Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Docker in swarm mode #840

Closed
rauldpm opened this issue May 16, 2023 · 2 comments
Closed

Add support for Docker in swarm mode #840

rauldpm opened this issue May 16, 2023 · 2 comments
Labels
level/task Subtask issue type/change Change requested type/enhancement

Comments

@rauldpm
Copy link
Member

rauldpm commented May 16, 2023

Users have reported to us that the nomenclature we use in the services is not compatible with a deployment in Docker swarm, for this, it is necessary to modify the naming (for example) to wazuh-(dashboard|indexer|manager)

It has been verified that with the changes made in the docker-compose.yml file, deployment can be done:

services:
    wazuh-manager:
    wazuh-indexer:
    wazuh-dashboard:
      links:
        - wazuh-indexer:wazuh.indexer
        - wazuh-manager:wazuh.manager

It is necessary to carry out an analysis of the impact of this change on the Docker deployment and make sure that the functionality remains intact as well as the upgrade process from previous versions.
@rauldpm rauldpm added type/enhancement level/task Subtask issue type/change Change requested labels May 16, 2023
@rauldpm rauldpm mentioned this issue May 16, 2023
Closed
@Brettdah
Copy link

Hello there,
It seems there is something to look at in the certs generator too no ?
or will the certificate be valid with the default options ? while with swarm the services names will be in a dash notation and the certs in a dot notation for both names and IPs...

I try to change the name and IP to be the name and Ip of the docker service aka replace the dot notation by the dash notation
but then the certificate will not be gerated...
tried again with the dash only in the name, the IP seems to be a SAN of type DNS => the certificate did generate.
But I don't see the CN in the SAN that may cause problem in some browser (did not test yet ... but I remember 6 years ago when creating my first PKI for a client that not having the DN in the SAN was a cause of cert malformation and site loading errors....)

@Brettdah
Copy link

hello there,

I'd like to add that links is not supported in a compose file starting v2
The service should be able to "communicate with one with another (being in the same network set up by compose)"

docker stack deploy -c docker-compose.yml stack-siem
Ignoring unsupported options: links

Creating network stack-siem_wazuh
Creating service stack-siem_wazuh-dashboard
Creating service stack-siem_wazuh-manager
Creating service stack-siem_wazuh-indexer

so it would be a bit more optimized to remove those lines I used compose before and never added a link for the database or any service in my stacks (compose or swarm) I think it's a artifact from the past no ?

@Brettdah Brettdah mentioned this issue Nov 20, 2023
Open
@teddytpc1 teddytpc1 closed this as not planned Won't fix, can't repro, duplicate, stale May 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
level/task Subtask issue type/change Change requested type/enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rauldpm @Brettdah @teddytpc1