Creating an Image with the Wallarm Filter Node on the Microsoft Azure Platform

To set up auto-scaling of the Wallarm filter nodes deployed on the Microsoft Azure platform, you first need virtual machine images. This document describes the procedure for preparing an image of the virtual machine with the Wallarm filter node installed. For detailed information about setting up auto-scaling, proceed to this link.

To create an image with the Wallarm filter node on the Microsoft Azure platform, perform the following procedures:

  1. Creating and configuring a virtual machine with the filter node on the Microsoft Azure platform;
  2. Creating an image on the basis of the configured virtual machine.

1. Creating and Configuring a Virtual Machine Containing the Filter Node on Microsoft Azure

Before creating an image, you need to perform an initial configuration of a single Wallarm filter node. To configure a filter node, do the following:

  1. Create and configure a virtual machine with the filter node on the Microsoft Azure platform.

    Provide the filter node with an internet connection

    The filter node requires access to a Wallarm API server for proper operation. The choice of Wallarm API server depends on the Wallarm Cloud you are using:

    • If you are using the EU cloud, your node needs to be granted access to https://api.wallarm.com:444.
    • If you are using the US cloud, your node needs to be granted access to https://us1.api.wallarm.com:444.

    Connecting to the virtual machine via a custom private key

    Make sure you have access to the private key from the key pair that is used to connect to your filter node via SSH.

  2. Connect the filter node to the Wallarm cloud.

    Use a token to connect to the Wallarm cloud

    Please note that you need to connect the filter node to the Wallarm cloud using the addcloudnode script. Multiple filter nodes are allowed to connect to the Wallarm cloud using the same token.

    Thus, you will not need to manually connect each of the filter nodes to the Wallarm cloud when the size of the scale set increases.

  3. Configure the filter node to act as a reverse proxy for your web application.

  4. Make sure that the filter node is configured correctly and protects your web application against malicious requests.

  5. It is recommended to perform a virtual machine deprovision before creating an image so that you create a deprovisioned image of the virtual machine. Virtual machines created on the basis of such an image can be deployed in the scale set with new user accounts without any dependence on the user who created the image.

    1. Connect to the virtual machine via the SSH protocol using the private key created during filter node deployment on the Azure platform.

    2. Run the following deprovision command:

      sudo waagent -deprovision+user
      
    3. Enter y to confirm deprovisioning.

    4. Wait until the deprovision process is finished.

    The deprovision process

    During the deprovision process, some of the files and the existing user account that was used to connect to the machine via SSH are deleted from the virtual machine.

    To see detailed information about the deprovision procedure, proceed to this link.

    Note that the filter node configuration is not affected by the deprovision procedure.

After you have finished configuring the virtual machine, turn it off by completing the following actions:

  1. Navigate to the “Virtual Machines” page.
  2. Open the drop-down menu by clicking the menu button on the right of the “Subscription” column.
  3. Select “Stop” in the drop-down menu.

Stopping a virtual machine

2. Creating a Virtual Machine Image

To create an image and use it successfully in the future, virtual machine deprovision is required.

Detailed information

To see detailed information about the virtual machine deprovision process, proceed to this link.

You can now create a virtual machine image based on the configured filter node instance. To create an image, perform the following steps:

  1. Proceed to the “Virtual Machines” page and click the name, from the list, of the previously created virtual machine.

  2. Click the “Capture” button in the virtual machine overview window that appears.

  3. Enter the desired image name into the “Name” field.

  4. Select the resource group that the image should be placed into from the “Resource group” drop-down list. If necessary, you can create a new resource group by clicking the “Create” button under the drop-down list.

  5. During the image creation process, the generalization of the base virtual machine is performed. After this action, the machine becomes unavailable for further use and cannot be launched. If you want to delete the base virtual machine after image capturing, select the “Automatically delete this virtual machine after creating the image” checkbox.

  6. If necessary, turn on zone resiliency by clicking the “On” button.

    This function replicates the image onto all of the availability zones of the current region. This ensures that the image is still accessible from other zones in case of an accident in one of the availability zones where the image is stored.

    Detailed information

    To see detailed information about availability zones on the Azure platform, proceed with this link.

    Creating an image

  7. Click the “Create” button to launch the virtual machine image creation process.

Once the creation process is finished, make sure that the created image is present in the list on the “Images” page. You can find it by searching by name.

Images list

Now you can set up the auto-scaling of Wallarm filter nodes on the Microsoft Azure platform using the prepared image.

results matching ""

    No results matching ""