This directory contains Kubernetes configurations which runs Wazuh manager Pod as a StatefulSet using storage provisioned with a StorageClass.
This directory also contains two services that should be exposed internally in your AWS VPC:
- The
wazuhservice which exposes the Wazuh API of the master node - The
wazuh-clusterservice which allow the communication between all Wazuh manager pods - The
wazuh-workersservice which exposes Wazuh workers agents management ports
Make sure you deployed everything from the base folder, the elasticsearch folder, the kibana folder and logstash folder the before deploying the Wazuh manager cluster.
Then, you will need to update the domainName annotation value in both the wazuh-api-svc.yaml and the wazuh-manager-svc.yaml files before deploying those services.
You should also set a valid AWS ACM certificate ARN in the wazuh-api-svc.yaml for the service.beta.kubernetes.io/aws-load-balancer-ssl-cert annotation. That certificate should match with the domainName.
kubectl apply -f wazuh-api-svc.yaml
kubectl apply -f wazuh-manager-cluster-sts-svc.yaml
kubectl apply -f wazuh-workers-svc.yaml
kubectl apply -f wazuh-manager-master-conf.yaml
kubectl apply -f wazuh-manager-worker-0-conf.yaml
kubectl apply -f wazuh-manager-worker-1-conf.yaml
kubectl apply -f wazuh-manager-master-sts.yaml
kubectl apply -f wazuh-manager-worker-0-sts.yaml
kubectl apply -f wazuh-manager-worker-1-sts.yaml