42 project, setup of a Kubernetes cluster. Services include an nginx, an FTPS, a Wordpress and a PHPMyAdmin working with a MySQL database, and a Grafana linked to an InfluxDB database for monitoring. The script builds the custom Docker images for each of those, before deploying and exposing them all with custom yaml files.
final mark
|
interest |
number of team |
difficulty |
⭐⭐⭐⭐ |
🐱 |
⭐⭐⭐⭐⭐ |
|
en.subject.pdf
- Get load-balancer IP
export NGINX_LB_IP=`kubectl get services nginx --output jsonpath='{.status.loadBalancer.ingress[0].ip}'`
- Ckeck HTTPS redirection
- Actually check website
curl -k https://$NGINX_LB_IP > cat.html
case $(uname -s) in
Darwin*) open cat.html;;
Linux*) xdg-open cat.html;;
esac
- Check ssh access
ssh root@${NGINX_LB_IP} -i srcs/nginx_ssh/id
- Install lftp
- Modify config file to support self-signed certificate
case $(uname -s) in
Darwin*) LFTP_CONFIG_FILE=~/.brew/etc/lftp.conf;;
Linux*) LFTP_CONFIG_FILE=/etc/lftp.conf;;
esac
echo "set ssl:verify-certificate false" >> $LFTP_CONFIG_FILE
- If on Linux you get a permission denied, add the line manually in your config file.
sudo vi $LFTP_CONFIG_FILE
- Get FTP load-balancer
export LFTP_LB_IP=`kubectl get services ftps-service --output jsonpath='{.status.loadBalancer.ingress[0].ip}'`
- Connect to server (password="bao")
lftp -u maobe $LFTP_LB_IP
- Get Loadbalancer IP
export WP_LB_IP="`kubectl get services baobe-service-http --output jsonpath='{.status.loadBalancer.ingress[0].ip}'`:5050"
- Access website
bash <<< "
case $(uname -s) in
Darwin*) open -a safari http://$WP_LB_IP;;
Linux*) xdg-open http://$WP_LB_IP;;
esac"
- Check available users: (to connect access http://$WP_LB_IP/wp-login.php)
# Admin user:
login: meilv
password: new-password
# Basic user I
login: 42_user
password: secretpassword
# Basic user II
login: junko
password: secretpassword
- Get Loadbalancer IP
export PMA_LB_IP="`kubectl get services pma-service --output jsonpath='{.status.loadBalancer.ingress[0].ip}'`:5000"
- Access website
bash <<< "
case $(uname -s) in
Darwin*) open -a safari http://$PMA_LB_IP;;
Linux*) xdg-open http://$PMA_LB_IP;;
esac"
- Check available users: (to connect access http://$WP_LB_IP/wp-login.php)
# Admin user:
login: sammy
password: Xibaochat!
# PMA User
login: pma
password: Xibaochat!
- Check wordpress database is linked to PMA
1. Update password for every user
UPDATE wp_users set user_pass = MD5('badpassword');
2. Check you can login to wordpress with the new password
- Get Loadbalancer IP
export GRAFANA_LB_IP="`kubectl get services grafana-svc --output jsonpath='{.status.loadBalancer.ingress[0].ip}'`:3000"
- Access website
bash <<< "
case $(uname -s) in
Darwin*) open -a safari http://$GRAFANA_LB_IP;;
Linux*) xdg-open http://$GRAFANA_LB_IP;;
esac"
- Check available users:
# Admin user:
login: admin
password: kraken
- Check influxdb is linked to grafana
bash <<< "
case $(uname -s) in
Darwin*) open -a safari http://$GRAFANA_LB_IP/datasources/edit/1/;;
Linux*) xdg-open http://$GRAFANA_LB_IP/datasources/edit/1/;;
esac"
- Delete db pods
kubectl rollout restart deploy mysql-deployment
kubectl rollout restart deploy influxdb-deployment
- Check WP + grafana is still working