Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removed code from provision-opendistro.sh #681

Merged
merged 4 commits into from
Apr 12, 2021
Merged

Removed code from provision-opendistro.sh #681

merged 4 commits into from
Apr 12, 2021

Conversation

jcruzlp
Copy link
Contributor

@jcruzlp jcruzlp commented Mar 24, 2021
edited
Loading

Related issue
#627

Description

Related #627

Removed addElasticRepo function from provision-opendistro.sh library and the call from provision.sh

Also removed Configure JVM options in installElasticsearch from provision-opendistro.sh as those steps are not required on the Wazuh documentation installation guide.

Logs example

After remove the listed code, I could run the script as follow: sh provision.sh 4.1.2 1.12.0 7.10.0 dev 4.1.2 1 -d

And got the following result:

Elasticsearch installation succeeded.
+ filebeat test output
elasticsearch: https://127.0.0.1:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 127.0.0.1
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.3
    dial up... OK
  talk to server... OK
  version: 7.10.0
+ '[' 0 '!=' 0 ']'
+ logger 'Filebeat installation succeeded.'
+ echo Filebeat installation succeeded.
Filebeat installation succeeded.
+ logger 'Initializing Kibana (this may take a while)'
+ echo Initializing Kibana '(this' may take a 'while)'
Initializing Kibana (this may take a while)
++ grep '200 OK'
++ curl -XGET https://localhost/status -I -uadmin:admin -k -s
+ [[ -n '' ]]
+ logger -ne '#'
+ echo -ne
+ sleep 10
++ curl -XGET https://localhost/status -I -uadmin:admin -k -s
++ grep '200 OK'
 ]][ -n HTTP/1.1 200 OK
+ logger '
Installation finished'
+ echo Installation finished
Installation finished
+ cleanInstall
+ rm -rf /etc/yum.repos.d/adoptopenjdk.repo
+ rm -rf /etc/yum.repos.d/wazuh.repo
+ yum clean all
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up list of fastest mirrors
Other repos take up 3.2 M of disk space (use --verbose for details)
+ rm -rf /vagrant
+ systemctl stop kibana filebeat elasticsearch
+ systemctl enable wazuh-manager
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-manager.service to /usr/lib/systemd/system/wazuh-manager.service.

When running systemctl status elasticshearch it shows the next promt:

● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2021-03-25 08:05:24 UTC; 57s ago
     Docs: https://www.elastic.co
 Main PID: 802 (java)
   CGroup: /system.slice/elasticsearch.service
           └─802 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encodi...

And when doing systemctl status wazuh-manager it returns:

● wazuh-manager.service - Wazuh manager
   Loaded: loaded (/usr/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2021-03-25 08:05:28 UTC; 2min 53s ago
  Process: 803 ExecStart=/usr/bin/env ${DIRECTORY}/bin/ossec-control start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/wazuh-manager.service
           ├─1439 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
           ├─1545 /var/ossec/bin/ossec-authd
           ├─1701 /var/ossec/bin/wazuh-db
           ├─1866 /var/ossec/bin/ossec-execd
           ├─1967 /var/ossec/bin/ossec-analysisd
           ├─2130 /var/ossec/bin/ossec-syscheckd
           ├─2397 /var/ossec/bin/ossec-remoted
           ├─2636 /var/ossec/bin/ossec-logcollector
           ├─2831 /var/ossec/bin/ossec-monitord
           └─3110 /var/ossec/bin/wazuh-modulesd

After building succesfully the OVA on Jenkins using this branch, got the following results after the wazuh installation:

When checked the elastic installation on the OVA got the following result:

image

And when checked the status from the Wazuh manager installation got:

image

@jcruzlp jcruzlp requested review from Rebits, DFolchA and okynos March 24, 2021 11:52
@jcruzlp jcruzlp changed the title Removed addElasticRepo function and Configure JVM options in installElasticsearch function Removed code from provision-opendistro.sh Mar 24, 2021
okynos
okynos suggested changes Mar 24, 2021
View reviewed changes
Copy link
Contributor

@okynos okynos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but please include more testing.
Show that Wazuh and Elastic are well installed and working.
Also launch the Jenkins pipeline that build the OVA and test it.

@jcruzlp jcruzlp requested a review from okynos March 25, 2021 09:24
@jcruzlp jcruzlp self-assigned this Mar 31, 2021
okynos
okynos approved these changes Mar 31, 2021
View reviewed changes
Copy link
Contributor

@okynos okynos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

DFolchA
DFolchA approved these changes Mar 31, 2021
View reviewed changes
Copy link
Contributor

@DFolchA DFolchA left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Rebits
Rebits approved these changes Apr 6, 2021
View reviewed changes
Copy link
Member

@Rebits Rebits left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

alberpilot
alberpilot suggested changes Apr 7, 2021
View reviewed changes
ova/Libraries/provision-opendistro.sh Outdated Show resolved Hide resolved
@alberpilot alberpilot merged commit 4604379 into master Apr 12, 2021
@alberpilot alberpilot deleted the 627-clean-provision-opendistro branch April 12, 2021 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alberpilot alberpilot alberpilot approved these changes

@okynos okynos okynos approved these changes

@Rebits Rebits Rebits approved these changes

@DFolchA DFolchA DFolchA approved these changes

Assignees

@jcruzlp jcruzlp

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jcruzlp @alberpilot @okynos @Rebits @DFolchA