Skip to main content

Quickstart

Installation for Standalone CAPE Instance

Setting up the environment

  1. Create a new Ubuntu VM

    Install Ubuntu Desktop 22.04.2 LTS (Jammy Jellyfish) or Ubuntu Server if no GUI

    • Enable nested virtualisation
      1. Virtual Machine Settings
      2. Enable Processors > Virtualize Intel-x/EPT or AMD-V/RVI
      3. If unable to turn on Virtualisation QEMU setup
    • Disable WSL
      1. bcdedit /set hypervisorlaunchtype off
      2. gpedit (Edit Group Policy)
      3. Local Computer Policy > Computer Configuration > Administrative Templates > System > Device Guard > Turn On Virtualization Security > Disable > Ok
      4. Reboot

    Provide at least 500GB of storage, 8GB of RAM and 4 cores to the VM

  2. Update and Upgrade the Ubuntu VM

    sudo apt update
    sudo apt upgrade

  3. Install Python 3 for Ansible

    sudo apt install python3 python3-pip python3-netaddr

  4. Installing Docker on Ubuntu 22.04

    Follow Docker Documentation

    or

    sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

  5. Cloning the Repository

    First, set up your Git personal access token

    Then clone the deployment repository:

    sudo apt install git
    git clone https://github.com/csitgovsg-acube/infra-staging.git --recursive
    • Select the scopes read_api
    echo $YOUR_GITHUB_USERNAME > secrets/github_username
    echo $PASTE_ACCESS_TOKEN > secrets/github_token

  6. Building Images for deployment

    Refer to Creating Images for building the Base images for the Sandbox

    Save all Qcow2 images into /var/lib/libvirt/images in the Ubuntu VM

    The file name convention is win<ver>-<arch>bit-base.qcow2

  7. Deployment

    For Standalone deployment,

    Comment out acubetotal, opencti and attri in inventory-local.yml and setup.yml in infra-staging

    ansible-playbook --ask-pass --ask-become-pass --inventory inventory-local.yml setup.yml
    info

    If you're deploying from scratch (first deployment), use

    ansible-playbook --ask-pass --ask-become-pass --inventory inventory-local.yml setup.yml --extra-vars setup_virt=yes

    When prompted for BECOME password, this is the password used to run as privileged user (sudo password). This playbook will automatically install the all system and services

QEMU Deployment

info

If VM does not support nested virtualisation, Enable setup_qemu = yes in extra vars