Merge branch '3.9.0_6.7.1' into k8s

2025-10-23 04:51:57 +00:00 · 2019-05-06 11:56:05 +02:00
parent 3f94f734d4 7bf7f532e0
commit a88e5495d5
10 changed files with 74 additions and 26 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,43 @@
 # Change Log
 All notable changes to this project will be documented in this file.

+## Wazuh Docker v3.9.0_6.7.1
+
+### Added
+
+- Support for xPACK authorized requests ([@manuasir](https://github.com/manuasir)) ([#119](https://github.com/wazuh/wazuh-docker/pull/119))
+- Add Elasticsearch cluster configuration ([@SitoRBJ](https://github.com/SitoRBJ)). ([#146](https://github.com/wazuh/wazuh-docker/pull/146))
+- Add Elasticsearch cluster configuration ([@Phandora](https://github.com/Phandora)) ([#140](https://github.com/wazuh/wazuh-docker/pull/140))
+- Setting Nginx to support several user/passwords in Kibana ([@toniMR](https://github.com/toniMR)) ([#136](https://github.com/wazuh/wazuh-docker/pull/136))
+
+
+### Changed
+
+- Use LS_JAVA_OPTS instead of old LS_HEAP_SIZE ([@ruffy91](https://github.com/ruffy91)) ([#139](https://github.com/wazuh/wazuh-docker/pull/139))
+- Changing the original Wazuh docker image to allow adding code in the entrypoint ([@Phandora](https://github.com/phandora)) ([#151](https://github.com/wazuh/wazuh-docker/pull/151))
+
+### Removed
+
+- Removing files from Wazuh image ([@Phandora](https://github.com/phandora)) ([#153](https://github.com/wazuh/wazuh-docker/pull/153))
+
+## Wazuh Docker v3.8.2_6.7.0
+
+### Changed
+
+- Update Elastic Stack version to 6.7.0. ([#144](https://github.com/wazuh/wazuh-docker/pull/144))
+
+## Wazuh Docker v3.8.2_6.6.2
+
+### Changed
+
+- Update Elastic Stack version to 6.6.2. ([#130](https://github.com/wazuh/wazuh-docker/pull/130))
+
+## Wazuh Docker v3.8.2_6.6.1
+
+### Changed
+
+- Update Elastic Stack version to 6.6.1. ([#129](https://github.com/wazuh/wazuh-docker/pull/129))
+
 ## Wazuh Docker v3.8.2_6.5.4

 ### Added
@@ -12,7 +49,6 @@ All notable changes to this project will be documented in this file.
 - Adding env variables for alerts data flow. ([#118](https://github.com/wazuh/wazuh-docker/pull/118))
 - New Logstash entrypoint added. ([#135](https://github.com/wazuh/wazuh-docker/pull/135/files))
 - Welcome screen management. ([#133](https://github.com/wazuh/wazuh-docker/pull/133))
- Add Elasticsearch cluster configuration. ([#146](https://github.com/wazuh/wazuh-docker/pull/146))

 ### Changed

--- a/README.md
+++ b/README.md
@@ -11,8 +11,9 @@ In this repository you will find the containers to run:
 * wazuh-logstash: It is used to receive alerts generated by the manager and feed Elasticsearch using an alerts template
 * wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status.
 * wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and [Basic authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#Basic_authentication_scheme).
+* wazuh-elasticsearch: An Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** 

-In addition, a docker-compose file is provided to launch the containers mentioned above. It also launches an Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images.
+In addition, a docker-compose file is provided to launch the containers mentioned above. 

 * Elasticsearch cluster. In the Elasticsearch Dockerfile we can visualize variables to configure an Elasticsearch Cluster. These variables are used in the file *config_cluster.sh* to set them in the *elasticsearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml).

@@ -60,9 +61,9 @@ In addition, a docker-compose file is provided to launch the containers mentione

 ## Branches

-* `stable` branch on correspond to the last Wazuh-Docker stable version.
+* `stable` branch on correspond to the latest Wazuh-Docker stable version.
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
-* `Wazuh.Version_ElasticStack.Version` (for example 3.7.0_6.4.3) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
+* `Wazuh.Version_ElasticStack.Version` (for example 3.9.0_6.7.1) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.

 ## Credits and Thank you

--- a/4
+++ b/4
@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="3.8.2_6.5.4"
-REVISION="3802"
+WAZUH-DOCKER_VERSION="3.9.0_6.7.1"
+REVISION="3900"
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -3,7 +3,7 @@ version: '2'

 services:
  wazuh:
-    image: wazuh/wazuh:3.8.2_6.5.4
+    image: wazuh/wazuh:3.9.0_6.7.1
    hostname: wazuh-manager
    restart: always
    ports:
@@ -14,7 +14,7 @@ services:
    depends_on:
      - logstash
  logstash:
-    image: wazuh/wazuh-logstash:3.8.2_6.5.4
+    image: wazuh/wazuh-logstash:3.9.0_6.7.1
    hostname: logstash
    restart: always
    links:
@@ -26,7 +26,7 @@ services:
    environment:
      - LS_HEAP_SIZE=2048m
  elasticsearch:
-    image: wazuh/wazuh-elasticsearch:3.8.2_6.5.4
+    image: wazuh/wazuh-elasticsearch:3.9.0_6.7.1
    hostname: elasticsearch
    restart: always
    ports:
@@ -43,7 +43,7 @@ services:
        hard: -1
    mem_limit: 2g
  kibana:
-    image: wazuh/wazuh-kibana:3.8.2_6.5.4
+    image: wazuh/wazuh-kibana:3.9.0_6.7.1
    hostname: kibana
    restart: always
    depends_on:
@@ -52,7 +52,7 @@ services:
      - elasticsearch:elasticsearch
      - wazuh:wazuh
  nginx:
-    image: wazuh/wazuh-nginx:3.8.2_6.5.4
+    image: wazuh/wazuh-nginx:3.9.0_6.7.1
    hostname: nginx
    restart: always
    environment:
--- a/elasticsearch/Dockerfile
+++ b/elasticsearch/Dockerfile
@@ -1,5 +1,5 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/elasticsearch/elasticsearch:6.5.4
+FROM docker.elastic.co/elasticsearch/elasticsearch:6.7.1

 ENV ELASTICSEARCH_URL="http://elasticsearch:9200"

@@ -13,7 +13,7 @@ ENV XPACK_ML="true"

 ENV ENABLE_CONFIGURE_S3="false"

-ENV TEMPLATE_VERSION=v3.8.2
+ENV TEMPLATE_VERSION=v3.9.0

 # Elasticearch cluster configuration environment variables
 # If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration
@@ -39,7 +39,7 @@ COPY --chown=elasticsearch:elasticsearch ./config/load_settings.sh ./

 RUN chmod +x ./load_settings.sh

-RUN elasticsearch-plugin install --batch repository-s3
+RUN bin/elasticsearch-plugin install --batch https://artifacts.elastic.co/downloads/elasticsearch-plugins/repository-s3/repository-s3-6.7.1.zip

 COPY config/configure_s3.sh ./config/configure_s3.sh
 RUN chmod 755 ./config/configure_s3.sh
--- a/elasticsearch/config/load_settings.sh
+++ b/elasticsearch/config/load_settings.sh
@@ -11,8 +11,13 @@ else
  wazuh_url="${WAZUH_API_URL}"
 fi

+if [ ${ENABLED_XPACK} != "true" || "x${ELASTICSEARCH_USERNAME}" = "x" || "x${ELASTICSEARCH_PASSWORD}" = "x" ]; then
+  auth=""
+else
+  auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}"
+fi

-until curl -XGET $el_url; do
+until curl ${auth} -XGET $el_url; do
  >&2 echo "Elastic is unavailable - sleeping"
  sleep 5
 done
@@ -42,7 +47,7 @@ fi

 sed -i 's|    "index.refresh_interval": "5s"|    "index.refresh_interval": "5s",    "number_of_shards" :   '"${ALERTS_SHARDS}"',    "number_of_replicas" : '"${ALERTS_REPLICAS}"'|' /usr/share/elasticsearch/config/wazuh-elastic6-template-alerts.json

-cat /usr/share/elasticsearch/config/wazuh-elastic6-template-alerts.json | curl -XPUT "$el_url/_template/wazuh" -H 'Content-Type: application/json' -d @-
+cat /usr/share/elasticsearch/config/wazuh-elastic6-template-alerts.json | curl -XPUT "$el_url/_template/wazuh" ${auth} -H 'Content-Type: application/json' -d @-
 sleep 5


@@ -51,9 +56,9 @@ API_USER_Q=`echo "$API_USER" | tr -d '"'`
 API_PASSWORD=`echo -n $API_PASS_Q | base64`

 echo "Setting API credentials into Wazuh APP"
-CONFIG_CODE=$(curl -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/wazuh-configuration/1513629884013)
+CONFIG_CODE=$(curl -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/wazuh-configuration/1513629884013 ${auth})
 if [ "x$CONFIG_CODE" = "x404" ]; then
-  curl -s -XPOST $el_url/.wazuh/wazuh-configuration/1513629884013 -H 'Content-Type: application/json' -d'
+  curl -s -XPOST $el_url/.wazuh/wazuh-configuration/1513629884013 ${auth} -H 'Content-Type: application/json' -d'
  {
    "api_user": "'"$API_USER_Q"'",
    "api_password": "'"$API_PASSWORD"'",
@@ -82,7 +87,7 @@ else
 fi
 sleep 5

-curl -XPUT "$el_url/_cluster/settings" -H 'Content-Type: application/json' -d'
+curl -XPUT "$el_url/_cluster/settings" ${auth} -H 'Content-Type: application/json' -d'
 {
  "persistent": {
    "xpack.monitoring.collection.enabled": true
--- a/kibana/Dockerfile
+++ b/kibana/Dockerfile
@@ -1,6 +1,6 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/kibana/kibana:6.5.4
-ARG WAZUH_APP_VERSION=3.8.2_6.5.4
+FROM docker.elastic.co/kibana/kibana:6.7.1
+ARG WAZUH_APP_VERSION=3.9.0_6.7.1
 USER root

 ADD https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip /tmp
--- a/kibana/config/entrypoint.sh
+++ b/kibana/config/entrypoint.sh
@@ -13,8 +13,14 @@ else
  el_url="${ELASTICSEARCH_URL}"
 fi

-until curl -XGET $el_url; do
-  >&2 echo "Elastic is unavailable - sleeping."
+if [ ${ENABLED_XPACK} != "true" || "x${ELASTICSEARCH_USERNAME}" = "x" || "x${ELASTICSEARCH_PASSWORD}" = "x" ]; then
+  auth=""
+else
+  auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}"
+fi
+
+until curl -XGET $el_url ${auth}; do
+  >&2 echo "Elastic is unavailable - sleeping"
  sleep 5
 done

--- a/logstash/Dockerfile
+++ b/logstash/Dockerfile
@@ -1,5 +1,5 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/logstash/logstash:6.5.4
+FROM docker.elastic.co/logstash/logstash:6.7.0

 COPY --chown=logstash:logstash config/entrypoint.sh /entrypoint.sh

--- a/wazuh/Dockerfile
+++ b/wazuh/Dockerfile
@@ -1,7 +1,7 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
 FROM phusion/baseimage:latest
-ARG FILEBEAT_VERSION=6.5.4
-ARG WAZUH_VERSION=3.8.2-1
+ARG FILEBEAT_VERSION=6.7.0
+ARG WAZUH_VERSION=3.9.0-1

 ENV API_USER="foo" \
    API_PASS="bar"