debug configuration / Important
    [Show full text]
  • Phpstorm by Jetbrains
    PhpStorm by JetBrains PHP IDE with refactorings, code completion, on-the-fly code analysis and coding productivity orientation. PhpStorm provides a rich and intelligent code editor for PHP with syntax highlighting, extended code formatting configuration, on-the-fly error checking, and smart code completion. PhpStorm is an IDE for HTML, JavaScript and PHP. PhpStorm code completion (Ctrl + Space) finalizes classes, methods, variable names, and PHP keywords, plus commonly used names for fields and variables depending on their type. PhpStorm editor respects PHPDoc in your code and provides appropriate code completion suggestions based on @property, @method and @var annotations. When you edit the PHPDoc for your code with PhpStorm, the variables names and types are auto-completed from the corresponding code blocks. PHP code refactorings also consider PHPDocs to keep them up-to- date. PhpStorm IDE allows to use Smarty template engine and offers productivity features for working with .tpl files. Thorough source code analysis allows PhpStorm to provide a sophisticated code completion even to an unannotated code. PHP IDE with refactorings, code completion, on-the-fly code analysis and coding productivity orientation. PhpStorm provides a rich and intelligent code editor for PHP with syntax highlighting, extended code formatting configuration, on-the-fly error checking, and smart code completion. PhpStorm is an IDE for HTML, JavaScript and PHP. PhpStorm code completion (Ctrl + Space) finalizes classes, methods, variable names, and PHP keywords, plus commonly used names for fields and variables depending on their type. PhpStorm editor respects PHPDoc in your code and provides appropriate code completion suggestions based on @property, @method and @var annotations.
    [Show full text]
  • Moving Towards Devops with Vagrant
    MOVING TOWARDS DEVOPS WITH VAGRANT Malathy Ramani Consultant, IT Infrastructure Dell Technologies [email protected] [email protected] Knowledge Sharing Article © 2019 Dell Inc. or its subsidiaries. Table of Contents Preface .......................................................................................................................................................... 3 The need for DevOps and why it came into existence ................................................................................. 4 DevOps with Vagrant .................................................................................................................................... 5 Vagrant Terminology .................................................................................................................................... 6 An Infrastructure stack in miniature with Vagrant ....................................................................................... 7 Architecture .................................................................................................................................................. 7 Setting up Vagrant/Oracle Virtual box .......................................................................................................... 8 APP Server/ Ansible Setup .......................................................................................................................... 10 Setting up Web Server ...............................................................................................................................
    [Show full text]
  • Getting Started with Vagrant
    GETTING STARTED WITH VAGRANT Vagrant is a tool that manages virtual machines for you, using a simplified command line interface. It reads from a configuration file, named “Vagrantfile”, to build the virtual machine initially. It handles networking and port forwarding, setting up shared folders, and has commands to SSH into the box, suspend and resume your VM, etc. Vagrant’s big selling point is that it can create identical virtual machines every time, based off of a simple config file. These VMs are disposable, you can destroy and recreate them as needed. Since Vagrant’s inception in early 2010, it has grown to be used by thousands of companies worldwide, including Puppet Labs, BBC, Mozilla, Nokia, and many others. 1. Installing Vagrant The first step for getting started with Vagrant is to install Vagrant and it’s dependency, VirtualBox. Vagrant can work with other providers, such as VMWare Workstation, but it requires additional work and sometimes paid plugins. It’s easiest to get started with VirtualBox, which is free, and has versions for Windows, Mac and Linux. 1. Install Oracle VirtualBox for your platform 2. Download the extension pack (Oracle VM VirtualBox Extension Pack) for all supported platforms, and install it by double clicking on the downloaded file once VirtualBox has been installed. 3. Navigate to the Vagrant website, and click Download. Download the newest version for your operating system. 4. Install Vagrant using the installer you downloaded 5. You should now have access to the vagrant command from your command line 2. Create your first VM If you want to create a new Vagrantfile: 1.
    [Show full text]
  • Chassis Documentation Release 3.2.0
    Chassis Documentation Release 3.2.0 Ryan McCue & Bronson Quick Sep 09, 2021 Contents 1 User Guide 3 1.1 Introduction...............................................3 1.2 Quickstart................................................4 1.3 Configuration...............................................6 1.4 Guides.................................................. 14 1.5 Inside the Box.............................................. 21 1.6 Extending Chassis............................................ 22 1.7 Reference................................................. 25 Index 29 i ii Chassis Documentation, Release 3.2.0 Chassis is an open source virtual server for your WordPress site, built using Vagrant.(Quickstart) Many people are still using their main computer for local development. However, this can be a huge pain when bringing new developers up to speed on a project, or trying to get non-developers (designers, managers, clients) running a site. The concept of virtual machines for servers has become popular recently, but too many of these projects are focussed around specific uses, and include many things not everyone needs. They can end up massively increasing development time by introducing long waiting times, or huge context switches. Chassis takes care of setting up a local server in an optimal configuration for WordPress, and removes all the hard work. It’s fast (remember the Famous Five Minute Install?), and flexible to allow you to build how you want to. Getting started is as easy as downloading Chassis and running a single command. (We’re working on making it possible to run Chassis without ever touching the command line, but we’re not quite there.) You can contribute to Chassis on Github. Contents 1 Chassis Documentation, Release 3.2.0 2 Contents CHAPTER 1 User Guide 1.1 Introduction 1.1.1 A Story For a long time, you’ve had PHP running directly off your computer.
    [Show full text]
  • VAGRANT up and Running What Is This All About?
    VAGRANT Up and Running What is this all about? Vagrant, a person who wanders about idly and has no permanent home or employment. - dictionary.com - 2 What is this all about? Vagrant, an open-source software product for building and maintaining portable virtual development environments. - wikipedia.com - 3 What is this all about? Name: Vagrant Developer: HashiCorp Initial Release: 2010 Latest Version: 1.8.6 Written in: Ruby Operating System: Linux, FreeBSD, OS X, and Microsoft Interface: Command line Website: www.vagrantup.com 4 Why people are using it? 5 THE BASICS ▶ Introduction ▶ Basics ▶ Example THE BASICS ▶ Internals ▶ Security ▶ Future ▶ End 6 THE BASICS Terminology & Workflow 7 THE BASICS The Hashicorp Repository Contains More Than 10,000 Boxes ! 8 THE BASICS Terminology & Workflow 9 THE BASICS List of Commands $ vagrant init <box> [url] $ vagrant up $ vagrant halt $ vagrant destroy [--force] $ vagrant reload $ vagrant ssh $ vagrant status 10 THE BASICS Vagrant Init Command: $ vagrant init <box> [url] 11 THE BASICS Vagrant Init Command: $ vagrant init <box> [url] Configures which Box to use $ vagrant init ubuntu/trusty64 $ vagrant init precise64 https://iles.vagrantup.com/precise64.box $ vagrant box list hashicorp/precise64 (virtualbox, 1.1.0) ubuntu/trusty64 (virtualbox, 20160406.0.0) ubuntu_1604_x64 (virtualbox, 0) # broken! $ vagrant box remove ubuntu_1604_x64 12 THE BASICS Vagrant Init Command: $ vagrant init <box> [url] Creates a Vagrantfile within the local directory $ cat Vagrantile Vagrant.conigure(”2”) do |conig| conig.vm.box = ”ubuntu/trusty64” end $ # ”2” stands for the vagrant-version. Tip: Usually the Vagrantfile contains a lot of comments. Using vagrant init with the -m-flag will create a minimal version containing only the important entries.
    [Show full text]
  • Setting up a Vagrant Workflow
    Setting Up a Vagrant Workflow MATT SImmONS Matt Simmons is a 12+ ire. The wheel. The Internet. Microwave cheese. These are things that year system administrator we, as a species, have created and really matter to us in our daily lives, who works at the College of and that have appreciably made the world a better place. I want to cast Computer and Information F Science at Northeastern University in Boston. my vote to add Vagrant [1] to that list. He blogs at http://www.standalone-sysadmin. Remember the bad old days, when you would write configuration management code, com- com/ and can be reached via @standaloneSA mit it to a repo, check it out in the testing environment, reboot a machine, and then a few on Twitter. [email protected] minutes later figure out that you left out a semicolon, so you’d have to do it all over again? That whole workflow is so 2011. Not that long ago, I was listening to some trainers talking about offering a Vagrant Box to people attending their classes at conferences. Being the naturally inquisitive sort of person that I am, I rudely interrupted their conversation to ask what they were talking about. I learned that Vagrant was apparently a “thing” that made “VMs” from “images”. Now, I’m more than passingly familiar with the whole “virtualization” deal, so I felt like I had a decent grasp of things from that description. I mean, I didn’t think Vagrant was anything revolutionary, but I could kind of see where it was going.
    [Show full text]
  • Creating Development Environments with Vagrant Second Edition Table of Contents
    Creating Development Environments with Vagrant Second Edition Table of Contents Creating Development Environments with Vagrant Second Edition Credits About the Author About the Reviewers www.PacktPub.com Support files, eBooks, discount offers, and more Why subscribe? Free access for Packt account holders Preface What this book covers What you need for this book Who this book is for Conventions Reader feedback Customer support Downloading the example code Errata Piracy Questions 1. Getting Started with Vagrant Introducing Vagrant Requirements for Vagrant Getting started Installing VirtualBox Installing Vagrant Summary 2. Managing Vagrant Boxes and Projects Creating our first Vagrant project Managing Vagrant-controlled guest machines Powering up a Vagrant-controlled virtual machine Suspending a virtual machine Resuming a virtual machine Shutting down a virtual machine Starting from scratch Updating based on Vagrantfile changes Connecting to the virtual machine over SSH Managing integration between host and guest machines Port forwarding Synced folders Networking Autorunning commands Managing Vagrant boxes Adding Vagrant boxes Listing Vagrant boxes Checking for updates Removing Vagrant boxes Repackaging a Vagrant box Updating the current environment’s box Too many Vagrants! Summary 3. Provisioning with Puppet Provisioning Puppet Creating modules and manifests with Puppet Puppet classes Default Puppet manifests Resources Resource requirements Resource execution ordering The notify, subscribe, and refreshonly parameters Executing resources in stages Installing software Updating our package manager Installing the nginx package Running the nginx service File management Copying a file Creating a symlink Creating folders Creating multiple folders in one go Cron management Running commands Managing users and groups Creating groups Creating users Updating the sudoers file Creating configurable classes Puppet modules Using Puppet to provision servers Summary 4.
    [Show full text]