Node/VM/EC2

Install and attach K2's Ruby Language Agent with your Ruby application hosted on Node/VM/EC2 for Runtime Self Application Protection.

Prerequisites

• Make sure you have created an account on K2 Portal(SaaS or On-Premises).

• Make sure you have installed K2 Agents as per your environment.

Please follow our step-by-step Protect Ruby Application guide to complete the above two prerequisites. Ignore if done already.

Protect Ruby Application

Docker

Steps to Protect Ruby Application

• For Ruby on Rails applications, make sure you have Ruby version 2.6, Rails version 6.0 and Puma version 4.3.5 installed.

• The Ruby language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.

• For any containerized Ruby web application (Docker/K8s), the host path LANGUAGE_COLLECTORS_HOME is to be mounted at "/opt/k2-ic" inside the container with option 'z'.

• The Ruby agent can be attached to your application by running the following commands:Install the gem at mounted location using below command.

  gem install --install-dir /opt/k2-ic/k2-ruby-agent /opt/k2-ic/k2-ruby-agent.ge							

  Append below line to 'Gemfile' of Ruby application.

  gem 'k2agent', path: '/opt/k2-ic/k2-ruby-agent/gems/k2agent-0.1.0'                                   

• For Sinatra application, add the below require statement in app main module after sinatra require statement.

  require 'k2agent'                                 

• Create a properties file named 'k2-ruby-agent.properties' in application root directory with following property. (Mandatory for Passenger and Unicorn Server)

  APP_PORT=<appliction-port-number>                                 

• Update k2agent dependency in Gemfile.lock using command:

  bundle install                                    

• Start the Ruby application. Fire a few Http requests on the application to attach Ruby agent

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal.

  Alternatively go to Applications | K2 Portal

Non Docker

Steps to protect Ruby Application

• For Ruby on Rails applications, make sure you have Ruby version 2.6, Rails version 6.0 and Puma version 4.3.5 installed.

• The Ruby language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of agent.

• The Ruby agent can be attached to your application by running the following commands:Install the gem at mounted location using below command

  gem install --install-dir [LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent [LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent.gem                                 

  Append below line to 'Gemfile' of Ruby application.

  gem 'k2agent', path: '[LANGUAGE_COLLECTORS_HOME]/k2-ruby-agent/gems/k2agent-0.1.0'                                   

• For Sinatra application, add the below require statement in app main module after sinatra require statement.

  require 'k2agent'                                  

• Create a properties file named 'k2-ruby-agent.properties' in application root directory with following property. (Mandatory for Passenger and Unicorn Server)

  APP_PORT=<appliction-port-number>                                   

• Update k2agent dependency in Gemfile.lock using command:

  bundle install                                  

• Start the Ruby application. Fire a few Http requests on the application to attach Ruby agent

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal.

  Alternatively go to Applications | K2 Portal