Fidelis Cybersecurity
Fidelis Blog

Comments

Using Puppet to Install Halo

Puppet is a great tool to help provision Halo across multiple servers. An example module has been posted on github and we’ll be using that to step through the process to install Halo. We’ll be creating a standalone puppet deployment type where both the master and agent are running on the same server.


1. Install the “Puppet Master” and “Puppet Agent” packages on your server using the default package manager (yum or apt-get)

  • the “master” package name changes depending on the server’s OS
    • puppet-server for yum based systems, puppetmaster for apt-get systems
  • the “agent” package name remains the same, puppet

2. Create /etc/puppet/manifests and /etc/puppet/modules directories which we’ll use in a minute

  • mkdir -p /etc/puppet/manifests /etc/puppet/modules

3. Grab the puppet-cloudpassage module from github and put it in the /etc/puppet/modules dir

  • wget https://github.com/ehoffmann-cp/puppet-cloudpassage/tarball/master
  • tar -zxvf master
  • mv ehoffmann-cp-puppet-cloudpassage-a520e9e cloudpassage

4. Add your Halo specific daemon-key to the cloudpassage module’s data.pp manifest.

  • This can be found in the portal UI under Settings > Site Administration > API Keys

  • the data manifest is here: /etc/puppet/modules/cloudpassage/manifests/data.pp
  • the data manifest uses the parameter “api-key” but it should be configured with your Daemon Registration Key
  • the data manifest also references a repokey parameter which is deprecated, however leaving the default value of “222..” is OK

  • the module by default creates a ServerGroup tag based on the server’s OS. Change this based on your tagging scheme
  • For this example, in Halo I created a ServerGroup and assigned a tag named “Ubuntu” to match the modules $tags parameter

5. In the manifests dir you created above, add a file called nodes.pp. This will tell puppet how to install Halo on this server

  • A node is a file containing a collection of classes, resources and variables for a specific node agent
  • Add “import cloudpassage” to /etc/puppet/manifests/nodes.pp The hostname can be gathered with `hostname -s` It should look something like this:

6. To install Halo via puppet, “apply” the module included in your nodes resource declaration, which in our case is just “include cloudpassage”. This is the command to run it:

  • puppet apply manifests/nodes.pp
  • You should now see your server in the portal UI

Congratulations! Whether you have just a few or a lot of servers to manage, using a tool like Puppet can help get Halo installed pretty easily.

Special thanks to Ramin Khatibi, Lead Operations Engineer @ SnappyTV for authoring the original module.

squares

Get Started

See Fidelis Cybersecurity platforms in action. Learn how our fast, scalable Fidelis Elevate and Fidelis CloudPassage Halo platforms provide deep insights into the SOC to help security teams worldwide protect, detect, respond, and neutralize even the most advanced cyber adversaries.

Stay up to date on all things security

Subscribe to the Threat Geek Blog