Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/parithosh/ansible-beaconfuzz-runner

Ansible playbooks to setup and run the beaconfuzzer
https://github.com/parithosh/ansible-beaconfuzz-runner

ansible devops ethereum fuzzing

Last synced: about 1 month ago
JSON representation

Ansible playbooks to setup and run the beaconfuzzer

Host: GitHub
URL: https://github.com/parithosh/ansible-beaconfuzz-runner
Owner: parithosh
License: mit
Created: 2020-10-02T14:25:44.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2021-03-18T09:07:37.000Z (almost 4 years ago)
Last Synced: 2024-10-29T01:40:52.553Z (3 months ago)
Topics: ansible, devops, ethereum, fuzzing
Language: Makefile
Homepage:
Size: 43 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Ansible for beacon-fuzz

[![Forks](https://img.shields.io/github/forks/parithosh/ansible-beaconfuzz-runner)](https://github.com/parithosh/ansible-beaconfuzz-runner/network/members)
[![Stars](https://img.shields.io/github/stars/parithosh/ansible-beaconfuzz-runner)](https://github.com/parithosh/ansible-beaconfuzz-runner/stargazers)
[![License: AGPL v3](https://img.shields.io/github/license/parithosh/ansible-beaconfuzz-runner)](https://github.com/parithosh/ansible-beaconfuzz-runner/blob/main/LICENSE)

Beacon-fuzz is an open sourced fuzzing framework for the Ethereum 2.0 Phase 0 implementation. The original
beacon-fuzz repository can be found [here](https://github.com/sigp/beacon-fuzz).

This repository contains the ansible playbooks that can be used to perform the following actions:
- Start a fuzzer on a remote machine
- Stop a fuzzer on a remote machine
- Fetch the fuzzing artifacts from a remote machine

## Requirements:
- A machine with ansible installed
- A remote machine or VM on which the fuzzing will be performed, ideally Ubuntu or Debian (Note: this project has been tested on Debian GNU/Linux 10)

## Setup:
- Clone this repository and navigate the terminal to the directory
- Install the ansible posix collection "ansible-galaxy collection install ansible.posix"
- Open the `inventory.ini` file and enter the information as described
- Run the desired playbook with `ansible-playbook playbooks/.yml`
- The fuzzing will be started inside a `screen` on the remote machine
- If needed, observe the performance/logs by SSH-ing into to the remote machine and using `sudo screen -r`

## Caveats:
- The docker socket is often inaccessible on newly provisioned VMs to regular users. For the sake of simplicity, this
playbook uses the `root` user to bypass this. If a more stable solution is required, then modify the `basic-dependencies`
role to create a user with access to the docker daemon.
- The `screen` started by the playbook in which the fuzzer runs has been set to run under the `root` user. This has been
done to enable all `screen`s to run in one place. A potential future upgrade will use the fuzzing user method as
described in the previous `caveat`.
- If multiple fuzzers are to be run on the same machine, then add multiple entries with the required configuration
in the `inventory.ini` file. The playbook would then fail due to some processes failing to get a lock, to avoid this, set
the playbook to run in serial mode with `serial: 1` right after the `hosts:` line in the playbook.
- The playbook `stop-all-fuzzers.yml` uses the `kill` command to stop all processes running in `screen`. However, it does
so indiscriminately. It will stop all `screens` on the root user. Be warned of this behavior.
- The `fetch-all-artefacts.yml` playbook creates and saves the artifacts in a folder in a folder called `fuzzing-artifacts`
- The `fetch-all-artefacts.yml` playbook has only been tested on the `beaconfuzz_v2` fuzzer. The path to the `eth2fuzz`
artefacts might be wrong and needs some attention to change it. Changes can be done via the `playbook/variables/folder-location.yaml`.

## Future work:
- Automate the whole process with `terraform` to provision infrastructure as well
- Test the `fetch-all-artefacts.yml` playbook to check if the locations of the fuzzing artifacts are correct
- Create a user on the remote machine purely for fuzzing
- Create a playbook that randomly runs a fuzzer without any configuration being specified
- Create a playbook for updating an existing fuzzer

## Contributors welcome!

If you like my work, feel free to buy me a beer.

Ethereum address: 0x2628562A4fd5762D52CF43DE21bB925174C33085