diff --git a/labs/lab2/media/lab2_none-instances.png b/labs/lab2/media/lab2_none-instances.png index 66567bb..09801ab 100644 Binary files a/labs/lab2/media/lab2_none-instances.png and b/labs/lab2/media/lab2_none-instances.png differ diff --git a/labs/lab2/nginx-plus/etc/nginx/nginx.conf b/labs/lab2/nginx-plus/etc/nginx/nginx.conf index a9cc6b0..e610191 100644 --- a/labs/lab2/nginx-plus/etc/nginx/nginx.conf +++ b/labs/lab2/nginx-plus/etc/nginx/nginx.conf @@ -19,6 +19,8 @@ http { '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; + include /etc/nginx/includes/log_formats/*.conf; # Custom Access logs formats found here + access_log /var/log/nginx/access.log main; sendfile on; diff --git a/labs/lab2/readme.md b/labs/lab2/readme.md index 9e5433d..682cffd 100644 --- a/labs/lab2/readme.md +++ b/labs/lab2/readme.md @@ -140,7 +140,7 @@ You will run some Docker containers to build out various workshop components, us 5cde3c462a27 nginxinc/ingress-demo "/docker-entrypoint.…" 44 minutes ago Up 44 minutes 0.0.0.0:33380->80/tcp, :::33379->80/tcp, 0.0.0.0:33376->443/tcp, :::33375->443/tcp web3 ``` - Go back to your NGINX One Console Instance page, and click `Refresh`. You should see all 6 of your `basics-` instances appear in the list, and the Online icon should be `green`. If they did not Register with the One Console, it is likely you have an issue with the $TOKEN used, create a new Dataplane Key and try again. It should look similar to this: + Go back to your NGINX One Console Instance page, and click `Refresh`. You should see all 6 of your `one-workshop-` instances appear in the list, and the Online icon should be `green`. If they did not Register with the One Console, it is likely you have an issue with the $TOKEN used, create a new Dataplane Key and try again. It should look similar to this: ![NGINX Instances](media/lab2_none-instances.png) diff --git a/labs/lab3/media/lab3_30-day-cert-details.png b/labs/lab3/media/lab3_30-day-cert-details.png index 82dda2c..04b2c23 100644 Binary files a/labs/lab3/media/lab3_30-day-cert-details.png and b/labs/lab3/media/lab3_30-day-cert-details.png differ diff --git a/labs/lab3/media/lab3_basics-oss1-certs.png b/labs/lab3/media/lab3_basics-oss1-certs.png deleted file mode 100644 index 8b1c7be..0000000 Binary files a/labs/lab3/media/lab3_basics-oss1-certs.png and /dev/null differ diff --git a/labs/lab3/media/lab3_basics-oss1-config-colors.png b/labs/lab3/media/lab3_basics-oss1-config-colors.png deleted file mode 100644 index 9ec974b..0000000 Binary files a/labs/lab3/media/lab3_basics-oss1-config-colors.png and /dev/null differ diff --git a/labs/lab3/media/lab3_basics-plus1-cves.png b/labs/lab3/media/lab3_basics-plus1-cves.png deleted file mode 100644 index afbcc87..0000000 Binary files a/labs/lab3/media/lab3_basics-plus1-cves.png and /dev/null differ diff --git a/labs/lab3/media/lab3_basics-plus2-cves.png b/labs/lab3/media/lab3_basics-plus2-cves.png deleted file mode 100644 index 24ddc8a..0000000 Binary files a/labs/lab3/media/lab3_basics-plus2-cves.png and /dev/null differ diff --git a/labs/lab3/media/lab3_cafe-best-practice.png b/labs/lab3/media/lab3_cafe-best-practice.png index 4085d35..ee6ff23 100644 Binary files a/labs/lab3/media/lab3_cafe-best-practice.png and b/labs/lab3/media/lab3_cafe-best-practice.png differ diff --git a/labs/lab3/media/lab3_nginx-conf-best-practice.png b/labs/lab3/media/lab3_nginx-conf-best-practice.png index 358fa48..f167430 100644 Binary files a/labs/lab3/media/lab3_nginx-conf-best-practice.png and b/labs/lab3/media/lab3_nginx-conf-best-practice.png differ diff --git a/labs/lab3/media/lab3_none-cpu.png b/labs/lab3/media/lab3_none-cpu.png index a70b517..d484b3a 100644 Binary files a/labs/lab3/media/lab3_none-cpu.png and b/labs/lab3/media/lab3_none-cpu.png differ diff --git a/labs/lab3/media/lab3_none-cves-high.png b/labs/lab3/media/lab3_none-cves-high.png index 6c8bd3d..b387a22 100644 Binary files a/labs/lab3/media/lab3_none-cves-high.png and b/labs/lab3/media/lab3_none-cves-high.png differ diff --git a/labs/lab3/media/lab3_none-network.png b/labs/lab3/media/lab3_none-network.png index 2aa84ba..036857c 100644 Binary files a/labs/lab3/media/lab3_none-network.png and b/labs/lab3/media/lab3_none-network.png differ diff --git a/labs/lab3/media/lab3_none-ram.png b/labs/lab3/media/lab3_none-ram.png index fa2486b..992e1ea 100644 Binary files a/labs/lab3/media/lab3_none-ram.png and b/labs/lab3/media/lab3_none-ram.png differ diff --git a/labs/lab3/media/lab3_none-security-pane-details.png b/labs/lab3/media/lab3_none-security-pane-details.png index 1549cd2..48498fa 100644 Binary files a/labs/lab3/media/lab3_none-security-pane-details.png and b/labs/lab3/media/lab3_none-security-pane-details.png differ diff --git a/labs/lab3/media/lab3_one-workshop-oss1-certs.png b/labs/lab3/media/lab3_one-workshop-oss1-certs.png new file mode 100644 index 0000000..cceb41c Binary files /dev/null and b/labs/lab3/media/lab3_one-workshop-oss1-certs.png differ diff --git a/labs/lab3/media/lab3_one-workshop-oss1-config-colors.png b/labs/lab3/media/lab3_one-workshop-oss1-config-colors.png new file mode 100644 index 0000000..ad411e0 Binary files /dev/null and b/labs/lab3/media/lab3_one-workshop-oss1-config-colors.png differ diff --git a/labs/lab3/media/lab3_basics-plus1-cves-redirect.png b/labs/lab3/media/lab3_one-workshop-plus1-cves-redirect.png similarity index 100% rename from labs/lab3/media/lab3_basics-plus1-cves-redirect.png rename to labs/lab3/media/lab3_one-workshop-plus1-cves-redirect.png diff --git a/labs/lab3/media/lab3_one-workshop-plus1-cves.png b/labs/lab3/media/lab3_one-workshop-plus1-cves.png new file mode 100644 index 0000000..c71fe04 Binary files /dev/null and b/labs/lab3/media/lab3_one-workshop-plus1-cves.png differ diff --git a/labs/lab3/media/lab3_one-workshop-plus2-cves.png b/labs/lab3/media/lab3_one-workshop-plus2-cves.png new file mode 100644 index 0000000..7e1ddf8 Binary files /dev/null and b/labs/lab3/media/lab3_one-workshop-plus2-cves.png differ diff --git a/labs/lab3/media/lab3_stub-status-best-practice.png b/labs/lab3/media/lab3_stub-status-best-practice.png index 8a6ab11..5f2de80 100644 Binary files a/labs/lab3/media/lab3_stub-status-best-practice.png and b/labs/lab3/media/lab3_stub-status-best-practice.png differ diff --git a/labs/lab3/readme.md b/labs/lab3/readme.md index 2dc5c31..2ec3adc 100644 --- a/labs/lab3/readme.md +++ b/labs/lab3/readme.md @@ -78,11 +78,11 @@ This Panel is a great tool to show you the CVEs that you might have in your NGIN ![CVEs](media/lab3_none-cves.png) -Click on the `basics-plus2` Instance, you should see a list of all the CVEs identified by NGINX One Console CVE scanner. NOTE: *This list may not include ALL CVEs*, rather just the list that NGINX One Console knows about at the time of the last scan. +Click on `one-workshop-plus2` Instance, you should see a list of all the CVEs identified by NGINX One Console CVE scanner. NOTE: *This list may not include ALL CVEs*, rather just the list that NGINX One Console knows about at the time of the last scan. -Basics Plus1 | Basics Plus2 +One Workshop Plus1 | One Workshop Plus2 :-------------------------:|:-------------------------: -![Container CVEs](media/lab3_basics-plus1-cves.png) | ![Container CVEs](media/lab3_basics-plus2-cves.png) +![Container CVEs](media/lab3_one-workshop-plus1-cves.png) | ![Container CVEs](media/lab3_one-workshop-plus2-cves.png) ### CPU, RAM, Disk Utilization @@ -117,13 +117,13 @@ One of the nice security feature of the NGINX One Console is the ability to prov ![High CVEs](media/lab3_none-cves-high.png) -1. Click on the `basics-plus1` Instance. This will provide the Instance level Details, you will see a `CVEs` Section, this time with the Name, Severity and Description for each CVEs applicable to the instance. +1. Click on the `one-workshop-plus1` Instance. This will provide the Instance level Details, you will see a `CVEs` Section, this time with the Name, Severity and Description for each CVEs applicable to the instance. - ![Basics-plus1 CVE](media/lab3_basics-plus1-cves.png) + ![Basics-plus1 CVE](media/lab3_one-workshop-plus1-cves.png) 1. If you click on one of the CVEs name hyperlink, for example `CVE-2024-39792`, it will directly open the CVE website on a new tab with detailed information and possible remediations. - ![High CVE redirect](media/lab3_basics-plus1-cves-redirect.png) + ![High CVE redirect](media/lab3_one-workshop-plus1-cves-redirect.png) 1. In similar fashion explore, click on the `Medium` Severity link within the Overview Dashboard and explore all the other CVEs that are classified under `Medium` Severity. @@ -148,9 +148,9 @@ Another nice feature of the NGINX One Console is the ability to quickly see the 1. Using the Overview Dashboard Certificates Panel, Click on the `Expiring` link. This will provide a List View of the Instances affected, with metadata about the Instances using the Certificate. -1. Click on the `basics-oss1` Instance. This will provide the Instance level Details, you will see a `Certificates` Section, this time with the Name, Status, `Expiration Date`, and Subject Name for each certificate file. +1. Click on the `one-workshop-oss1` Instance. This will provide the Instance level Details, you will see a `Certificates` Section, this time with the Name, Status, `Expiration Date`, and Subject Name for each certificate file. - ![Certs](media/lab3_basics-oss1-certs.png) + ![Certs](media/lab3_one-workshop-oss1-certs.png) 1. If you Click on the actual certificate file, for example `30-day.crt`, it will give you a List of all the Instances that are using that same certificate. @@ -185,12 +185,12 @@ Fix the Expired Certificate! If you want to create a new certificate, say with a 1. Once you have made this file edits, you would need to reload nginx within all the NGINX OSS containers to incorporate these configuration changes. To do so run below command in your terminal ```bash - docker exec -it basics-oss1 nginx -s reload - docker exec -it basics-oss2 nginx -s reload - docker exec -it basics-oss3 nginx -s reload + docker exec -it one-workshop-oss1 nginx -s reload + docker exec -it one-workshop-oss2 nginx -s reload + docker exec -it one-workshop-oss3 nginx -s reload ``` - The above set of commands would reload nginx in all the three NGINX OSS containers: basics-oss1, basics-oss2 and basics-oss3. + The above set of commands would reload nginx in all the three NGINX OSS containers: one-workshop-oss1, one-workshop-oss2 and one-workshop-oss3.
@@ -202,13 +202,13 @@ One of the Best Features of the NGINX ONE Console is the Configuration analysis - Optimization: NGINX configurations known to provide optimal performance. - Best Practices: Common configurations that follow standards and conform to ideal configs. -1. From the Overview Dashboard, click on the `Security` and then Click on the `basics-oss1` Instance. +1. From the Overview Dashboard, click on the `Security` and then Click on the `one-workshop-oss1` Instance. ![Config Rec Security](media/lab3_none-config-recommendations.png) 1. Switch view to `Configuration` tab to see the recommendation details. The Recommendations are at the bottom of the screen, and if you look at the config file list, you see small numbers next to each config file that is affected. These are `color-coded`: the Orange numbers are for Security, Blue numbers are for Best Practices, and the Green numbers for for Optimizations. - ![Config Recs](media/lab3_basics-oss1-config-colors.png) + ![Config Recs](media/lab3_one-workshop-oss1-config-colors.png) 1. If you click on the `cafe.example.com.conf` file, the Recommendations will be shown on the bottom, with details and Line Numbers, so you know which ones are being highlighted. diff --git a/labs/lab4/media/lab4_csg.png b/labs/lab4/media/lab4_csg.png index 05c11c5..8b9f59a 100644 Binary files a/labs/lab4/media/lab4_csg.png and b/labs/lab4/media/lab4_csg.png differ diff --git a/labs/lab4/readme.md b/labs/lab4/readme.md index 28a9fc4..02a2542 100644 --- a/labs/lab4/readme.md +++ b/labs/lab4/readme.md @@ -309,5 +309,4 @@ This ends lab4. --- -Navigate to ([Lab5](../lab5/readme.md) | [LabGuide](../readme.md)) - +Navigate to ([LabGuide](../readme.md))