Deploying WebGoat on Microsoft Azure Cloud

Here are the instructions on how to deploy and run WebGoat on a Kubernetes container service in the Azure Cloud.

You are expected to have an account at Microsoft Azure Cloud and have configured a Kubernetes service cluster as well as an Azure Container Service. And also have the proper Azure and Kubernetes Command Line Tools installed.

Step 1 – Login to your Azure Cloud

az login

Step 2 – Login to Azure Container Registry

az acr login --name registry-name

Step 3 – Pull the WebGoat docker image

docker pull webgoat/goatandwolf

Step 4 – Tag the WebGoat docker image and push it to the Cloud Container Registry

docker image tag webgoat/goatandwolf 
docker push

Step 5 – Set the correct Kubernetes environment

az aks get-credentials --resource-group WebGoatResourceGroup-NoordEuropa --name webgoat-cluster

Step 6 – Deploy the container on the Kubernetes cluster

Make sure you have granted AKS access to ACR:

az aks update -n webgoat-cluster -g WebGoatResourceGroup-NoordEuropa --attach-acr registry-name
kubectl run mygoat --env TZ=Europe/Amsterdam

Step 7 – Expose the external IP to the service

kubectl expose deployment/mygoat --type="LoadBalancer" --port=8080,9090 
kubectl expose deployment/mygoat --name=nginx --type="LoadBalancer" --target-port=8888 --port=80
kubectl get service mygoat --watch
#look to see which external ip is assigned

Step 8 – Run WebGoat and WebWolf

WebGoat is available at: http://someip:8080/WebGoat

WebWolf is available at: http://someip:9090/WebWolf