Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix the distributed version of the unified installer #1062

Closed
verdx opened this issue Dec 13, 2021 · 0 comments
Closed

Fix the distributed version of the unified installer #1062

verdx opened this issue Dec 13, 2021 · 0 comments
Assignees
@verdx
Labels
cicd-tracked unattended

Comments

@verdx
Copy link
Contributor

verdx commented Dec 13, 2021

|Unified unattended installer|

As seen on trying to make a distributed installation using https://github.com/wazuh/wazuh-packages/tree/unify-unattended, there are some bugs that need fixing.

  • Missing l in configureElasticsearch, getConfig elasticsearch/roles/roles.ym
  • In elasticsearch.sh, line copyCertificatesElasticsearch einame pos
    the arguments are passed without ${} and aren't needed, the variables are accessed directly.
  • Also in elasticsearch.sh, line if [ ! ${IMN[@]} == ${einame} ]; then, the conditional doesn't work. It needs double brackets, [[ ]].
  • In kibana.sh, the installation gets stuck on until [[ "$(curl -XGET https://${kip}/status -I -uadmin:admin -k -s --max-time 300 | grep "200 OK")" ]]; do.
  • After the elasticsearch installation, we can see this error in /var/elasticsearch/wazuh.log: /etc/elasticsearch/certs/elasticsearch.pem has insecure file permissions (should be 0600)
  • After the filebeat installation, filebeat test output gives this error: no such file or directory /etc/filebeat/certs/filebeat.pem
  • The initialization of Open Distro Security also fails:
[root@centos7 unattended_scripts]# ls -l /etc/elasticsearch/certs/
total 20
-rw-r--r--. 1 root elasticsearch 1708 Dec 10 19:49 admin-key.pem
-rw-r--r--. 1 root elasticsearch 1103 Dec 10 19:49 admin.pem
-r--r--r--. 1 root elasticsearch 1704 Dec 10 19:49 elasticsearch-key.pem
-rw-r--r--. 1 root elasticsearch 1216 Dec 10 19:49 elasticsearch.pem
-rw-r--r--. 1 root elasticsearch 1180 Dec 10 19:49 root-ca.pem

[root@centos7 unattended_scripts]# /usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cd ../securityconfig/ -nhnv -cacert /etc/elasticsearch/certs/root-ca.pem -cert /etc/elasticsearch/certs/admin.pem -key /etc/elasticsearch/certs/admin-key.pem -h 192.168.57.101
Open Distro Security Admin v7
Will connect to 192.168.57.101:9300 ... done
ERR: Cannot connect to Elasticsearch. Please refer to elasticsearch logfile for more information
Trace:
NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{bJdZCU8YQ-q0PoLakpSN-Q}{192.168.57.101}{192.168.57.101:9300}]]
	at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodesAreAvailable(TransportClientNodesService.java:352)
	at org.elasticsearch.client.transport.TransportClientNodesService.execute(TransportClientNodesService.java:248)
	at org.elasticsearch.client.transport.TransportProxyClient.execute(TransportProxyClient.java:57)
	at org.elasticsearch.client.transport.TransportClient.doExecute(TransportClient.java:391)
	at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:412)
	at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:401)
	at com.amazon.opendistroforelasticsearch.security.tools.OpenDistroSecurityAdmin.execute(OpenDistroSecurityAdmin.java:524)
	at com.amazon.opendistroforelasticsearch.security.tools.OpenDistroSecurityAdmin.main(OpenDistroSecurityAdmin.java:157)
  • Errors when trying to start elasticsearch:
[root@centos7 unattended_scripts]# journalctl -r -u elasticsearch.service | grep -i -E "error|fatal|critical"
Dec 10 19:34:54 centos7 systemd-entrypoint[9360]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:33:32 centos7 systemd-entrypoint[8417]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:31:19 centos7 systemd-entrypoint[7470]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:29:55 centos7 systemd-entrypoint[6671]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:26:20 centos7 systemd-entrypoint[5729]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:25:08 centos7 systemd-entrypoint[4780]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:22:54 centos7 systemd-entrypoint[3810]: For complete error details, refer to the log at /var/log/elasticsearch/wazuh.log
Dec 10 19:22:54 centos7 systemd-entrypoint[3810]: at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:127)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@verdx verdx

Labels
cicd-tracked unattended
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DFolchA @verdx