-
Notifications
You must be signed in to change notification settings - Fork 330
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't deploy wazuh on OpenShift #790
Comments
Hello We currently don't have Wazuh deployed configured or tested on openshift, but I can help you with some bugs you posted so they can help you fix it. About this error: About this error: About this error: About this error: |
Hello, thanks for your answer. Indeed, I tried to do what you recommended but it doesn't work unfortunately. My indexer has : For my manager pod, when I active It forces me to disable this securitycontext : When I do the port forward, now I also could not access the dashboard from the web interface, I just have this message : Thank for your answer ! |
The error you have may be due to the fact that you have commented out the Regarding the |
Hello @vcerenu, sorry for my late. I tried all of solutions but doesn't work. I don't know if you have others ideas ? Thank! |
Hello @0xThegarlic As I mentioned in the previous post, we don't have an implementation in If there are considerations that could be taken into account for the deployment, I invite you to create a PR for us and it will be analyzed to add it to our repositories. |
Hi, I tried to deploy wazuh on the OpenShift platform as part of a monitoring of some servers following the documentation for deploying wazuh on kubernetes. Unfortunately, I was not able to deploy wazuh on OpenShift, since after my deployment, none of my pods were started and I still had this error message saying: /bin/bash: entrypoint.sh: Permission denied
Not understanding this problem, I started to do some research on the internet and I came across a document from OpenShift that explained that pods were starting with very restrictive rights on OpenShift, so I decided to pause the pod with the command :
command: ["sh", "-c", "while true; do sleep 5; done"]
Indeed, I noticed that the pod was starting with a random user 1009430000 and we can see that the entrypoint.sh file is executable only by the wazuh-dashboard user.
From there, I used these resources:
To allow my user 1009430000 to have the necessary permissions to perform my wazuh deployment but that didn't work either.
Not finding any solution, I decided to re-build the wazuh project via the build-docker-image ( https://github.com/wazuh/wazuh-docker/tree/master/build-docker-images) by changing the group and the uid of the wazuh-dashboard user.
So I made a modification in the dockerfile on the creation part of the wazuh-dashboard user like this:
After the build, I had the same problem on the indexer pod and I also modified the dockerfile of the indexer like this:
After these configurations, my pods were starting but I was facing a new problem with rights on files in the conf and cert directory and other problems.
kubectl get pod
For my dashboard pod :
For my indexer pod :
For my manager pod :
When I do the port forward, I also could not access the dashboard from the web interface, because the API cannot be contacted by the dashboard.
If you can figure out the problem, please let me know.
Thank you in advance!
The text was updated successfully, but these errors were encountered: