Merge pull request #151 from wazuh/release-4.1.0

Release 4.1.0
wazuh · Feb 18, 2021 · 9421303 · 9421303
2 parents b7c9b00 + 7760517
commit 9421303
Show file tree

Hide file tree

Showing 41 changed files with 409 additions and 81 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,17 @@
 
 All notable changes to this project will be documented in this file.
 
+## [4.1.0]
+
+### Added
+
+- Update to Wazuh version [4.1.0](https://github.com/wazuh/wazuh/blob/v4.1.0/CHANGELOG.md#v410)
+- Use overlays to create multiple envs ([@xr09](https://github.com/xr09)) [PR#142](https://github.com/wazuh/wazuh-kubernetes/pull/142)
+
+## Fixed
+
+- Set DISABLE_INSTALL_DEMO_CONFIG ([@xr09](https://github.com/xr09)) [PR#146](https://github.com/wazuh/wazuh-kubernetes/pull/146)
+
 ## [4.0.4]
 
 ### Added

diff --git a/README.md b/README.md
@@ -9,60 +9,77 @@ Deploy a Wazuh cluster with a basic Elastic stack on Kubernetes .
 
 ## Documentation
 
-The *instructions.md* file describes how to deploy Wazuh on Kubernetes.
+The [instructions.md](instructions.md) file describes how to deploy Wazuh on Kubernetes.
 
 ## Directory structure
 
-    ├── base
-    │   ├── aws-gp2-storage-class.yaml
-    │   └── wazuh-ns.yaml
-    ├── certs
-    │   ├── kibana_http
-    │   └── odfe_cluster
     ├── CHANGELOG.md
     ├── cleanup.md
-    ├── elastic_stack
-    │   ├── elasticsearch
-    │   │   ├── cluster
-    │   │   │   ├── elasticsearch-api-svc.yaml
-    │   │   │   └── elasticsearch-sts.yaml
-    │   │   ├── elastic_conf
-    │   │   │   ├── elasticsearch.yml
-    │   │   │   └── internal_users.yml
-    │   │   └── elasticsearch-svc.yaml
-    │   └── kibana
-    │       ├── kibana-deploy.yaml
-    │       └── kibana-svc.yaml
     ├── instructions.md
-    ├── kustomization.yml
     ├── LICENSE
     ├── README.md
-    ├── secrets
-    │   ├── elastic-cred-secret.yaml
-    │   ├── wazuh-api-cred-secret.yaml
-    │   ├── wazuh-authd-pass-secret.yaml
-    │   └── wazuh-cluster-key-secret.yaml
     ├── upgrade.md
     ├── VERSION
-    └── wazuh_managers
-        ├── wazuh-cluster-svc.yaml
-        ├── wazuh_conf
-        │   ├── master.conf
-        │   └── worker.conf
-        ├── wazuh-master-sts.yaml
-        ├── wazuh-master-svc.yaml
-        ├── wazuh-workers-svc.yaml
-        └── wazuh-worker-sts.yaml
+    ├── envs
+    │   ├── eks
+    │   │   ├── elastic-resources.yaml
+    │   │   ├── kibana-resources.yaml
+    │   │   ├── kustomization.yml
+    │   │   ├── storage-class.yaml
+    │   │   ├── wazuh-master-resources.yaml
+    │   │   └── wazuh-worker-resources.yaml
+    │   └── local-env
+    │       ├── elastic-resources.yaml
+    │       ├── kustomization.yml
+    │       ├── storage-class.yaml
+    │       └── wazuh-resources.yaml
+    └── wazuh
+        ├── base
+        │   ├── storage-class.yaml
+        │   └── wazuh-ns.yaml
+        ├── certs
+        │   ├── kibana_http
+        │   │   ├── generate_certs.sh
+        │   └── odfe_cluster
+        │       ├── generate_certs.sh
+        ├── elastic_stack
+        │   ├── elasticsearch
+        │   │   ├── cluster
+        │   │   │   ├── elasticsearch-api-svc.yaml
+        │   │   │   └── elasticsearch-sts.yaml
+        │   │   ├── elastic_conf
+        │   │   │   ├── elasticsearch.yml
+        │   │   │   └── internal_users.yml
+        │   │   └── elasticsearch-svc.yaml
+        │   └── kibana
+        │       ├── kibana-deploy.yaml
+        │       └── kibana-svc.yaml
+        ├── kustomization.yml
+        ├── secrets
+        │   ├── elastic-cred-secret.yaml
+        │   ├── wazuh-api-cred-secret.yaml
+        │   ├── wazuh-authd-pass-secret.yaml
+        │   └── wazuh-cluster-key-secret.yaml
+        └── wazuh_managers
+            ├── wazuh-cluster-svc.yaml
+            ├── wazuh_conf
+            │   ├── master.conf
+            │   └── worker.conf
+            ├── wazuh-master-sts.yaml
+            ├── wazuh-master-svc.yaml
+            ├── wazuh-workers-svc.yaml
+            └── wazuh-worker-sts.yaml
+
 
 
 ## Branches
 
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
-* `local-environment` branch contains modifications for deploying on local environments.
+
 
 ## Local development
 
-To deploy a cluster on your local environment (like Minikube or Kind) use the branch [local-environment](https://github.com/wazuh/wazuh-kubernetes/tree/local-environment/minikube)
+To deploy a cluster on your local environment (like Minikube, Kind or Microk8s) read the instructions on [local-environment.md](local-environment.md).
 
 ## Contribute
 

diff --git a/VERSION b/VERSION
@@ -1,2 +1,2 @@
-VERSION="4.0.4_1.11.0"
-REVISION="40400"
+VERSION="4.1.0"
+REVISION="41000"
diff --git a/certs/kibana_http/.empty b/certs/kibana_http/.empty
diff --git a/certs/odfe_cluster/.empty b/certs/odfe_cluster/.empty
diff --git a/cleanup.md b/cleanup.md
@@ -4,7 +4,7 @@ Steps to perform a clean up of our deployments, services and volumes used in our
 
 ## Delete the cluster
 
-To delete your Wazuh cluster just use `kubectl delete -k .` from this repository directory.
+To delete your Wazuh cluster just use `kubectl delete -k envs/<ENVIRONMENT>` from this repository directory. (being <ENVIRONMENT> one of `EKS` or `local-env`)
 
 ## Delete the persistent volumes manually.
 
@@ -14,10 +14,10 @@ Since we use `reclaimPolicy: Retain` in the storage class definition you must de
 ```
 ubuntu@k8s-control-server:~$ kubectl get persistentvolume
 NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS        CLAIM                                                         STORAGECLASS             REASON    AGE
-pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-1             gp2-encrypted-retained             6d
-pvc-b3226ad3-f7c4-11e8-b9b8-022ada63b4ac   30Gi       RWO            Retain           Bound         wazuh/wazuh-elasticsearch-wazuh-elasticsearch-0               gp2-encrypted-retained             6d
-pvc-fb821971-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-master-wazuh-manager-master-0             gp2-encrypted-retained             6d
-pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-0             gp2-encrypted-retained             6d
+pvc-024466da-f7c5-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-1             wazuh-storage                      6d
+pvc-b3226ad3-f7c4-11e8-b9b8-022ada63b4ac   30Gi       RWO            Retain           Bound         wazuh/wazuh-elasticsearch-wazuh-elasticsearch-0               wazuh-storage                      6d
+pvc-fb821971-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-master-wazuh-manager-master-0             wazuh-storage                      6d
+pvc-ffe7bf66-f7c4-11e8-b9b8-022ada63b4ac   10Gi       RWO            Retain           Released      wazuh/wazuh-manager-worker-wazuh-manager-worker-0             wazuh-storage                      6d
 ```
 
 ```

diff --git a/envs/eks/elastic-resources.yaml b/envs/eks/elastic-resources.yaml
@@ -0,0 +1,35 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: wazuh-elasticsearch
+  namespace: wazuh
+spec:
+  template:
+    spec:
+      containers:
+        - name: wazuh-elasticsearch
+          resources:
+            requests:
+              cpu: 500m
+              memory: 1Gi
+            limits:
+              cpu: 1
+              memory: 2Gi
+  volumeClaimTemplates:
+    - metadata:
+        name: wazuh-elasticsearch
+        namespace: es-cluster
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        storageClassName: wazuh-storage
+        resources:
+          requests:
+            storage: 10Gi
diff --git a/envs/eks/kibana-resources.yaml b/envs/eks/kibana-resources.yaml
@@ -0,0 +1,24 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: wazuh-kibana
+  namespace: wazuh
+spec:
+  template:
+    spec:
+      containers:
+        - name: wazuh-kibana
+          resources:
+            requests:
+              cpu: 200m
+              memory: 512Mi
+            limits:
+              cpu: 400m
+              memory: 2Gi
diff --git a/envs/eks/kustomization.yml b/envs/eks/kustomization.yml
@@ -0,0 +1,15 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+bases:
+  - ../../wazuh
+patches:
+  - storage-class.yaml
+  - elastic-resources.yaml
+  - kibana-resources.yaml
+  - wazuh-master-resources.yaml
+  - wazuh-worker-resources.yaml
diff --git a/base/aws-gp2-storage-class.yaml → envs/eks/storage-class.yaml b/base/aws-gp2-storage-class.yaml → envs/eks/storage-class.yaml
@@ -10,7 +10,7 @@
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
-  name: gp2-encrypted-retained
+  name: wazuh-storage
 provisioner: kubernetes.io/aws-ebs
 parameters:
   encrypted: 'true'

diff --git a/envs/eks/wazuh-master-resources.yaml b/envs/eks/wazuh-master-resources.yaml
@@ -0,0 +1,34 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: wazuh-manager-master
+spec:
+  template:
+    spec:
+      containers:
+        - name: wazuh-manager
+          resources:
+            requests:
+              cpu: 1
+              memory: 1Gi
+            limits:
+              cpu: 2
+              memory: 2Gi
+  volumeClaimTemplates:
+    - metadata:
+        name: wazuh-manager-master
+        namespace: wazuh
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        storageClassName: wazuh-storage
+        resources:
+          requests:
+            storage: 50Gi
diff --git a/envs/eks/wazuh-worker-resources.yaml b/envs/eks/wazuh-worker-resources.yaml
@@ -0,0 +1,34 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: wazuh-manager-worker
+spec:
+  template:
+    spec:
+      containers:
+        - name: wazuh-manager
+          resources:
+            requests:
+              cpu: 1
+              memory: 1Gi
+            limits:
+              cpu: 2
+              memory: 2Gi
+  volumeClaimTemplates:
+    - metadata:
+        name: wazuh-manager-worker
+        namespace: wazuh
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        storageClassName: wazuh-storage
+        resources:
+          requests:
+            storage: 50Gi
diff --git a/envs/local-env/elastic-resources.yaml b/envs/local-env/elastic-resources.yaml
@@ -0,0 +1,13 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: wazuh-elasticsearch
+spec:
+  replicas: 1
diff --git a/envs/local-env/kustomization.yml b/envs/local-env/kustomization.yml
@@ -0,0 +1,13 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+bases:
+  - ../../wazuh
+patches:
+  - storage-class.yaml
+  - elastic-resources.yaml
+  - wazuh-resources.yaml
diff --git a/envs/local-env/storage-class.yaml b/envs/local-env/storage-class.yaml
@@ -0,0 +1,22 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+# Wazuh StorageClass
+
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: wazuh-storage
+
+# Microk8s is our standard for local development
+provisioner: microk8s.io/hostpath
+
+# In case you're running Minikube you can comment the line above and use this one
+# provisioner: k8s.io/minikube-hostpath
+
+# If you're using a different provider you can list storage classes
+# with: "kubectl get sc" and look for the column "Provisioner"
diff --git a/envs/local-env/wazuh-resources.yaml b/envs/local-env/wazuh-resources.yaml
@@ -0,0 +1,13 @@
+# Copyright (C) 2021 Wazuh Inc.
+#
+# This program is a free software; you can redistribute it
+# and/or modify it under the terms of the GNU General Public
+# License (version 2) as published by the FSF - Free Software
+# Foundation.
+
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: wazuh-manager-worker
+spec:
+  replicas: 1