diff --git a/wazuh-eks/certs/indexer_cluster/generate_certs.sh b/wazuh-eks/certs/indexer_cluster/generate_certs.sh index 8ddde49..cef0e2c 100755 --- a/wazuh-eks/certs/indexer_cluster/generate_certs.sh +++ b/wazuh-eks/certs/indexer_cluster/generate_certs.sh @@ -82,4 +82,4 @@ openssl req -days 3650 -new -key filebeat-key.pem -out filebeat.csr -subj "/C=US echo "create: filebeat.pem" -openssl x509 -req -days 3650 -in filebeat.csr -CA root-ca.pem -CAkey root-ca-key.pem -CAcreateserial -sha256 -out filebeat.pem \ No newline at end of file +openssl x509 -req -days 3650 -in filebeat.csr -CA root-ca.pem -CAkey root-ca-key.pem -CAcreateserial -sha256 -out filebeat.pem diff --git a/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml b/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml index f5093ef..7a3b4b3 100644 --- a/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml +++ b/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml @@ -17,10 +17,12 @@ spec: selector: matchLabels: app: wazuh-dashboard + lbtype: external template: metadata: labels: app: wazuh-dashboard + lbtype: external name: wazuh-dashboard spec: volumes: @@ -56,10 +58,10 @@ spec: readOnly: true ports: - containerPort: 5601 - name: dashboard + name: dashboard-port env: - name: INDEXER_URL - value: 'https://wazuh-indexer-0.wazuh-indexer:9200' + value: 'https://wazuh-internal-lb:9200' - name: INDEXER_USERNAME valueFrom: secretKeyRef: @@ -87,7 +89,7 @@ spec: - name: SERVER_SSL_KEY value: /usr/share/wazuh-dashboard/certs/key.pem - name: WAZUH_API_URL - value: https://wazuh-manager-master-0.wazuh-cluster + value: https://wazuh-external-lb - name: API_USERNAME valueFrom: secretKeyRef: diff --git a/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml b/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml index 1757a9f..1697e51 100644 --- a/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml +++ b/wazuh-eks/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml @@ -10,4 +10,4 @@ server.ssl.enabled: true server.ssl.key: "/usr/share/wazuh-dashboard/certs/key.pem" server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/cert.pem" opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"] -uiSettings.overrides.defaultRoute: /app/wz-home \ No newline at end of file +uiSettings.overrides.defaultRoute: /app/wz-home diff --git a/wazuh-eks/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml b/wazuh-eks/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml index 7ec0038..aa4f358 100644 --- a/wazuh-eks/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml +++ b/wazuh-eks/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml @@ -17,11 +17,13 @@ spec: selector: matchLabels: app: wazuh-indexer + lbtype: internal serviceName: wazuh-indexer template: metadata: labels: app: wazuh-indexer + lbtype: internal name: wazuh-indexer spec: # Set the wazuh-indexer volume permissions so the wazuh-indexer user can use it @@ -76,7 +78,7 @@ spec: fieldRef: fieldPath: metadata.name - name: DISCOVERY_SERVICE - value: wazuh-indexer + value: wazuh-internal-lb - name: KUBERNETES_NAMESPACE valueFrom: fieldRef: diff --git a/wazuh-eks/wazuh_managers/wazuh-master-sts.yaml b/wazuh-eks/wazuh_managers/wazuh-master-sts.yaml index f1b358c..52a51da 100644 --- a/wazuh-eks/wazuh_managers/wazuh-master-sts.yaml +++ b/wazuh-eks/wazuh_managers/wazuh-master-sts.yaml @@ -18,6 +18,7 @@ spec: matchLabels: app: wazuh-manager node-type: master + lbtype: external serviceName: wazuh-cluster podManagementPolicy: Parallel template: @@ -25,6 +26,7 @@ spec: labels: app: wazuh-manager node-type: master + lbtype: external name: wazuh-manager-master spec: volumes: @@ -107,12 +109,12 @@ spec: - containerPort: 1515 name: registration - containerPort: 1516 - name: cluster + name: cluster-port - containerPort: 55000 - name: api + name: api-port env: - name: INDEXER_URL - value: 'https://wazuh-indexer-0.wazuh-indexer:9200' + value: 'https://wazuh-internal-lb:9200' - name: INDEXER_USERNAME valueFrom: secretKeyRef: diff --git a/wazuh-eks/wazuh_managers/wazuh-worker-sts.yaml b/wazuh-eks/wazuh_managers/wazuh-worker-sts.yaml index f0785fa..55e2aa1 100644 --- a/wazuh-eks/wazuh_managers/wazuh-worker-sts.yaml +++ b/wazuh-eks/wazuh_managers/wazuh-worker-sts.yaml @@ -18,6 +18,7 @@ spec: matchLabels: app: wazuh-manager node-type: worker + lbtype: external serviceName: wazuh-cluster podManagementPolicy: Parallel template: @@ -25,6 +26,7 @@ spec: labels: app: wazuh-manager node-type: worker + lbtype: external name: wazuh-manager-worker spec: affinity: @@ -106,10 +108,10 @@ spec: - containerPort: 1514 name: agents-events - containerPort: 1516 - name: cluster + name: cluster-port env: - name: INDEXER_URL - value: 'https://wazuh-indexer-0.wazuh-indexer:9200' + value: 'https://wazuh-internal-lb:9200' - name: INDEXER_USERNAME valueFrom: secretKeyRef: diff --git a/wazuh-eks/wazuh_managers/wazuh_conf/master.conf b/wazuh-eks/wazuh_managers/wazuh_conf/master.conf index aba97f9..f2c4a58 100644 --- a/wazuh-eks/wazuh_managers/wazuh_conf/master.conf +++ b/wazuh-eks/wazuh_managers/wazuh_conf/master.conf @@ -112,7 +112,7 @@ yes - https://wazuh-indexer-0.wazuh-indexer:9200 + https://wazuh-internal-lb:9200 admin VDPass diff --git a/wazuh-eks/wazuh_managers/wazuh_conf/worker.conf b/wazuh-eks/wazuh_managers/wazuh_conf/worker.conf index c72df94..2d56dff 100644 --- a/wazuh-eks/wazuh_managers/wazuh_conf/worker.conf +++ b/wazuh-eks/wazuh_managers/wazuh_conf/worker.conf @@ -112,7 +112,7 @@ yes - https://wazuh-indexer-0.wazuh-indexer:9200 + https://wazuh-internal-lb:9200 admin VDPass diff --git a/wazuh/certs/indexer_cluster/root-ca.srl b/wazuh/certs/indexer_cluster/root-ca.srl new file mode 100644 index 0000000..0b52d82 --- /dev/null +++ b/wazuh/certs/indexer_cluster/root-ca.srl @@ -0,0 +1 @@ +1023702284AF366AD5338FA7FA775C3F488F315A