From 904f7be4a06fa575c3a5120154d12da499492e32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 25 Jan 2023 16:04:48 -0300 Subject: [PATCH 1/2] Wazuh cluster playbook added --- playbooks/wazuh-manager-oss-cluster.yml | 100 ++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 playbooks/wazuh-manager-oss-cluster.yml diff --git a/playbooks/wazuh-manager-oss-cluster.yml b/playbooks/wazuh-manager-oss-cluster.yml new file mode 100644 index 00000000..acf5beb0 --- /dev/null +++ b/playbooks/wazuh-manager-oss-cluster.yml @@ -0,0 +1,100 @@ +--- +# Wazuh cluster without Filebeat + - hosts: manager + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'master' + node_type: 'master' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' + wazuh_api_users: + - username: custom-user + password: SecretPassword1! + + - hosts: worker01 + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'worker_01' + node_type: 'worker' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' +--- +# Wazuh cluster without Filebeat + - hosts: manager + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'master' + node_type: 'master' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' + wazuh_api_users: + - username: custom-user + password: SecretPassword1! + + - hosts: worker01 + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'worker_01' + node_type: 'worker' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' From ff4c843883b93818d7587a46531958ebe3720217 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 25 Jan 2023 16:19:31 -0300 Subject: [PATCH 2/2] Readme update --- README.md | 118 ++++++++++++++++++++++++ playbooks/wazuh-manager-oss-cluster.yml | 50 ---------- 2 files changed, 118 insertions(+), 50 deletions(-) diff --git a/README.md b/README.md index 2e37b4b6..cad036f0 100644 --- a/README.md +++ b/README.md @@ -395,6 +395,124 @@ sudo ansible-playbook wazuh-single.yml -i inventory After the playbook execution, the Wazuh UI should be reachable through `https://` +## Example: Wazuh server cluster (without Filebeat) + +### Playbook + +The hereunder example playbook uses the `wazuh-ansible` role to provision a Wazuh server cluster without Filebeat. This architecture includes 2 Wazuh servers distributed in two different nodes. + +```yaml +--- +# Wazuh cluster without Filebeat + - hosts: manager + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'master' + node_type: 'master' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' + wazuh_api_users: + - username: custom-user + password: SecretPassword1! + + - hosts: worker01 + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'worker_01' + node_type: 'worker' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' +``` + +### Inventory file + +```ini +[manager] + + +[worker01] + + +[all:vars] +ansible_ssh_user=vagrant +ansible_ssh_private_key_file=/path/to/ssh/key.pem +ansible_ssh_extra_args='-o StrictHostKeyChecking=no' +``` + +### Adding additional workers + +Add the following block at the end of the playbook + +```yaml + - hosts: worker02 + roles: + - role: "../roles/wazuh/ansible-wazuh-manager" + become: yes + become_user: root + vars: + wazuh_manager_config: + connection: + - type: 'secure' + port: '1514' + protocol: 'tcp' + queue_size: 131072 + api: + https: 'yes' + cluster: + disable: 'no' + node_name: 'worker_02' + node_type: 'worker' + key: 'c98b62a9b6169ac5f67dae55ae4a9088' + nodes: + - "{{ hostvars.manager.private_ip }}" + hidden: 'no' +``` + +NOTE: `hosts` and `wazuh_manager_config.cluster_node_name` are the only parameters that differ from the `worker01` configuration. + +Add the following lines to the inventory file: + +```ini +[worker02] + +``` + +### Launching the playbook + +```bash +sudo ansible-playbook wazuh-manager-oss-cluster.yml -i inventory +``` + ## Contribute If you want to contribute to our repository, please fork our Github repository and submit a pull request. diff --git a/playbooks/wazuh-manager-oss-cluster.yml b/playbooks/wazuh-manager-oss-cluster.yml index acf5beb0..57109581 100644 --- a/playbooks/wazuh-manager-oss-cluster.yml +++ b/playbooks/wazuh-manager-oss-cluster.yml @@ -48,53 +48,3 @@ nodes: - "{{ hostvars.manager.private_ip }}" hidden: 'no' ---- -# Wazuh cluster without Filebeat - - hosts: manager - roles: - - role: "../roles/wazuh/ansible-wazuh-manager" - become: yes - become_user: root - vars: - wazuh_manager_config: - connection: - - type: 'secure' - port: '1514' - protocol: 'tcp' - queue_size: 131072 - api: - https: 'yes' - cluster: - disable: 'no' - node_name: 'master' - node_type: 'master' - key: 'c98b62a9b6169ac5f67dae55ae4a9088' - nodes: - - "{{ hostvars.manager.private_ip }}" - hidden: 'no' - wazuh_api_users: - - username: custom-user - password: SecretPassword1! - - - hosts: worker01 - roles: - - role: "../roles/wazuh/ansible-wazuh-manager" - become: yes - become_user: root - vars: - wazuh_manager_config: - connection: - - type: 'secure' - port: '1514' - protocol: 'tcp' - queue_size: 131072 - api: - https: 'yes' - cluster: - disable: 'no' - node_name: 'worker_01' - node_type: 'worker' - key: 'c98b62a9b6169ac5f67dae55ae4a9088' - nodes: - - "{{ hostvars.manager.private_ip }}" - hidden: 'no'