From 3a1fe1494244c72a95d66e857b4ca9dabeaf031c Mon Sep 17 00:00:00 2001
From: Richard Moseley <richard.moseley@pexip.com>
Date: Wed, 23 Sep 2020 10:21:59 +0200
Subject: [PATCH 1/2] Combine the wazuh-manager sts definitions

---
 wazuh_managers/wazuh-worker-1-conf.yaml       | 346 ------------------
 ...ker-0-conf.yaml => wazuh-worker-conf.yaml} |   6 +-
 ...orker-0-sts.yaml => wazuh-worker-sts.yaml} |  18 +-
 3 files changed, 8 insertions(+), 362 deletions(-)
 delete mode 100644 wazuh_managers/wazuh-worker-1-conf.yaml
 rename wazuh_managers/{wazuh-worker-0-conf.yaml => wazuh-worker-conf.yaml} (98%)
 rename wazuh_managers/{wazuh-worker-0-sts.yaml => wazuh-worker-sts.yaml} (81%)

diff --git a/wazuh_managers/wazuh-worker-1-conf.yaml b/wazuh_managers/wazuh-worker-1-conf.yaml
deleted file mode 100644
index 1d8f1d6..0000000
--- a/wazuh_managers/wazuh-worker-1-conf.yaml
+++ /dev/null
@@ -1,346 +0,0 @@
-# Copyright (C) 2018 Wazuh Inc.
-#
-# This program is a free software; you can redistribute it
-# and/or modify it under the terms of the GNU General Public
-# License (version 2) as published by the FSF - Free Software
-# Foundation.
-
-# Wazuh worker conf: 1
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: wazuh-manager-worker-1-conf
-  namespace: wazuh
-data:
-  # /var/ossec/etc-template/ossec.conf
-  ossec.conf: |-
-    <!--
-      Wazuh - Manager - Default configuration for ubuntu 16.04
-      More info at: https://documentation.wazuh.com
-      Mailing list: https://groups.google.com/forum/#!forum/wazuh
-
-      Customization: TCP on port 1514
-      Customization: Cluster mode enabled, worker node
-    -->
-    <ossec_config>
-      <global>
-        <jsonout_output>yes</jsonout_output>
-        <alerts_log>yes</alerts_log>
-        <logall>no</logall>
-        <logall_json>no</logall_json>
-        <email_notification>no</email_notification>
-        <smtp_server>smtp.example.wazuh.com</smtp_server>
-        <email_from>ossecm@example.wazuh.com</email_from>
-        <email_to>recipient@example.wazuh.com</email_to>
-        <email_maxperhour>12</email_maxperhour>
-        <queue_size>131072</queue_size>
-      </global>
-
-      <alerts>
-        <log_alert_level>3</log_alert_level>
-        <email_alert_level>12</email_alert_level>
-      </alerts>
-
-      <!-- Choose between "plain", "json", or "plain,json" for the format of internal logs -->
-      <logging>
-        <log_format>plain</log_format>
-      </logging>
-
-      <remote>
-        <connection>secure</connection>
-        <port>1514</port>
-        <protocol>tcp</protocol>
-        <queue_size>131072</queue_size>
-      </remote>
-
-      <!-- Policy monitoring -->
-      <rootcheck>
-        <disabled>no</disabled>
-        <check_unixaudit>yes</check_unixaudit>
-        <check_files>yes</check_files>
-        <check_trojans>yes</check_trojans>
-        <check_dev>yes</check_dev>
-        <check_sys>yes</check_sys>
-        <check_pids>yes</check_pids>
-        <check_ports>yes</check_ports>
-        <check_if>yes</check_if>
-
-        <!-- Frequency that rootcheck is executed - every 12 hours -->
-        <frequency>43200</frequency>
-
-        <rootkit_files>/var/ossec/etc/rootcheck/rootkit_files.txt</rootkit_files>
-        <rootkit_trojans>/var/ossec/etc/rootcheck/rootkit_trojans.txt</rootkit_trojans>
-
-        <system_audit>/var/ossec/etc/rootcheck/system_audit_rcl.txt</system_audit>
-        <system_audit>/var/ossec/etc/rootcheck/system_audit_ssh.txt</system_audit>
-
-        <skip_nfs>yes</skip_nfs>
-      </rootcheck>
-
-      <wodle name="open-scap">
-        <disabled>yes</disabled>
-        <timeout>1800</timeout>
-        <interval>1d</interval>
-        <scan-on-start>yes</scan-on-start>
-      </wodle>
-
-      <wodle name="cis-cat">
-        <disabled>yes</disabled>
-        <timeout>1800</timeout>
-        <interval>1d</interval>
-        <scan-on-start>yes</scan-on-start>
-
-        <java_path>wodles/java</java_path>
-        <ciscat_path>wodles/ciscat</ciscat_path>
-      </wodle>
-
-      <!-- Osquery integration -->
-      <wodle name="osquery">
-        <disabled>yes</disabled>
-        <run_daemon>yes</run_daemon>
-        <log_path>/var/log/osquery/osqueryd.results.log</log_path>
-        <config_path>/etc/osquery/osquery.conf</config_path>
-        <add_labels>yes</add_labels>
-      </wodle>
-
-      <!-- System inventory -->
-      <wodle name="syscollector">
-        <disabled>no</disabled>
-        <interval>1h</interval>
-        <scan_on_start>yes</scan_on_start>
-        <hardware>yes</hardware>
-        <os>yes</os>
-        <network>yes</network>
-        <packages>yes</packages>
-        <ports all="no">yes</ports>
-        <processes>yes</processes>
-      </wodle>
-
-      <wodle name="vulnerability-detector">
-        <disabled>yes</disabled>
-        <interval>1m</interval>
-        <run_on_start>yes</run_on_start>
-        <feed name="ubuntu-18">
-          <disabled>yes</disabled>
-          <update_interval>1h</update_interval>
-        </feed>
-        <feed name="redhat-7">
-          <disabled>yes</disabled>
-          <update_interval>1h</update_interval>
-        </feed>
-        <feed name="debian-9">
-          <disabled>yes</disabled>
-          <update_interval>1h</update_interval>
-        </feed>
-      </wodle>
-
-      <!-- File integrity monitoring -->
-      <syscheck>
-        <disabled>no</disabled>
-
-        <!-- Frequency that syscheck is executed default every 12 hours -->
-        <frequency>43200</frequency>
-
-        <scan_on_start>yes</scan_on_start>
-
-        <!-- Generate alert when new file detected -->
-        <alert_new_files>yes</alert_new_files>
-
-        <!-- Don't ignore files that change more than 'frequency' times -->
-        <auto_ignore frequency="10" timeframe="3600">no</auto_ignore>
-
-        <!-- Directories to check  (perform all possible verifications) -->
-        <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
-        <directories check_all="yes">/bin,/sbin,/boot</directories>
-
-        <!-- Files/directories to ignore -->
-        <ignore>/etc/mtab</ignore>
-        <ignore>/etc/hosts.deny</ignore>
-        <ignore>/etc/mail/statistics</ignore>
-        <ignore>/etc/random-seed</ignore>
-        <ignore>/etc/random.seed</ignore>
-        <ignore>/etc/adjtime</ignore>
-        <ignore>/etc/httpd/logs</ignore>
-        <ignore>/etc/utmpx</ignore>
-        <ignore>/etc/wtmpx</ignore>
-        <ignore>/etc/cups/certs</ignore>
-        <ignore>/etc/dumpdates</ignore>
-        <ignore>/etc/svc/volatile</ignore>
-        <ignore>/sys/kernel/security</ignore>
-        <ignore>/sys/kernel/debug</ignore>
-
-        <!-- Check the file, but never compute the diff -->
-        <nodiff>/etc/ssl/private.key</nodiff>
-
-        <skip_nfs>yes</skip_nfs>
-
-        <!-- Remove not monitored files -->
-        <remove_old_diff>yes</remove_old_diff>
-
-        <!-- Allow the system to restart Auditd after installing the plugin -->
-        <restart_audit>yes</restart_audit>
-      </syscheck>
-
-      <!-- Active response -->
-      <global>
-        <white_list>127.0.0.1</white_list>
-        <white_list>^localhost.localdomain$</white_list>
-        <white_list>10.66.0.2</white_list>
-      </global>
-
-      <command>
-        <name>disable-account</name>
-        <executable>disable-account.sh</executable>
-        <expect>user</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>restart-ossec</name>
-        <executable>restart-ossec.sh</executable>
-        <expect></expect>
-      </command>
-
-      <command>
-        <name>firewall-drop</name>
-        <executable>firewall-drop.sh</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>host-deny</name>
-        <executable>host-deny.sh</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>route-null</name>
-        <executable>route-null.sh</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>win_route-null</name>
-        <executable>route-null.cmd</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>win_route-null-2012</name>
-        <executable>route-null-2012.cmd</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>netsh</name>
-        <executable>netsh.cmd</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <command>
-        <name>netsh-win-2016</name>
-        <executable>netsh-win-2016.cmd</executable>
-        <expect>srcip</expect>
-        <timeout_allowed>yes</timeout_allowed>
-      </command>
-
-      <!--
-      <active-response>
-        active-response options here
-      </active-response>
-      -->
-
-      <!-- Log analysis -->
-      <localfile>
-        <log_format>command</log_format>
-        <command>df -P</command>
-        <frequency>360</frequency>
-      </localfile>
-
-      <localfile>
-        <log_format>full_command</log_format>
-        <command>netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d</command>
-        <alias>netstat listening ports</alias>
-        <frequency>360</frequency>
-      </localfile>
-
-      <localfile>
-        <log_format>full_command</log_format>
-        <command>last -n 20</command>
-        <frequency>360</frequency>
-      </localfile>
-
-      <ruleset>
-        <!-- Default ruleset -->
-        <decoder_dir>ruleset/decoders</decoder_dir>
-        <rule_dir>ruleset/rules</rule_dir>
-        <rule_exclude>0215-policy_rules.xml</rule_exclude>
-        <list>etc/lists/audit-keys</list>
-        <list>etc/lists/amazon/aws-sources</list>
-        <list>etc/lists/amazon/aws-eventnames</list>
-
-        <!-- User-defined ruleset -->
-        <decoder_dir>etc/decoders</decoder_dir>
-        <rule_dir>etc/rules</rule_dir>
-      </ruleset>
-
-      <!-- Configuration for ossec-authd
-        To enable this service, run:
-        ossec-control enable auth
-      -->
-      <auth>
-        <disabled>no</disabled>
-        <port>1515</port>
-        <use_source_ip>no</use_source_ip>
-        <force_insert>no</force_insert>
-        <force_time>0</force_time>
-        <purge>no</purge>
-        <use_password>no</use_password>
-        <limit_maxagents>yes</limit_maxagents>
-        <ciphers>HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH</ciphers>
-        <!-- <ssl_agent_ca></ssl_agent_ca> -->
-        <ssl_verify_host>no</ssl_verify_host>
-        <ssl_manager_cert>/var/ossec/etc/sslmanager.cert</ssl_manager_cert>
-        <ssl_manager_key>/var/ossec/etc/sslmanager.key</ssl_manager_key>
-        <ssl_auto_negotiate>no</ssl_auto_negotiate>
-      </auth>
-
-      <cluster>
-        <name>wazuh</name>
-        <node_name>wazuh-manager-worker-1</node_name>
-        <node_type>worker</node_type>
-        <!-- TODO: Don't hardcode the key! (and change it) -->
-        <key>123a45bc67def891gh23i45jk67l8mn9</key>
-        <port>1516</port>
-        <bind_addr>0.0.0.0</bind_addr>
-        <nodes>
-            <node>wazuh-manager-master-0.wazuh-cluster.wazuh.svc.cluster.local</node>
-        </nodes>
-        <hidden>no</hidden>
-        <disabled>no</disabled>
-      </cluster>
-    </ossec_config>
-
-    <ossec_config>
-      <localfile>
-        <log_format>syslog</log_format>
-        <location>/var/ossec/logs/active-responses.log</location>
-      </localfile>
-
-      <localfile>
-        <log_format>syslog</log_format>
-        <location>/var/log/syslog</location>
-      </localfile>
-
-      <localfile>
-        <log_format>syslog</log_format>
-        <location>/var/log/dpkg.log</location>
-      </localfile>
-    </ossec_config>
diff --git a/wazuh_managers/wazuh-worker-0-conf.yaml b/wazuh_managers/wazuh-worker-conf.yaml
similarity index 98%
rename from wazuh_managers/wazuh-worker-0-conf.yaml
rename to wazuh_managers/wazuh-worker-conf.yaml
index ced38e8..cdd3eb9 100644
--- a/wazuh_managers/wazuh-worker-0-conf.yaml
+++ b/wazuh_managers/wazuh-worker-conf.yaml
@@ -5,12 +5,12 @@
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 
-# Wazuh worker conf: 0
+# Wazuh worker conf
 
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: wazuh-manager-worker-0-conf
+  name: wazuh-manager-worker-conf
   namespace: wazuh
 data:
   # /var/ossec/etc-template/ossec.conf
@@ -314,7 +314,7 @@ data:
 
       <cluster>
         <name>wazuh</name>
-        <node_name>wazuh-manager-worker-0</node_name>
+        <node_name>to_be_replaced_by_hostname</node_name>
         <node_type>worker</node_type>
         <!-- TODO: Don't hardcode the key! (and change it) -->
         <key>123a45bc67def891gh23i45jk67l8mn9</key>
diff --git a/wazuh_managers/wazuh-worker-0-sts.yaml b/wazuh_managers/wazuh-worker-sts.yaml
similarity index 81%
rename from wazuh_managers/wazuh-worker-0-sts.yaml
rename to wazuh_managers/wazuh-worker-sts.yaml
index f4f7a77..df848bd 100644
--- a/wazuh_managers/wazuh-worker-0-sts.yaml
+++ b/wazuh_managers/wazuh-worker-sts.yaml
@@ -10,15 +10,14 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: wazuh-manager-worker-0
+  name: wazuh-manager-worker
   namespace: wazuh
 spec:
-  replicas: 1
+  replicas: 2
   selector:
     matchLabels:
       app: wazuh-manager
       node-type: worker
-      sts-id: '0'
   serviceName: wazuh-cluster
   podManagementPolicy: Parallel
   template:
@@ -26,28 +25,21 @@ spec:
       labels:
         app: wazuh-manager
         node-type: worker
-        sts-id: '0'
-      name: wazuh-manager-worker-0
+      name: wazuh-manager-worker
     spec:
       affinity:
         podAntiAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
             - weight: 100
               podAffinityTerm:
-                labelSelector:
-                  matchExpressions:
-                    - key: sts-id
-                      operator: In
-                      values:
-                        - '1'
                 topologyKey: kubernetes.io/hostname
       volumes:
         - name: config
           configMap:
-            name: wazuh-manager-worker-0-conf
+            name: wazuh-manager-worker-conf
       containers:
         - name: wazuh-manager
-          image: 'wazuh/wazuh:3.13.2_7.9.1'
+          image: "wazuh/wazuh:3.13.2_7.9.1"
           resources:
             requests:
               cpu: 2

From bfe0ae28026a9308d5e31a4bfd8043c307a5c501 Mon Sep 17 00:00:00 2001
From: Richard Moseley <richard.moseley@pexip.com>
Date: Wed, 23 Sep 2020 10:22:18 +0200
Subject: [PATCH 2/2] Update docs for single worker sts

---
 cleanup.md      | 42 ++++++++++++++++--------------------------
 instructions.md | 13 +++++--------
 upgrade.md      |  3 +--
 3 files changed, 22 insertions(+), 36 deletions(-)

diff --git a/cleanup.md b/cleanup.md
index c2450d1..28f3923 100644
--- a/cleanup.md
+++ b/cleanup.md
@@ -16,8 +16,8 @@ NAME                              READY     STATUS    RESTARTS   AGE
 wazuh-elasticsearch-0             1/1       Running   0          6d
 wazuh-kibana-78cb4bbb7-xf4s8      1/1       Running   0          6d
 wazuh-manager-master-0            1/1       Running   0          6d
-wazuh-manager-worker-0-0          1/1       Running   0          6d
-wazuh-manager-worker-1-0          1/1       Running   0          6d
+wazuh-manager-worker-0            1/1       Running   0          6d
+wazuh-manager-worker-1            1/1       Running   0          6d
 wazuh-nginx-57c8c65486-7crh2      1/1       Running   0          6d
 ```
 
@@ -28,11 +28,11 @@ ubuntu@k8s-control-server:~$ kubectl delete pod wazuh-manager-master-0 --namespa
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete pod wazuh-manager-worker-0-0 --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete pod wazuh-manager-worker-0 --namespace wazuh
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete pod wazuh-manager-worker-1-0 --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete pod wazuh-manager-worker-1 --namespace wazuh
 ```
 
 
@@ -73,8 +73,7 @@ ubuntu@k8s-control-server:~$ kubectl get StatefulSet --namespace wazuh
 NAME                     DESIRED   CURRENT   AGE
 wazuh-elasticsearch      1         1         6d
 wazuh-manager-master     1         1         6d
-wazuh-manager-worker-0   1         1         6d
-wazuh-manager-worker-1   1         1         6d
+wazuh-manager-worker     1         1         6d
 ```
 
 Remove the three StatefulSets from the Wazuh cluster managers.
@@ -84,11 +83,7 @@ ubuntu@k8s-control-server:~$ kubectl delete StatefulSet wazuh-manager-master --n
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete StatefulSet wazuh-manager-worker-0 --namespace wazuh
-```
-
-```
-ubuntu@k8s-control-server:~$ kubectl delete StatefulSet wazuh-manager-worker-1 --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete StatefulSet wazuh-manager-worker --namespace wazuh
 ```
 
 ### 4. Take care of deleting the configuration maps. 
@@ -97,8 +92,7 @@ ubuntu@k8s-control-server:~$ kubectl delete StatefulSet wazuh-manager-worker-1 -
 ubuntu@k8s-control-server:~$ kubectl get ConfigMap --namespace wazuh
 NAME                          DATA      AGE
 wazuh-manager-master-conf     1         6d
-wazuh-manager-worker-0-conf   1         6d
-wazuh-manager-worker-1-conf   1         6d
+wazuh-manager-worker-conf     1         6d
 ```
 
 ```
@@ -106,11 +100,7 @@ ubuntu@k8s-control-server:~$ kubectl delete ConfigMap wazuh-manager-master-conf
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete ConfigMap wazuh-manager-worker-0-conf --namespace wazuh
-```
-
-```
-ubuntu@k8s-control-server:~$ kubectl delete ConfigMap wazuh-manager-worker-1-conf --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete ConfigMap wazuh-manager-worker-conf --namespace wazuh
 ```
 
 ### 5. Now eliminate the persistent volume claims. 
@@ -120,8 +110,8 @@ ubuntu@k8s-control-server:~$ kubectl get persistentvolumeclaim --namespace wazuh
 NAME                                            STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS             AGE
 wazuh-elasticsearch-wazuh-elasticsearch-0       Bound     pvc-b3226ad3-f7c4-11e8-b9b8-022ada63b4ac   30Gi       RWO            gp2-encrypted-retained   6d
 wazuh-manager-master-wazuh-manager-master-0     Bound     pvc-fb821971-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            gp2-encrypted-retained   6d
-wazuh-manager-worker-wazuh-manager-worker-0-0   Bound     pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            gp2-encrypted-retained   6d
-wazuh-manager-worker-wazuh-manager-worker-1-0   Bound     pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            gp2-encrypted-retained   6d
+wazuh-manager-worker-wazuh-manager-worker-0     Bound     pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            gp2-encrypted-retained   6d
+wazuh-manager-worker-wazuh-manager-worker-1     Bound     pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            gp2-encrypted-retained   6d
 ```
 
 ```
@@ -129,11 +119,11 @@ ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-master-wazuh-manager-worker-0-0 --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-master-wazuh-manager-worker-0 --namespace wazuh
 ```
 
 ```
-ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-master-wazuh-manager-worker-1-0 --namespace wazuh
+ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-master-wazuh-manager-worker-1 --namespace wazuh
 ```
 
 ### 6. Finally eliminate the persistent volumes. 
@@ -141,10 +131,10 @@ ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-manager-
 ```
 ubuntu@k8s-control-server:~$ kubectl get persistentvolume
 NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS        CLAIM                                                         STORAGECLASS             REASON    AGE
-pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Bound         wazuh/wazuh-manager-worker-wazuh-manager-worker-1-0           gp2-encrypted-retained             6d
+pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Bound         wazuh/wazuh-manager-worker-wazuh-manager-worker-1             gp2-encrypted-retained             6d
 pvc-b3226ad3-f7c4-11e8-b9b8-022ada63b4ac   30Gi       RWO            Retain           Bound         wazuh/wazuh-elasticsearch-wazuh-elasticsearch-0               gp2-encrypted-retained             6d
 pvc-fb821971-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Bound         wazuh/wazuh-manager-master-wazuh-manager-master-0             gp2-encrypted-retained             6d
-pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Bound         wazuh/wazuh-manager-worker-wazuh-manager-worker-0-0           gp2-encrypted-retained             6d
+pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Bound         wazuh/wazuh-manager-worker-wazuh-manager-worker-0             gp2-encrypted-retained             6d
 ```
 
 Master.
@@ -233,10 +223,10 @@ ubuntu@k8s-control-server:~$ kubectl delete persistentvolumeclaim wazuh-elastics
 ```
 ubuntu@k8s-control-server:~$ kubectl get persistentvolume
 NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS        CLAIM                                                         STORAGECLASS             REASON    AGE
-pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-1-0           gp2-encrypted-retained             6d
+pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-1             gp2-encrypted-retained             6d
 pvc-b3226ad3-f7c4-11e8-b9b8-022ada63b4ac   30Gi       RWO            Retain           Bound         wazuh/wazuh-elasticsearch-wazuh-elasticsearch-0               gp2-encrypted-retained             6d
 pvc-fb821971-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-master-wazuh-manager-master-0             gp2-encrypted-retained             6d
-pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-0-0           gp2-encrypted-retained             6d
+pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-0             gp2-encrypted-retained             6d
 ```
 
 Master.
diff --git a/instructions.md b/instructions.md
index 3dd5ed4..902b152 100644
--- a/instructions.md
+++ b/instructions.md
@@ -166,12 +166,10 @@ $ kubectl apply -f wazuh_managers/wazuh-cluster-svc.yaml
 $ kubectl apply -f wazuh_managers/wazuh-workers-svc.yaml
 
 $ kubectl apply -f wazuh_managers/wazuh-master-conf.yaml
-$ kubectl apply -f wazuh_managers/wazuh-worker-0-conf.yaml
-$ kubectl apply -f wazuh_managers/wazuh-worker-1-conf.yaml
+$ kubectl apply -f wazuh_managers/wazuh-worker-conf.yaml
 
 $ kubectl apply -f wazuh_managers/wazuh-master-sts.yaml
-$ kubectl apply -f wazuh_managers/wazuh-worker-0-sts.yaml
-$ kubectl apply -f wazuh_managers/wazuh-worker-1-sts.yaml
+$ kubectl apply -f wazuh_managers/wazuh-worker-sts.yaml
 ```
 
 ### Verifying the deployment
@@ -213,8 +211,7 @@ $ kubectl get statefulsets -n wazuh
 NAME                     DESIRED   CURRENT   AGE
 wazuh-elasticsearch      1         1         13m
 wazuh-manager-master     1         1         9m
-wazuh-manager-worker-0   1         1         9m
-wazuh-manager-worker-1   1         1         9m
+wazuh-manager-worker     1         1         9m
 
 ```
 
@@ -226,8 +223,8 @@ NAME                              READY     STATUS    RESTARTS   AGE
 wazuh-elasticsearch-0             1/1       Running   0          15m
 wazuh-kibana-f4d9c7944-httsd      1/1       Running   0          14m
 wazuh-manager-master-0            1/1       Running   0          12m
-wazuh-manager-worker-0-0          1/1       Running   0          11m
-wazuh-manager-worker-1-0          1/1       Running   0          11m
+wazuh-manager-worker-0            1/1       Running   0          11m
+wazuh-manager-worker-1            1/1       Running   0          11m
 wazuh-nginx-748fb8494f-xwwhw      1/1       Running   0          14m
 ```
 
diff --git a/upgrade.md b/upgrade.md
index 121fe9a..0a611d9 100644
--- a/upgrade.md
+++ b/upgrade.md
@@ -171,8 +171,7 @@ The first step is to change the image of the pod in each file that deploys each
 
 These files are the statefulSet files:
 - wazuh-master-sts.yaml
-- wazuh-worker-0-sts.yaml
-- wazuh-worker-1-sts.yaml
+- wazuh-worker-sts.yaml
 
 For example we had this version before: