Node/VM/EC2

Install and attach K2's Ruby Language Agent with your Ruby application hosted on Node/VM/EC2 for Runtime Self Application Protection.

Prerequisites

Please follow our step-by-step Protect Ruby Application guide to complete the above two prerequisites. Ignore if done already.

For Ruby on Rails applications, make sure you have Ruby version 2.6, Rails version 6.0 and Puma version 4.3.5 installed.
The Ruby language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,
- In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).
- In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.
  - ${HOME} points to the home directory of the linux user used to run the agent on the host.
- In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.
For any containerized Ruby web application (Docker/K8s), the host path LANGUAGE_COLLECTORS_HOME is to be mounted at "/opt/k2-ic" inside the container with option 'z'.

The Ruby agent can be attached to your application by running the following commands:Install the gem at mounted location using below command.

gem install --install-dir /opt/k2-ic/k2-ruby-agent /opt/k2-ic/k2-ruby-agent.ge

Append below line to 'Gemfile' of Ruby application.

gem 'k2agent', path: '/opt/k2-ic/k2-ruby-agent/gems/k2agent-0.1.0'

For Sinatra application, add the below require statement in app main module after sinatra require statement.
```
require 'k2agent'                                 
```
Create a properties file named 'k2-ruby-agent.properties' in application root directory with following property. (Mandatory for Passenger and Unicorn Server)
```
APP_PORT=<appliction-port-number>                                 
```

Update k2agent dependency in Gemfile.lock using command:

bundle install

Start the Ruby application. Fire a few Http requests on the application to attach Ruby agent
To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.
You can check your application in Protected processes View under applications on K2 Portal.
Alternatively go to Applications | K2 Portal

For Ruby on Rails applications, make sure you have Ruby version 2.6, Rails version 6.0 and Puma version 4.3.5 installed.
The Ruby language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,
- In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).
- In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.
  - ${HOME} points to the home directory of the linux user used to run the agent on the host.
- In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.

The Ruby agent can be attached to your application by running the following commands:Install the gem at mounted location using below command

gem install --install-dir [LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent [LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent.gem

Append below line to 'Gemfile' of Ruby application.

gem 'k2agent', path: '[LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent/gems/k2agent-0.1.0'

For Sinatra application, add the below require statement in app main module after sinatra require statement.
```
require 'k2agent'                                  
```
Create a properties file named 'k2-ruby-agent.properties' in application root directory with following property. (Mandatory for Passenger and Unicorn Server)
```
APP_PORT=<appliction-port-number>                                   
```

Update k2agent dependency in Gemfile.lock using command:

bundle install

Start the Ruby application. Fire a few Http requests on the application to attach Ruby agent
To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.
You can check your application in Protected processes View under applications on K2 Portal.
Alternatively go to Applications | K2 Portal

Last updated 3 years ago

Was this helpful?