wazuh/wazuh-kubernetes
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-kubernetes.git synced 2025-12-10 00:38:21 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity

Resolving conflicts

Browse Source
This commit is contained in:
vcerenu 2025-09-05 08:23:49 -03:00
commit 766a373b98
No known key found for this signature in database
GPG Key ID: 4D7B159107F1244A
7 changed files with 43 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CHANGELOG.md
View File

@ -2,6 +2,24 @@
All notable changes to this project will be documented in this file.
## [4.14.0]
### Added
- None
### Changed
- None
### Fixed
- Add new config path and new permission for conf and certs files ([#1152](https://github.com/wazuh/wazuh-kubernetes/pull/1152))
### Deleted
- None
## [4.13.0]
### Added

4
VERSION.json
View File

@ -1,4 +1,4 @@
{
"version": "4.13.0",
"stage": "rc4"
"version": "4.14.0",
"stage": "alpha0"
}

2
wazuh/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml
View File

@ -32,7 +32,7 @@ spec:
secretName: dashboard-certs
containers:
- name: wazuh-dashboard
image: 'wazuh/wazuh-dashboard:4.13.0'
image: 'wazuh/wazuh-dashboard:4.14.0'
resources:
limits:
cpu: 500m

22
wazuh/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml
View File

@ -24,14 +24,18 @@ spec:
app: wazuh-indexer
name: wazuh-indexer
spec:
securityContext:
fsGroup: 1000
# Set the wazuh-indexer volume permissions so the wazuh-indexer user can use it
volumes:
- name: indexer-certs
secret:
secretName: indexer-certs
defaultMode: 0600
- name: indexer-conf
configMap:
name: indexer-conf
defaultMode: 0600
initContainers:
- name: volume-mount-hack
image: busybox
@ -59,7 +63,7 @@ spec:
privileged: true
containers:
- name: wazuh-indexer
image: 'wazuh/wazuh-indexer:4.13.0'
image: 'wazuh/wazuh-indexer:4.14.0'
resources:
limits:
cpu: 500m
@ -84,37 +88,39 @@ spec:
- name: DISABLE_INSTALL_DEMO_CONFIG
value: 'true'
securityContext:
runAsUser: 1000
runAsGroup: 1000
capabilities:
add: ["SYS_CHROOT"]
volumeMounts:
- name: wazuh-indexer
mountPath: /var/lib/wazuh-indexer
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/node-key.pem
mountPath: /usr/share/wazuh-indexer/config/certs/node-key.pem
subPath: node-key.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/node.pem
mountPath: /usr/share/wazuh-indexer/config/certs/node.pem
subPath: node.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/root-ca.pem
mountPath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
subPath: root-ca.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/admin.pem
mountPath: /usr/share/wazuh-indexer/config/certs/admin.pem
subPath: admin.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/admin-key.pem
mountPath: /usr/share/wazuh-indexer/config/certs/admin-key.pem
subPath: admin-key.pem
readOnly: true
- name: indexer-conf
mountPath: /usr/share/wazuh-indexer/opensearch.yml
mountPath: /usr/share/wazuh-indexer/config/opensearch.yml
subPath: opensearch.yml
readOnly: true
- name: indexer-conf
mountPath: /usr/share/wazuh-indexer/opensearch-security/internal_users.yml
mountPath: /usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml
subPath: internal_users.yml
readOnly: true
ports:

12
wazuh/indexer_stack/wazuh-indexer/indexer_conf/opensearch.yml
View File

@ -8,12 +8,12 @@ cluster.initial_master_nodes:
node.max_local_storage_nodes: "3"
path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/node.pem
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/node-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/node.pem
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/node-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/node.pem
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/node-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/node.pem
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/node-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false

2
wazuh/wazuh_managers/wazuh-master-sts.yaml
View File

@ -41,7 +41,7 @@ spec:
fsGroup: 101
containers:
- name: wazuh-manager
image: 'wazuh/wazuh-manager:4.13.0'
image: 'wazuh/wazuh-manager:4.14.0'
resources:
limits:
cpu: 400m

2
wazuh/wazuh_managers/wazuh-worker-sts.yaml
View File

@ -48,7 +48,7 @@ spec:
fsGroup: 101
containers:
- name: wazuh-manager
image: 'wazuh/wazuh-manager:4.13.0'
image: 'wazuh/wazuh-manager:4.14.0'
resources:
limits:
cpu: 400m