Removed API Connectivity Manager (#130)

* Added API Connectivity Manager 1.5.0 support

* Ownership fix

* Startup script fix

* NGINX App Protect WAF updates

* Tested with NGINX Instance Manager 2.9.1

* Added docker-compose support

* Tested with NGINX Instance Manager 2.10.0 and Security Monitoring 1.4.0

* Tested with NGINX Instance Manager 2.10.0 and API Connectivity Manager 1.5.0

* Tested with API Connectivity Manager 1.6.0

* Tested with API Connectivity Manager 1.6.0

* README updated

* Added support for NGINX Instance Manager 2.10.1 and App Delivery Manager 4.0.0

* Fixed NGINX App Protect detection bug for NGINX Instance Manager 2.10.0+

* Fixed agent syslog receiver bug

* README updated

* Tested with NGINX Instance Manager 2.11.0 and Security Monitoring 1.5.0

* Tested with NGINX Instance Manager 2.11.0

* Tested with NGINX API Connectivity Manager 1.7.0

* Tested with NGINX Instance Manager 2.12.0 and Security Monitoring 1.6.0

* Tested with API Connectivity Manager 1.8.0

* Tested with API Connectivity Manager 1.8.0

* Tested with NGINX Instance Manager 2.12.0

* Dockerfile updated

* Support for NGINX Instance Manager 2.13

* Tested with NGINX Instance Manager 2.13

* Tested with NIM 2.14.0 and SM 1.7.0

* Tested with NIM 2.14.0 and SM 1.7.0

* Tested with NGINX Instance Manager 2.14.0

* Tested with NGINX Instance Manager 2.14.0

* Tested with NGINX App Protect compiler v4.583.0

* Start script updated

* Advanced metrics support added

* Advanced metrics support added

* Removed Application Delivery Manger, tested with NGINX Instance Manager 2.15.0

* Removed devportal, tested with NGINX Instance Manager 2.15.0

* Removed API Connectivity Manager

---------

Signed-off-by: 65397 <[email protected]>

Author: fabriziofiorucci

nginx-nms-docker/Dockerfile.automated

@@ -1,7 +1,6 @@
 FROM ubuntu:20.04
 
 ARG BUILD_WITH_SECONDSIGHT=false
-ARG ADD_ACM
 ARG ADD_SM
 ARG ADD_PUM
 
@@ -24,9 +23,6 @@ RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644
 	&& apt-get update \
 	&& apt-get install -y nms-instance-manager \
 	&& curl -s http://hg.nginx.org/nginx.org/raw-file/tip/xml/en/security_advisories.xml > /usr/share/nms/cve.xml \
-	# Optional API Connectivity Manager
-	&& if [ "${ADD_ACM}" = "true" ] ; then \
-	apt-get -y install nms-api-connectivity-manager; fi \
 	# Optional Security Monitoring
 	&& if [ "${ADD_SM}" = "true" ] ; then \
 	apt-get -y install nms-sm; fi \

nginx-nms-docker/Dockerfile.manual

@@ -2,7 +2,6 @@ FROM ubuntu:20.04
 
 ARG NIM_DEBFILE
 ARG BUILD_WITH_SECONDSIGHT=false
-ARG ACM_IMAGE=nim-files/.placeholder
 ARG SM_IMAGE=nim-files/.placeholder
 ARG PUM_IMAGE=nim-files/.placeholder
 
@@ -14,7 +13,6 @@ RUN apt-get update && \
 
 # NGINX Instance Manager 2.4.0+
 COPY $NIM_DEBFILE /deployment/setup/nim.deb
-COPY $ACM_IMAGE /deployment/setup/acm.deb
 COPY $SM_IMAGE /deployment/setup/sm.deb
 COPY $PUM_IMAGE /deployment/setup/pum.deb
 
@@ -28,10 +26,6 @@ COPY $NIM_DEBFILE /deployment/setup/nim.deb
 RUN apt-get -y install /deployment/setup/nim.deb && \
 	curl -s http://hg.nginx.org/nginx.org/raw-file/tip/xml/en/security_advisories.xml > /usr/share/nms/cve.xml
 
-# Optional API Connectivity Manager
-RUN if [ "$ACM_IMAGE" != "nim-files/.placeholder" ] ; then \
-	apt-get -y install /deployment/setup/acm.deb; fi
-
 # Optional Security Monitoring
 RUN if [ "$SM_IMAGE" != "nim-files/.placeholder" ] ; then \
 	apt-get -y install /deployment/setup/sm.deb; fi

nginx-nms-docker/README.md

@@ -7,7 +7,6 @@ This repository helps deploying NGINX Management Suite on containerized clusters
 Docker image creation is supported for:
 
 - [NGINX Instance Manager](https://docs.nginx.com/nginx-instance-manager/) 2.4.0+
-- [NGINX API Connectivity Manager](https://docs.nginx.com/nginx-management-suite/acm/) 1.0.0+
 - [Security Monitoring](https://docs.nginx.com/nginx-management-suite/security/) 1.0.0+
 - [NGINX App Protect WAF compiler](https://docs.nginx.com/nginx-management-suite/nim/how-to/app-protect/setup-waf-config-management)
 
@@ -24,7 +23,6 @@ A bash script to quickly install NGINX Management Suite through the official Hel
 This repository has been tested with:
 
 - NGINX Instance Manager 2.4.0, 2.5.0, 2.5.1, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.9.1, 2.10.0, 2.10.1, 2.11.0, 2.12.0, 2.13.0, 2.13.1, 2.14.0, 2.14.1, 2.15.0
-- NGINX API Connectivity Manager 1.0.0, 1.1.0, 1.1.1, 1.2.0, 1.3.0, 1.3.1, 1.4.0, 1.4.1, 1.5.0, 1.6.0, 1.7.0, 1.8.0, 1.9.0, 1.9.1
 - Security Monitoring 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.7.1
 - NGINX App Protect WAF compiler v3.1088.2, v4.100.1, v4.2.0, v4.218.0, v4.279.0, v4.402.0, v4.457.0, v4.583.0
 
@@ -36,7 +34,7 @@ This repository has been tested with:
 - Private registry to push the target Docker image
 - Kubernetes cluster with dynamic storage provisioner enabled: see the [example](contrib/pvc-provisioner)
 - NGINX Ingress Controller with `VirtualServer` CRD support (see https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/)
-- Access to F5/NGINX downloads to fetch NGINX Instance Manager 2.4.0+ installation .deb file and API Connectivity Manager 1.0+ installation .deb file (when running in manual mode)
+- Access to F5/NGINX downloads to fetch NGINX Instance Manager 2.4.0+ installation .deb file (when running in manual mode)
 - Valid NGINX license certificate and key to fetch NGINX Management Suite packages (when running in automated mode)
 - Linux host running Docker to build the image
 
@@ -63,7 +61,6 @@ NGINX Management Suite Docker image builder
  Manual build:
 
  -n [filename]          - NGINX Instance Manager .deb package filename
- -a [filename]          - API Connectivity Manager .deb package filename - optional
  -w [filename]          - Security Monitoring .deb package filename - optional
  -p [filename]          - WAF policy compiler .deb package filename - optional
 
@@ -72,22 +69,20 @@ NGINX Management Suite Docker image builder
  -i                     - Automated build - requires cert & key
  -C [file.crt]          - Certificate file to pull packages from the official NGINX repository
  -K [file.key]          - Key file to pull packages from the official NGINX repository
- -A                     - Enable API Connectivity Manager - optional
  -W                     - Enable Security Monitoring - optional
  -P [version]           - Enable WAF policy compiler, version can be any [v3.1088.2|v4.100.1|v4.2.0|v4.218.0|v4.279.0|v4.402.0|v4.457.0|v4.583.0] - optional
 
  === Examples:
 
  Manual build:
         ./scripts/buildNIM.sh -n nim-files/nms-instance-manager_2.6.0-698150575~focal_amd64.deb \
-                -a nim-files/nms-api-connectivity-manager_1.2.0.668430332~focal_amd64.deb \
                 -w nim-files/nms-sm_1.0.0-697204659~focal_amd64.deb \
                 -p nim-files/nms-nap-compiler-v4.2.0.deb \
                 -t my.registry.tld/nginx-nms:2.6.0
 
  Automated build:
         ./scripts/buildNIM.sh -i -C nginx-repo.crt -K nginx-repo.key
-                -A -W -P v4.583.0 -t my.registry.tld/nginx-nms:latest
+                -W -P v4.583.0 -t my.registry.tld/nginx-nms:latest
 ```
 
 ### Automated build
@@ -102,24 +97,12 @@ NGINX Instance Manager
 ./scripts/buildNIM.sh -t YOUR_DOCKER_REGISTRY/nginx-nim2:automated -i -C certs/nginx-repo.crt -K certs/nginx-repo.key
 ```
 
-NGINX Instance Manager and API Connectivity Manager
-
-```
-./scripts/buildNIM.sh -t YOUR_DOCKER_REGISTRY/nginx-nim2:automated -i -C certs/nginx-repo.crt -K certs/nginx-repo.key -A
-```
-
 NGINX Instance Manager, Security Monitoring and WAF Policy Compiler
 
 ```
 ./scripts/buildNIM.sh -t YOUR_DOCKER_REGISTRY/nginx-nim2:automated -i -C certs/nginx-repo.crt -K certs/nginx-repo.key -W -P v4.457.0
 ```
 
-NGINX Instance Manager, API Connectivity Manager, WAF Policy Compiler and Security Monitoring
-
-```
-./scripts/buildNIM.sh -t YOUR_DOCKER_REGISTRY/nginx-nim2:automated -i -C certs/nginx-repo.crt -K certs/nginx-repo.key -A -W -P v4.457.0
-```
-
 ### Manual build
 
 1. Clone this repo
@@ -131,15 +114,14 @@ NGINX Instance Manager, API Connectivity Manager, WAF Policy Compiler and Securi
 
 ```
 ./scripts/buildNIM.sh -n nim-files/nms-instance-manager_2.6.0-698150575~focal_amd64.deb \
-        -a nim-files/nms-api-connectivity-manager_1.2.0.668430332~focal_amd64.deb \
         -w nim-files/nms-sm_1.0.0-697204659~focal_amd64.deb \
         -p nim-files/nms-nap-compiler-v4.2.0_4.2.0-1~focal_amd64.deb \
         -t my.registry.tld/nginx-nms:2.6.0
 ```
 
 ### Configuring and running
 
-1. Edit `manifests/1.nginx-nim.yaml` and specify the correct image by modifying the "image" line and configure NGINX Instance Manager username, password and the base64-encoded license file for automated license activation. In order to use API Connectivity Manager an ACM license is required
+1. Edit `manifests/1.nginx-nim.yaml` and specify the correct image by modifying the "image" line and configure NGINX Instance Manager username, password and the base64-encoded license file for automated license activation.
 
 ```
 image: your.registry.tld/nginx-nim2:tag

nginx-nms-docker/container/startNIM.sh

@@ -125,13 +125,6 @@ su - nms -c 'function repeat { while [ 1 ] ; do "$@" ; sleep 1 ; done; };repeat
 /bin/bash -c '`which chown` nms:nms /etc/nms/certs/services/ca.crt'
 su - nms -c 'function repeat { while [ 1 ] ; do "$@" ; sleep 1 ; done; };repeat /usr/bin/nms-integrations &' -s /bin/bash
 
-# Start API Connectivity Manager - from /lib/systemd/system/nms-acm.service
-if [ -f /usr/bin/nms-acm ]
-then
-	sleep 5
-	su - nms -c 'function repeat { while [ 1 ] ; do "$@" ; sleep 1 ; done; };repeat /usr/bin/nms-acm server &' -s /bin/bash
-fi
-
 sleep 5
 
 # Start Security Monitoring

nginx-nms-docker/scripts/buildNIM.sh

@@ -10,32 +10,29 @@ $0 [options]\n\n
 -s\t\t\t- Enable Second Sight (https://github.com/F5Networks/SecondSight/) - optional\n\n
 Manual build:\n\n
 -n [filename]\t\t- NGINX Instance Manager .deb package filename\n
--a [filename]\t\t- API Connectivity Manager .deb package filename - optional\n
 -w [filename]\t\t- Security Monitoring .deb package filename - optional\n
 -p [filename]\t\t- WAF policy compiler .deb package filename - optional\n\n
 Automated build:\n\n
 -i\t\t\t- Automated build - requires cert & key\n
 -C [file.crt]\t\t- Certificate file to pull packages from the official NGINX repository\n
 -K [file.key]\t\t- Key file to pull packages from the official NGINX repository\n
--A\t\t\t- Enable API Connectivity Manager - optional\n
 -W\t\t\t- Enable Security Monitoring - optional\n
 -P [version]\t\t- Enable WAF policy compiler, version can be any [v3.1088.2|v4.100.1|v4.2.0|v4.218.0|v4.279.0|v4.402.0|v4.457.0|v4.583.0] - optional\n\n
 === Examples:\n\n
 Manual build:\n
 \t$0 -n nim-files/nms-instance-manager_2.6.0-698150575~focal_amd64.deb \\\\\n
-\t\t-a nim-files/nms-api-connectivity-manager_1.2.0.668430332~focal_amd64.deb \\\\\n
 \t\t-w nim-files/nms-sm_1.0.0-697204659~focal_amd64.deb \\\\\n
 \t\t-p nim-files/nms-nap-compiler-v4.2.0.deb \\\\\n
 \t\t-t my.registry.tld/nginx-nms:2.6.0\n\n
 Automated build:\n
 \t$0 -i -C nginx-repo.crt -K nginx-repo.key\n
-\t\t-A -W -P v4.583.0 -t my.registry.tld/nginx-nms:latest\n
+\t\t-W -P v4.583.0 -t my.registry.tld/nginx-nms:latest\n
 "
 
 # Defaults
 COUNTER=false
 
-while getopts 'hn:a:w:p:t:siC:K:AWP:' OPTION
+while getopts 'hn:w:p:t:siC:K:AWP:' OPTION
 do
 	case "$OPTION" in
 		h)
@@ -45,9 +42,6 @@ do
 		n)
 			DEBFILE=$OPTARG
 		;;
-		a)
-			ACM_IMAGE=$OPTARG
-		;;
 		w)
 			SM_IMAGE=$OPTARG
 		;;
@@ -69,9 +63,6 @@ do
 		K)
 			NGINX_KEY=$OPTARG
 		;;
-		A)
-			ADD_ACM=true
-		;;
 		W)
 			ADD_SM=true
 		;;
@@ -110,10 +101,10 @@ echo "==> Building NGINX Management Suite docker image"
 if [ -z "${AUTOMATED_INSTALL}" ]
 then
         docker build --no-cache -f Dockerfile.manual --build-arg NIM_DEBFILE=$DEBFILE --build-arg BUILD_WITH_SECONDSIGHT=$COUNTER \
-                --build-arg ACM_IMAGE=$ACM_IMAGE --build-arg SM_IMAGE=$SM_IMAGE --build-arg PUM_IMAGE=$PUM_IMAGE -t $IMGNAME .
+                --build-arg SM_IMAGE=$SM_IMAGE --build-arg PUM_IMAGE=$PUM_IMAGE -t $IMGNAME .
 else
 	DOCKER_BUILDKIT=1 docker build --no-cache -f Dockerfile.automated --secret id=nginx-key,src=$NGINX_KEY --secret id=nginx-crt,src=$NGINX_CERT \
-                --build-arg ADD_ACM=$ADD_ACM --build-arg ADD_SM=$ADD_SM --build-arg ADD_PUM=$ADD_PUM \
+                --build-arg ADD_SM=$ADD_SM --build-arg ADD_PUM=$ADD_PUM \
 		--build-arg BUILD_WITH_SECONDSIGHT=$COUNTER \
                 -t $IMGNAME .
 fi