63 lines
No EOL
2.2 KiB
Bash
63 lines
No EOL
2.2 KiB
Bash
#!/bin/bash
|
|
# ==============================================================================
|
|
# Wallarm Pre-Flight Check
|
|
# Purpose: Validate Environment before Container Deployment
|
|
# ==============================================================================
|
|
|
|
UPSTREAM_IP="10.0.0.14"
|
|
UPSTREAM_PORT="80"
|
|
WALLARM_API="api.wallarm.com"
|
|
|
|
YELLOW='\033[1;33m'
|
|
GREEN='\033[0;32m'
|
|
RED='\033[0;31m'
|
|
NC='\033[0m'
|
|
|
|
echo -e "${YELLOW}🔍 Starting Pre-Flight Checks...${NC}\n"
|
|
|
|
# 1. Check Root
|
|
[[ $EUID -ne 0 ]] && echo -e "${RED}❌ Fail: Must run as root${NC}" || echo -e "${GREEN}✅ Pass: Root privileges${NC}"
|
|
|
|
# 2. Check OS (CentOS/RHEL focus)
|
|
if [ -f /etc/redhat-release ]; then
|
|
echo -e "${GREEN}✅ Pass: CentOS/RHEL detected ($(cat /etc/redhat-release))${NC}"
|
|
else
|
|
echo -e "${YELLOW}⚠️ Warn: Not a RedHat-based system. Script 1 may need tweaks.${NC}"
|
|
fi
|
|
|
|
# 3. Check SELinux Status
|
|
SE_STATUS=$(getenforce)
|
|
if [ "$SE_STATUS" == "Enforcing" ]; then
|
|
echo -e "${YELLOW}⚠️ Note: SELinux is Enforcing. Ensure volume mounts use the :Z flag.${NC}"
|
|
else
|
|
echo -e "${GREEN}✅ Pass: SELinux is $SE_STATUS${NC}"
|
|
fi
|
|
|
|
# 4. Check Upstream Connectivity (The most important check)
|
|
echo -n "Checking connectivity to Upstream ($UPSTREAM_IP:$UPSTREAM_PORT)... "
|
|
nc -zv -w5 $UPSTREAM_IP $UPSTREAM_PORT &>/dev/null
|
|
if [ $? -eq 0 ]; then
|
|
echo -e "${GREEN}✅ Connected${NC}"
|
|
else
|
|
echo -e "${RED}❌ FAILED: Cannot reach Upstream app. Check Routing/Firewalls.${NC}"
|
|
fi
|
|
|
|
# 5. Check Wallarm Cloud Connectivity
|
|
echo -n "Checking connectivity to Wallarm API ($WALLARM_API)... "
|
|
curl -s --connect-timeout 5 https://$WALLARM_API &>/dev/null
|
|
if [ $? -eq 0 ] || [ $? -eq 45 ]; then # 45 is common if no auth, but shows port 443 is open
|
|
echo -e "${GREEN}✅ Connected${NC}"
|
|
else
|
|
echo -e "${RED}❌ FAILED: Cannot reach Wallarm Cloud. Check Proxy/Egress.${NC}"
|
|
fi
|
|
|
|
# 6. Check Port Availability
|
|
for PORT in 8000 9000; do
|
|
if lsof -Pi :$PORT -sTCP:LISTEN -t >/dev/null ; then
|
|
echo -e "${RED}❌ FAILED: Port $PORT is already in use.${NC}"
|
|
else
|
|
echo -e "${GREEN}✅ Pass: Port $PORT is free${NC}"
|
|
fi
|
|
done
|
|
|
|
echo -e "\n${YELLOW}Pre-flight complete. If all are GREEN, proceed to deployment.${NC}" |