Installing Hyperglance on your own Instance or VM

If you need to install Hyperglance on your own hardened/golden VM follow these instructions

The Hyperglance installer uses Ansible and Docker to install Hyperglance to your own Instance/VM. The container should run on any linux based system (to be tested) with MAC OS and Windows to be added later.

Pre-Requisites

  1. Docker Installed and Running on the Instance/VM you plan to run Hyperglance on and the platform you are installing Hyperglance from (if they are different).

  2. python - Found on most *nix based systems

  3. pip / pip3 - Installed by the deployment if if does not exist

  4. PyPi docker - Installed by the deployment if does not exist

Docker install instructions for:

Ubuntu, CentOS etc...
AWS Linux

 

Deployment instructions


This deployment can be ran from any system that has ssh access to the target. Other deployments such as SSM can also use the constructed Ansible Roles and Plays.

It is recommended to execute the deployment from a remote system, or control node where your private key(s) already resides.

 

If you have been given a Docker Hub user/password please login using these details first.

Deploying Hyperglance from your local machine

This method will use a docker container to deploy Hyperglance to another system that you have SSH access to.

 

Use the following Commands to start the deployment, this example assumes the Private Key and Inventory are in the same path as where the commands are being ran from. Replace private_key.pem with an appropriate key name that matches the inventory.

  1. docker pull hyperglance/hyperglance_installer

     

  2. docker run --rm -it \
    -v $(pwd)/private_key.pem:/root/.ssh/private_key.pem \
    -v $(pwd)/inventory:/ansible/playbooks/inventory \
    hyperglance/hyperglance_installer:latest deploy.yml -i inventory

     

  3. You will see some output from the container as it deploys, failed=0 is a good sign of success

    PLAY RECAP *******************************************************************************************************************************************************************************
    ip-172-31-30-191 : ok=14 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

 4. DONE! Hyperglance should now be available using the IP / DNS Name of the host. 

 

5. Apply the Hyperglance licence 

 

Deploying Hyperglance from the Instance/VM you are planning to run Hyperglance from.

You can also install Hyperglance directly from the Instance/VM you want to run Hyperglance in. Follow these instructions then go back and use the instructions for 'Deploying Hyperglance from your local machine'

 

  1. Add the ssh user to the docker group:
    This install method will fail if the ssh user is not part of the docker group
sudo usermod -aG docker ec2-user 
newgrp docker
*This allows for minimal privilege escalation

2. Create a temporary directory where the docker commands will be run from.
3. Copy the user ssh key to the same directory, and create and empty inventory file:
 touch inventory
Sample Inventory file:
[hg] 
172.31.30.191 # Local IP, Remote IP or Hostname / DNS Name

[all:vars]
ansible_ssh_user=ec2-user # SSH User
ansible_ssh_private_key_file=~/.ssh/private_key.pem # SSH user key
Update the inventory file, replacing the values with ones that are appropriate for your system.