jbremer
commented
6 years ago Thanks. We should still find a good way to automatically start the Cuckoo Rooter with supervisord IMO. Will keep this open for now :-)
Open hackdefendr opened 6 years ago
jbremer
commented
6 years ago Thanks. We should still find a good way to automatically start the Cuckoo Rooter with supervisord IMO. Will keep this open for now :-)
crahan
commented
6 years ago As I've mentioned on https://github.com/cuckoosandbox/cuckoo/pull/1856#issuecomment-364119868 I'm currently using the following supervisord config (via /etc/supervisor/conf.d/cuckoo.conf) to start cuckoo rooter and the other cuckoo components on bootup.
The only downside on Ubuntu 16.04 LTS (for me) is that uwsgi launches before supervisord which fails to bring up the cuckoo web UI because cuckoo rooter isn't running yet. To fix this I've added a 4th supervisord program entry that waits for 5 seconds after supervisord finishes starting all cuckoo components and then reloads uwsgi. So far it's been working as expected.
My current /etc/supervisor/conf.d/cuckoo.conf(I have my Python virtualenv in /usr/local/libexec/cuckoo-venv and cuckoo cwd in /opt/cuckoo):
[program:cuckoo-rooter]
command = /usr/local/libexec/cuckoo-venv/bin/cuckoo rooter
stdout_logfile=/opt/cuckoo/log/rooter.log
user = root
umask = 022
directory = /opt/cuckoo
autorestart = true
priority = 100
environment = CUCKOO_CWD="/opt/cuckoo"
[program:cuckoo-daemon]
command = /usr/local/libexec/cuckoo-venv/bin/cuckoo -d -m 10000
user = cuckoo
umask = 022
directory = /opt/cuckoo
startsecs = 30
autorestart = true
priority = 200
environment = CUCKOO_CWD="/opt/cuckoo"
[program:cuckoo-process]
command = /usr/local/libexec/cuckoo-venv/bin/cuckoo process p%(process_num)d
process_name = cuckoo-process_%(process_num)d
numprocs = 4
user = cuckoo
umask = 022
directory = /opt/cuckoo
autorestart = true
priority = 300
environment = CUCKOO_CWD="/opt/cuckoo"
[program:cuckoo-restart-uwsgi]
command = /bin/sh -c "sleep 5 && /etc/init.d/uwsgi reload"
user = root
startsecs = 0
autorestart = false
startretries = 1
priority = 400
[group:cuckoo]
programs = cuckoo-daemon, cuckoo-process, cuckoo-rooterOne caveat though. I've run into the CPU spike issue for supervisord (as described here: https://github.com/Supervisor/supervisor/issues/807). I was able to fix it by setting stdout_logfile = NONE for each individual program in the supervisord conf file. This brought CPU usage back down from 50% when idle to 3-4% when idle.
ESXi Cuckoo VM CPU graph:
ESXi overall resource usage (idle Cuckoo and Inetsim VMs):
plockaby
commented
6 years ago FWIW the CPU spike issue you reference is only in relation to event handlers. Your problem might be related to just creating large amounts of logs which has a similar effect.
reox
commented
6 years ago here are the missing two:
cuckoo-process@.service:
[Unit]
Description=Cuckoo Sandbox Processing Service %i
After=network.target cuckoo.service
[Service]
# TODO Modify VENV path
ExecStart=/home/cuckoo/cuckoovenv/bin/cuckoo process processor_%i
Restart=on-failure
User=cuckoo
Group=cuckoo
WorkingDirectory=/home/cuckoo/.cuckoo
[Install]
WantedBy=multi-user.targetcuckoo-distributedworker.service:
[Unit]
Description=Cuckoo Sandbox Distributed Worker
After=network.target
[Service]
Environment=CUCKOO_APP=worker
Environment=CUCKOO_CWD=/home/cuckoo/.cuckoo
ExecStart=/home/cuckoo/cuckoovenv/bin/python -m cuckoo.distributed.worker
Restart=on-failure
User=cuckoo
Group=cuckoo
WorkingDirectory=/home/cuckoo/.cuckoo
[Install]
WantedBy=multi-user.target
Rsb000
commented
5 years ago @jbremer @crahan Hi for starting distributed cuckoo I am using following command in cwd :+1:
both the commands are executing successfully , but while executing -
it gives following error distributed: ERROR (spawn error)
kindly suggest if any workarounds are available or if i am missing something somewhere.
CUCKOO ROOTER
CUCKOO
CUCKOO WEB SERVER