From 74c34e87b12407ce7dbbed31cd886added623a6e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 16 May 2025 09:25:36 -0300 Subject: [PATCH 1/7] Migrate to Docker Compose v2 --- .../Procedure_push_docker_images.yml | 6 ----- .github/workflows/push.yml | 23 +++------------- build-docker-images/build-images.sh | 2 +- build-docker-images/build-images.yml | 2 -- indexer-certs-creator/README.md | 2 +- multi-node/Migration-to-Wazuh-4.4.md | 27 ++----------------- multi-node/README.md | 10 +++---- multi-node/docker-compose.yml | 2 -- multi-node/generate-indexer-certs.yml | 2 -- single-node/README.md | 8 +++--- single-node/docker-compose.yml | 2 -- single-node/generate-indexer-certs.yml | 2 -- 12 files changed, 17 insertions(+), 71 deletions(-) diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index d02f14c9..259f45fb 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -116,12 +116,6 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Install Docker Compose - run: | - sudo apt-get update - sudo apt-get install -y docker-compose - echo "Installed Docker Compose version: $(docker-compose --version)" - - name: Build Wazuh images run: | IMAGE_TAG=${{ inputs.image_tag }} diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 94bf3b7c..931bde01 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -10,11 +10,6 @@ jobs: - name: Check out code uses: actions/checkout@v3 - - name: Install docker-compose - run: | - curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose - - name: Build Wazuh images run: build-docker-images/build-images.sh @@ -68,11 +63,6 @@ jobs: - name: Check out code uses: actions/checkout@v3 - - name: Install docker-compose - run: | - curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose - - name: Create enviroment variables run: cat .env > $GITHUB_ENV @@ -99,10 +89,10 @@ jobs: - name: Create single node certficates - run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator + run: docker compose -f single-node/generate-indexer-certs.yml run --rm generator - name: Start single node stack - run: docker-compose -f single-node/docker-compose.yml up -d + run: docker compose -f single-node/docker-compose.yml up -d - name: Check Wazuh indexer start run: | @@ -196,11 +186,6 @@ jobs: - name: Check out code uses: actions/checkout@v3 - - name: Install docker-compose - run: | - curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose - chmod +x /usr/local/bin/docker-compose - - name: Create enviroment variables run: cat .env > $GITHUB_ENV @@ -230,10 +215,10 @@ jobs: rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar - name: Create multi node certficates - run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator + run: docker compose -f multi-node/generate-indexer-certs.yml run --rm generator - name: Start multi node stack - run: docker-compose -f multi-node/docker-compose.yml up -d + run: docker compose -f multi-node/docker-compose.yml up -d - name: Check Wazuh indexer start run: | diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index d0551e48..21f0e5f0 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -65,7 +65,7 @@ build() { echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env - docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1 + docker compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1 return 0 } diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml index 90fbb897..6620b17e 100644 --- a/build-docker-images/build-images.yml +++ b/build-docker-images/build-images.yml @@ -1,6 +1,4 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3.7' - services: wazuh.manager: build: diff --git a/indexer-certs-creator/README.md b/indexer-certs-creator/README.md index b7dbc565..10965097 100644 --- a/indexer-certs-creator/README.md +++ b/indexer-certs-creator/README.md @@ -5,5 +5,5 @@ The dockerfile hosted in this directory is used to build the image used to boot To create the image, the following command must be executed: ``` -$ docker build -t wazuh/wazuh-certs-generator:0.0.1 . +$ docker build -t wazuh/wazuh-certs-generator:0.0.2 . ``` diff --git a/multi-node/Migration-to-Wazuh-4.4.md b/multi-node/Migration-to-Wazuh-4.4.md index 3ff10a84..06450e4c 100644 --- a/multi-node/Migration-to-Wazuh-4.4.md +++ b/multi-node/Migration-to-Wazuh-4.4.md @@ -6,35 +6,12 @@ The example is migrating from v4.2 to v4.4. Assuming that you have a v4.2 production deployment, perform the following steps. **1. Stop 4.2 environment** -`docker-compose -f production-cluster.yml stop` +`docker compose -f production-cluster.yml stop` **2. List elasticsearch volumes** `docker volume ls --filter name='wazuh-docker_elastic-data'` -**3. Inspect elasticsearch volume** -`docker volume inspect wazuh-docker_elastic-data-1` - -**4. Spin down the 4.2 environment.** -`docker-compose -f production-cluster.yml down` - -**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker compose version and project name as parameters.** - -Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node - -**5. Run the volume create command:** create new indexer and Wazuh manager volumes using the `com.docker.compose.version` label value from the previous command. - -``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=wazuh-indexer-data-1 \ - multi-node_wazuh-indexer-data-1 -``` -``` -docker volume create \ - --label com.docker.compose.project=multi-node \ - --label com.docker.compose.version=1.25.0 \ - --label com.docker.compose.volume=wazuh-indexer-data-2 \ +**3. Inspect elasticsearch volume**docker-compose multi-node_wazuh-indexer-data-2 ``` ``` diff --git a/multi-node/README.md b/multi-node/README.md index c1e8b998..678fa782 100644 --- a/multi-node/README.md +++ b/multi-node/README.md @@ -1,6 +1,6 @@ # Deploy Wazuh Docker in multi node configuration -This deployment is defined in the `docker-compose.yml` file with two Wazuh manager containers, three Wazuh indexer containers, and one Wazuh dashboard container. It can be deployed by following these steps: +This deployment is defined in the `docker-compose.yml` file with two Wazuh manager containers, three Wazuh indexer containers, and one Wazuh dashboard container. It can be deployed by following these steps: 1) Increase max_map_count on your host (Linux). This command must be run with root permissions: ``` @@ -8,18 +8,18 @@ $ sysctl -w vm.max_map_count=262144 ``` 2) Run the certificate creation script: ``` -$ docker-compose -f generate-indexer-certs.yml run --rm generator +$ docker compose -f generate-indexer-certs.yml run --rm generator ``` -3) Start the environment with docker-compose: +3) Start the environment with docker compose: - In the foregroud: ``` -$ docker-compose up +$ docker compose up ``` - In the background: ``` -$ docker-compose up -d +$ docker compose up -d ``` diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 2d9ad309..a482fef0 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -1,6 +1,4 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3.7' - services: wazuh.master: image: wazuh/wazuh-manager:4.12.0 diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index dbf2b079..3142ab1a 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -1,6 +1,4 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3' - services: generator: image: wazuh/wazuh-certs-generator:0.0.2 diff --git a/single-node/README.md b/single-node/README.md index efd303c7..1a93b6c9 100644 --- a/single-node/README.md +++ b/single-node/README.md @@ -8,17 +8,17 @@ $ sysctl -w vm.max_map_count=262144 ``` 2) Run the certificate creation script: ``` -$ docker-compose -f generate-indexer-certs.yml run --rm generator +$ docker compose -f generate-indexer-certs.yml run --rm generator ``` -3) Start the environment with docker-compose: +3) Start the environment with docker compose: - In the foregroud: ``` -$ docker-compose up +$ docker compose up ``` - In the background: ``` -$ docker-compose up -d +$ docker compose up -d ``` The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the indexes and index patterns must be generated. diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index bdcc695c..f1a84fa5 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -1,6 +1,4 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3.7' - services: wazuh.manager: image: wazuh/wazuh-manager:4.12.0 diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml index 3e0eb6fd..b7b7efb6 100644 --- a/single-node/generate-indexer-certs.yml +++ b/single-node/generate-indexer-certs.yml @@ -1,6 +1,4 @@ # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) -version: '3' - services: generator: image: wazuh/wazuh-certs-generator:0.0.2 From 6861e077b683cce388e7d97388924a33f3e74402 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 16 May 2025 09:32:21 -0300 Subject: [PATCH 2/7] Migrate to Docker Compose v2 --- multi-node/Migration-to-Wazuh-4.4.md | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/multi-node/Migration-to-Wazuh-4.4.md b/multi-node/Migration-to-Wazuh-4.4.md index 06450e4c..3ff10a84 100644 --- a/multi-node/Migration-to-Wazuh-4.4.md +++ b/multi-node/Migration-to-Wazuh-4.4.md @@ -6,12 +6,35 @@ The example is migrating from v4.2 to v4.4. Assuming that you have a v4.2 production deployment, perform the following steps. **1. Stop 4.2 environment** -`docker compose -f production-cluster.yml stop` +`docker-compose -f production-cluster.yml stop` **2. List elasticsearch volumes** `docker volume ls --filter name='wazuh-docker_elastic-data'` -**3. Inspect elasticsearch volume**docker-compose +**3. Inspect elasticsearch volume** +`docker volume inspect wazuh-docker_elastic-data-1` + +**4. Spin down the 4.2 environment.** +`docker-compose -f production-cluster.yml down` + +**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker compose version and project name as parameters.** + +Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node + +**5. Run the volume create command:** create new indexer and Wazuh manager volumes using the `com.docker.compose.version` label value from the previous command. + +``` +docker volume create \ + --label com.docker.compose.project=multi-node \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=wazuh-indexer-data-1 \ + multi-node_wazuh-indexer-data-1 +``` +``` +docker volume create \ + --label com.docker.compose.project=multi-node \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=wazuh-indexer-data-2 \ multi-node_wazuh-indexer-data-2 ``` ``` From 3cdebd42759ae9c9ad4dd05a42da1744ea873835 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 20 May 2025 10:15:24 -0300 Subject: [PATCH 3/7] Change filebeat output test for single node test --- .github/single-node-filebeat-check.sh | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/.github/single-node-filebeat-check.sh b/.github/single-node-filebeat-check.sh index 7f9ae7d3..5a84207f 100755 --- a/.github/single-node-filebeat-check.sh +++ b/.github/single-node-filebeat-check.sh @@ -1,9 +1,20 @@ -filebeatout=$(docker exec single-node_wazuh.manager_1 sh -c 'filebeat test output') -filebeatstatus=$(echo "${filebeatout}" | grep -c OK) -if [[ filebeatstatus -eq 7 ]]; then - echo "No errors in filebeat" +COMMAND_TO_EXECUTE="filebeat test output" + +MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E '*manager*') + +if [ -z "$CONTAINER_NAMES" ]; then + echo "No se encontraron contenedores con 'master' en su nombre." else - echo "Errors in filebeat" - echo "${filebeatout}" - exit 1 + for MASTER_CONTAINERS in $MASTER_CONTAINERS; do + FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) + FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) + if [[ filebeatstatus -eq 7 ]]; then + echo "No errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + else + echo "Errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + exit 1 + fi + done fi \ No newline at end of file From 91a2566aa2303b389aa4f8b0b001ccd542279193 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 20 May 2025 14:22:44 -0300 Subject: [PATCH 4/7] Change grep filter --- .github/single-node-filebeat-check.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/single-node-filebeat-check.sh b/.github/single-node-filebeat-check.sh index 5a84207f..b6c8d727 100755 --- a/.github/single-node-filebeat-check.sh +++ b/.github/single-node-filebeat-check.sh @@ -1,6 +1,6 @@ COMMAND_TO_EXECUTE="filebeat test output" -MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E '*manager*') +MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'manager') if [ -z "$CONTAINER_NAMES" ]; then echo "No se encontraron contenedores con 'master' en su nombre." From a1514129ff79b692046e60c3c5398ee01f61028a Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 20 May 2025 14:36:55 -0300 Subject: [PATCH 5/7] Change filebeat output test for multi node test --- .github/multi-node-filebeat-check.sh | 49 +++++++++++++++++++-------- .github/single-node-filebeat-check.sh | 4 +-- 2 files changed, 37 insertions(+), 16 deletions(-) diff --git a/.github/multi-node-filebeat-check.sh b/.github/multi-node-filebeat-check.sh index 39a21827..2cadd516 100755 --- a/.github/multi-node-filebeat-check.sh +++ b/.github/multi-node-filebeat-check.sh @@ -1,18 +1,39 @@ -filebeatout1=$(docker exec multi-node_wazuh.master_1 sh -c 'filebeat test output') -filebeatstatus1=$(echo "${filebeatout1}" | grep -c OK) -if [[ filebeatstatus1 -eq 7 ]]; then - echo "No errors in master filebeat" +COMMAND_TO_EXECUTE="filebeat test output" + +MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'master') + +if [ -z "$MASTER_CONTAINERS" ]; then + echo "No containers were found with 'master' in their name." else - echo "Errors in master filebeat" - echo "${filebeatout1}" - exit 1 + for MASTER_CONTAINERS in $MASTER_CONTAINERS; do + FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) + FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) + if [[ filebeatstatus -eq 7 ]]; then + echo "No errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + else + echo "Errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + exit 1 + fi + done fi -filebeatout2=$(docker exec multi-node_wazuh.worker_1 sh -c 'filebeat test output') -filebeatstatus2=$(echo "${filebeatout2}" | grep -c OK) -if [[ filebeatstatus2 -eq 7 ]]; then - echo "No errors in worker filebeat" + +MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'worker') + +if [ -z "$MASTER_CONTAINERS" ]; then + echo "No containers were found with 'worker' in their name." else - echo "Errors in worker filebeat" - echo "${filebeatout2}" - exit 1 + for MASTER_CONTAINERS in $MASTER_CONTAINERS; do + FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) + FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) + if [[ filebeatstatus -eq 7 ]]; then + echo "No errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + else + echo "Errors in filebeat" + echo "${FILEBEAT_OUTPUT}" + exit 1 + fi + done fi \ No newline at end of file diff --git a/.github/single-node-filebeat-check.sh b/.github/single-node-filebeat-check.sh index b6c8d727..e96b6cd5 100755 --- a/.github/single-node-filebeat-check.sh +++ b/.github/single-node-filebeat-check.sh @@ -2,8 +2,8 @@ COMMAND_TO_EXECUTE="filebeat test output" MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'manager') -if [ -z "$CONTAINER_NAMES" ]; then - echo "No se encontraron contenedores con 'master' en su nombre." +if [ -z "$MASTER_CONTAINERS" ]; then + echo "No containers were found with 'manager' in their name." else for MASTER_CONTAINERS in $MASTER_CONTAINERS; do FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) From 90cc26f0377675aad0347ed2b33ccd2352036c06 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 20 May 2025 14:52:12 -0300 Subject: [PATCH 6/7] Modify FILEBEAT_STATUS test --- .github/multi-node-filebeat-check.sh | 4 ++-- .github/single-node-filebeat-check.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/multi-node-filebeat-check.sh b/.github/multi-node-filebeat-check.sh index 2cadd516..3052f69e 100755 --- a/.github/multi-node-filebeat-check.sh +++ b/.github/multi-node-filebeat-check.sh @@ -8,7 +8,7 @@ else for MASTER_CONTAINERS in $MASTER_CONTAINERS; do FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) - if [[ filebeatstatus -eq 7 ]]; then + if [[ $FILEBEAT_STATUS -eq 7 ]]; then echo "No errors in filebeat" echo "${FILEBEAT_OUTPUT}" else @@ -27,7 +27,7 @@ else for MASTER_CONTAINERS in $MASTER_CONTAINERS; do FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) - if [[ filebeatstatus -eq 7 ]]; then + if [[ $FILEBEAT_STATUS -eq 7 ]]; then echo "No errors in filebeat" echo "${FILEBEAT_OUTPUT}" else diff --git a/.github/single-node-filebeat-check.sh b/.github/single-node-filebeat-check.sh index e96b6cd5..1979d25b 100755 --- a/.github/single-node-filebeat-check.sh +++ b/.github/single-node-filebeat-check.sh @@ -8,7 +8,7 @@ else for MASTER_CONTAINERS in $MASTER_CONTAINERS; do FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE) FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK) - if [[ filebeatstatus -eq 7 ]]; then + if [[ $FILEBEAT_STATUS -eq 7 ]]; then echo "No errors in filebeat" echo "${FILEBEAT_OUTPUT}" else From 0041c252185ef208fbce292f7c53261196802c3e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 21 May 2025 09:05:55 -0300 Subject: [PATCH 7/7] Add changelog --- CHANGELOG.md | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fd053c1d..65e1390b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,44 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.12.2] + +### Added + +- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) +- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) +- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + +## [4.12.1] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.12.0] ### Added