Separate 'analyzer' module

[psrok1]

To make things less hardcoded in the Karton service itself, let's move analysis process to the separate module called "analyzer"

Analyzer is parametrized by AnalysisOptions object that is composed from configuration file values and task parameters. analyzer.analyze_sample and AnalysisOptions interface is used both by DrakrunKarton and new CLI tool called drakstart that allows to run raw analysis process directly from CLI. It will be useful tool for setup and further development and debugging.

List of things implemented a bit different than in the original code:

• Sample is downloaded to /tmp/drakrun/vm-<N>/sample instead of /tmp/drakrun/vm-<N>/<target_name>. The target file name (which is usually malwar.exe) is used only when writing file to the target VM.
• metadata.json includes dumps_metadata
• Network setup is done always at the beginning of the analysis instead of at the start of Karton. Network is also wiped at the end of the analysis, see analyzer.run_vm. It sounds a bit cleaner to me as user may change out_interface/dns_server/net_enable settings and we need to setup network accordingly.
• Analysis is not retried only when "retryable" error occurs
• Logging setup is changed, I do it in setup_logger and bind handlers to the root logger. It should fix the "double logging" problem.

[msm-cert]

Looks good! Left some comments for now

[msm-cert]

I didn't read everything today, but I've reviewed it before and it looks good

[msm-cert]

this default is used by analyzer at one place, but maybe it shouldn't have a default in the dataclass at all?