Install Resilient integration server

Create a minimal CentOS 7 server, configure dependencies for Resilient Integration Circuit and install RIC.


Author(s): Tamas Bures | Created: 16 April 2019 | Last modified: 25 June 2022
Tested on: -

Install and configure Resilient integration server

Prerequisites

  • Installation media for CentOS 7 (Download here - Choose Minimal ISO)

Install CentOS

In this guide, CentOS will be installed as a virtual machine (VM) using Vmware.

Create hardware settings for VM

To create the initial hardware settings for the VM, follow the steps below (using Vmware Fusion):

  1. New - Create a custom virtual machine
  2. Select Linux - CentOS 64-bit
  3. Create a new virtual disk
  4. On the last page, click the Customize Settings
  5. Before you can customize, you need to save the VM, save it.
  6. Once you on the VM's settings window, remove:
    • Camera
    • Printer
    • USB & Bluetooth
    • Sound Card
  7. Configure the disk to have 40 GB and store it in a single file.
  8. Add the downloaded ISO to the CD/DVD drive and check the Connect CD/DVD Drive checkbox.
  9. Configure network (make sure that this new server can reach the Resilient Platform and also it should have connectivity to the Internet)
  10. Adjust CPU to have at least 2 cores and adjust memory to have at least 4GB
  11. Power on the VM.

Install CentOS

If your configuration is okay, CentOS install wizard should start. To install CentOS, follow the steps below:

  1. On the first page, select Install CentOS 7
  2. Press Enter on the next screen to begin installation.
  3. Once the installation wizard loaded, set the proper language you want to use during installation and click Continue.
  4. Configure network by enabling the interface and set a hostname (i.e.: resilient-if).
  5. Disable kdump and Security Policy.
  6. Accept the default partition settings.
  7. Set the date time. If you have internet connectivity, you can update it using Network time.
  8. Configure keyboard for your needs.
  9. Click Begin Installation button.
  10. While the system is being installed, set a password for root user and additionally create another account and wait for the installer to complete.
  11. Once the installation finished, Reboot the machine.

Configure CentOS

Before we can get started installing the Resilient Circuits framework, we need to tune the OS itself, and install some required packages.

Once you have the login screen, login with the root account, and follow the steps below.

  1. Disabling SELinux, issue the following command:

     sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
  2. Disabling unneccessary services.

     for i in abrt-ccpp abrtd atd auditd blk-availability certmonger cpuspeed cups mcelogd mdmonitor netconsole numad oddjobd portreserve rhnsd rhsmcertd smartd winbind postfix iptables ip6tables firewalld kdump; do systemctl disable $i; done
  3. Clean up some files:

     rm -vf /root/install*log
     rm -vf /root/anaconda-ks.cfg
  4. Update GRUB and lower the default 5 seconds timeout to 1:

     sed -i 's/GRUB_TIMEOUT=5/GRUB_TIMEOUT=1/g' /etc/default/grub
     grub2-mkconfig -o /boot/grub2/grub.cfg
  5. Install required packages and update existings ones (if any):

     yum -y groupinstall development
     yum -y install https://centos7.iuscommunity.org/ius-release.rpm
     yum -y install telnet net-tools mc yum-utils python36u python36u-pip python36u-devel python-pip python-devel
     yum -y update
  6. Adding own hostname to the hosts file:

     cp /etc/hosts /etc/hosts.backup
     echo `ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'` `hostname` >> /etc/hosts
  7. Make Python 3.6 default for user:

     echo >> ~/.bashrc << EOF
     alias python=python3.6
     alias pip=pip3.6
     EOF
  8. Create a dedicated user for Resilient integration:

     useradd integration
     mkdir -p /home/integration/.resilient
     chown -R integration /home/integration/.resilient
  9. Reboot the machine.

Install and configure Resilient Circuits

Intall

Once the machine rebooted, login with the root account, and follow the steps below.

  1. Check Python version (it must be higher than 3.6.4):

     python -V
  2. Update pip:

     pip install --upgrade pip
  3. Install Resilient packages using pip:

     pip install --upgrade resilient-circuits
  4. Check installed packages (resilient, resilient-circuits):

     pip list | grep -i resilient

Configure

Once the packages are installed, login or continue with the integration account, and follow the steps below.

  1. Generate a default configuration file:

     resilient-circuits config -c

    Output should be something similar

     CREATING config file /home/integration/.resilient/app.config
     Configuration file generated: /home/integration/.resilient/app.config
     Please manually edit with your specific configuration values.
  2. Edit the default configuration file (/home/integration/.resilient/app.config) by opening with a text editor and adjust the settings:

     host=<resilient hostname or IP>
     port=443
     email=<youraccount@resilient.com>
     password=<account password>
     org=<your organization>
     caFile=<path to PEM file | False if you do not want to check SSL cert.>
  3. Start the integration framework:

     resilient-circuits run