Custom Provisioning

Custom provisioning/un-provisioning is Optional and is available only for VM.

Custom provisioning/un-provisioning can be utilized when the user wishes to execute custom commands during Application provisioning/un-provisioning. VSP provides an ability to write and execute custom scripts during both the scenarios.

When are the scripts invoked?

1. The custom provisioning script is invoked during the below two scenarios:
   1. The Application is provisioned on the CMS
   2. The Probe services are restarted
2. The custom un-provisioning script is invoked when the Application is un-provisioned on the CMS

Custom Script Configuration

1. Login to the Probe as virsec user
2. Navigate to the directory: /opt/virsec-web-mem/<Language>/scripts
3. To customize the provisioning process, create a directory cust-prov using the below command and copy the required script in the newly created directory cust-prov

   mkdir cust-prov

4. The custom script is invoked with the below parameters:
   1. Ruby on Rails:

      <Script_Name> <Deployment Directory>

      1. Example with default script:
         /opt/virsec-web-mem/iae-ruby/scripts/provisionRor.sh "/opt/open-source-billing"
         
   2. Java:

      <Script> <Server type> <Application Config File Path> <AppCollectiveID> <Server name> --applicationType <Application Type> --filterType <Filter Type> --instrumentationFilterClass <Filter Class> --filterMethod <Filter Method> –filterPosition <Filter Position>

      NOTE

      Server name is applicable when the Server Type is JBoss and the script is XML
      1. Example with default script:
         /opt/virsec-web-mem/iae-java/scripts/provision.sh "Tomcat" "/opt/apache-tomcat-8.5.30/bin/setenv.sh" "tomcat8_rhel7_webgoat_vm" "" --applicationType "Other Application" --filterType "ServletFilter" --instrumentationFilterClass "NA" --filterMethod "doFilter" –filterPosition "First"
         
   3. PHP:

      <Script> <Prov/Clean> php <Deployment Directory> <Server Type> <PHP version> <AppCollectiveID> <Empty String> <Running Application Count>

      NOTE

      Running Application Count can be used to remove the extension php from php.ini if the value is 0
      1. Example with default script:
         /opt/virsec-web-mem/iae-php/scripts prov php "/var/www/html/mutillidae" "Apache" "7.3" "rhel8-apache" "" "0"
         
   4. Ensure that the VSP script: /opt/virsec-web-mem/<Technology>/scripts/provision.sh is invoked from this custom script
5. To customize the un-provisioning process, follow the below process:

   mkdir cust-unprov

   1. Copy the required script under the newly created directory: cust-unprov
   2. Ensure that the VSP script: /opt/virsec-web-mem/<Technology>/scripts/unprovision.sh is invoked from this custom script
6. The custom scripts are executed as the root user. Ensure that the user is changed to the required user in the script for Application start or stop actions
7. To remove the customization, delete the below directories
   1. /opt/virsec-web-mem/<Language>/scripts/cust-prov
   2. /opt/virsec-web-mem/<Language>/scripts/cust-unprov

Usecases

1. Server Restart: In cases, where the Server needs a restart during provisioning or un-provisioning, custom scripts can be utilized:
   Step 1: Invoke VSP Provision/Un-provision Script
   Step 2: Change User (if needed)
   Step 3: Restart Application Server
   1. In cases where the Application restart takes more than 3 minutes, the provisioning will time out. In such cases, invoke the Application restart script asynchronously so that provisioning on CMS succeeds
2. Backup and Restore: Whenever a backup is needed, custom scripts can be utilized:
   Step 1: Take backup
   Step 2: Invoke VSP Provision/Un-provision Script
   Step 3: Restore from Backup