Nginx-server Cluster is a cluster containing nginx, Prometheus, and Grafana services to serve simple html documents and statistics of the nginx service.
# Deploy all services
./one-to-rule-them-all
# Remove all services
./one-to-rule-them-all clean
# Deploy all services and turn on ngins security features
./one-to-rule-them-all secureDeploy the cluster with ./deploy-cluster from the root directory.
Each component (nginx, promexporter, prometheus, grafana) has its manifest files in a directory with the same name.
There you can also find deploy-$service.sh and destroy-$service.sh, which are used for setting up and removing the service.
deploy-$service.sh will also run functionality tests to confirm the deployment.
# Deploy nginx
student@lab-kubernetes:~/scgc/nginx$ ./deploy-nginx.sh
configmap/nginx-html-config created
configmap/nginx-metrics-config created
deployment.apps/nginx created
service/nginx created
pod/nginx-8ddbb6569-qt4qs condition met
Test:
<html><body>Not everybody can be bombardier!</body></html>
Active connections: 1
server accepts handled requests
2 2 2
Reading: 0 Writing: 1 Waiting: 0# Remove nginx
student@lab-kubernetes:~/scgc/nginx$ ./destroy-nginx.sh
configmap "nginx-html-config" deleted
configmap "nginx-metrics-config" deleted
Error from server (NotFound): error when deleting "/home/student/scgc/nginx/nginx-secure-config.yaml": configmaps "nginx-secure-config" not found
deployment.apps "nginx" deleted
Error from server (NotFound): error when deleting "/home/student/scgc/nginx/nginx-secure-deployment.yaml": deployments.apps "nginx" not found
service "nginx" deleted
# The "NotFound" messages appear due to the simplicity of the destroy-script,
# that does not bother to check whether a manfiest was deployed before deleting itYou can pass secure as argument for deploy-nginx.sh to deploy nginx with security features: request rate limit for user, limited connections for user and timeout for slow clients.
You can find their implementation in nginx/nginx-secure-config.yaml.
# Deploy nginx with security features
student@lab-kubernetes:~/scgc/nginx$ ./deploy-nginx.sh secure
configmap/nginx-html-config created
configmap/nginx-metrics-config created
configmap/nginx-secure-config created
deployment.apps/nginx created
service/nginx created
pod/nginx-6b6db74b54-dsp84 condition met
Test:
<html><body>Not everybody can be bombardier!</body></html>
Active connections: 2
server accepts handled requests
3 3 4
Reading: 0 Writing: 1 Waiting: 1Use run_slowhttptest.sh <output> from slowhttptest/ to run the attack with the same name.
It will store the results as stats_nginx.csv and stats_nginx.html if no value for output is provided.