Skip to content

Commit ba41133

Browse files
sdutta9sdutta9
committed
lab8 updates
1 parent 4a0b1a7 commit ba41133

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

77 files changed

+3615
-3
lines changed

labs/lab8/docker-compose.yml

+164
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,164 @@
1+
# NGINX Plus / OSS with NGINX Agent
2+
# NGINX webservers with ingress-demo pages
3+
# NGINX One Console Instance Registration
4+
# NGINX Basics, Dec 2024
5+
# Chris Akker, Shouvik Dutta, Adam Currier
6+
#
7+
services:
8+
plus1: # Alpine NGINX Plus Web / Load Balancer
9+
environment:
10+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
11+
NGINX_AGENT_SERVER_GRPCPORT: '443'
12+
NGINX_AGENT_TLS_ENABLE: 'true'
13+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey From One Console
14+
# NGINX_AGENT_INSTANCE_GROUP: $NAME-sync-group
15+
hostname: $NAME-plus1
16+
container_name: $NAME-plus1
17+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r32-alpine-3.20-20240613 # CVE - From Nginx Private Registry
18+
volumes: # Sync these folders to container
19+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
20+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
21+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
22+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
23+
ports:
24+
- 80:80 # Open for HTTP
25+
- 443:443 # Open for HTTPS
26+
- 9000:9000 # Open for stub status page
27+
- 9113:9113 # Open for Prometheus Scraper page
28+
restart: always
29+
#
30+
plus2: # Alpine NGINX Plus Web / Load Balancer
31+
environment:
32+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
33+
NGINX_AGENT_SERVER_GRPCPORT: '443'
34+
NGINX_AGENT_TLS_ENABLE: 'true'
35+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey Fron Nginx One Console
36+
# NGINX_AGENT_INSTANCE_GROUP: $NAME-sync-group
37+
hostname: $NAME-plus2
38+
container_name: $NAME-plus2
39+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r31-alpine-3.19-20240522 # CVE - From Nginx Private Registry
40+
volumes: # Sync these folders to container
41+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
42+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
43+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
44+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
45+
ports:
46+
- '80' # Open for HTTP
47+
- '443' # Open for HTTPS
48+
- '9000' # Open for API / Dashboard page
49+
- '9113' # Open for Prometheus Scraper page
50+
restart: always
51+
#
52+
plus3: # RHEL UBI NGINX Plus Web / Load Balancer
53+
environment:
54+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
55+
NGINX_AGENT_SERVER_GRPCPORT: '443'
56+
NGINX_AGENT_TLS_ENABLE: 'true'
57+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey Fron Nginx One Console
58+
# NGINX_AGENT_INSTANCE_GROUP: $NAME-sync-group
59+
hostname: $NAME-plus3
60+
container_name: $NAME-plus3
61+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r31-ubi-9-20240522 # From Nginx Private Registry
62+
volumes: # Sync these folders to container
63+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
64+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
65+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
66+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
67+
ports:
68+
- '80' # Open for HTTP
69+
- '443' # Open for HTTPS
70+
- '9000' # Open for API / Dashboard page
71+
- '9113' # Open for Prometheus Scraper page
72+
restart: always
73+
#
74+
oss1: # Debian NGINX OSS Web / Load Balancer
75+
environment:
76+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
77+
NGINX_AGENT_SERVER_GRPCPORT: '443'
78+
NGINX_AGENT_TLS_ENABLE: 'true'
79+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey Fron Nginx One Console
80+
hostname: $NAME-oss1
81+
container_name: $NAME-oss1
82+
image: docker-registry.nginx.com/nginx/agent:mainline # From Docker Public Registry
83+
volumes: # Sync these folders to container
84+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
85+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
86+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
87+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
88+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
89+
ports:
90+
- '80' # Open for HTTP
91+
- '443' # Open for HTTPS
92+
- '9000' # Open for stub status page
93+
- '9113' # Open for Prometheus Scraper page
94+
restart: always
95+
#
96+
oss2: # Alpine NGINX OSS Web / Load Balancer
97+
environment:
98+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
99+
NGINX_AGENT_SERVER_GRPCPORT: '443'
100+
NGINX_AGENT_TLS_ENABLE: 'true'
101+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey Fron Nginx One Console
102+
hostname: $NAME-oss2
103+
container_name: $NAME-oss2
104+
image: docker-registry.nginx.com/nginx/agent:alpine # From Docker Public Registry
105+
volumes: # Sync these folders to container
106+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
107+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
108+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
109+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
110+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
111+
ports:
112+
- '80' # Open for HTTP
113+
- '443' # Open for HTTPS
114+
- '9000' # Open for stub status page
115+
- '9113' # Open for Prometheus Scraper page
116+
restart: always
117+
#
118+
oss3: # Older Alpine NGINX OSS Web / Load Balancer
119+
environment:
120+
NGINX_AGENT_SERVER_HOST: 'agent.connect.nginx.com'
121+
NGINX_AGENT_SERVER_GRPCPORT: '443'
122+
NGINX_AGENT_TLS_ENABLE: 'true'
123+
NGINX_AGENT_SERVER_TOKEN: $TOKEN # Datakey Fron Nginx One Console
124+
hostname: $NAME-oss3
125+
container_name: $NAME-oss3
126+
image: docker-registry.nginx.com/nginx/agent:1.26-alpine # From Docker Public Registry
127+
volumes: # Sync these folders to container
128+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
129+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
130+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
131+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
132+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
133+
ports:
134+
- '80' # Open for HTTP
135+
- '443' # Open for HTTPS
136+
- '9000' # Open for stub status page
137+
- '9113' # Open for Prometheus Scraper page
138+
restart: always
139+
#
140+
web1:
141+
hostname: $NAME-web1
142+
container_name: $NAME-web1
143+
platform: linux/amd64
144+
image: nginxinc/ingress-demo # Image from Docker Hub
145+
ports:
146+
- '80' # Open for HTTP
147+
- '443' # Open for HTTPS
148+
web2:
149+
hostname: $NAME-web2
150+
container_name: $NAME-web2
151+
platform: linux/amd64
152+
image: nginxinc/ingress-demo
153+
ports:
154+
- '80'
155+
- '433'
156+
web3:
157+
hostname: $NAME-web3
158+
container_name: $NAME-web3
159+
platform: linux/amd64
160+
image: nginxinc/ingress-demo
161+
ports:
162+
- '80'
163+
- '443'
164+

labs/lab8/media/docker-icon.png

15.2 KB

labs/lab8/media/nginx-nim-icon.png

6.92 KB

labs/lab8/media/nginx-plus-icon.png

6.35 KB

labs/lab8/media/nim-agent-install.png

773 KB

labs/lab8/media/nim-crg-.png

595 KB

labs/lab8/media/nim-crg-screen-1.png

651 KB

labs/lab8/media/nim-crg-screen-2.png

598 KB

labs/lab8/media/nim-crg-screen-3.png

605 KB

labs/lab8/media/nim-crg-screen-4.png

597 KB

labs/lab8/media/nim-crg-screen-5.png

595 KB

labs/lab8/media/nim-crg-screen-6.png

605 KB

labs/lab8/media/nim-ig-screen-1.png

546 KB

labs/lab8/media/nim-ig-screen-2.png

721 KB

labs/lab8/media/nim-ig-screen-3.png

625 KB

labs/lab8/media/nim-license-screen-1.png

279 KB

labs/lab8/media/nim-license-screen-2.png

457 KB

labs/lab8/media/nim-license-screen-3.png

507 KB

labs/lab8/media/nim-license-screen-4.png

418 KB

labs/lab8/media/nim-metrics-1.png

2.3 MB

labs/lab8/media/nim-scan-screen-1.png

862 KB

labs/lab8/media/nim-scan-screen-2.png

961 KB

labs/lab8/media/nim-upgrade-1.png

1.22 MB

labs/lab8/media/nim-upgrade-10.png

365 KB

labs/lab8/media/nim-upgrade-2.png

965 KB

labs/lab8/media/nim-upgrade-3.png

716 KB

labs/lab8/media/nim-upgrade-4.png

674 KB

labs/lab8/media/nim-upgrade-5.png

1.14 MB

labs/lab8/media/nim-upgrade-6.png

438 KB

labs/lab8/media/nim-upgrade-7.png

66.2 KB

labs/lab8/media/nim-upgrade-8.png

99.3 KB

labs/lab8/media/nim-upgrade-9.png

95.6 KB

labs/lab8/media/r33-delete-old-instances-1.png

519 KB

labs/lab8/media/r33-delete-old-instances-2.png

396 KB

labs/lab8/media/r33-delete-old-instances-3.png

283 KB

labs/lab8/media/r33-instance-settings-1.png

240 KB

labs/lab8/media/r33-instance-settings-2.png

306 KB

labs/lab8/media/r33-plus4-deployed.png

395 KB

labs/lab8/media/r33-plus4-with-agent.png

364 KB

labs/lab8/nginx-docker/docker-compose.yml

+160
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,160 @@
1+
# NGINX Plus / OSS with NGINX Agent
2+
# NGINX webservers with ingress-demo pages
3+
# NGINX One Console Instance Registration
4+
# NGINX Basics, Dec 2024
5+
# Chris Akker, Shouvik Dutta, Adam Currier
6+
#
7+
services:
8+
plus1: # Alpine NGINX Plus Web / Load Balancer
9+
environment:
10+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
11+
NGINX_AGENT_SERVER_GRPCPORT: '443'
12+
NGINX_AGENT_TLS_ENABLE: 'true'
13+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-docker
14+
hostname: $NAME-plus1
15+
container_name: $NAME-plus1
16+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r32-alpine-3.20-20240613 # CVE - From Nginx Private Registry
17+
volumes: # Sync these folders to container
18+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
19+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
20+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
21+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
22+
ports:
23+
- 80:80 # Open for HTTP
24+
- 443:443 # Open for HTTPS
25+
- 9000:9000 # Open for stub status page
26+
- 9113:9113 # Open for Prometheus Scraper page
27+
restart: always
28+
#
29+
plus2: # Alpine NGINX Plus Web / Load Balancer
30+
environment:
31+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
32+
NGINX_AGENT_SERVER_GRPCPORT: '443'
33+
NGINX_AGENT_TLS_ENABLE: 'true'
34+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-docker
35+
hostname: $NAME-plus2
36+
container_name: $NAME-plus2
37+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r31-alpine-3.19-20240522 # CVE - From Nginx Private Registry
38+
volumes: # Sync these folders to container
39+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
40+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
41+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
42+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
43+
ports:
44+
- '80' # Open for HTTP
45+
- '443' # Open for HTTPS
46+
- '9000' # Open for API / Dashboard page
47+
- '9113' # Open for Prometheus Scraper page
48+
restart: always
49+
#
50+
plus3: # RHEL UBI NGINX Plus Web / Load Balancer
51+
environment:
52+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
53+
NGINX_AGENT_SERVER_GRPCPORT: '443'
54+
NGINX_AGENT_TLS_ENABLE: 'true'
55+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-docker
56+
hostname: $NAME-plus3
57+
container_name: $NAME-plus3
58+
image: private-registry.nginx.com/nginx-plus/agent:nginx-plus-r31-ubi-9-20240522 # From Nginx Private Registry
59+
volumes: # Sync these folders to container
60+
- ./nginx-plus/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
61+
- ./nginx-plus/etc/nginx/conf.d:/etc/nginx/conf.d
62+
- ./nginx-plus/etc/nginx/includes:/etc/nginx/includes
63+
- ./nginx-plus/usr/share/nginx/html:/usr/share/nginx/html
64+
ports:
65+
- '80' # Open for HTTP
66+
- '443' # Open for HTTPS
67+
- '9000' # Open for API / Dashboard page
68+
- '9113' # Open for Prometheus Scraper page
69+
restart: always
70+
#
71+
oss1: # Debian NGINX OSS Web / Load Balancer
72+
environment:
73+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
74+
NGINX_AGENT_SERVER_GRPCPORT: '443'
75+
NGINX_AGENT_TLS_ENABLE: 'true'
76+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-oss
77+
hostname: $NAME-oss1
78+
container_name: $NAME-oss1
79+
image: docker-registry.nginx.com/nginx/agent:mainline # From Docker Public Registry
80+
volumes: # Sync these folders to container
81+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
82+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
83+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
84+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
85+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
86+
ports:
87+
- '80' # Open for HTTP
88+
- '443' # Open for HTTPS
89+
- '9000' # Open for stub status page
90+
- '9113' # Open for Prometheus Scraper page
91+
restart: always
92+
#
93+
oss2: # Alpine NGINX OSS Web / Load Balancer
94+
environment:
95+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
96+
NGINX_AGENT_SERVER_GRPCPORT: '443'
97+
NGINX_AGENT_TLS_ENABLE: 'true'
98+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-oss
99+
hostname: $NAME-oss2
100+
container_name: $NAME-oss2
101+
image: docker-registry.nginx.com/nginx/agent:alpine # From Docker Public Registry
102+
volumes: # Sync these folders to container
103+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
104+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
105+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
106+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
107+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
108+
ports:
109+
- '80' # Open for HTTP
110+
- '443' # Open for HTTPS
111+
- '9000' # Open for stub status page
112+
- '9113' # Open for Prometheus Scraper page
113+
restart: always
114+
#
115+
oss3: # Older Alpine NGINX OSS Web / Load Balancer
116+
environment:
117+
NGINX_AGENT_SERVER_HOST: '10.1.1.5'
118+
NGINX_AGENT_SERVER_GRPCPORT: '443'
119+
NGINX_AGENT_TLS_ENABLE: 'true'
120+
NGINX_AGENT_INSTANCE_GROUP: $NAME-nginx-oss
121+
hostname: $NAME-oss3
122+
container_name: $NAME-oss3
123+
image: docker-registry.nginx.com/nginx/agent:1.26-alpine # From Docker Public Registry
124+
volumes: # Sync these folders to container
125+
- ./nginx-oss/etc/nginx/nginx.conf:/etc/nginx/nginx.conf
126+
- ./nginx-oss/etc/nginx/conf.d:/etc/nginx/conf.d
127+
- ./nginx-oss/etc/nginx/includes:/etc/nginx/includes
128+
- ./nginx-oss/etc/ssl/nginx:/etc/ssl/nginx
129+
- ./nginx-oss/usr/share/nginx/html:/usr/share/nginx/html
130+
ports:
131+
- '80' # Open for HTTP
132+
- '443' # Open for HTTPS
133+
- '9000' # Open for stub status page
134+
- '9113' # Open for Prometheus Scraper page
135+
restart: always
136+
#
137+
web1:
138+
hostname: $NAME-web1
139+
container_name: $NAME-web1
140+
platform: linux/amd64
141+
image: nginxinc/ingress-demo # Image from Docker Hub
142+
ports:
143+
- '80' # Open for HTTP
144+
- '443' # Open for HTTPS
145+
web2:
146+
hostname: $NAME-web2
147+
container_name: $NAME-web2
148+
platform: linux/amd64
149+
image: nginxinc/ingress-demo
150+
ports:
151+
- '80'
152+
- '433'
153+
web3:
154+
hostname: $NAME-web3
155+
container_name: $NAME-web3
156+
platform: linux/amd64
157+
image: nginxinc/ingress-demo
158+
ports:
159+
- '80'
160+
- '443'

labs/lab8/nginx-oss/etc/nginx/conf.d/cafe.example.com.conf

+27
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
# cafe.example.com HTTP
2+
server {
3+
# Listening on port 80 on all IP addresses on this machine
4+
listen 80;
5+
6+
server_name cafe.example.com;
7+
8+
# status_zone cafe-VirtualServer;
9+
10+
# Server specific logging
11+
access_log /var/log/nginx/cafe.example.com.log main_ext;
12+
error_log /var/log/nginx/cafe.example.com_error.log info;
13+
14+
location / {
15+
16+
proxy_buffering off;
17+
18+
# Including best-practice headers are bonus points
19+
include includes/proxy_headers.conf;
20+
include includes/keepalive.conf;
21+
22+
# status_zone /;
23+
24+
proxy_pass http://nginx_cafe;
25+
}
26+
27+
}

labs/lab8/nginx-oss/etc/nginx/conf.d/stub_status.conf

+19
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
# ngx_http_stub_status_module (Available in NGINX OSS)
2+
# provides Basic Status information http://nginx.org/en/docs/http/ngx_http_stub_status_module.html
3+
4+
server {
5+
listen 9000 ssl; # Listener for Stub Status
6+
7+
ssl_certificate /etc/ssl/nginx/30-day.crt;
8+
ssl_certificate_key /etc/ssl/nginx/30-day.key;
9+
10+
location /basic_status {
11+
stub_status;
12+
}
13+
14+
# Redirect requests for "/" to "/basic_status"
15+
location / {
16+
return 301 /basic_status;
17+
}
18+
19+
}

0 commit comments

Comments
 (0)