Pimp my Kubernetes WebUI

There is a very easy way to pimp the Kubernetes WebUI with monitoring output. The whole thing we now realize super fast via Heapster, InfluxDB and Grafana.

Conditions

  • Installed and running Docker for Mac (edge)
  • Kubernetes enabled

Preparation

Now login to the WebUI with the token.

WebUI Token Login

Enable Monitoring

Download all 3 files from GitHub kubernetes/Heapster into your project. After download we need to modify a little bit and create deployment + service.

Attention: The respective sections Services have to be adapted!
… But leave the rest of the content as is.

That’s it already – our monitoring is enabled! Let’s take a look at everything.

Grafana Dashboards

Grafana Cluster Dashboard

Grafana Pod Dashboard

WebUI Dashboards

After a while it should look like this.

WebUI Workloads

WebUI Pods

PHP QA Tools and Docker Jenkins

This Tutorial is about some simple PHP QA Tools and Docker Jenkins. I will show near how to install PHP and PHP Composer in an Jenkins Alpine Linux Docker inclusive some needed Jenkins PlugIns.

Note

If you have an running Docker Container already which you cannot stop, you can install needed packages directly via:

Now you can use the same commented commands as provided via Dockerfile. Otherwise follow next steps.

Let’s go

That was it! Now build the image, start and work with jenkins.

Test

After starting, configuring and logging, you can see the already installed plugins in the Jenkins PlugIns!

Jenkins PlugIns

To test, you can create a simple freestyle job. Here you configure the repository, build steps and post-build actions. After a few runs, the results should be visible on the project side.

Jenkins Build Results

Create a simple video test environment (Part 3)

Okay, now is time to see some command line tools to analysis videos. I selected 4 Open-Source applications (avprobe, mediainfo, mplayer, exiftool).

Specification

  • docker
  • git

Get ready for docker images

On Bitbucket I created a repository with needed Dockerfiles for fast usage. You can also choose the installation method.

mediainfo

Lets start with mediainfo. Here some information about on wikipedia.

mplayer

Second application is mplayer. Here the wikipedia link.

exiftool

Now we take a look on exiftool. Here the wikipedia article and the official documentation.

avprobe

Last but not least avprobe. Here the wikipedia article and detailed official documentation.

Compare tools by expecting specific result

I will not judge the applications against each other! But here a compare of complexity of commands and output for video duration.

CURL visualization via httpstat

CURL is awesome … but sometimes the feature for visualization of statistics is missing. Exactly here helps httpstat as an wrapper.

httpstat is available for different languages:

Prepare project

Since I am a Python lover I will also work with my favorite language provided by Xiao Meng. It’s a single file with no dependencies and compatible to Python 2.7 and 3.

Usage examples

Note: httpstat has a bunch of environment variables, please use help!

Fingerprinting with Spaghetti

In this tutorial I would like to introduce Spaghetti. Spaghetti is a cool project by m4ll0k on GitHub written in Python with less dependencies. The main idea behind Spaghetti is to find out fingerprints from Server, Web Frameworks, WAF, CMS, OS and languages. The following tutorial will show you how to set up and use spaghetti quickly and easily.

Requirements

  • Python (2.7.x)
  • Virtualenv

Prepare Project

Usage

Shell linter evaluation and usage

Tomorrow, the 1st of August is a national holiday in Switzerland … So I do one day off and have some time. For a long time I wanted to deal with Shell lint. After some research, i found a few open-source tools. By the way … linters are being written for many programming languages and document formats.

Preparation

For evaluation i will not install the tools on my local system,… so Vagrant (with CentOS 7) is my choice.

Note: I created the Vagrant box “lupin/centos” via Packer … here my GitHub repository.

Shell option -n

Many shell’s already offer a very simple script analysis. The option -n read commands in script, but do not execute them (syntax check).

Okay … but not really what I want… (more details are welcome)

shlint and checkbashisms

I found the repository here.

Note: for both tools you should change the shebang to “#!/bin/sh”

For shlint… I don’t get it. For checkbashisms … good if will write portable Shell scripts.

bashate

I found it here on Pypi.

Nice … but not really all Standards.

Shellsheck

Shellcheck is known! Here the online service and here the repository.

I stay with that tool. Currently there are packages for almost every known OS.

Additional

Who knows me … knows that I do not like Installer and prefer Docker use. Here’s some fun.

😉 just for fun…

Docker, Telegraf, InfluxDB and Grafana

I have already presented various tutorials on docker monitoring. This time we will use Telegraf.

Project preparation

InfluxDB preparation

Telegraf preparation

… Read more about Telegraf on documentation page …

Note: The space after /etc is just because of security settings of my provider.

… after short time …

Grafana preparation

After login (admin:admin) you can add new Data Source.

Grafana InfluxDB Telegraf DataSource

Okay … all done … you can start to create Dashboards or search for existing Dashboards for import.

Penetration testing report via Serpico

Penetration testing make fun but writing penetration testing reports is boring. When you start you will look for templates or software which supports you. Here comes Serpico into the game. Serpico is a collaboration and report generation tool. The best… it is open-source.

Usage via Docker

Now you can use Serpico in your favorite browser…

Login with created credentials (admin/test123) and create your reports. On Youtube is a good introduction. If you don’t have Microsoft Words installed, you can view your reports online.