wazuh/wazuh-kubernetes
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-kubernetes.git synced 2025-12-10 00:38:21 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity

Changes related to docker images updates

Browse Source
This commit is contained in:
Gonzalo Acuña 2022-03-17 16:11:13 -03:00
parent 43d6bb6508
commit c30ac38ab7
No known key found for this signature in database
GPG Key ID: 646BA79A313A2270
7 changed files with 27 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
wazuh/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml
View File

@ -39,17 +39,21 @@ spec:
memory: 1Gi
volumeMounts:
- name: config
mountPath: /usr/share/wazuh-dashboard/opensearch_dashboards.yml
mountPath: /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
subPath: opensearch_dashboards.yml
readOnly: false
- name: dashboard-certs
mountPath: /usr/share/wazuh-dashboard/certs/cert.pem
mountPath: /usr/share/wazuh-dashboard/config/certs/cert.pem
readOnly: true
subPath: cert.pem
- name: dashboard-certs
mountPath: /usr/share/wazuh-dashboard/certs/key.pem
mountPath: /usr/share/wazuh-dashboard/config/certs/key.pem
readOnly: true
subPath: key.pem
- name: dashboard-certs
mountPath: /usr/share/wazuh-dashboard/config/certs/root-ca.pem
subPath: root-ca.pem
readOnly: true
ports:
- containerPort: 5601
name: dashboard
@ -69,9 +73,9 @@ spec:
- name: SERVER_SSL_ENABLED
value: "true"
- name: SERVER_SSL_CERTIFICATE
value: /usr/share/wazuh-dashboard/certs/cert.pem
value: /usr/share/wazuh-dashboard/config/certs/cert.pem
- name: SERVER_SSL_KEY
value: /usr/share/wazuh-dashboard/certs/key.pem
value: /usr/share/wazuh-dashboard/config/certs/key.pem
- name: WAZUH_API_URL
value: https://wazuh-manager-master-0.wazuh-cluster
- name: API_USERNAME

6
wazuh/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml
View File

@ -8,7 +8,7 @@ opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true
server.ssl.key: "/etc/wazuh-dashboard/certs/key.pem"
server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/cert.pem"
opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"]
server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/key.pem"
server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/cert.pem"
opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"]
uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global

12
wazuh/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml
View File

@ -90,27 +90,27 @@ spec:
- name: wazuh-indexer
mountPath: /usr/share/wazuh-indexer/data
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/node-key.pem
mountPath: /usr/share/wazuh-indexer/config/certs/node-key.pem
subPath: node-key.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/node.pem
mountPath: /usr/share/wazuh-indexer/config/certs/node.pem
subPath: node.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/root-ca.pem
mountPath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
subPath: root-ca.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/admin.pem
mountPath: /usr/share/wazuh-indexer/config/certs/admin.pem
subPath: admin.pem
readOnly: true
- name: indexer-certs
mountPath: /usr/share/wazuh-indexer/certs/admin-key.pem
mountPath: /usr/share/wazuh-indexer/config/certs/admin-key.pem
subPath: admin-key.pem
readOnly: true
- name: indexer-conf
mountPath: /usr/share/wazuh-indexer/opensearch.yml
mountPath: /usr/share/wazuh-indexer/config/opensearch.yml
subPath: opensearch.yml
readOnly: true
- name: indexer-conf

12
wazuh/indexer_stack/wazuh-indexer/indexer_conf/opensearch.yml
View File

@ -8,12 +8,12 @@ cluster.initial_master_nodes:
node.max_local_storage_nodes: "3"
path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/node.pem
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/node-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/node.pem
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/node-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/node.pem
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/node-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/node.pem
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/node-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false

1
wazuh/kustomization.yml
View File

@ -27,6 +27,7 @@ secretGenerator:
files:
- certs/dashboard_http/cert.pem
- certs/dashboard_http/key.pem
- certs/indexer_cluster/root-ca.pem
configMapGenerator:
- name: indexer-conf

2
wazuh/wazuh_managers/wazuh-master-sts.yaml
View File

@ -122,7 +122,7 @@ spec:
name: indexer-cred
key: password
- name: FILEBEAT_SSL_VERIFICATION_MODE
value: 'none'
value: 'full'
- name: SSL_CERTIFICATE_AUTHORITIES
value: /etc/ssl/root-ca.pem
- name: SSL_CERTIFICATE

2
wazuh/wazuh_managers/wazuh-worker-sts.yaml
View File

@ -119,7 +119,7 @@ spec:
name: indexer-cred
key: password
- name: FILEBEAT_SSL_VERIFICATION_MODE
value: 'none'
value: 'full'
- name: SSL_CERTIFICATE_AUTHORITIES
value: /etc/ssl/root-ca.pem
- name: SSL_CERTIFICATE