REVEN-Axion 2018v1.5.0
Installation

System requirement

Here are the mandatory technical requirements to run a REVEN server:

  • an Intel(TM) CPU with VT-x extension, in x86-64 mode,
  • a GNU/Linux Debian Stretch amd64 OS (English only),
  • must be installed on a hardware host computer, it won't work inside a virtual machine,
  • while it may work on recent basic computers/laptop for small projects, a dedicated server machine with high bandwidth RAM and high quality hardware RAID may be required for bigger projects.
  • The default recommended setup for the /tmp directory is to mount it on a RAM filesystem with at least 4GB available. If you plan to start several executions in parallel, this may not be sufficient. Please refer to the dedicated troubleshooting entry if you think you may require a more advanced setup.

The following points may be necessary to improve the REVEN server performance. Metrics are given for information only: they are an estimation based on the assumption of a single project consisting of a 1-second long scenario.

  • The project_data folder (see Global configuration) should be the on fastest storage possible (eg: avoid cyphering) and should have at least 200GB available (for multiple projects, 1TB is recommended).

Note that the version of REVEN-Axion you received may be specifically tailored to a hardware machine of which you would have provided characteristics. If that is the case, please install the REVEN server on this machine only.

To run the Axion client, the requirements are:

  • you must install the client on a Linux Debian Stretch amd64 OS (English only),
  • you can use a virtual machine to host the Debian system,
  • you should have at least 1GB of RAM,
  • you must have a network access to the REVEN server and the following TCP ports must be accessible:
    • 80 for package installation / upgrade,
    • 8080 for the REVEN server itself,
    • 13370 and up to at least 13375 (one per opened project),
    • 5900 and up (depending on your user configuration) for VNC access while recording scenarios,
    • 22 (default ssh) for tunnelling VirtualBox manager X window when creating VMs.

Debian installation

In the following steps we assume the following configuration:

  • a user named tetrane on the server,
  • a root access (via root password or sudo rights) on both server and client machines.

Package repository registration on the server

REVEN is usually shipped as a compressed tar archive. To install it, first you have to extract the archive using the tar unix utility. We recommend storing REVEN packages in /home/tetrane/repo.

The following commands will extract a REVEN archive named reven-XXX.tgz (located in /home/tetrane/) to the /home/tetrane/repo folder. This should be adjusted to your needs.

# Ensure repository directory exist
mkdir -p /home/tetrane/repo
# Extract the reven-XXX.tgz archive located in /home/tetrane/
cd /home/tetrane/repo
tar -xf /home/tetrane/reven-XXX.tgz

To be able to use the Debian package manager to install REVEN, you must register a new package repository. The recommended way is to create a /etc/apt/sources.list.d/tetrane.list file with the following content:

In the case of a local repository stored in /home/tetrane/repo:

deb file:/home/tetrane/repo/reven stable main

Starting with REVEN 2018v1.4.4, you also have to add the Tetrane public key so that apt can safely use this repository and verify the packages (as root):

apt-key add /home/tetrane/repo/reven/tetrane.key

And then update the package database (as root user):

# Update available package database
apt-get update

You can make sure your package configuration has been taken into account by issuing the following command:

apt-cache show reven-server

It should display information about this package.

REVEN server installation

Before anything else, you should ensure your /tmp folder is indeed mounted as a ramfs. You can do so by adding the following line to your /etc/fstab file:

tmpfs /tmp tmpfs defaults,nosuid 0 0

You can now force the system to remount /tmp:

# Force remount
sudo mount -a
# Make sure /tmp is mounted:
mount | grep "/tmp"

Once the REVEN packages are available through the package manager, you can install the REVEN server.

As root user:

# Make sure the system is up-to-date
apt-get dist-upgrade
# Install reven-server
apt-get install reven-server

At some point, the installer will ask for information about the new REVEN user, simply enter default choices (with <Enter>) and confirm with <Y>.

At the end of the installation you can check the REVEN service is running:

service reven-daemon status

By default, REVEN automatically start at boot, to avoid that and only start it manually, use the update-rc.d command (as root user):

update-rc.d reven-daemon remove

Once REVEN is installed some more setup is needed before you can actually use it. Note that the installation process creates a user named reven. You should not use this this user for any operation on the machine.

Axion client installation

Now that you have installed the REVEN server software, it is time to configure the clients. All following commands will have to be issued on the client machine.

By default, the server installation you just went through will configure the machine to serve the client REVEN-Axion packages on an http server. Therefore, the easiest way to deploy the client is to configure the Debian client machine to use this package repository.

In the following instructions replace REVEN.server.host with the address or hostname of the machine you installed the REVEN server on.

Add the package repository to your system by creating a file /etc/apt/sources.list.d/tetrane.list with:

echo "deb http://REVEN.server.host/debian/ stable main" > /etc/apt/sources.list.d/tetrane.list

Here again, starting with 2018v1.4.4, you need to add Tetrane's public key to your apt keyring (as root):

wget -O - http://REVEN.server.host/debian/tetrane.key | apt-key add -

The Axion packages are now available through the package manager, you can install the Axion client.

As root user

# Make sure the system is up-to-date
apt-get update
apt-get dist-upgrade
# Install reven-axion
apt-get install reven-axion

Debian upgrade

To upgrade a previous installation of a REVEN server or Axion client, you must ensure the latest packages are available through the package manager: if you followed the recommended steps above, this means replacing the content of /home/tetrane/repo with the new packages. Then, simply issue the following command (as root user):

First on the server:

apt-key add /home/tetrane/repo/reven/tetrane.key
apt-get update && apt-get dist-upgrade

Then on the client(s):

wget -O - http://REVEN.server.host/debian/tetrane.key | apt-key add -
apt-get update && apt-get dist-upgrade

Warning: starting with REVEN 2018v1.4.4, the packages and the repository are now signed. Therefore, you must import Tetrane's public key to your apt keyring:

# On server, for REVEN
apt-key add /home/tetrane/repo/reven/tetrane.key
# On client, for Axion
wget -O - http://REVEN.server.host/debian/tetrane.key | apt-key add -

Debian migration (REVEN 1.5.0)

Starting with version 1.5.0, REVEN must be installed on Debian 9 (Stretch). If you already have a previous installation of REVEN running on Debian 8 (Jessie), you have two choices: re-install, or make a migration.

Note that your current inspector presets will be broken, so please write them down if they contain important information.

In the case of a re-install, just follow the normal install procedure described above.

For a migration, please perform the following steps:

  1. Update your REVEN repository, i.e. /home/tetrane/repo, with the new packages.
  2. Change all the occurrences of jessie by stretch in your sources.list files:
    sed -i 's/jessie/stretch/' /etc/apt/sources.list /etc/apt/sources.list.d/*.list
  3. Run the migration:
    apt-get update
    apt-get upgrade
    apt-get dist-upgrade
    reboot

When starting existing VM snapshot, you might get a message about reven.iso not existing anymore. You can safely ignore the warning, and the scenario recording process has been updated so as not to generate this warning anymore.