IT NetworkS AnaLysis And deploymenT Application
INSALATA is ideally operated as a systemd service with the following
insalata.service file in
[Unit] Description=The insalata service for testbed management. [Service] Type=simple ExecStart=<Reference to 'startInsalata.py' in the src directory> [Install] WantedBy=multi-user.target Alias=insalata.service
Afterwards you can start, stop and monitor the service using
systemctl. Note that stopping may take a moment due to forked scanners being joined for a clean termination.
systemctl start insalata.service systemctl status insalata.service systemctl stop insalata.service
To bootstrap the application, the
locations.conf and the
template directory from the
config directory have to be placed into
sampleEnvironment directory provides sample files for scanner configuration and can be used as a reference for custom scanning configuration.
Main configuration file for the specification of logging, the port of the service, the location of the planner and all information collection environments. The syntax for specifying environments is included by disabled.
Specifies locations which are environments to which a deployment can be conducted. Environments have a type, optional information (e.g. connection infos to a hypervisor server), and a list of all available template images for virtual hosts.
All scripts (.sh or Ansible playbooks) used by INSALATA during information collection or deployment.
INSALATA requires Python 3.5.0+
The location of the planner binary has to be given in the
insalata.conf to be able to run testbed deployment. The application is currently implemented for use with fast-downward which can be obtained here.
For deployment and certain information collection modules it is required to install Ansible (tested with Version 126.96.36.199).
The ZabbixFirewallDump collector module requires the FFFUU application to simplify the gathered firewall rules on the management unit. The executable of the tool must be located at
In addition, this collector module requires an installed Zabbix server. Which data the Zabbix Server must store about the network components is listed in the documentation of the collector module.
The TcpdumpHostCollector collector module requires an installation of TCPDUMP on every device used for collecting.
The NmapService collector module requires Nmap installed on the devices used for scanning.
- lxml (3.4.4+)
- configobj (5.0.6+)
- netaddr (0.7.18+)
- paramiko (2.0.2+)
- pysnmp (4.3.2+)
- py-zabbix (0.7.4)
After the systemd service is up and running, the XML-RPC client application can be used to communicate with the service. See client script.