wazuh/wazuh-kubernetes
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-kubernetes.git synced 2025-12-11 03:35:28 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity

Readme updates

Browse Source
This commit is contained in:
Gonzalo Acuña 2022-03-18 09:00:33 -03:00
parent c30ac38ab7
commit 08deaa9e23
No known key found for this signature in database
GPG Key ID: 646BA79A313A2270
2 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -5,7 +5,7 @@
[![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com) [![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com)
[![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com) [![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com)
Deploy a Wazuh cluster with a basic Elastic stack on Kubernetes . Deploy a Wazuh cluster with a basic indexer and dashboard stack on Kubernetes .
## Branches ## Branches

39
local-environment.md
View File

@ -27,28 +27,29 @@ $ cd wazuh-kubernetes
### Setup SSL certificates ### Setup SSL certificates
You can generate self-signed certificates for the ODFE cluster using the script at `wazuh/certs/odfe_cluster/generate_certs.sh` or provide your own. You can generate self-signed certificates for the ODFE cluster using the script at `wazuh/certs/indexer_cluster/generate_certs.sh` or provide your own.
Since Kibana has HTTPS enabled it will require its own certificates, these may be generated with: `openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem`, there is an utility script at `wazuh/certs/kibana_http/generate_certs.sh` to help with this. Since Dashboard has HTTPS enabled it will require its own certificates, these may be generated with: `openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem`, there is an utility script at `wazuh/certs/dashboard_http/generate_certs.sh` to help with this.
The required certificates are imported via secretGenerator on the `kustomization.yml` file: The required certificates are imported via secretGenerator on the `kustomization.yml` file:
secretGenerator: secretGenerator:
- name: odfe-ssl-certs - name: indexer-ssl-certs
files: files:
- certs/odfe_cluster/root-ca.pem - certs/indexer_cluster/root-ca.pem
- certs/odfe_cluster/node.pem - certs/indexer_cluster/root-ca-key.pem
- certs/odfe_cluster/node-key.pem - certs/indexer_cluster/node.pem
- certs/odfe_cluster/kibana.pem - certs/indexer_cluster/node-key.pem
- certs/odfe_cluster/kibana-key.pem - certs/indexer_cluster/dashboard.pem
- certs/odfe_cluster/admin.pem - certs/indexer_cluster/dashboard-key.pem
- certs/odfe_cluster/admin-key.pem - certs/indexer_cluster/admin.pem
- certs/odfe_cluster/filebeat.pem - certs/indexer_cluster/admin-key.pem
- certs/odfe_cluster/filebeat-key.pem - certs/indexer_cluster/filebeat.pem
- name: kibana-certs - certs/indexer_cluster/filebeat-key.pem
- name: dashboard-certs
files: files:
- certs/kibana_http/cert.pem - certs/dashboard_http/cert.pem
- certs/kibana_http/key.pem - certs/dashboard_http/key.pem
### Tune storage class with custom provisioner ### Tune storage class with custom provisioner
@ -79,12 +80,12 @@ By using the kustomization file on the `local-env` variant we can now deploy the
$ kubectl apply -k envs/local-env/ $ kubectl apply -k envs/local-env/
``` ```
#### Accessing Kibana #### Accessing Dashboard
To access the Kibana interface you can use port-forward: To access the Dashboard interface you can use port-forward:
```bash ```bash
$ kubectl -n wazuh port-forward service/kibana 8443:443 $ kubectl -n wazuh port-forward service/dashboard 8443:443
``` ```
Kibana will be accesible on ``https://localhost:8443``. Dashboard will be accesible on ``https://localhost:8443``.