Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding the option to disable some xpack features #111

Merged
merged 7 commits into from
Feb 7, 2019

Conversation

LuisGi93
Copy link
Contributor

@LuisGi93 LuisGi93 commented Feb 5, 2019

Hi team,
this PR solves - https://github.com/wazuh/wazuh-saas/issues/41. It adds the capacity of enabling and disabling xpack features mainly at Kibana but also disable by default xpack machinelearning from the elasticsearch image. All these changes happen when the container is created and it is possible to enable and disable xpacks features using environment variables. For example:

  kibana:
    build: ./kibana
    hostname: kibana
    restart: always
#    ports:
#      - "5601:5601"
    environment:
      - ELASTICSEARCH_URL=http://elasticsearch:9200
      - XPACK_DEVTOOLS=true
      - XPACK_CANVAS=false
      - XPACK_LOGS=true

The docker-compose that can be seen above enables the devtools and logs plugin at Kibana and disables the canvas plugin. Right now by default devtools, canvas, infraestructure, machinelearning, logs and apm are disabled by defautl. When a wazuh-kibana container is created it will have the following appearance:

image

A battery of tests were done:

  • All the docker images were deleted, then all the images were built and containers were created with the default settings. The following was checked:

    • no errors were found in the logs.
    • was able to access the Wazuh app at Kibana.
    • was checked that some alerts were received from the manager.
    • also was checked that the kibana.yml and the elasticserach.yml had the correct values.
  • The containers were launched again with the same settings. No duplicates values were found at kibana.yml and the elasticserach.yml. They had the same values.

  • The values of the environment variables were inverted. The containers were created again and the correct values were found at the .yml configuration files. Then the containers were stopped and started again. No duplicate values, no bad indentations and again the correct values were found at the .yml files.

  • Also an hybrid test was done with some variables set to true and other to false and checked that the corresponding values were set at the .yml files.

The following environment variables were added at Kibana:

  • XPACK_DEVTOOLS: enables/disables the devtools plugin.
  • XPACK_CANVAS= enables/disables the canvas plugin.
  • XPACK_LOGS= enables/disables the logs plugins.
  • XPACK_INFRA= enables/disables the infraestructure plugins.
  • XPACK_ML= enables/disables the Machine Learning plugin.
  • XPACK_APM= enables/disables the devtools plugins.
    They need to have the values true for enabling a feature and false to disable it.

Related issue: https://github.com/wazuh/wazuh-saas/issues/41

@SitoRBJ SitoRBJ self-requested a review February 7, 2019 10:55
Copy link
Contributor

@SitoRBJ SitoRBJ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @LuisGi93

Really very good work. We believe that Elasticsearch does not take the new configuration. However, you are aware of the problem of Kibana plugin optimization and other changes may be needed.

Best regards,

Alfonso Ruiz-Bravo

…he desabilitation of plugins wasnt applied at kibana
@LuisGi93
Copy link
Contributor Author

LuisGi93 commented Feb 7, 2019

Hello @SitoRBJ,
thanks for you for warning me about these bugs! I've made the changes to solve them. I'm going to set all environment variables to true. Also, thanks for noticing the "Kibana plugin optimization". This PR adds the capacity to disable some xpacs features at Kibana and at Elasticsearch. I have set all the environment variables to "true" but in case of setting and environment variable to disable some xpack feature it will cause that when the Kibana container starts it will do the "Optimizing and caching browser bundles".

@LuisGi93 LuisGi93 changed the title Disable xpack Adding the option to disable some xpack features Feb 7, 2019
@manuasir manuasir merged commit 4687360 into 3.8.2_6.5.4 Feb 7, 2019
@manuasir manuasir deleted the disable-xpack branch February 7, 2019 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants