This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Shay_Levin
Admin
Admin
‎2021-07-13 10:41 PM

AppSec Kubernetes Nginx Ingress Controller

In this video, I walk you through protecting  a sample web application running on AWS Kubernetes cluster by Nginx ingress controller 

** Check also the attached txt file that includes all the YAML files I used in the video. 

Preview file
9 KB
4 Replies
RodRod
Employee
Employee
‎2023-08-25 08:32 AM

Once install helm the ingress controller container run but then..

 

State: Waiting, 
Reason: CrashLoopBackOff 

Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning RELOAD 55m nginx-ingress-controller Error reloading NGINX:
-------------------------------------------------------------------------------
Error: exit status 1
2023/08/25 04:49:32 [emerg] 34#34: dlopen() "/usr/lib/nginx/modules/ngx_cp_attachment_module.so" failed (Error relocating /usr/lib/libnginx_attachment_util.so: _ZSt28__throw_bad_array_new_lengthv: symbol no
t found) in /tmp/nginx/nginx-cfg3419880913:1
nginx: [emerg] dlopen() "/usr/lib/nginx/modules/ngx_cp_attachment_module.so" failed (Error relocating /usr/lib/libnginx_attachment_util.so: _ZSt28__throw_bad_array_new_lengthv: symbol not found) in /tmp/ngi
nx/nginx-cfg3419880913:1
nginx: configuration file /tmp/nginx/nginx-cfg3419880913 test failed

 

 

 

0 Kudos
yuvalmamka
Employee
Employee
‎2023-08-27 01:52 AM
In response to RodRod

Hi, try  to change to package 4.1.4 and see if the issue resolves.

0 Kudos
RodRod
Employee
Employee
‎2023-08-28 03:05 PM
In response to yuvalmamka

The error in conteiner was fix with version 4.1.4 now is running, stable and working property, I exposed a juice shop, site. the nano agent container is running: 

Host Ports: 0/TCP, 0/TCP, 0/TCP
Args:
/nginx-ingress-controller
--publish-service=$(POD_NAMESPACE)/cp-appsec-cp-k8s-appsec-nginx-ingress-controller
--election-id=ingress-controller-leader
--controller-class=k8s.io/ingress-nginx
--ingress-class=nginx
--configmap=$(POD_NAMESPACE)/cp-appsec-cp-k8s-appsec-nginx-ingress-controller
--validating-webhook=:8443
--validating-webhook-certificate=/usr/local/certificates/cert
--validating-webhook-key=/usr/local/certificates/key
State: Running
Started: Mon, 28 Aug 2023 13:54:45 -0600

 

BUT never looks like reporting. The console reports as no agent connected. 

 

 

 

 

 

 

0 Kudos
RodRod
Employee
Employee
‎2023-09-12 11:04 AM
In response to RodRod

HELLO TEM THE ISSUE WAS FIXED THE VERSION AVAILABLE NOW IS WORKING. 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events