Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix wazuh install in unify-unattended script #1072

Merged
merged 17 commits into from
Dec 21, 2021
Merged

Fix wazuh install in unify-unattended script #1072

merged 17 commits into from
Dec 21, 2021

Conversation

myu1d157h0u54nd
Copy link
Contributor

@myu1d157h0u54nd myu1d157h0u54nd commented Dec 13, 2021
edited
Loading

Related issue
#1036

Description

  • The script tries to install the stable release, even when unstable is chosen. (Ubuntu 20.04)
  • The script, when run from outside the storage folder. When trying to install filebeat not finding a config.

Logs example

Issue: release

Install log: wazuh and filebeat

bash /tmp/unattended_scripts/wazuh_install.sh --local --wazuh-server -wn wazuh1 --dev
12/13/2021 15:44:06 INFO: Starting the installation...
12/13/2021 15:44:06 INFO: Installing all necessary utilities for the installation...
12/13/2021 15:44:10 INFO: Done
12/13/2021 15:44:10 INFO: Adding the Wazuh repository...
12/13/2021 15:44:15 INFO: Done
12/13/2021 15:44:15 INFO: Installing the Wazuh manager...
12/13/2021 15:44:16 ERROR: Wazuh installation failed
12/13/2021 15:44:16 WARNING: Cleaning the installation
12/13/2021 15:44:16 WARNING: Installation cleaned. Check the /var/log/wazuh-unattended-installation.log file to learn more about the issue.

Install log: elasticsearch and kibana

bash /tmp/unattended_scripts/wazuh_install.sh --local --kibana --elasticsearch --create-certificates -en node1 --create-certificates --dev
12/13/2021 19:23:10 INFO: Configuration file found. Creating certificates...
12/13/2021 19:23:10 INFO: Creating the Elasticsearch certificates...
12/13/2021 19:23:10 INFO: Creating Wazuh server certificates...
12/13/2021 19:23:10 INFO: Creating Kibana certificate...
12/13/2021 19:23:11 INFO: Certificates creation finished. They can be found in /tmp/unattended_scripts/certs.
12/13/2021 19:23:11 INFO: Starting the installation...
12/13/2021 19:23:11 INFO: Installing all necessary utilities for the installation...
12/13/2021 19:23:46 INFO: Done
12/13/2021 19:23:46 INFO: Adding the Wazuh repository...
12/13/2021 19:23:51 INFO: Done
head: cannot open './config.yml' for reading: No such file or directory
12/13/2021 19:23:51 INFO: Installing Open Distro for Elasticsearch...
12/13/2021 19:29:47 INFO: Done
12/13/2021 19:29:47 INFO: Configuring Elasticsearch...
head: cannot open './config.yml' for reading: No such file or directory
awk: fatal: cannot open file `./config.yml' for reading (No such file or directory)
head: cannot open './config.yml' for reading: No such file or directory
12/13/2021 19:29:49 INFO: Elasticsearch installed.
12/13/2021 19:29:49 INFO: Starting Elasticsearch...
12/13/2021 19:30:06 INFO: Elasticsearch started
12/13/2021 19:30:06 INFO: Initializing Elasticsearch...

debug with 'set -x'

+ eval 'echo deb' '${repobaseurl}/apt/' stable 'main | tee /etc/apt/sources.list.d/wazuh.list > /dev/null 2>&1'
++ echo deb https://packages-dev.wazuh.com/pre-release/apt/ stable main
++ tee /etc/apt/sources.list.d/wazuh.list

debug: apt update

Ign:5 https://packages-dev.wazuh.com/pre-release/apt stable InRelease
Err:6 https://packages-dev.wazuh.com/pre-release/apt stable Release
  404  Not Found [IP: 13.227.92.21 443]
Reading package lists...
E: The repository 'https://packages-dev.wazuh.com/pre-release/apt stable Release' does not have a Release file.

Issue: filebeat

12/13/2021 16:43:38 INFO: Installing Filebeat...
awk: fatal: cannot open file `./config.yml' for reading (No such file or directory)
awk: fatal: cannot open file `./config.yml' for reading (No such file or directory)
12/13/2021 16:44:07 INFO: Done

Tests remediation filebeat and release:

bash /tmp/unattended_scripts/wazuh_install.sh --local --wazuh-server -wn wazuh1 --dev
12/13/2021 17:53:05 INFO: Starting the installation...
12/13/2021 17:53:05 INFO: Installing all necessary utilities for the installation...
12/13/2021 17:53:41 INFO: Done
12/13/2021 17:53:41 INFO: Adding the Wazuh repository...
12/13/2021 17:53:46 INFO: Done
12/13/2021 17:53:46 INFO: Installing the Wazuh manager...
12/13/2021 17:56:09 INFO: Done
12/13/2021 17:56:30 INFO: Wazuh-manager started
12/13/2021 17:56:30 INFO: Installing Filebeat...
12/13/2021 17:56:59 INFO: Done
12/13/2021 17:56:59 INFO: Starting Filebeat...
12/13/2021 17:57:00 INFO: Filebeat started
12/13/2021 17:57:00 INFO: Setting the Wazuh repository to production
12/13/2021 17:57:00 INFO: Done

Tests remediation elasticsearch and kibana:

bash /tmp/unattended_scripts/wazuh_install.sh --local --kibana --elasticsearch --create-certificates -en node1 --create-certificates --dev


12/13/2021 19:55:26 INFO: Configuration file found. Creating certificates...
12/13/2021 19:55:26 INFO: Creating the Elasticsearch certificates...
12/13/2021 19:55:26 INFO: Creating Wazuh server certificates...
12/13/2021 19:55:26 INFO: Creating Kibana certificate...
12/13/2021 19:55:26 INFO: Certificates creation finished. They can be found in /tmp/unattended_scripts/certs.
12/13/2021 19:55:26 INFO: Starting the installation...
12/13/2021 19:55:26 INFO: Installing all necessary utilities for the installation...
12/13/2021 19:56:06 INFO: Done
12/13/2021 19:56:06 INFO: Adding the Wazuh repository...
12/13/2021 19:56:11 INFO: Done
12/13/2021 19:56:11 INFO: Installing Open Distro for Elasticsearch...
12/13/2021 20:02:50 INFO: Done
12/13/2021 20:02:50 INFO: Configuring Elasticsearch...
12/13/2021 20:02:51 INFO: Elasticsearch installed.
12/13/2021 20:02:51 INFO: Starting Elasticsearch...
12/13/2021 20:03:07 INFO: Elasticsearch started
12/13/2021 20:03:07 INFO: Initializing Elasticsearch...

12/13/2021 20:03:07 INFO: Done
12/13/2021 20:03:07 INFO: Done
12/13/2021 20:03:07 INFO: Setting the Wazuh repository to production
12/13/2021 20:03:07 INFO: Done
12/13/2021 20:03:07 INFO: Starting the installation...
12/13/2021 20:03:07 INFO: Installing all necessary utilities for the installation...
12/13/2021 20:03:12 INFO: Done
12/13/2021 20:03:12 INFO: Adding the Wazuh repository...
12/13/2021 20:03:12 INFO: Wazuh repository already exists skipping
12/13/2021 20:03:12 INFO: Done
12/13/2021 20:03:12 INFO: Installing Open Distro for Kibana...
12/13/2021 20:03:13 ERROR: Kibana installation failed
12/13/2021 20:03:13 WARNING: Cleaning the installation
12/13/2021 20:03:13 WARNING: Removing Elasticsearch...
12/13/2021 20:03:20 WARNING: Installation cleaned. Check the /var/log/wazuh-unattended-installation.log file to learn more about the issue.

Tests remediation Prerequisites: case with error and exit

pwd
/tmp/unattended_scripts

rm /tmp/unattended_scripts/config.yml 
rm: cannot remove '/tmp/unattended_scripts/config.yml': No such file or directory

bash /tmp/unattended_scripts/wazuh_install.sh --all-in-one --local --ignore-health-check --dev
12/14/2021 21:48:25 WARNING: The file /tmp/unattended_scripts/config.yml is required. It should be located in the script directory:/tmp/unattended_scripts

Tests remediation Prerequisites: normal case

bash /tmp/unattended_scripts/wazuh_install.sh --local --wazuh-server -wn wazuh1 --dev
12/14/2021 21:51:46 INFO: checkPrerequisites
12/14/2021 21:51:46 INFO: Starting the installation...
12/14/2021 21:51:46 INFO: Installing all necessary utilities for the installation...

@myu1d157h0u54nd myu1d157h0u54nd self-assigned this Dec 13, 2021
@myu1d157h0u54nd myu1d157h0u54nd mentioned this pull request Dec 13, 2021
Closed
rauldpm
rauldpm requested changes Dec 13, 2021
View reviewed changes
Copy link
Member

@rauldpm rauldpm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GJ, minor changes

unattended_scripts/install_functions/opendistro/filebeat.sh Outdated Show resolved Hide resolved
verdx
verdx approved these changes Dec 16, 2021
View reviewed changes
Copy link
Contributor

@verdx verdx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

verdx
verdx suggested changes Dec 16, 2021
View reviewed changes
unattended_scripts/wazuh_install.sh Outdated
fi

if [ -n "${AIO}" ] || [ -n "${wazuh}" ] || [ -n "${kibana}" ] || [ -n "${elastic}" ]; then
logger -w "restoreWazuhrepo"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a very explanatory comment. A better option would be "Restoring Wazuh repository"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

verdx
verdx approved these changes Dec 21, 2021
View reviewed changes
Copy link
Contributor

@verdx verdx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alberpilot alberpilot changed the base branch from unify-unattended to unify-config-yml December 21, 2021 09:48
alberpilot
alberpilot approved these changes Dec 21, 2021
View reviewed changes
Copy link
Contributor

@alberpilot alberpilot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alberpilot alberpilot merged commit 2276e61 into unify-config-yml Dec 21, 2021
@alberpilot alberpilot deleted the 1036-unify-unattended-fix-wazuh_install branch December 21, 2021 10:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alberpilot alberpilot alberpilot approved these changes

@verdx verdx verdx approved these changes

@DFolchA DFolchA Awaiting requested review from DFolchA

@rauldpm rauldpm Awaiting requested review from rauldpm

Assignees

@myu1d157h0u54nd myu1d157h0u54nd

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@myu1d157h0u54nd @alberpilot @rauldpm @verdx