Installing the Filter Node

Request processing

Request processing by a filter node consists of the following phases:

  • Initial processing by the NGINX-Module-Wallarm
  • Postanalytics and the statistical analysis of the processed requests.

This instruction describes the installation of the Wallarm filter node as a dynamic module for NGINX on the same server with postanalytics.

To install the filter node, do the following:

  1. Install NGINX.
  2. Add the Wallarm repositories, from which you will download packages.
  3. Install the Wallarm packages.
  4. Configure postanalytics.
  5. Connect the Wallarm module.
  6. Connect the filter node to the Wallarm cloud.

1. Install NGINX

Install NGINX from the official NGINX repositoriy by following the instruction that corresponds with your operating system from the list below.

Stable NGINX version

Make sure you are installing the stable version of NGINX. The mainline part of the path must be omitted from the NGINX repository link.

2. Add the Wallarm Repositories

The filter node is installed and updated from the Wallarm repositories.

Depending on your operating system, run one of the commands:

Debian 8.x (jessie)
Debian 9.x (stretch)
Ubuntu 14.04 LTS (trusty)
Ubuntu 16.04 LTS (xenial)
Ubuntu 18.04 LTS (bionic)
CentOS 6.x
CentOS 7.x
apt-key adv --keyserver keys.gnupg.net --recv-keys 72B865FD
echo 'deb http://repo.wallarm.com/debian/wallarm-node jessie/' >/etc/apt/sources.list.d/wallarm.list
apt-get update
apt-get install dirmngr
apt-key adv --keyserver keys.gnupg.net --recv-keys 72B865FD
echo 'deb http://repo.wallarm.com/debian/wallarm-node stretch/' >/etc/apt/sources.list.d/wallarm.list
apt-get update
apt-key adv --keyserver keys.gnupg.net --recv-keys 72B865FD
echo 'deb http://repo.wallarm.com/ubuntu/wallarm-node trusty/' >/etc/apt/sources.list.d/wallarm.list
apt-get update
apt-key adv --keyserver keys.gnupg.net --recv-keys 72B865FD
echo 'deb http://repo.wallarm.com/ubuntu/wallarm-node xenial/' >/etc/apt/sources.list.d/wallarm.list
apt-get update
apt-key adv --keyserver keys.gnupg.net --recv-keys 72B865FD
echo 'deb http://repo.wallarm.com/ubuntu/wallarm-node bionic/' >/etc/apt/sources.list.d/wallarm.list
apt-get update
yum install --enablerepo=extras -y epel-release centos-release-SCL
rpm -i https://repo.wallarm.com/centos/wallarm-node/6/x86_64/Packages/wallarm-node-repo-1-2.el6.noarch.rpm
yum install -y epel-release
rpm -i https://repo.wallarm.com/centos/wallarm-node/7/x86_64/Packages/wallarm-node-repo-1-2.el7.centos.noarch.rpm

Repository access

Your system must have access to https://repo.wallarm.com to download the packages. Ensure the access is not blocked by a firewall.

3. Install the Wallarm Packages

Depending on your operating system, run one of the commands:

Debian 8.x (jessie)
Debian 9.x (stretch)
Ubuntu 14.04 LTS (trusty)
Ubuntu 16.04 LTS (xenial)
Ubuntu 18.04 LTS (bionic)
CentOS 6.x
CentOS 7.x
apt-get install --no-install-recommends wallarm-node nginx-module-wallarm
apt-get install --no-install-recommends wallarm-node nginx-module-wallarm
apt-get install --no-install-recommends wallarm-node nginx-module-wallarm
apt-get install --no-install-recommends wallarm-node nginx-module-wallarm
apt-get install --no-install-recommends wallarm-node nginx-module-wallarm
yum install wallarm-node nginx-module-wallarm
yum install wallarm-node nginx-module-wallarm

4. Configure Postanalytics

Postanalytics uses the Tarantool in-memory storage.

You must set the amount of server RAM allocated to Tarantool.

The amount of memory determines the quality of work of the statistical algorithms. The recommended value is 75% of the total server memory. For example, if the server has 32 GB of memory, the recommended allocation size is 24 GB.

Allocate the operating memory size for Tarantool:

Open for editing the configuration file of Tarantool:

Debian 8.x (jessie)
Debian 9.x (stretch)
Ubuntu 14.04 LTS (trusty)
Ubuntu 16.04 LTS (xenial)
Ubuntu 18.04 LTS (bionic)
CentOS 6.x
CentOS 7.x
vi /etc/default/wallarm-tarantool
vi /etc/default/wallarm-tarantool
vi /etc/default/wallarm-tarantool
vi /etc/default/wallarm-tarantool
vi /etc/default/wallarm-tarantool
vi /etc/sysconfig/wallarm-tarantool
vi /etc/sysconfig/wallarm-tarantool

Set the allocated memory size in the configuration file of Tarantool via the SLAB_ALLOC_ARENA directive.

For example:

SLAB_ALLOC_ARENA=24

Restart Tarantool:

Debian 8.x (jessie)
Debian 9.x (stretch)
Ubuntu 14.04 LTS (trusty)
Ubuntu 16.04 LTS (xenial)
Ubuntu 18.04 LTS (bionic)
CentOS 6.x
CentOS 7.x
systemctl restart wallarm-tarantool
systemctl restart wallarm-tarantool
service wallarm-tarantool restart
service wallarm-tarantool restart
service wallarm-tarantool restart
service wallarm-tarantool restart
systemctl restart wallarm-tarantool

5. Connect the Wallarm Module

Open the /etc/nginx/nginx.conf file.

Ensure that you have the include /etc/nginx/conf.d/* line in the file. If you do not, add it.

Add the following directive right after the worker_processes directive:

load_module modules/ngx_http_wallarm_module.so;

Confguration example with the added directive:

user  nginx;
worker_processes  auto;
load_module modules/ngx_http_wallarm_module.so;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;

Copy the configuration files for the system setup:

cp /usr/share/doc/nginx-module-wallarm/examples/*.conf /etc/nginx/conf.d/


6. Connect the Filter Node to the Wallarm Cloud

The filter node interacts with the Wallarm cloud located on a remote server.

The addnode script connects the filter node to the Wallarm cloud.

  1. Run the script addnode:

    You have to pick the script to run depending on the Cloud you are using.

    EU Cloud
    US Cloud
    sudo /usr/share/wallarm-common/addnode
    sudo /usr/share/wallarm-common/addnode -H us1.api.wallarm.com

  2. Enter the login and password. This is the same login and password that you use to access Wallarm console at https://my.wallarm.com or https://us1.my.wallarm.com/. The profile must have the Administrator role and 2FA should be disabled. If the profile has the Analyst role or has 2FA enabled, the script will error out.

API Access

The API choice for your filter node depends on the Cloud you are using. Please, select the API accordingly:

Ensure the access is not blocked by a firewall.

Installation Completed

The installation is completed.

Now you need to configure the filter node to filter traffic. See Configure the Proxying and Filtering Rules.

results matching ""

    No results matching ""