43 lines
1.4 KiB
Markdown
43 lines
1.4 KiB
Markdown
# juiceshop
|
|
|
|
http://origin-juiceshop.akamai-lab.com
|
|
|
|
https://origin-juiceshop.akamai-lab.com
|
|
|
|
**docker image:** [bkimminish/juice-shop](https://hub.docker.com/r/bkimminich/juice-shop/dockerfile)
|
|
|
|
## Prerequisites ##
|
|
1. Deploy traefik with [kubernetes IngressRoute provider](https://doc.traefik.io/traefik/providers/kubernetes-crd/).
|
|
- [sample yaml files](https://gitea-ptl.akamai-lab.com/akamai/akashop/src/branch/main/traefik)
|
|
|
|
2. Get traefik-web external IP.
|
|
```
|
|
$ kubectl get services -n default
|
|
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
|
|
kubernetes ClusterIP 10.128.0.1 <none> 443/TCP 24d
|
|
traefik-dashboard-service LoadBalancer 10.128.147.145 172.233.168.26 8080:30238/TCP 27h
|
|
traefik-web LoadBalancer 10.128.216.128 172.233.169.31 80:32634/TCP,443:31012/TCP 27h
|
|
```
|
|
|
|
3. Create a namespace.
|
|
```
|
|
$ kubectl create namespace juiceshop
|
|
```
|
|
|
|
## Deploy ##
|
|
1. Apply yaml files.
|
|
```
|
|
$ kubectl apply -f juiceshop/deployment.yml -f juiceshop/service.yml -f juiceshop/traefik-ingressR.yaml
|
|
```
|
|
|
|
2. DNS spoofing test.
|
|
```
|
|
$ http http://172.233.169.31 Host:origin-juiceshop.akamai-lab.com
|
|
|
|
$ http https://172.233.169.31 Host:origin-juiceshop.akamai-lab.com --verify=no
|
|
```
|
|
|
|
3. Update DNS record with traefik-web external IP.
|
|
```
|
|
origin-juiceshop.akamai-lab.com 172.233.169.31
|
|
``` |