diff --git a/README.md b/README.md index d63d676..2c55e28 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,5 @@ This repo has the following applications in folders: 1. [Building comfort](apps/building-comfort)- Drasi for a building management scenario 2. [Curbside pickup](apps/curbside-pickup)- Drasi for a notification service to alert drivers when orders are ready for pickup 3. [Fleet POC](https://github.com/drasi-project/learning/tree/main/apps/fleet-poc)- Drasi for an efficient solution to translate vehicle telemetery into actionable insights for Connected Fleet scenarios -4. [Kubernetes Demo](https://github.com/drasi-project/learning/tree/main/apps/k8s)- Drasi used to assess the images of Kubernetes cluster and detect risks. 5. [Non-events](https://github.com/drasi-project/learning/tree/main/apps/non-events) - An app to demonstrate Drasi's abilities to trigger alerts when events do not occur within a stipulated time window. -6. [Trivia](https://github.com/drasi-project/learning/tree/main/apps/trivia/app)- A trivia game app with dashboards that are updated directly by Drasi when team and player scores change or when players are inactive for a period of time. +6. [Trivia](https://github.com/drasi-project/learning/tree/main/apps/trivia)- A trivia game app with dashboards that are updated directly by Drasi when team and player scores change or when players are inactive for a period of time. diff --git a/apps/k8s/debug.yaml b/apps/k8s/debug.yaml deleted file mode 100644 index dabab4c..0000000 --- a/apps/k8s/debug.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Reaction -name: debug1 -spec: - kind: Debug - queries: - demo-query1: - risky-containers: - my-apps: \ No newline at end of file diff --git a/apps/k8s/devops-source.yaml b/apps/k8s/devops-source.yaml deleted file mode 100644 index 3f0fc69..0000000 --- a/apps/k8s/devops-source.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Source -name: demo-devops -spec: - kind: PostgreSQL - properties: - host: reactive-graph.postgres.database.azure.com - user: postgres@reactive-graph - port: 5432 - ssl: true - password: - kind: Secret - name: pg-creds - key: password - database: demo-devops - tables: - - public.RiskyImage \ No newline at end of file diff --git a/apps/k8s/k8s-demo.md b/apps/k8s/k8s-demo.md deleted file mode 100644 index 8687ba0..0000000 --- a/apps/k8s/k8s-demo.md +++ /dev/null @@ -1,114 +0,0 @@ - -# Kubernetes (as a source) demo - -## Setup - -Connect to the cluster and set the `k8s-demo` as the current namespace - -```bash -az account set --subscription 2865c7d1-29fa-485a-8862-717377bdbf1b - -az aks get-credentials --resource-group reactive-graph-demo --name reactive-graph-demo - -kubectl config set-context --current --namespace=k8s-demo -``` - -## Realtime pod deletion / creation demo - -The following Cypher query is used to monitor containers with the name 'redis'. - -```cypher -MATCH - (p:Pod)-[:HOSTS]->(c:Container) -WHERE c.name = 'redis' -RETURN - p.name as Pod, - p.phase as PodPhase, - p.message as PodMessage, - c.name as Container, - c.image as Image, - c.started as Started, - c.ready as Ready, - c.restartCount as RestartCount, - c.state as State, - c.reason as Reason, - c.message as Message -``` - -Navigate to debug UI for the query: https://rg-demo-debug1.happycoast-8bd2f07c.westus.azurecontainerapps.io/query/demo-query1 - -While watching the debug UI, run the following command, which will show the termination of the redis pod and it's recreation in realtime. - -```bash -kubectl delete pods/redis-0 -``` - -## Governance demo (joining onto PostgreSQL) - -This demo show cases joining a virtual graph of your Kubernetes cluster to a relational database table, with the following continuous query - -```yaml -sources: - subscriptions: - - id: k8s - nodes: - - sourceLabel: Container - - sourceLabel: Pod - relations: - - sourceLabel: HOSTS - - id: demo-devops - nodes: - - sourceLabel: RiskyImage - joins: - - id: INCLUDES - keys: - - label: RiskyImage - property: Image - - label: Container - property: image -query: > - MATCH - (r:RiskyImage)-[:INCLUDES]->(c:Container)<-[:HOSTS]-(p:Pod) - RETURN - p.name as Pod, - c.name as Container, - c.image as Image, - c.started as Started, - c.ready as Ready, - c.state as State, - c.reason as Reason, - c.message as Message, - r.Reason as Risk -``` - -Navigate to the debug UI of the query: https://rg-demo-debug1.happycoast-8bd2f07c.westus.azurecontainerapps.io/query/risky-containers - -There are 2 pods running the `my-app` image, one is on version `0.1` and the other on `0.2`. There is also an entry in the `RiskyImage` table in Postgres the marks version `0.1` as having a security risk, and so it appears on our governance dashboard. - -Use a tool such as [PgAdmin](https://www.pgadmin.org) to connect to `reactive-graph.postgres.database.azure.com` - -Run the following SQL script to mark version `0.2` as having a critical bug: - -```sql -insert into "RiskyImage" ("Id", "Image", "Reason") values (101, 'drasidemo.azurecr.io/my-app:0.2', 'Critical Bug') -``` - -Now, a both instances of the app should appear on the dashboard. - -Now use kubectl to upgrade `my-app-2`to version `0.3` - -```bash -kubectl set image pod/my-app-2 app=drasidemo.azurecr.io/my-app:0.3 -``` - -Now `my-app-2` should disappear from the dashboard, since version `0.3` is not marked as a risk. - -After the demo, reset the data - -```sql -delete from "RiskyImage" where "Id" = 101 -``` - -```bash -kubectl set image pod/my-app-2 app=drasidemo.azurecr.io/my-app:0.2 -``` \ No newline at end of file diff --git a/apps/k8s/k8s-source.yaml b/apps/k8s/k8s-source.yaml deleted file mode 100644 index 070b677..0000000 --- a/apps/k8s/k8s-source.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Source -name: k8s -spec: - kind: Kubernetes - services: - reactivator: - properties: - kubeconfig: - kind: Secret - name: k8s-context - key: demo-credentials.yaml \ No newline at end of file diff --git a/apps/k8s/my-app.yaml b/apps/k8s/my-app.yaml deleted file mode 100644 index 9954306..0000000 --- a/apps/k8s/my-app.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Pod -metadata: - name: my-app-1 -spec: - containers: - - name: app - image: "drasidemo.azurecr.io/my-app:0.1" - imagePullPolicy: Always ---- -apiVersion: v1 -kind: Pod -metadata: - name: my-app-2 -spec: - containers: - - name: app - image: "drasidemo.azurecr.io/my-app:0.2" - imagePullPolicy: Always diff --git a/apps/k8s/my-app/.dockerignore b/apps/k8s/my-app/.dockerignore deleted file mode 100644 index 59a2328..0000000 --- a/apps/k8s/my-app/.dockerignore +++ /dev/null @@ -1,5 +0,0 @@ -node_modules -npm-deb.log -tests -jest.config.js -.env \ No newline at end of file diff --git a/apps/k8s/my-app/Dockerfile b/apps/k8s/my-app/Dockerfile deleted file mode 100644 index 6236d39..0000000 --- a/apps/k8s/my-app/Dockerfile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM node:18-alpine3.16 - -WORKDIR /usr/src/app - -COPY package*.json ./ - -RUN npm install - -COPY . . - -CMD ["node", "index.js"] \ No newline at end of file diff --git a/apps/k8s/my-app/index.js b/apps/k8s/my-app/index.js deleted file mode 100644 index a90f7ad..0000000 --- a/apps/k8s/my-app/index.js +++ /dev/null @@ -1,20 +0,0 @@ -/** - * Copyright 2024 The Drasi Authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -const express = require('express'); - -const app = express(); -app.listen(8083, () => console.log(`active4`)); \ No newline at end of file diff --git a/apps/k8s/my-app/package.json b/apps/k8s/my-app/package.json deleted file mode 100644 index 4ad13b1..0000000 --- a/apps/k8s/my-app/package.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "app", - "version": "1.0.0", - "description": "", - "main": "index.js", - "scripts": { - "test": "echo \"Error: no test specified\" && exit 1" - }, - "author": "", - "license": "ISC", - "dependencies": { - "express": "^4.18.2" - } -} diff --git a/apps/k8s/queries.yaml b/apps/k8s/queries.yaml deleted file mode 100644 index 6c473ec..0000000 --- a/apps/k8s/queries.yaml +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ContinuousQuery -apiVersion: v1 -name: demo-query1 -spec: - mode: query - sources: - subscriptions: - - id: k8s - query: > - MATCH - (p:Pod)-[:HOSTS]->(c:Container) - WHERE c.name = 'redis' - RETURN - p.name as Pod, - p.phase as PodPhase, - p.message as PodMessage, - c.name as Container, - c.image as Image, - c.started as Started, - c.ready as Ready, - c.restartCount as RestartCount, - c.state as State, - c.reason as Reason, - c.message as Message ---- -kind: ContinuousQuery -apiVersion: v1 -name: risky-containers -spec: - mode: query - sources: - subscriptions: - - id: k8s - nodes: - - sourceLabel: Container - - sourceLabel: Pod - relations: - - sourceLabel: HOSTS - - id: demo-devops - nodes: - - sourceLabel: RiskyImage - joins: - - id: INCLUDES - keys: - - label: RiskyImage - property: Image - - label: Container - property: image - query: > - MATCH - (r:RiskyImage)-[:INCLUDES]->(c:Container)<-[:HOSTS]-(p:Pod) - RETURN - p.name as Pod, - c.name as Container, - c.image as Image, - c.started as Started, - c.ready as Ready, - c.state as State, - c.reason as Reason, - c.message as Message, - r.Reason as Risk ---- -kind: ContinuousQuery -apiVersion: v1 -name: my-apps -spec: - mode: query - sources: - subscriptions: - - id: k8s - query: > - MATCH - (p:Pod)-[:HOSTS]->(c:Container) - WHERE c.name = 'app' - RETURN - p.name as Pod, - p.phase as PodPhase, - p.message as PodMessage, - c.name as Container, - c.image as Image, - c.started as Started, - c.ready as Ready, - c.restartCount as RestartCount, - c.state as State, - c.reason as Reason, - c.message as Message diff --git a/apps/k8s/readme.md b/apps/k8s/readme.md deleted file mode 100644 index fd84d0e..0000000 --- a/apps/k8s/readme.md +++ /dev/null @@ -1,88 +0,0 @@ -# Kubernetes Demo - -## Create Kubernetes Source - -Export the Kubernetes credentials to a file named `demo-credentials.yaml` - -```bash -az aks get-credentials --resource-group reactive-graph-demo --name reactive-graph-demo --file demo-credentials.yaml -``` - -Create a secret named `k8s-context` from the `demo-credentials.yaml` file - -```bash -kubectl create secret generic k8s-context --from-file=demo-credentials.yaml -``` - -Create the source that references the secret - -```bash -drasi apply -f k8s-source.yaml -``` - -## Create PostgreSQL DB and source - -### Prerequisites - -- A PostgreSQL instance of at least version 10 or greater. -- Your PostgreSQL instance must be configured to support `LOGICAL` replication. -- A PostgreSQL user that has at least the LOGIN, REPLICATION and CREATE permissions on the database and SELECT permissions on the tables you are interested in. - -#### Azure Database for PostgreSQL - -If you are using Azure Database for PostgreSQL, you can configure the replication to `LOGICAL` from the Azure portal under the `Replication` tab, or you can use the CLI as follows: - -```azurecli -az postgres server configuration set --resource-group mygroup --server-name myserver --name azure.replication_support --value logical - -az postgres server restart --resource-group mygroup --name myserver -``` - -### Create RiskyImage table - -Use a tool such as [pgAdmin](https://www.pgadmin.org/) to create a new database called `demo-devops`. - -Use the following script to create a table named `RiskyImage`. - -```sql -CREATE TABLE IF NOT EXISTS public."RiskyImage" -( - "Id" integer NOT NULL, - "Image" character varying(100) COLLATE pg_catalog."default" NOT NULL, - "Reason" character varying(100) COLLATE pg_catalog."default", - CONSTRAINT "RiskyImage_pkey" PRIMARY KEY ("Id") -) -``` - -### Insert the base data - -```sql -insert into "RiskyImage" ("Id", "Image", "Reason") values (1, 'drasidemo.azurecr.io/my-app:0.1', 'Security Risk') -insert into "RiskyImage" ("Id", "Image", "Reason") values (2, 'docker.io/library/redis:6.2.3-alpine', 'Compliance Issue') -``` - -### Deploy the source - -Update the connection details/password in `devops-source.yaml` and apply it to your cluster. - -```bash -drasi apply -f devops-source.yaml -``` - -## Deploy queries - -```bash -drasi apply -f queries.yaml -``` - -## Deploy Debug reaction - -```bash -drasi apply -f debug.yaml -``` - -## Create initial containers - -```bash -kubectl apply -f my-app.yaml -``` diff --git a/apps/k8s/redis.yaml b/apps/k8s/redis.yaml deleted file mode 100644 index f6f5bb9..0000000 --- a/apps/k8s/redis.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2024 The Drasi Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis -spec: - serviceName: redis - replicas: 1 - selector: - matchLabels: - app: redis - template: - metadata: - labels: - app: redis - spec: - containers: - - name: redis - image: redis:6.2.3-alpine - command: ["redis-server"] - ports: - - containerPort: 6379 - name: redis - ---- -apiVersion: v1 -kind: Service -metadata: - name: redis -spec: - clusterIP: None - ports: - - port: 6379 - targetPort: 6379 - name: redis - selector: - app: redis \ No newline at end of file