Merge pull request #30 from commjoen/loadbalancing-stickiness

commjoen · web-flow · commit 96a781a04afa · 2022-09-21T19:39:15.000+02:00
Loadbalancing stickiness
diff --git a/aws/README.md b/aws/README.md
@@ -37,7 +37,7 @@ The bucket name should be in the output. Please use that to configure the Terraf
 
 The terraform code is loosely based on [this EKS managed Node Group TF example](https://github.com/terraform-aws-modules/terraform-aws-eks/tree/master/examples/eks_managed_node_group).
 
-**Note**: Applying the Terraform means you are creating cloud infrastructure which actually costs you money. The authors are not responsible for any cost coming from following the instructions below.
+**Note**: Applying the Terraform means you are creating cloud infrastructure which actually costs you money. **_the current boundary is 50 t3a-Xlarge nodes_**. Please adapt the servers you deploy to in `main.tf` in this folder to your liking to reduce possible costs. Note that this project can run on a single T3A-Large instance, but this would require reducing the amount of wrongsecretbalancers to 1 (`balancer.replicas=1`). **_The authors are not responsible for any cost coming from following the instructions below_**.
 
 **Note-II**: The cluster you create has its access bound to the public IP of the creator. In other words: the cluster you create with this code has its access bound to your public IP-address if you apply it locally.
 
diff --git a/build-an-deploy-aws.sh b/build-an-deploy-aws.sh
@@ -5,7 +5,11 @@ echo "Make sure you have updated your AWS credentials and your kubeconfig prior
 echo "For this to work the AWS kubernetes cluster must have access to the same local registry / image cache which 'docker build ...' writes its image to"
 echo "For example docker-desktop with its included k8s cluster"
 
-echo "Usage: ./build-and-deploy-aws.sh"
+echo "NOTE: WE ARE WORKING HERE WITH A 5 LEGGED BALANCER on aWS which costs money by themselves!"
+
+echo "NOTE2: please replace balancer.cookie.cookieParserSecret witha value you fanchy and ensure you have TLS on (see outdated guides)."
+
+echo "Usage: ./build-an-deploy-aws.sh"
 
 version="$(uuidgen)"
 AWS_REGION="eu-west-1"
@@ -29,4 +33,4 @@ aws ssm put-parameter --name wrongsecretvalue --overwrite --type SecureString --
 wait
 
 #TODO: REWRITE ABOVE, REWRITE THE HARDCODED DEPLOYMENT VALS INTO VALUES AND OVERRIDE THEM HERE!
-helm upgrade --install mj ./helm/wrongsecrets-ctf-party --set="imagePullPolicy=Always" --set="balancer.env.K8S_ENV=aws" --set="balancer.repository=jeroenwillemsen/wrongsecrets-balancer" --set="balancer.tag=0.76aws" --set="wrongsecretsCleanup.repository=jeroenwillemsen/wrongsecrets-ctf-cleaner" --set="wrongsecretsCleanup.tag=0.2"
+helm upgrade --install mj ./helm/wrongsecrets-ctf-party --set="imagePullPolicy=Always" --set="balancer.env.K8S_ENV=aws" --set="balancer.cookie.cookieParserSecret=thisisanewrandomvaluesowecanworkatit" --set="balancer.repository=jeroenwillemsen/wrongsecrets-balancer" --set="balancer.tag=0.76aws" --set="balancer.replicas=5" --set="wrongsecretsCleanup.repository=jeroenwillemsen/wrongsecrets-ctf-cleaner" --set="wrongsecretsCleanup.tag=0.2"
diff --git a/wrongsecrets-balancer/src/teams/teams.js b/wrongsecrets-balancer/src/teams/teams.js
@@ -397,7 +397,7 @@ async function createAWSTeam(req, res) {
     logger.error(`Error while network security policies for team ${team}: ${error}`);
     res.status(500).send({ message: 'Failed to Create Instance' });
   }
-  
+
   try {
     loginCounter.inc({ type: 'registration', userType: 'user' }, 1);
 

Original file line number	Diff line number	Diff line change
`@@ -397,7 +397,7 @@ async function createAWSTeam(req, res) {`
`397`	`397`	logger.error(`Error while network security policies for team ${team}: ${error}`);
`398`	`398`	`res.status(500).send({ message: 'Failed to Create Instance' });`
`399`	`399`	`}`
`400`		`-`
	`400`	`+`
`401`	`401`	`try {`
`402`	`402`	`loginCounter.inc({ type: 'registration', userType: 'user' }, 1);`
`403`	`403`