afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Molecule distributed scenario updated

Browse Source
This commit is contained in:
Gonzalo Acuña 2022-05-19 10:06:11 -03:00
parent 6fff470117
commit df42b9bcae
No known key found for this signature in database
GPG Key ID: 646BA79A313A2270
13 changed files with 98 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/main.yml vendored
View File

@ -35,7 +35,7 @@ jobs:
PY_COLORS: '1' PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1' ANSIBLE_FORCE_COLOR: '1'
scenario-distributed-wazuh-odfe: scenario-distributed-wazuh:
name: Distributed ODFE + Wazuh name: Distributed ODFE + Wazuh
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -60,7 +60,7 @@ jobs:
run: poetry install run: poetry install
- name: Run Molecule tests. - name: Run Molecule tests.
run: poetry run molecule test -s distributed-wazuh-odfe run: poetry run molecule test -s distributed-wazuh
env: env:
PY_COLORS: '1' PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1' ANSIBLE_FORCE_COLOR: '1'

47
molecule/distributed-wazuh-odfe/group_vars/all.yml
View File

@ -1,47 +0,0 @@
---
########################################################
# Helper variables
private_ip: '{{ ansible_default_ipv4.address }}'
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}"
kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}"
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}"
kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}"
########################################################
# General ELK stack variables
# OpenDistro
kibana_opendistro_security: true
opendistro_kibana_user: kibanaserver
opendistro_security_user: elastic
opendistro_kibana_password: changeme
opendistro_security_password: admin
opendistro_admin_password: changeme
# All nodes are called by IP name
elasticsearch_node_name: '{{ ansible_hostname }}'
kibana_node_name: '{{ ansible_hostname }}'
filebeat_node_name: '{{ ansible_hostname }}'
########################################################
# Versions
# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/
elastic_stack_version: 7.10.2
opendistro_version: 1.13.2
filebeat_version: 7.10.2
kibana_opendistro_version: 1.13.2-1
# Debian packages need the ${VERSION}-1
wazuh_manager_version: 4.3.1-1
wazuh_agent_version: 4.3.1-1
# Kibana role appends it automatically.
wazuh_version: 4.3.1

16
molecule/distributed-wazuh-odfe/group_vars/elastic.yml
View File

@ -1,16 +0,0 @@
---
single_node: false
elasticsearch_node_master: true
minimum_master_nodes: 1
elasticsearch_network_host: '{{ private_ip }}'
elasticsearch_reachable_host: '{{ private_ip }}'
elasticsearch_http_port: 9200
elasticsearch_bootstrap_node: true
elasticsearch_cluster_nodes: '{{ elastic_addresses }}'
elasticsearch_discovery_nodes: '{{ elastic_addresses }}'
opendistro_jvm_xms: 1024

17
molecule/distributed-wazuh-odfe/group_vars/kibana.yml
View File

@ -1,17 +0,0 @@
---
kibana_server_name: '{{ ansible_hostname }}'
elasticsearch_network_host: "{{ elastic_addresses[0] }}"
#elasticsearch_http_port: 9200
elasticsearch_node_master: false
elasticsearch_node_ingest: false
elasticsearch_node_data: false
wazuh_api_credentials:
- id: default
url: 'https://{{ manager_addresses[0] }}'
port: 55000
#port: 1514
username: wazuh
password: wazuh

0
molecule/distributed-wazuh-odfe/INSTALL.rst → molecule/distributed-wazuh/INSTALL.rst
View File

26
molecule/distributed-wazuh-odfe/converge.yml → molecule/distributed-wazuh/converge.yml
View File

@ -5,7 +5,7 @@
become: true become: true
become_user: root become_user: root
vars: vars:
endpoints_hostvars: '{{ managers_hostvars | union(elastic_hostvars) | union(kibana_hostvars) }}' endpoints_hostvars: '{{ managers_hostvars | union(indexer_hostvars) | union(dashboard_hostvars) }}'
wazuh_managers_common: wazuh_managers_common:
port: 1514 port: 1514
protocol: tcp protocol: tcp
@ -17,7 +17,7 @@
pre_tasks: pre_tasks:
- name: (converge) build instances list dynamically for cert generator consumption - name: (converge) build instances list dynamically for cert generator consumption
set_fact: set_fact:
odfe_endpoint_list: "{{ odfe_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}" wazuh_endpoint_list: "{{ wazuh_endpoint_list | default({}) | combine({ instance_hostname: instance_item }) }}"
vars: vars:
instance_hostname: '{{ item.ansible_facts.hostname }}' instance_hostname: '{{ item.ansible_facts.hostname }}'
instance_item: instance_item:
@ -35,39 +35,39 @@
- name: overview of cert configuration - name: overview of cert configuration
debug: debug:
var: odfe_endpoint_list var: wazuh_endpoint_list
- name: Generate certificates prior to converging - name: Generate certificates prior to converging
hosts: molecule_odfe_elasticsearch_centos7 hosts: molecule_wazuh_indexer_centos7
become: true become: true
become_user: root become_user: root
roles: roles:
- role: ../../roles/opendistro/opendistro-elasticsearch - role: ../../roles/wazuh/wazuh-indexer
vars: vars:
generate_certs: true generate_certs: true
perform_installation: false perform_installation: false
instances: '{{ odfe_endpoint_list }}' instances: '{{ wazuh_endpoint_list }}'
pre_tasks: pre_tasks:
- name: overview of cert configuration - name: overview of cert configuration
debug: debug:
var: odfe_endpoint_list var: wazuh_endpoint_list
- name: Converge - name: Converge
hosts: all hosts: all
become: true become: true
become_user: root become_user: root
roles: roles:
# 1. Elasticsearch # 1. Wazuh indexer
- role: ../../roles/opendistro/opendistro-elasticsearch - role: ../../roles/wazuh/wazuh-indexer
when: inventory_hostname in groups['elastic'] when: inventory_hostname in groups['indexer']
# 2. Managers # 2. Managers
- role: ../../roles/wazuh/ansible-wazuh-manager - role: ../../roles/wazuh/ansible-wazuh-manager
when: inventory_hostname in groups['managers'] when: inventory_hostname in groups['managers']
- role: ../../roles/wazuh/ansible-filebeat-oss - role: ../../roles/wazuh/ansible-filebeat-oss
when: inventory_hostname in groups['managers'] when: inventory_hostname in groups['managers']
# 3. Kibana # 3. Wazuh dashboard
- role: ../../roles/opendistro/opendistro-kibana - role: ../../roles/wazuh/wazuh-dashboard
when: inventory_hostname in groups['kibana'] when: inventory_hostname in groups['dashboard']
# 4. Agents: # 4. Agents:
- role: ../../roles/wazuh/ansible-wazuh-agent - role: ../../roles/wazuh/ansible-wazuh-agent
vars: vars:

0
molecule/distributed-wazuh-odfe/group_vars/agents.yml → molecule/distributed-wazuh/group_vars/agents.yml
View File

39
molecule/distributed-wazuh/group_vars/all.yml Normal file
View File

@ -0,0 +1,39 @@
---
########################################################
# Helper variables
private_ip: '{{ ansible_default_ipv4.address }}'
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}"
indexer_hostvars: "{{ groups['indexer'] | map('extract', hostvars) | list }}"
dashboard_hostvars: "{{ groups['dashboard'] | map('extract', hostvars) | list }}"
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}"
indexer_addresses: "{{ indexer_hostvars | map(attribute='private_ip') | list }}"
dashboard_addresses: "{{ dashboard_hostvars | map(attribute='private_ip') | list }}"
########################################################
# General Wazuh stack variables
# Wazuh indexer/dashboard
dashboard_security: true
dashboard_user: kibanaserver
indexer_security_user: admin
dashboard_password: changeme
indexer_security_password: changeme
indexer_admin_password: changeme
# All nodes are called by IP name
indexer_node_name: '{{ ansible_hostname }}'
dashboard_node_name: '{{ ansible_hostname }}'
filebeat_node_name: '{{ ansible_hostname }}'
indexer_version: 4.3.1
filebeat_version: 7.10.2
wazuh_version: 4.3.1
# Debian packages need the ${VERSION}-1
wazuh_manager_version: 4.3.1-1
wazuh_agent_version: 4.3.1-1

17
molecule/distributed-wazuh/group_vars/dashboard.yml Normal file
View File

@ -0,0 +1,17 @@
---
dashboard_server_name: '{{ ansible_hostname }}'
indexer_network_host: "{{ indexer_addresses[0] }}"
#indexer_http_port: 9200
indexer_node_master: false
indexer_node_ingest: false
indexer_node_data: false
wazuh_api_credentials:
- id: default
url: 'https://{{ manager_addresses[0] }}'
port: 55000
#port: 1514
username: wazuh
password: wazuh

12
molecule/distributed-wazuh/group_vars/indexer.yml Normal file
View File

@ -0,0 +1,12 @@
---
single_node: false
indexer_node_master: true
minimum_master_nodes: 1
indexer_network_host: '{{ private_ip }}'
indexer_http_port: 9200
indexer_cluster_nodes: '{{ indexer_addresses }}'
indexer_discovery_nodes: '{{ indexer_addresses }}'

2
molecule/distributed-wazuh-odfe/group_vars/managers.yml → molecule/distributed-wazuh/group_vars/managers.yml
View File

@ -1,7 +1,7 @@
--- ---
wazuh_manager_fqdn: '{{ ansible_hostname }}' wazuh_manager_fqdn: '{{ ansible_hostname }}'
filebeat_output_elasticsearch_hosts: '{{ elastic_addresses }}' filebeat_output_indexer_hosts: '{{ indexer_addresses }}'
wazuh_manager_config: wazuh_manager_config:
connection: connection:

28
molecule/distributed-wazuh-odfe/molecule.yml → molecule/distributed-wazuh/molecule.yml
View File

@ -18,7 +18,7 @@ platforms:
################################################ ################################################
# Wazuh Managers # Wazuh Managers
################################################ ################################################
- name: molecule_odfe_manager_centos7 - name: molecule_wazuh_manager_centos7
hostname: wazuh-mgr01 hostname: wazuh-mgr01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -33,7 +33,7 @@ platforms:
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_manager_debian9 - name: molecule_wazuh_manager_debian9
hostname: wazuh-mgr02 hostname: wazuh-mgr02
image: geerlingguy/docker-debian9-ansible image: geerlingguy/docker-debian9-ansible
command: /sbin/init command: /sbin/init
@ -49,9 +49,9 @@ platforms:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
################################################ ################################################
# Elastic Cluster # Wazuh indexer Cluster
################################################ ################################################
- name: molecule_odfe_elasticsearch_centos7 - name: molecule_wazuh_indexer_centos7
hostname: wazuh-es01 hostname: wazuh-es01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -60,13 +60,13 @@ platforms:
memory: 4096m memory: 4096m
memory_reservation: 2048m memory_reservation: 2048m
groups: groups:
- elastic - indexer
ulimits: ulimits:
- nofile:262144:262144 - nofile:262144:262144
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_elasticsearch_centos7_2 - name: molecule_wazuh_indexer_centos7_2
hostname: wazuh-es02 hostname: wazuh-es02
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -75,7 +75,7 @@ platforms:
memory: 4096m memory: 4096m
memory_reservation: 2048m memory_reservation: 2048m
groups: groups:
- elastic - indexer
ulimits: ulimits:
- nofile:262144:262144 - nofile:262144:262144
volumes: volumes:
@ -84,7 +84,7 @@ platforms:
################################################ ################################################
# Wazuh Agents # Wazuh Agents
################################################ ################################################
- name: molecule_odfe_agent_centos7 - name: molecule_wazuh_agent_centos7
hostname: wazuh-agent01 hostname: wazuh-agent01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
@ -97,7 +97,7 @@ platforms:
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
- name: molecule_odfe_agent_debian9 - name: molecule_wazuh_agent_debian9
hostname: wazuh-agent02 hostname: wazuh-agent02
image: geerlingguy/docker-debian9-ansible image: geerlingguy/docker-debian9-ansible
command: /sbin/init command: /sbin/init
@ -111,11 +111,11 @@ platforms:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
################################################ ################################################
# Kibana # Wazuh dashboard
################################################ ################################################
- name: molecule_odfe_kibana_centos7 - name: molecule_wazuh_dashboard_centos7
hostname: wazuh-kib01 hostname: wazuh-dash01
image: geerlingguy/docker-centos7-ansible image: geerlingguy/docker-centos7-ansible
command: /sbin/init command: /sbin/init
pre_build_image: true pre_build_image: true
@ -123,7 +123,7 @@ platforms:
memory: 2048m memory: 2048m
memory_reservation: 512m memory_reservation: 512m
groups: groups:
- kibana - dashboard
volumes: volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro
@ -147,7 +147,7 @@ provisioner:
name: ansible-lint name: ansible-lint
enabled: false enabled: false
scenario: scenario:
name: distributed-wazuh-odfe name: distributed-wazuh
test_sequence: test_sequence:
- dependency - dependency
- syntax - syntax

0
molecule/distributed-wazuh-odfe/tests/test_default.py → molecule/distributed-wazuh/tests/test_default.py
View File