TTF/laboratori-cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: align lab02 and lab03 student verification flows

Browse Source
This commit is contained in:
Luca Sacchi Ricciardi
2026-04-10 13:43:02 +00:00
parent 49e15f7ea2
commit f4764253e4
13 changed files with 105 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files
labs/lab-02-network/README.md
+8 -1
View File
@@ -4,12 +4,19 @@ Crea reti Docker isolate che simulano VPC e Subnets cloud.
## Avvio del Laboratorio ## Avvio del Laboratorio
Leggi prima i tutorial nell'ordine indicato sotto. In questo lab il `Dockerfile` e solo un supporto per esempi e test manuali: il flusso principale usa `docker-compose.yml`.
```bash ```bash
cd labs/lab-02-network cd labs/lab-02-network
docker build .
docker compose up -d docker compose up -d
``` ```
## Ordine Consigliato
1. `tutorial/01-create-vpc-networks.md`
2. `tutorial/02-deploy-containers-networks.md`
3. `tutorial/03-verify-network-isolation.md`
## Verifica Completamento ## Verifica Completamento
```bash ```bash
labs/lab-02-network/how-to-guides/cleanup-networks.md
+3 -3
View File
@@ -38,7 +38,7 @@ docker network prune
### Lab 02 Network Cleanup ### Lab 02 Network Cleanup
```bash ```bash
cd ~/laboratori-cloud/labs/lab-02-network cd /home/luca/laboratori-cloud/labs/lab-02-network
# Ferma e rimuovi container del compose # Ferma e rimuovi container del compose
docker compose down docker compose down
@@ -53,7 +53,7 @@ docker volume rm lab02-network_db-data 2>/dev/null || true
### Reset Completo Lab 02 ### Reset Completo Lab 02
```bash ```bash
cd ~/laboratori-cloud/labs/lab-02-network cd /home/luca/laboratori-cloud/labs/lab-02-network
# Tutto giu # Tutto giu
docker compose down -v --remove-orphans docker compose down -v --remove-orphans
@@ -99,4 +99,4 @@ docker system prune -a --volumes
## Vedi Anche ## Vedi Anche
- [Reference: Docker Network Commands](../reference/docker-network-commands.md) - [Reference: Docker Network Commands](../reference/docker-network-commands.md)
- [How-To: Reset Ambiente Docker](../../how-to-guides/reset-docker-environment.md) - [Script reset ambiente](../../../scripts/reset-env.sh)
labs/lab-02-network/tests/99-final-verification.sh
+14 -15
View File
@@ -16,7 +16,7 @@ NC='\033[0m'
# Get script directory # Get script directory
TEST_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" TEST_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$TEST_DIR/../.." && pwd)" PROJECT_ROOT="$(cd "$TEST_DIR/../../.." && pwd)"
LAB_DIR="$PROJECT_ROOT/labs/lab-02-network" LAB_DIR="$PROJECT_ROOT/labs/lab-02-network"
# Counter helpers # Counter helpers
@@ -61,7 +61,9 @@ print_info() {
} }
# Main header # Main header
if command -v clear &> /dev/null; then
clear clear
fi
print_header "Lab 02: Network & VPC - Final Verification" print_header "Lab 02: Network & VPC - Final Verification"
echo "" echo ""
echo -e "This script verifies your entire Lab 02 implementation." echo -e "This script verifies your entire Lab 02 implementation."
@@ -105,7 +107,7 @@ if [[ "${FAIL_REASON:-}" == "compose_missing" ]]; then
print_warn "Skipping network tests - compose file missing" print_warn "Skipping network tests - compose file missing"
else else
# Check for custom networks # Check for custom networks
NETWORKS=$(docker compose -f "$COMPOSE_FILE" config --format json 2>/dev/null | grep -o '"networks"' | wc -l || echo "0") NETWORKS=$(docker compose -f "$COMPOSE_FILE" config --format json 2>/dev/null | grep -o '"networks"' | wc -l)
if [[ $NETWORKS -gt 0 ]]; then if [[ $NETWORKS -gt 0 ]]; then
print_pass "Custom networks defined in docker-compose.yml" print_pass "Custom networks defined in docker-compose.yml"
@@ -119,7 +121,7 @@ else
fi fi
# Check for VPC-style naming (PARA-02 requirement) # Check for VPC-style naming (PARA-02 requirement)
VPC_NAMES=$(grep -E 'vpc-|subnet-|network-' "$COMPOSE_FILE" 2>/dev/null | wc -l || echo "0") VPC_NAMES=$(grep -E 'vpc-|subnet-|network-' "$COMPOSE_FILE" 2>/dev/null | wc -l)
if [[ $VPC_NAMES -gt 0 ]]; then if [[ $VPC_NAMES -gt 0 ]]; then
print_pass "Uses VPC-style naming convention (PARA-02 compliant)" print_pass "Uses VPC-style naming convention (PARA-02 compliant)"
else else
@@ -132,7 +134,7 @@ print_section "3. INF-02 Security Compliance"
if [[ -f "$COMPOSE_FILE" ]]; then if [[ -f "$COMPOSE_FILE" ]]; then
# Check for 0.0.0.0 bindings # Check for 0.0.0.0 bindings
ZERO_BINDINGS=$(grep -c -E '0\.0\.0\.0:[0-9]+' "$COMPOSE_FILE" 2>/dev/null || echo "0") ZERO_BINDINGS=$(grep -c -E '0\.0\.0\.0:[0-9]+' "$COMPOSE_FILE" 2>/dev/null || true)
if [[ $ZERO_BINDINGS -eq 0 ]]; then if [[ $ZERO_BINDINGS -eq 0 ]]; then
print_pass "No 0.0.0.0 port bindings found (INF-02 compliant)" print_pass "No 0.0.0.0 port bindings found (INF-02 compliant)"
else else
@@ -142,7 +144,7 @@ if [[ -f "$COMPOSE_FILE" ]]; then
fi fi
# Check for localhost bindings # Check for localhost bindings
LOCALHOST_BINDINGS=$(grep -c -E '127\.0\.0\.1:[0-9]+' "$COMPOSE_FILE" 2>/dev/null || echo "0") LOCALHOST_BINDINGS=$(grep -c -E '127\.0\.0\.1:[0-9]+' "$COMPOSE_FILE" 2>/dev/null || true)
if [[ $LOCALHOST_BINDINGS -gt 0 ]]; then if [[ $LOCALHOST_BINDINGS -gt 0 ]]; then
print_pass "Found $LOCALHOST_BINDINGS service(s) with 127.0.0.1 binding (secure)" print_pass "Found $LOCALHOST_BINDINGS service(s) with 127.0.0.1 binding (secure)"
else else
@@ -150,7 +152,7 @@ if [[ -f "$COMPOSE_FILE" ]]; then
fi fi
# Check for host networking # Check for host networking
HOST_NET=$(grep -c -E 'network_mode:\s*host' "$COMPOSE_FILE" 2>/dev/null || echo "0") HOST_NET=$(grep -c -E 'network_mode:\s*host' "$COMPOSE_FILE" 2>/dev/null || true)
if [[ $HOST_NET -eq 0 ]]; then if [[ $HOST_NET -eq 0 ]]; then
print_pass "No services using host networking mode" print_pass "No services using host networking mode"
else else
@@ -193,9 +195,9 @@ print_section "5. Documentation Completeness (Diátxis Framework)"
DOC_COUNT=0 DOC_COUNT=0
DOC_FILES=( DOC_FILES=(
"$LAB_DIR/tutorial/01-create-networks.md" "$LAB_DIR/tutorial/01-create-vpc-networks.md"
"$LAB_DIR/tutorial/02-deploy-containers.md" "$LAB_DIR/tutorial/02-deploy-containers-networks.md"
"$LAB_DIR/tutorial/03-verify-isolation.md" "$LAB_DIR/tutorial/03-verify-network-isolation.md"
"$LAB_DIR/how-to-guides/*.md" "$LAB_DIR/how-to-guides/*.md"
"$LAB_DIR/reference/*.md" "$LAB_DIR/reference/*.md"
"$LAB_DIR/explanation/*.md" "$LAB_DIR/explanation/*.md"
@@ -223,10 +225,7 @@ fi
print_section "6. Test Infrastructure Verification" print_section "6. Test Infrastructure Verification"
TEST_FILES=( TEST_FILES=(
"$TEST_DIR/01-network-creation-test.sh" "$TEST_DIR/99-final-verification.sh"
"$TEST_DIR/02-isolation-verification-test.sh"
"$TEST_DIR/03-inf02-compliance-test.sh"
"$TEST_DIR/run-all-tests.sh"
) )
TESTS_FOUND=0 TESTS_FOUND=0
@@ -237,9 +236,9 @@ for test_file in "${TEST_FILES[@]}"; do
done done
if [[ $TESTS_FOUND -eq ${#TEST_FILES[@]} ]]; then if [[ $TESTS_FOUND -eq ${#TEST_FILES[@]} ]]; then
print_pass "All test scripts present and executable" print_pass "Final verification script present and executable"
elif [[ $TESTS_FOUND -gt 0 ]]; then elif [[ $TESTS_FOUND -gt 0 ]]; then
print_warn "Some test scripts missing: $TESTS_FOUND/${#TEST_FILES[@]} found" print_warn "Some expected test scripts missing: $TESTS_FOUND/${#TEST_FILES[@]} found"
else else
print_fail "Test infrastructure not found" print_fail "Test infrastructure not found"
fi fi
labs/lab-02-network/tutorial/01-create-vpc-networks.md
+8
View File
@@ -8,6 +8,8 @@ Creare due reti isolate che simulano una subnet pubblica e una subnet privata in
- **VPC Public Subnet**: `lab02-vpc-public` (10.0.1.0/24) - per servizi accessibili - **VPC Public Subnet**: `lab02-vpc-public` (10.0.1.0/24) - per servizi accessibili
- **VPC Private Subnet**: `lab02-vpc-private` (10.0.2.0/24) - isolata, senza accesso esterno - **VPC Private Subnet**: `lab02-vpc-private` (10.0.2.0/24) - isolata, senza accesso esterno
Nota pratica: il tutorial 2 usa `docker compose` per creare e gestire le stesse reti. Se segui questo tutorial alla lettera con `docker network create`, prima di avviare il compose dovrai rimuovere le reti manuali oppure dichiararle come reti esterne. Nel flusso consigliato per studenti conviene usare questo tutorial per capire i concetti e usare il compose del tutorial 2 come implementazione finale.
## Prerequisiti ## Prerequisiti
- Docker Engine >= 24.0 installato e in esecuzione - Docker Engine >= 24.0 installato e in esecuzione
@@ -261,6 +263,12 @@ Hai completato questo tutorial quando:
Nel [prossimo tutorial](./02-deploy-containers-networks.md) imparerai a distribuire container in queste reti usando docker-compose.yml, creando un'architettura multi-tier (web pubblica, database privato). Nel [prossimo tutorial](./02-deploy-containers-networks.md) imparerai a distribuire container in queste reti usando docker-compose.yml, creando un'architettura multi-tier (web pubblica, database privato).
Prima di passare al tutorial 2, se hai creato le reti manualmente in questo tutorial, puliscile per evitare conflitti con Compose:
```bash
docker network rm lab02-vpc-public lab02-vpc-private
```
--- ---
## Troubleshooting ## Troubleshooting
labs/lab-02-network/tutorial/02-deploy-containers-networks.md
+9 -4
View File
@@ -20,7 +20,7 @@ Creare un'architettura multi-tier con docker-compose:
Esegui: Esegui:
```bash ```bash
cd ~/laboratori-cloud/labs/lab-02-network cd /home/luca/laboratori-cloud/labs/lab-02-network
``` ```
--- ---
@@ -96,6 +96,8 @@ volumes:
Salva il file. Salva il file.
Nota: in questo repository il file `docker-compose.yml` esiste gia. Puoi confrontare il tuo file con quello presente oppure usare direttamente quello del lab.
--- ---
## Passo 3: Verificare la Configurazione ## Passo 3: Verificare la Configurazione
@@ -114,9 +116,12 @@ Se valido, vedrai la configurazione completa. Se ci sono errori, verranno mostra
## Passo 4: Avviare i Servizi ## Passo 4: Avviare i Servizi
Se nel tutorial 1 hai creato le reti manualmente con gli stessi nomi, rimuovile prima di questo comando. Altrimenti `docker compose up -d` fallisce per conflitto di ownership/label delle reti.
Esegui: Esegui:
```bash ```bash
docker network rm lab02-vpc-public lab02-vpc-private 2>/dev/null || true
docker compose up -d docker compose up -d
``` ```
@@ -156,7 +161,7 @@ Esegui:
```bash ```bash
# Verifica container web nella rete pubblica # Verifica container web nella rete pubblica
docker inspect lab02-web --format '{{range .NetworkSettings.Networks}}{{.IPAddress}} in {{.NetworkID}}{{end}}' docker inspect lab02-web --format '{{range $k, $v := .NetworkSettings.Networks}}{{$v.IPAddress}} in {{$k}}{{end}}'
``` ```
Atteso (IP nella subnet pubblica): Atteso (IP nella subnet pubblica):
@@ -168,7 +173,7 @@ Esegui:
```bash ```bash
# Verifica database nella rete privata # Verifica database nella rete privata
docker inspect lab02-db --format '{{range .NetworkSettings.Networks}}{{.IPAddress}} in {{.NetworkID}}{{end}}' docker inspect lab02-db --format '{{range $k, $v := .NetworkSettings.Networks}}{{$v.IPAddress}} in {{$k}}{{end}}'
``` ```
Atteso (IP nella subnet privata): Atteso (IP nella subnet privata):
@@ -180,7 +185,7 @@ Esegui:
```bash ```bash
# Verifica app in entrambe le reti (multi-homed) # Verifica app in entrambe le reti (multi-homed)
docker inspect lab02-app --format '{{range .NetworkSettings.Networks}}{{.IPAddress}} in {{.NetworkID}} | {{end}}' docker inspect lab02-app --format '{{range $k, $v := .NetworkSettings.Networks}}{{$v.IPAddress}} in {{$k}} | {{end}}'
``` ```
Atteso: Atteso:
labs/lab-02-network/tutorial/03-verify-network-isolation.md
+15 -15
View File
@@ -13,7 +13,7 @@ Verificare che:
## Prerequisiti ## Prerequisiti
- Completati [Tutorial 1](./01-create-vpc-networks.md) e [Tutorial 2](./02-deploy-containers-networks.md) - Completati [Tutorial 1](./01-create-vpc-networks.md) e [Tutorial 2](./02-deploy-containers-networks.md)
- Container in esecuzione: `docker compose ps` mostra 3 container attivi - Container in esecuzione: `docker ps` mostra almeno `lab02-web`, `lab02-app` e `lab02-db` attivi
--- ---
@@ -22,11 +22,11 @@ Verificare che:
Esegui: Esegui:
```bash ```bash
cd ~/laboratori-cloud/labs/lab-02-network cd /home/luca/laboratori-cloud/labs/lab-02-network
docker compose ps docker compose ps
``` ```
Assicurati che lab02-web, lab02-app, e lab02-db siano "Up". Assicurati che `lab02-web`, `lab02-app` e `lab02-db` siano "Up". Se `docker compose ps` non mostra nulla ma `docker compose up -d` e andato a buon fine, verifica con `docker ps | grep '^lab02-'`.
Se non lo sono: Se non lo sono:
@@ -44,15 +44,15 @@ Esegui:
```bash ```bash
# Verifica: app puo raggiungere web (stessa rete pubblica) # Verifica: app puo raggiungere web (stessa rete pubblica)
docker exec lab02-app ping -c 2 lab02-web docker exec lab02-app ping -c 2 web
``` ```
Atteso: Atteso:
``` ```
PING lab02-web (10.0.1.10): 56 data bytes PING web (10.0.1.10): 56 data bytes
64 bytes from 10.0.1.10: seq=0 ttl=64 time=0.123 ms 64 bytes from 10.0.1.10: seq=0 ttl=64 time=0.123 ms
64 bytes from 10.0.1.10: seq=1 ttl=64 time=0.045 ms 64 bytes from 10.0.1.10: seq=1 ttl=64 time=0.045 ms
--- lab02-web ping statistics --- --- web ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss 2 packets transmitted, 2 packets received, 0% packet loss
``` ```
@@ -68,18 +68,18 @@ Esegui:
```bash ```bash
# Verifica: web NON puo raggiungere db (reti diverse) # Verifica: web NON puo raggiungere db (reti diverse)
docker exec lab02-web ping -c 2 lab02-db docker exec lab02-web ping -c 2 db
``` ```
Atteso: Atteso:
``` ```
ping: bad address 'lab02-db' ping: bad address 'db'
``` ```
Oppure: Oppure:
``` ```
PING lab02-db (10.0.2.10): 56 data bytes PING db (10.0.2.10): 56 data bytes
--- lab02-db ping statistics --- --- db ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss 2 packets transmitted, 0 packets received, 100% packet loss
``` ```
@@ -97,7 +97,7 @@ Esegui:
```bash ```bash
# Verifica: app puo raggiungere web (stessa rete pubblica) # Verifica: app puo raggiungere web (stessa rete pubblica)
docker exec lab02-app ping -c 2 lab02-web docker exec lab02-app ping -c 2 web
``` ```
Atteso: SUCCESSO Atteso: SUCCESSO
@@ -106,7 +106,7 @@ Esegui:
```bash ```bash
# Verifica: app puo raggiungere db (stessa rete privata) # Verifica: app puo raggiungere db (stessa rete privata)
docker exec lab02-app ping -c 2 lab02-db docker exec lab02-app ping -c 2 db
``` ```
Atteso: SUCCESSO Atteso: SUCCESSO
@@ -123,12 +123,12 @@ Esegui:
```bash ```bash
# Test DNS nella stessa rete # Test DNS nella stessa rete
docker exec lab02-app nslookup lab02-web docker exec lab02-app nslookup web
``` ```
Atteso: Atteso:
``` ```
Name: lab02-web Name: web
Address 1: 10.0.1.10 Address 1: 10.0.1.10
``` ```
@@ -136,7 +136,7 @@ Esegui:
```bash ```bash
# Test DNS cross-rete (dovrebbe fallire) # Test DNS cross-rete (dovrebbe fallire)
docker exec lab02-web nslookup lab02-db docker exec lab02-web nslookup db
``` ```
Atteso: Fallisce o restituisce errore Atteso: Fallisce o restituisce errore
labs/lab-03-compute/Dockerfile
+1 -1
View File
@@ -9,7 +9,7 @@ RUN addgroup -g 1000 appgroup && \
# Installare strumenti di stress testing e monitoraggio # Installare strumenti di stress testing e monitoraggio
RUN apk add --no-cache \ RUN apk add --no-cache \
stress \ stress-ng \
curl \ curl \
wget \ wget \
procps \ procps \
labs/lab-03-compute/README.md
+8 -1
View File
@@ -4,12 +4,19 @@ Deploy container con limiti CPU/memoria e healthchecks.
## Avvio del Laboratorio ## Avvio del Laboratorio
Leggi prima i tutorial nell'ordine indicato sotto. Il flusso principale del lab usa `docker-compose.yml`; il `Dockerfile` e un supporto separato per test e strumenti.
```bash ```bash
cd labs/lab-03-compute cd labs/lab-03-compute
docker build .
docker compose up -d docker compose up -d
``` ```
## Ordine Consigliato
1. `tutorial/01-set-resource-limits.md`
2. `tutorial/02-implement-healthchecks.md`
3. `tutorial/03-dependencies-with-health.md`
## Verifica Completamento ## Verifica Completamento
```bash ```bash
labs/lab-03-compute/reference/ec2-instance-mapping.md
+1 -1
View File
@@ -121,7 +121,7 @@ app:
```yaml ```yaml
production: production:
image: myapp:latest image: nginx:alpine
deploy: deploy:
resources: resources:
limits: limits:
labs/lab-03-compute/tests/99-final-verification.sh
+29 -17
View File
@@ -113,11 +113,14 @@ print_header "Section 2: INF-03 Compliance (Resource Limits)"
print_test "Verifying all services have resource limits" print_test "Verifying all services have resource limits"
NON_COMPLIANT=0 NON_COMPLIANT=0
LIMITS_SUMMARY="" LIMITS_SUMMARY=""
COMPOSE_CONFIG=$(docker compose config 2>/dev/null)
for service in $SERVICES; do for service in $SERVICES; do
service_block=$(printf '%s\n' "$COMPOSE_CONFIG" | grep -A 20 "^ $service:")
# Check for resource limits # Check for resource limits
has_cpu=$(docker compose config 2>/dev/null | grep -A 30 "^$service:" | grep -c "cpus:" || echo "0") has_cpu=$(printf '%s\n' "$service_block" | grep -c "cpus:" || true)
has_memory=$(docker compose config 2>/dev/null | grep -A 30 "^$service:" | grep -c "memory:" || echo "0") has_memory=$(printf '%s\n' "$service_block" | grep -c "memory:" || true)
if [[ $has_cpu -eq 0 ]]; then if [[ $has_cpu -eq 0 ]]; then
print_fail " $service: Missing cpus limit" print_fail " $service: Missing cpus limit"
@@ -126,8 +129,8 @@ for service in $SERVICES; do
print_fail " $service: Missing memory limit" print_fail " $service: Missing memory limit"
((NON_COMPLIANT++)) || true ((NON_COMPLIANT++)) || true
else else
cpu_val=$(docker compose config 2>/dev/null | grep -A 30 "^$service:" | grep "cpus:" | sed 's/.*cpus: //' | tr -d ' "') cpu_val=$(printf '%s\n' "$service_block" | grep -m1 "cpus:" | sed 's/.*cpus: //' | tr -d ' "')
mem_val=$(docker compose config 2>/dev/null | grep -A 30 "^$service:" | grep "memory:" | sed 's/.*memory: //' | tr -d " '"") mem_val=$(printf '%s\n' "$service_block" | grep -m1 "memory:" | sed 's/.*memory: //' | tr -d ' "')
# Map to EC2 instance type # Map to EC2 instance type
case "$cpu_val:$mem_val" in case "$cpu_val:$mem_val" in
@@ -159,15 +162,20 @@ MISSING_HC=0
HC_SUMMARY="" HC_SUMMARY=""
for service in $SERVICES; do for service in $SERVICES; do
has_hc=$(docker compose config 2>/dev/null | grep -A 50 "^$service:" | grep -c "healthcheck:" || echo "0") service_block=$(printf '%s\n' "$COMPOSE_CONFIG" | grep -A 20 "^ $service:")
has_hc=$(printf '%s\n' "$service_block" | grep -c "healthcheck:" || true)
if [[ $has_hc -eq 0 ]]; then if [[ $has_hc -eq 0 ]]; then
print_fail " $service: Missing healthcheck" print_fail " $service: Missing healthcheck"
((MISSING_HC++)) || true ((MISSING_HC++)) || true
else else
interval=$(docker compose config 2>/dev/null | grep -A 60 "^$service:" | grep -A 5 "healthcheck:" | grep "interval:" | sed 's/.*interval: //' | tr -d " '"" || echo "N/A") interval=$(printf '%s\n' "$service_block" | grep -A 8 "healthcheck:" | grep -m1 "interval:" | sed 's/.*interval: //' | tr -d ' "' || true)
timeout=$(docker compose config 2>/dev/null | grep -A 60 "^$service:" | grep -A 5 "healthcheck:" | grep "timeout:" | sed 's/.*timeout: //' | tr -d " '"" || echo "N/A") timeout=$(printf '%s\n' "$service_block" | grep -A 8 "healthcheck:" | grep -m1 "timeout:" | sed 's/.*timeout: //' | tr -d ' "' || true)
retries=$(docker compose config 2>/dev/null | grep -A 60 "^$service:" | grep -A 5 "healthcheck:" | grep "retries:" | sed 's/.*retries: //' | tr -d " '"" || echo "N/A") retries=$(printf '%s\n' "$service_block" | grep -A 8 "healthcheck:" | grep -m1 "retries:" | sed 's/.*retries: //' | tr -d ' "' || true)
interval=${interval:-N/A}
timeout=${timeout:-N/A}
retries=${retries:-N/A}
print_pass " $service: interval=$interval, timeout=$timeout, retries=$retries" print_pass " $service: interval=$interval, timeout=$timeout, retries=$retries"
HC_SUMMARY="$HC_SUMMARY\n • $service: interval=$interval, timeout=$timeout, retries=$retries" HC_SUMMARY="$HC_SUMMARY\n • $service: interval=$interval, timeout=$timeout, retries=$retries"
@@ -208,10 +216,12 @@ print_test "Checking resource limits are applied"
LIMITS_ENFORCED=0 LIMITS_ENFORCED=0
for service in $SERVICES; do for service in $SERVICES; do
container_name="lab03-$service" container_id=$(docker compose ps -q "$service" 2>/dev/null || echo "")
if docker ps --format '{{.Names}}' | grep -q "$container_name"; then if [[ -n "$container_id" ]]; then
nano_cpus=$(docker inspect "$container_name" --format '{{.HostConfig.NanoCpus}}' 2>/dev/null || echo "0") container_name=$(docker inspect "$container_id" --format '{{.Name}}' 2>/dev/null || echo "$service")
mem_bytes=$(docker inspect "$container_name" --format '{{.HostConfig.Memory}}' 2>/dev/null || echo "0") container_name=${container_name#/}
nano_cpus=$(docker inspect "$container_id" --format '{{.HostConfig.NanoCpus}}' 2>/dev/null || echo "0")
mem_bytes=$(docker inspect "$container_id" --format '{{.HostConfig.Memory}}' 2>/dev/null || echo "0")
if [[ $nano_cpus -gt 0 && $mem_bytes -gt 0 ]]; then if [[ $nano_cpus -gt 0 && $mem_bytes -gt 0 ]]; then
cpu_cores=$(echo "scale=2; $nano_cpus / 1000000000" | bc 2>/dev/null || echo "N/A") cpu_cores=$(echo "scale=2; $nano_cpus / 1000000000" | bc 2>/dev/null || echo "N/A")
@@ -237,7 +247,7 @@ fi
# Test docker stats # Test docker stats
print_test "Monitoring resource usage" print_test "Monitoring resource usage"
echo -e "\n${BLUE}Live Resource Usage:${NC}" echo -e "\n${BLUE}Live Resource Usage:${NC}"
docker stats --no-stream --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}" 2>/dev/null || print_fail "docker stats failed" docker ps --format '{{.Names}}' | grep '^lab03-' | xargs -r docker stats --no-stream --format "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}" 2>/dev/null || print_fail "docker stats failed"
# === SECTION 6: Health Status === # === SECTION 6: Health Status ===
print_header "Section 6: Health Status Verification" print_header "Section 6: Health Status Verification"
@@ -246,9 +256,11 @@ print_test "Checking container health status"
HEALTHY=0 HEALTHY=0
for service in $SERVICES; do for service in $SERVICES; do
container_name="lab03-$service" container_id=$(docker compose ps -q "$service" 2>/dev/null || echo "")
if docker ps --format '{{.Names}}' | grep -q "$container_name"; then if [[ -n "$container_id" ]]; then
health=$(docker inspect "$container_name" --format '{{.State.Health.Status}}' 2>/dev/null || echo "no-healthcheck") container_name=$(docker inspect "$container_id" --format '{{.Name}}' 2>/dev/null || echo "$service")
container_name=${container_name#/}
health=$(docker inspect "$container_id" --format '{{.State.Health.Status}}' 2>/dev/null || echo "no-healthcheck")
if [[ "$health" == "healthy" ]]; then if [[ "$health" == "healthy" ]]; then
print_pass " $container_name: healthy ✓" print_pass " $container_name: healthy ✓"
@@ -264,7 +276,7 @@ done
if [[ $HEALTHY -gt 0 ]]; then if [[ $HEALTHY -gt 0 ]]; then
print_pass "$HEALTHY containers are healthy" print_pass "$HEALTHY containers are healthy"
else else
print_warning "No healthy containers yet (may still be starting)" print_warning "No healthy containers yet; they may still be starting"
fi fi
# === SECTION 7: Cloud Parallels === # === SECTION 7: Cloud Parallels ===
labs/lab-03-compute/tutorial/01-set-resource-limits.md
+2
View File
@@ -120,6 +120,8 @@ services:
restart: unless-stopped restart: unless-stopped
``` ```
Nota: in questo repository il file `docker-compose.yml` finale esiste gia. Puoi usarlo come riferimento o partire direttamente da quello presente nel lab.
### Step 2: Verificare la sintassi ### Step 2: Verificare la sintassi
```bash ```bash
labs/lab-03-compute/tutorial/02-implement-healthchecks.md
+2 -2
View File
@@ -211,7 +211,7 @@ Per comandi più complessi, usa `CMD-SHELL`:
```yaml ```yaml
app: app:
image: myapp:latest image: nginx:alpine
container_name: lab03-app container_name: lab03-app
hostname: app hostname: app
@@ -223,7 +223,7 @@ Per comandi più complessi, usa `CMD-SHELL`:
# Custom healthcheck with shell # Custom healthcheck with shell
healthcheck: healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost/health || exit 1"] test: ["CMD-SHELL", "curl -f http://localhost/ || exit 1"]
interval: 15s interval: 15s
timeout: 3s timeout: 3s
retries: 3 retries: 3
labs/lab-03-compute/tutorial/03-dependencies-with-health.md
+2 -2
View File
@@ -226,10 +226,10 @@ docker compose logs --tail=50
Cerca messaggi tipo: Cerca messaggi tipo:
``` ```
lab03-db | database system is ready to accept connections lab03-db | database system is ready to accept connections
lab03-app | Waiting for db to be healthy...
lab03-web | Waiting for app to be healthy...
``` ```
Nota: le righe `Waiting for db to be healthy...` e `Waiting for app to be healthy...` sono una spiegazione didattica del comportamento atteso, non un output reale generato da nginx o postgres in questo lab.
--- ---
## Parte 5: Testare le Dipendenze ## Parte 5: Testare le Dipendenze