APIGEE on premise windows installation - apigee

I want to install APIGEE in my machine in windows, so that I can use localhost url in APIGEE proxy. How can I do that ?

While Apigee is more of an enterprise-scale API-Management platform, if you really want to experiment with a localhost Apigee-based API proxy on your workstation, you can. Consider using Apigee Microgateway (https://docs.apigee.com/api-platform/microgateway/edge-microgateway-home), which is Node-based and can be run in Windows, or running the Apigee adapter for Envoy (https://docs.apigee.com/api-platform/envoy-adapter/v2.0.x/concepts), which can run natively, or in a local Docker image, like via Windows Subsystem for Linux.

Related

How to bind Artifactory to localhost only?

According to Artifactory documentation,
For best security, when using Artifactory behind a reverse proxy, it must be co-located on the same machine as the web server, and Artifactory should be explicitly and exclusively bound to localhost.
How can I configure Artifactory so that it is bound to localhost only?
As of Artifactory version 7.12.x, there are two endpoints exposed for accessing the application:
Port 8082 - all the Artifactory services (UI + API) via the JFrog router
Port 8081 - direct to the Artifactory service API running on Tomcat (for better performance)
The JFrog Router does not support specific binding configuration today.
Tomcat can controlled with setting a custom address="127.0.0.1" on the relevant connector.
Your best bet would be to simply close all ports on the server running your Artifactory and allow only entry to the web server's port. This is best practice anyway for security aware systems.
IMPORTANT:
If using other JFrog products like JFrog Xray or JFrog Pipelines, they rely on direct access to the Artifactory router, so your security rules should take that into consideration.
You can find a map of all JFrog platform ports on the official Wiki page.

Installing Wazuh Server in Windows Server

We do have one server [Windows Server 2016] and i want to monitor that server, by installing Wazuh Tool.
I saw the documentation, but still i am getting confused. Should i need to install,
Wazuh Server
Wazuh Agent
Kibana
in server.? I don't see any article related to installing Wazuh Server in Windows Machine.
After following up the wazuh documentation, i can able to go up to a certain limit.
Installed Virtual Box in Windows Server.
Downloaded Wazuh OVA file and imported the same into virtual box.
Now i can able to connect to Wazuh Server, using the default credentials.
Now i stuck up at one place. I need to get the IP. I tried with 'Ip addr' command. But still, it is showing 127.0.0.1/8
As far as i checked, it is creating some dynamic IP's. Is there a way to setup Static IP. So that, i can able to access Wazuh Web console
through that IP.
Some of my findings:
It seems that the eth0 network interface for the VM does not have an IPv4 address assigned to it.
In the video in the documentation when running 'ip addr' it shows a dynamic IPv4 address as well as the IPv6 address so I suspect that this is the reason you cannot access the web console. This could be caused by the type of network interface you created for the VM in virtual box.
-------- Edited----------
As per your guidence, i did the following things.
Wazuh Server:
Virtual Box -> Adapter 1 -> Bridged Adapter
Virtual Box -> Adapter 2 -> Host-only Adapter
Started the Virtual Box and checked the 'Ip addr' command. Got the following IP's, eth0 [192.168..] and eth1 [10.0..]
In browser, i tried https://192.168.. and i can able to login to kibana.
Wazuh Agent:
The server which ever i am going to monitor, i installed Wazuh Agent. In the Wazuh Config file, i need to specify
Here i am bit confused. Should i need to give the actual server IP [where the wazuh server is] or i need to specify the IP's which i am getting in 'Ip Addr' command.?
I have tried all the IP's. When i check the Logs, it is showing like,
start_agent.c:100 at connect_server(): ERROR: (1216): Unable to connect to 'xx.xx.xx.xxx': 'Bad file descriptor'.
I recommend you reading the Architecture guide for a better understanding of how Wazuh works. Its architecture is based on agents, which means you need to install Wazuh agent on those endpoints you want to monitor (for example, your Windows server), and then connect these agents to a Wazuh Manager server (which need to be installed in a Linux machine, so you will need another server).
Kibana/Splunk are optional and useful tools to index the data generated by the manager for better visualization. I recommend using Kibana and the Elasticsearch Stack.
For the Linux Wazuh Manager server I recommend trying the all in one deployment, or, if you will have few agents connected and doesn't want to deploy any instance from scratch, you could try the pre-built Virtual Machine appliance (OVA)
I hope this helps you. The best point to start using Wazuh is the Getting started guide. I recommend you read that first of all.
------------------------ edit --------------------
Hello,
I'm sorry if I weren't clear enough. Wazuh has two main components: Manager (server in the documentation) and Agent.
The manager is also called a server because it serves the Wazuh service itself. That means the part of Wazuh that analyzes security events and generates alerts.
But Wazuh agent (despite its name) is also installed on servers that you want to monitorize and it is used to send security events to the Wazuh Manager (server) so they could be analyzed.
That said, if you want to correctly monitorize a Windows server you need to install the Wazuh Windows agent on it because it is designed to monitorize Windows servers. And you need to connect this agent to a Wazuh server. Here, you have different options:
You could install the Wazuh Manager in another (Linux) server.
You could install docker and docker-compose on your Windows server and use the wazuh-docker GitHub repository to deploy a Wazuh manager stack (with Wazuh, Elasticsearch and Kibana) to connect you, agent, to.
You could install the Wazuh OVA (VM appliance) on Virtualbox or similar software (this Virtual machine has installed by default Wazuh Manager, Elasticsearch and Kibana as well).
I see that you're trying with the 4th, deploying the Wazuh OVA on Virtualbox. Nevertheless, remember that you must have to install the Windows agent as well and connect it to the Wazuh Manager.
Regarding the IP question. My advice here is to enter the VirtualBox configuration for the machine and set up two network interfaces (or adapters). One host-only adapter (which will have a static IP that you could use to connect from your local browser) and other with a bridged adapter (to connect to the internet). Then, I recommend using nmtui (a console user interface for network manager) to set up your static IP as in the attached capture. That should be enough.

Setting up public plumber API?

I'm trying to set up a plumber API (0.4.6) on rstudio-server running on AWS Linux, so that our external analytics system can make requests to R. I've got firewall ports open on 8787 (for Rstudio, which is working fine) and on 5762 (for the API, which isn't working). If I kick off a swagger API from within Rstudio, that works fine locally. If I remap the rstudio interface to 5762, that works fine (so not apparently a firewall problem). But we simply cannot find a way to expose a plumber API on 5762.
Suggestions gratefully received…
what IP are you using?
Plumber respond by default on 127.0.0.1
There are probaly rules in places to prevent you from connecting to localhost from an external host.
Try 0.0.0.0
pr$run(host="0.0.0.0")

Accessing host machine from Minikube

I have a Google Cloud Datastore emulator running on my local machine at localhost:8742. I'd like to access this from a pod running in minikube. Is there a way to do this?
You should be able to access the Google Cloud Datastore emulator by using the ip address for the host from the VM. For the virtualbox driver (the default in minikube) this ip address is: 10.0.2.2
Telepresence can do this and may prove generally useful to you for your k8s development work.
After installing Telepresence, and following the guide at www.telepresence.io/tutorials/kubernetes-rapid, create a proxy service,
localhost$ telepresence --new-deployment some-name-you-like --expose 8742
Then, you can access the service some-name-you-like from the cluster as you might have done via localhost, for example via some shell or specialized data store client image,
kubectl --restart=Never run -i -t --image=alpine console /bin/sh

How to connect to vmware ESXi remote console

I need to know what is the protocol used in vmware ESXi vSphere client to connect to the remote console?
Is this protocol open source ?
Is their any vmware/third party applications enables VM Remote console connection other than vsphere client ?
If you're looking to connect to a ESX machine, without the heavy overhead of the vSphere client then you can use the VMware Remote Console.
While this isn't formally documented, one of the developers has kindly posted some fairly detailed information on the VMware Forums.
vmware-vmrc.exe command documentation
Depending what version of the plugin or vSphere client you have installed depends on the exact location of the plugin. Here is an example for what I have installed as part of vShpere 5
"C:\Program Files (x86)\Common Files\VMware\
VMware VMRC Plug-in\Internet Explorer\vmware-vmrc.exe"
-u user -p password -h esxi.localnet -d "[store1] Test/Test.vmx"
VMware's console access is indeed a closed protocol. However, they do have an embeddable web control called the Remote Console that implements this. It is an 'experimental' feature I believe, and won't be supported by them. But it's doable.
So while the protocol isn't implemented by anyone else I know of, there is an option to wrap the control at least.
See: Installing and Using the VMware Remote Console Plug-in

Resources