Skip to content
Snippets Groups Projects
Select Git revision
0 results
user avatar
removed load balancer
Nathan Rodet authored
8f628110
History
user avatar 8f628110
History
Name Last commit Last update
.idea
debug
envs
wazuh
CHANGELOG.md
LICENSE
README.md
VERSION
cleanup.md
instructions.md
local-environment.md
upgrade.md
README.md

Scaleway implementation for Wazuh Kubernetes

Quick start

Setup the kubernetes cluster

Aller sur https://console.scaleway.com/kapsule/clusters, créer un cluster avec 1 noeuds "Development" (DEV1-L). Ne pas installer de contrôleur "ingress".

Connect to the kubernetes cluster

Enregistrer le fichier "Kubeconfig" propre à votre cluster avec le chemin $HOME/.kube/config (config est le nom du fichier, pas un dossier), ainsi les commandes kubectl et helm permettront de manipuler votre cluster directement.

export KUBECONFIG=/home/nathan/Downloads/kubeconfig-k8s-wazuh.yaml

Install traefik loadbalancer and certificate manager

The configuration allowing to use Let's Encrypt :

helm install --namespace kube-system 
helm install traefik traefik/traefik

Expose the kubernetes cluster with Traefik

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.10.1/cert-manager.yaml

Create 2 domain records in Scaleway

  • Name : *.wazuh

  • Type : A

  • Dynamic : None

  • TTL : 3600

  • Data : 51.158.56.33 <--- Use the command : kubectl get svc -n kube-system

  • Name : *.wazuh

  • Type : A

  • Dynamic : None

  • TTL : 3600

  • Data : 51.158.56.33 <--- Use the command : kubectl get svc -n kube-system

Deploy your configuration

kubectl apply -k envs/kapsule/

Useful commands

  • kubectl get pods --namespace wazuh
  • kubectl replace -k envs/kapsule

Useful links

Script

export KUBECONFIG=/home/nathan/Downloads/kubeconfig-k8s-wazuh.yaml
helm install traefik traefik/traefik
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.10.1/cert-manager.yaml
./wazuh/certs/indexer_cluster/generate_certs.sh 
./wazuh/certs/dashboard_http/generate_certs.sh 
kubectl get svc -n kube-system
kubectl get svc -n wazuh

Wazuh Kubernetes - Default product documentation

Slack Email Documentation Documentation

Deploy a Wazuh cluster with a basic indexer and dashboard stack on Kubernetes.

Branches

  • master branch contains the latest code, be aware of possible bugs on this branch.
  • stable branch on correspond to the last Wazuh stable version.

Documentation

The instructions.md file describes how to deploy Wazuh on Kubernetes.

Directory structure

├── CHANGELOG.md
├── cleanup.md
├── envs
│   ├── eks
│   │   ├── dashboard-resources.yaml
│   │   ├── indexer-resources.yaml
│   │   ├── kustomization.yml
│   │   ├── storage-class.yaml
│   │   ├── wazuh-master-resources.yaml
│   │   └── wazuh-worker-resources.yaml
│   └── local-env
│       ├── indexer-resources.yaml
│       ├── kustomization.yml
│       ├── storage-class.yaml
│       └── wazuh-resources.yaml
├── instructions.md
├── LICENSE
├── local-environment.md
├── README.md
├── upgrade.md
├── VERSION
└── wazuh
    ├── base
    │   ├── storage-class.yaml
    │   └── wazuh-ns.yaml
    ├── certs
    │   ├── dashboard_http
    │   │   └── generate_certs.sh
    │   └── indexer_cluster
    │       └── generate_certs.sh
    ├── indexer_stack
    │   ├── wazuh-dashboard
    │   │   ├── dashboard_conf
    │   │   │   └── opensearch_dashboards.yml
    │   │   ├── dashboard-deploy.yaml
    │   │   └── dashboard-svc.yaml
    │   └── wazuh-indexer
    │       ├── cluster
    │       │   ├── indexer-api-svc.yaml
    │       │   └── indexer-sts.yaml
    │       ├── indexer_conf
    │       │   ├── internal_users.yml
    │       │   └── opensearch.yml
    │       └── indexer-svc.yaml
    ├── kustomization.yml
    ├── secrets
    │   ├── dashboard-cred-secret.yaml
    │   ├── indexer-cred-secret.yaml
    │   ├── wazuh-api-cred-secret.yaml
    │   ├── wazuh-authd-pass-secret.yaml
    │   └── wazuh-cluster-key-secret.yaml
    └── wazuh_managers
        ├── wazuh-cluster-svc.yaml
        ├── wazuh_conf
        │   ├── master.conf
        │   └── worker.conf
        ├── wazuh-master-sts.yaml
        ├── wazuh-master-svc.yaml
        ├── wazuh-workers-svc.yaml
        └── wazuh-worker-sts.yaml

Branches

  • master branch contains the latest code, be aware of possible bugs on this branch.
  • stable branch on correspond to the last Wazuh stable version.

Local development

To deploy a cluster on your local environment (like Minikube, Kind or Microk8s) read the instructions on local-environment.md.

Contribute

If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users mailing list or the Wazuh Slack community channel to ask questions and participate in discussions.

Credits and Thank you

Based on the previous work from JPLachance coveo/wazuh-kubernetes (2018/11/22).

License and copyright

WAZUH Copyright (C) 2016, Wazuh Inc. (License GPLv2)

References