K8S靶场KubeGoat部署
2023-11-19 21:42:33 Author: 安全孺子牛(查看原文) 阅读量:147 收藏

1、安装docker

1.卸载旧版本Docker

sudo apt-get remove docker docker-engine docker-ce docker.io

2.添加阿里云GPG秘钥

curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

3.设置存储库

sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

4.安装docker

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

5.启动docker

sudo systemctl start docker
sudo systemctl enable docker

2、安装minikube

1.安装依赖

 sudo apt-get install -y apt-transport-https

2.添加阿里GPG

sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

3.添加阿里apt源

sudo tee /etc/apt/sources.list.d/kubernetes.list <<-'EOF' 
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
sudo apt-get update

4.安装kubelet

sudo apt-get install -y kubectl

5.添加用户到docker组

sudo usermod -aG docker $USER && newgrp docker

6.安装mibikube

curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube

7.启动mibikube

minikube start --image-mirror-country=cn --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --kubernetes-version=1.23.8

注:结合docker使用时,k8s版本最好不要用1.24及以上版本,k8s从1.24版本开始不在直接兼容docker,需要安装cri-docker。

8.配置alias

sudo vim .bashrc

alias minikube.cn="minikube start --image-mirror-country=cn --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --kubernetes-version=1.23.8"

启动生效

source .bashrc

9.验证查看pod

kubectl get po -A

3、安装kubegoat

1.安装helm

通过官方apt方式进行安装

curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm

查看helm版本

helm  version

2.拉取kubegoat仓库

git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
bash setup-kubernetes-goat.sh

如果提示Error: Could not find kubectl or an other error happened, please check kubectl setup

注释掉如下内容

3.查看容器运行状况

查看容器是否均运行成功

kubectl get pod

保证出现Pod均已经ready

4.将资源公开

如果跟上面一样提示报错,注释掉kubelet检测就行

bash access-kubernetes-goat.sh

5.访问资源

可以访问到靶场环境了,访问地址为:http://IP:1234


文章来源: http://mp.weixin.qq.com/s?__biz=MzI2MDI0NTM2Nw==&mid=2247490041&idx=1&sn=7f322c9d7ea4923b91b06d487cbb601c&chksm=ea6dcbe1dd1a42f7e3a9a99cb5de35448ed24529b0960795842331b492a0ed0c3ff33c98a4c8&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh