#!/bin/bash # ============================================================================== # Wallarm Pre-Flight Check # Purpose: Validate Environment before Container Deployment # ============================================================================== UPSTREAM_IP="10.0.0.14" UPSTREAM_PORT="80" WALLARM_API="api.wallarm.com" YELLOW='\033[1;33m' GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' echo -e "${YELLOW}🔍 Starting Pre-Flight Checks...${NC}\n" # 1. Check Root [[ $EUID -ne 0 ]] && echo -e "${RED}❌ Fail: Must run as root${NC}" || echo -e "${GREEN}✅ Pass: Root privileges${NC}" # 2. Check OS (CentOS/RHEL focus) if [ -f /etc/redhat-release ]; then echo -e "${GREEN}✅ Pass: CentOS/RHEL detected ($(cat /etc/redhat-release))${NC}" else echo -e "${YELLOW}⚠️ Warn: Not a RedHat-based system. Script 1 may need tweaks.${NC}" fi # 3. Check SELinux Status SE_STATUS=$(getenforce) if [ "$SE_STATUS" == "Enforcing" ]; then echo -e "${YELLOW}⚠️ Note: SELinux is Enforcing. Ensure volume mounts use the :Z flag.${NC}" else echo -e "${GREEN}✅ Pass: SELinux is $SE_STATUS${NC}" fi # 4. Check Upstream Connectivity (The most important check) echo -n "Checking connectivity to Upstream ($UPSTREAM_IP:$UPSTREAM_PORT)... " nc -zv -w5 $UPSTREAM_IP $UPSTREAM_PORT &>/dev/null if [ $? -eq 0 ]; then echo -e "${GREEN}✅ Connected${NC}" else echo -e "${RED}❌ FAILED: Cannot reach Upstream app. Check Routing/Firewalls.${NC}" fi # 5. Check Wallarm Cloud Connectivity echo -n "Checking connectivity to Wallarm API ($WALLARM_API)... " curl -s --connect-timeout 5 https://$WALLARM_API &>/dev/null if [ $? -eq 0 ] || [ $? -eq 45 ]; then # 45 is common if no auth, but shows port 443 is open echo -e "${GREEN}✅ Connected${NC}" else echo -e "${RED}❌ FAILED: Cannot reach Wallarm Cloud. Check Proxy/Egress.${NC}" fi # 6. Check Port Availability for PORT in 8000 9000; do if lsof -Pi :$PORT -sTCP:LISTEN -t >/dev/null ; then echo -e "${RED}❌ FAILED: Port $PORT is already in use.${NC}" else echo -e "${GREEN}✅ Pass: Port $PORT is free${NC}" fi done echo -e "\n${YELLOW}Pre-flight complete. If all are GREEN, proceed to deployment.${NC}"