Add Elasticsearch cluster configuration

CHANGELOG.md

@@ -12,6 +12,7 @@ All notable changes to this project will be documented in this file.
 - Adding env variables for alerts data flow. ([#118](https://github.com/wazuh/wazuh-docker/pull/118))
 - New Logstash entrypoint added. ([#135](https://github.com/wazuh/wazuh-docker/pull/135/files))
 - Welcome screen management. ([#133](https://github.com/wazuh/wazuh-docker/pull/133))
+- Add Elasticsearch cluster configuration. ([#146](https://github.com/wazuh/wazuh-docker/pull/146))
 
 ### Changed
 

elasticsearch/Dockerfile

@@ -1,6 +1,8 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
 FROM docker.elastic.co/elasticsearch/elasticsearch:6.5.4
 
+ENV ELASTICSEARCH_URL="http://elasticsearch:9200"
+
 ENV ALERTS_SHARDS="1" \
     ALERTS_REPLICAS="0"
 
@@ -13,6 +15,18 @@ ENV ENABLE_CONFIGURE_S3="false"
 
 ENV TEMPLATE_VERSION=v3.8.2
 
+ENV ELASTIC_CLUSTER="false" \
+    CLUSTER_NAME="wazuh" \
+    NODE_MASTER="true" \
+    NODE_DATA="true" \
+    NODE_INGEST="true" \
+    NODE_NAME="wazuh-elasticsearch" \
+    MEMORY_LOCK="true" \
+    DISCOVERY_SERVICE="wazuh-elasticsearch" \
+    NUMBER_OF_MASTERS="2" \
+    MAX_NODES="1" \
+    DELAYED_TIMEOUT="1m"
+
 ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/wazuh-elastic6-template-alerts.json /usr/share/elasticsearch/config
 
 COPY config/entrypoint.sh /entrypoint.sh
@@ -28,5 +42,8 @@ RUN elasticsearch-plugin install --batch repository-s3
 COPY config/configure_s3.sh ./config/configure_s3.sh
 RUN chmod 755 ./config/configure_s3.sh
 
+COPY --chown=elasticsearch:elasticsearch ./config/config_cluster.sh ./
+RUN chmod +x ./config_cluster.sh
+
 ENTRYPOINT ["/entrypoint.sh"]
 CMD ["elasticsearch"]

elasticsearch/config/config_cluster.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+
+elastic_config_file="/usr/share/elasticsearch/config/elasticsearch.yml"
+
+if [[ $ELASTIC_CLUSTER == "true" ]]
+then
+
+  sed -i 's:cluster.name\: "docker-cluster":cluster.name\: "'$CLUSTER_NAME'":g' $elastic_config_file
+  sed -i 's:discovery.zen.minimum_master_nodes\: 1:discovery.zen.minimum_master_nodes\: '$NUMBER_OF_MASTERS':g' $elastic_config_file
+
+
+  echo "
+#cluster node
+node:
+  master: ${NODE_MASTER}
+  data: ${NODE_DATA}
+  ingest: ${NODE_INGEST}
+  name: ${NODE_NAME}
+  max_local_storage_nodes: ${MAX_NODES}
+
+bootstrap:
+  memory_lock: ${MEMORY_LOCK}
+
+discovery:
+  zen:
+    ping.unicast.hosts: ${DISCOVERY_SERVICE}
+
+" >> $elastic_config_file
+fi

elasticsearch/config/entrypoint.sh

@@ -43,6 +43,8 @@ fi
 
 # Run load settings script.
 
+./config_cluster.sh
+
 ./load_settings.sh &
 
 # Execute elasticsearch

elasticsearch/config/load_settings.sh

@@ -3,11 +3,7 @@
 
 set -e
 
-if [ "x${ELASTICSEARCH_URL}" = "x" ]; then
-  el_url="http://elasticsearch:9200"
-else
-  el_url="${ELASTICSEARCH_URL}"
-fi
+el_url=${ELASTICSEARCH_URL}
 
 if [ "x${WAZUH_API_URL}" = "x" ]; then
   wazuh_url="https://wazuh"
@@ -94,5 +90,13 @@ curl -XPUT "$el_url/_cluster/settings" -H 'Content-Type: application/json' -d'
 }
 '
 
+curl -X PUT "$el_url/_all/_settings" -H 'Content-Type: application/json' -d'
+{
+  "settings": {
+    "index.unassigned.node_left.delayed_timeout": "'"$DELAYED_TIMEOUT"'"
+  }
+}
+'
+
 
 echo "Elasticsearch is ready."