From 8499c6b94190776d39509a56d2cc145bcf4c1c98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Feb 2022 09:07:47 -0300 Subject: [PATCH] Playbooks updated --- playbooks/wazuh-manager-oss.yml | 6 +- ...ana.yml => wazuh-opensearch-dashboard.yml} | 2 +- ... => wazuh-opensearch-production-ready.yml} | 142 ++++++++++-------- ...single.yml => wazuh-opensearch-single.yml} | 6 +- ...uh-opendistro.yml => wazuh-opensearch.yml} | 5 +- 5 files changed, 94 insertions(+), 67 deletions(-) rename playbooks/{wazuh-opendistro-kibana.yml => wazuh-opensearch-dashboard.yml} (90%) rename playbooks/{wazuh-odfe-production-ready.yml => wazuh-opensearch-production-ready.yml} (52%) rename playbooks/{wazuh-odfe-single.yml => wazuh-opensearch-single.yml} (76%) rename playbooks/{wazuh-opendistro.yml => wazuh-opensearch.yml} (79%) diff --git a/playbooks/wazuh-manager-oss.yml b/playbooks/wazuh-manager-oss.yml index d28b8736..9e9c4cba 100644 --- a/playbooks/wazuh-manager-oss.yml +++ b/playbooks/wazuh-manager-oss.yml @@ -4,6 +4,6 @@ - role: ../roles/wazuh/ansible-wazuh-manager - role: ../roles/wazuh/ansible-filebeat-oss filebeat_output_indexer_hosts: - - ":9200" - - ":9200" - - ":9200" + - ":9200" + - ":9200" + - ":9200" diff --git a/playbooks/wazuh-opendistro-kibana.yml b/playbooks/wazuh-opensearch-dashboard.yml similarity index 90% rename from playbooks/wazuh-opendistro-kibana.yml rename to playbooks/wazuh-opensearch-dashboard.yml index 2a762639..2abc311f 100644 --- a/playbooks/wazuh-opendistro-kibana.yml +++ b/playbooks/wazuh-opensearch-dashboard.yml @@ -1,5 +1,5 @@ --- -- hosts: es1 +- hosts: wi1 roles: - role: ../roles/opensearch/wazuh-dashboard vars: diff --git a/playbooks/wazuh-odfe-production-ready.yml b/playbooks/wazuh-opensearch-production-ready.yml similarity index 52% rename from playbooks/wazuh-odfe-production-ready.yml rename to playbooks/wazuh-opensearch-production-ready.yml index 1068cbdc..76d8ab14 100644 --- a/playbooks/wazuh-odfe-production-ready.yml +++ b/playbooks/wazuh-opensearch-production-ready.yml @@ -1,81 +1,97 @@ --- # Certificates generation - - hosts: es1 + - hosts: wi1 roles: - role: ../roles/opensearch/wazuh-indexer - elasticsearch_network_host: "{{ private_ip }}" - elasticsearch_cluster_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" - elasticsearch_discovery_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" + indexer_network_host: "{{ private_ip }}" + indexer_cluster_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" + indexer_discovery_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" perform_installation: false become: yes become_user: root vars: - elasticsearch_node_master: true + indexer_node_master: true instances: node1: - name: node-1 # Important: must be equal to elasticsearch_node_name. - ip: "{{ hostvars.es1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + name: node-1 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer node2: name: node-2 - ip: "{{ hostvars.es2.private_ip }}" + ip: "{{ hostvars.wi2.private_ip }}" + role: indexer node3: name: node-3 - ip: "{{ hostvars.es3.private_ip }}" + ip: "{{ hostvars.wi3.private_ip }}" + role: indexer node4: name: node-4 ip: "{{ hostvars.manager.private_ip }}" + role: wazuh + node_type: master node5: name: node-5 ip: "{{ hostvars.worker.private_ip }}" + role: wazuh + node_type: worker node6: name: node-6 - ip: "{{ hostvars.kibana.private_ip }}" + ip: "{{ hostvars.dashboard.private_ip }}" + role: dashboard tags: - generate-certs #ODFE Cluster - - hosts: odfe_cluster + - hosts: wi_cluster strategy: free roles: - role: ../roles/opensearch/wazuh-indexer - elasticsearch_network_host: "{{ private_ip }}" + indexer_network_host: "{{ private_ip }}" become: yes become_user: root vars: - elasticsearch_cluster_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" - elasticsearch_discovery_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" - elasticsearch_node_master: true + indexer_cluster_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" + indexer_discovery_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" + indexer_node_master: true instances: node1: - name: node-1 # Important: must be equal to elasticsearch_node_name. - ip: "{{ hostvars.es1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + name: node-1 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer node2: name: node-2 - ip: "{{ hostvars.es2.private_ip }}" + ip: "{{ hostvars.wi2.private_ip }}" + role: indexer node3: name: node-3 - ip: "{{ hostvars.es3.private_ip }}" + ip: "{{ hostvars.wi3.private_ip }}" + role: indexer node4: name: node-4 ip: "{{ hostvars.manager.private_ip }}" + role: wazuh + node_type: master node5: name: node-5 ip: "{{ hostvars.worker.private_ip }}" + role: wazuh + node_type: worker node6: name: node-6 - ip: "{{ hostvars.kibana.private_ip }}" + ip: "{{ hostvars.dashboard.private_ip }}" + role: dashboard #Wazuh cluster - hosts: manager @@ -106,9 +122,9 @@ - username: custom-user password: .S3cur3Pa55w0rd*- filebeat_output_indexer_hosts: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" - hosts: worker roles: @@ -135,32 +151,32 @@ - "{{ hostvars.manager.private_ip }}" hidden: 'no' filebeat_output_indexer_hosts: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" - #ODFE+Kibana node - - hosts: kibana + #Indexer+Dashboard node + - hosts: dashboard roles: - role: "../roles/opensearch/wazuh-indexer" - role: "../roles/opensearch/wazuh-dashboard" become: yes become_user: root vars: - elasticsearch_network_host: "{{ hostvars.kibana.private_ip }}" - elasticsearch_node_name: node-6 - elasticsearch_node_master: false - elasticsearch_node_ingest: false - elasticsearch_node_data: false - elasticsearch_cluster_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" - elasticsearch_discovery_nodes: - - "{{ hostvars.es1.private_ip }}" - - "{{ hostvars.es2.private_ip }}" - - "{{ hostvars.es3.private_ip }}" - kibana_node_name: node-6 + indexer_network_host: "{{ hostvars.dashboard.private_ip }}" + indexer_node_name: node-6 + indexer_node_master: false + indexer_node_ingest: false + indexer_node_data: false + indexer_cluster_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" + indexer_discovery_nodes: + - "{{ hostvars.wi1.private_ip }}" + - "{{ hostvars.wi2.private_ip }}" + - "{{ hostvars.wi3.private_ip }}" + dashboard_node_name: node-6 wazuh_api_credentials: - id: default url: https://{{ hostvars.manager.private_ip }} @@ -169,21 +185,29 @@ password: .S3cur3Pa55w0rd*- instances: node1: - name: node-1 # Important: must be equal to elasticsearch_node_name. - ip: "{{ hostvars.es1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + name: node-1 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer node2: name: node-2 - ip: "{{ hostvars.es2.private_ip }}" + ip: "{{ hostvars.wi2.private_ip }}" + role: indexer node3: name: node-3 - ip: "{{ hostvars.es3.private_ip }}" + ip: "{{ hostvars.wi3.private_ip }}" + role: indexer node4: name: node-4 ip: "{{ hostvars.manager.private_ip }}" + role: wazuh + node_type: master node5: name: node-5 ip: "{{ hostvars.worker.private_ip }}" + role: wazuh + node_type: worker node6: name: node-6 - ip: "{{ hostvars.kibana.private_ip }}" + ip: "{{ hostvars.dashboard.private_ip }}" + role: dashboard ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-odfe-single.yml b/playbooks/wazuh-opensearch-single.yml similarity index 76% rename from playbooks/wazuh-odfe-single.yml rename to playbooks/wazuh-opensearch-single.yml index 9249fc20..c89f4990 100644 --- a/playbooks/wazuh-odfe-single.yml +++ b/playbooks/wazuh-opensearch-single.yml @@ -11,12 +11,12 @@ vars: single_node: true minimum_master_nodes: 1 - elasticsearch_node_master: true - elasticsearch_network_host: 127.0.0.1 + indexer_node_master: true + indexer_network_host: 127.0.0.1 filebeat_node_name: node-1 filebeat_output_indexer_hosts: 127.0.0.1 instances: node1: - name: node-1 # Important: must be equal to elasticsearch_node_name. + name: node-1 # Important: must be equal to indexer_node_name. ip: 127.0.0.1 ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-opendistro.yml b/playbooks/wazuh-opensearch.yml similarity index 79% rename from playbooks/wazuh-opendistro.yml rename to playbooks/wazuh-opensearch.yml index 8de1c16c..c6839efa 100644 --- a/playbooks/wazuh-opendistro.yml +++ b/playbooks/wazuh-opensearch.yml @@ -1,5 +1,5 @@ --- -- hosts: es_cluster +- hosts: wi_cluster roles: - role: ../roles/opensearch/wazuh-indexer @@ -8,10 +8,13 @@ node1: name: node-1 ip: + role: indexer node2: name: node-2 ip: + role: indexer node3: name: node-3 ip: + role: indexer