Deploy a Wazuh cluster using Helm quickly to Kubernetes.
Karolis Jovaisas
├── assets
│ ├── documents
│ └── images
│ └── k8s-helm-wazuh-img.png
├── docker
│ ├── Dockerfile
│ ├── scripts
│ │ ├── entrypoint.sh
│ │ └── manage_agent_key.py
│ └── template.ignore
│ ├── runOnHost.sh
│ ├── wait.sh
│ └── wazuh-agent-install-cfm.yaml
├── LICENSE.md
├── README.md
└── wazuh-kubernetes
├── Chart.yaml
├── indentifier.yaml
├── issuer.yaml
├── scripts
│ ├── data.sh
│ ├── deploy.sh
│ ├── remove.sh
│ ├── test.sh
│ └── upgrade.sh
├── templates
│ ├── config-map
│ │ ├── elasticsearch.yml
│ │ ├── wazuh-agent.yaml
│ │ ├── wazuh-master.yaml
│ │ └── wazuh-workers.yaml
│ ├── daemonset
│ │ └── wazuh-agent.yaml
│ ├── deployment
│ │ └── kibana.yaml
│ ├── _helpers.tpl
│ ├── rbac
│ │ └── wazuh-agent.yaml
│ ├── rolebinding
│ │ └── wazuh-agent.yaml
│ ├── secrets
│ │ ├── elastic-cred.yaml
│ │ ├── kibana-certs.yaml
│ │ ├── odfe-ssl-certs.yaml
│ │ ├── wazuh-api-cred.yaml
│ │ ├── wazuh-authd-pass.yaml
│ │ └── wazuh-cluster-key.yaml
│ ├── service
│ │ ├── elasticsearch-api.yaml
│ │ ├── elasticsearch-svc.yaml
│ │ ├── kibana.yaml
│ │ ├── wazuh-cluster.yaml
│ │ ├── wazuh-master.yaml
│ │ └── wazuh-workers.yaml
│ ├── serviceaccount
│ │ └── wazuh-agent.yaml
│ └── statefulset
│ ├── elasticsearch.yaml
│ ├── wazuh-master.yaml
│ └── wazuh-worker.yaml
└── values.yamlTODO
master contains latest code and is not considered to be stable.
If you find any bugs feel free to create a PR.
Currently the chart is written using Helm 2 (v2.16.12) refactoring to Helm3 hasn't been planned yet but deffinetly might be happening in the future.
To deploy a cluster on your local environment just navigate to wazuh-kubernetes/scripts and execute test.sh script to see if everything is linting correctly, afterwards you can deploy it quickly to your Kubernetes using script deploy.sh
When you are done with the testing or work, you can use script named remove.sh to delete the deployment from your kubernetes environment.
If you want to contribute to the project please don't hesitate to send a pull request.
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
Wazuh solution consists of an endpoint security agent, deployed to the monitored systems, and a management server, which collects and analyzes data gathered by the agents. Besides, Wazuh has been fully integrated with the Elastic Stack, providing a search engine and data visualization tool that allows users to navigate through their security alerts.
Here you can find all the automation tools maintained by the Wazuh team.
WAZUH Copyright (C) 2016-2021 Wazuh Inc. (License GPLv2)
Based on the previous work from Wazuh team wazuh/wazuh-kubernetes (2021/02/15)