Azure Machinery for Cuckoo #3120

cccs-kevin · 2020-10-14T21:33:28Z

Thanks for contributing! But first: did you read our community guidelines?
https://cuckoo.sh/docs/introduction/community.html

What I have added/changed is:

An Azure machinery for Cuckoo using Azure Virtual Machines
Ability to dynamically create machines on-demand
Ability to handle multiple pools of machines that have different OS types
Ability to specify OS type of VM you want submission to go to

The goal of my change is:

Use cloud resources for malware detonation

What I have tested about my change is:

Functionality, but only by hand.

Things to NOTE:

The Azure API has rate limits to how often you can submit requests. So far the current implementation of this machinery hits the API limit if it process 400 files per hour (each file requires a new VM which is created using a network interface card and a managed disk -> 3 write calls). Azure doc
I'm currently working on a method that utilizes Azure Virtual Machine Scale Sets with Ephemeral disks which avoid hitting this API limit.

…en than required

…oo envs can exist in same resource group

…e other files to fit cloud application

Dylan-J · 2020-10-15T04:35:27Z

Man this is brilliant, good work @cccs-kevin!

…sted type

…ails

…d logging

…ng logging, adding ability to acquire by machine_id

…ixing ClientRequestError bug

…erent machine pools

…to a machine

…tching and concurrent operations

…in reimaging

cccs-kevin and others added 7 commits October 8, 2020 09:42

Initial commit for Azure machinery

a7c288f

NICs weren't being deleted when instance creation failed

e3cd8ff

Moved API calls to the beginning, since they were being made more oft…

5e69fa6

…en than required

Adding ability to specify devops environment, such that multiple Cuck…

534fa13

…oo envs can exist in same resource group

Added ability to use multiple guest os versions

d01b16e

Removing files deleted by AV

b865fff

Refactoring az.py so that scaling is in tune with DB, also edited som…

00d7e9b

…e other files to fit cloud application

cccs-kevin added 22 commits October 15, 2020 10:48

Added more comments, updated test conf files

f7376d7

Some renaming of methods, added handling of snapshot id for non-reque…

07ded61

…sted type

Correcting method name

4ee39d0

Mistake on naming methods addressed

1874a29

Added collision avoidance on instances

783f41d

Adding platform for Ubuntu

2f63291

Adding better logging regarding acquiring machines

d830b73

Moving acquire logging to machinery

889c031

Tweaking what tags contains when being sent to acquire in abstracts

8393407

Adding case if no machine exists in DB

2147975

Fine-tuning the acquire method

c5dc312

Adding method to tag disk, adding class constants

84b4698

Small logic tweak

52408ed

Correcting platform value for Ubuntu

f0b565b

Revised marking disks for deletion

7e2966d

Adding logging for api limits

d8631d7

Reworking Azure API errors, resizing machines being created when vm f…

0b2d21d

…ails

Fixing logic bug in peak throuput limiting

0779544

Replaced API calls that would mark nic/disk for deletion with set

abc39a8

Adding polling thread that deletes leftover resources

3af045e

Giving the people what they want!

24475f3

Have patience!

bb79317

cccs-kevin and others added 26 commits January 15, 2021 09:23

Adding additional checks to ensure up-time

ba84673

Improved error-handling and logging

f3a1418

More thorough error-handling

960f315

Adding logic to handle Azure error states, improved error-handling an…

a7c28ce

…d logging

Wrapping _thr_scale_machine_pool in try-catch to find errors, improvi…

2a4c142

…ng logging, adding ability to acquire by machine_id

Adding more logging, additional logic in scaling machine pools, and f…

0d5d672

…ixing ClientRequestError bug

Removed bottleneck when dealing with multiple tasks directed for diff…

462b726

…erent machine pools

Improving exception handling, adding method to recreate failed VMSS

85c7b68

Adding default tag value

6e3df73

Optimizing speed at which a task comes off the queue and is assigned …

ec0dd19

…to a machine

Ordering tasks by FIFO

13af923

Adding catch for psycopg UniqueViolation when adding sample

3e60bc0

Adding try catch for better logging

25c7ecc

Adding platform support

0923f0c

Scaling based on platform

564a166

Preventing IP collision

ff31944

Adding logging if machine doesn't exist upon delete

a5cb11b

Cannot use Manual

59edd91

Revamp stop() and delete_vm_from_vmss() to avoid errors in Azure

a3d7afc

This polling is required if the Azure VM agent is not installed in VMs

b3f174a

New information about how Azure VMSSs work caused more reliance on ba…

0165f37

…tching and concurrent operations

Adding missing global variable

060e850

Removing VMs in delete phase if error occurs

03f50f2

Making program threadsafe, adding handling to spot instance deletion …

b4a41f1

…in reimaging

Adding handling for 'badrequest' Azure error

95eacd2

Bug fix if tag doesn't exist

43455aa

cccs-kevin mentioned this pull request Feb 15, 2022

AWS Support cert-ee/cuckoo3#7

Closed

cccs-kevin added 2 commits April 25, 2022 21:00

Adding a scaling ceiling based on quota availability

00f318e

Fixing bug in usage quota logic

74ad92c

cccs-kevin mentioned this pull request Jun 15, 2022

Adding Azure machinery and config kevoreilly/CAPEv2#922

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Azure Machinery for Cuckoo #3120

Azure Machinery for Cuckoo #3120

cccs-kevin commented Oct 14, 2020 •

edited

Loading

Dylan-J commented Oct 15, 2020

Azure Machinery for Cuckoo #3120

Are you sure you want to change the base?

Azure Machinery for Cuckoo #3120

Conversation

cccs-kevin commented Oct 14, 2020 • edited Loading

What I have added/changed is:

The goal of my change is:

What I have tested about my change is:

Things to NOTE:

Dylan-J commented Oct 15, 2020

cccs-kevin commented Oct 14, 2020 •

edited

Loading