vcerenu
commented
4 days ago Description
I've been looking into separating the Dockerfiles from the Docker images of each of the components of the Wazuh stack.
By making a few changes it is possible to generate them. The deployment has been tested and works without problems:
Wazuh manager
$ docker build -t wazuh/wazuh-manager:4.9.2 .
[+] Building 145.1s (24/24) FINISHED
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 2.42kB 0.0s
=> [internal] load metadata for docker.io/library/amazonlinux:2023 3.1s
=> [auth] library/amazonlinux:pull token for registry-1.docker.io 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> [14/17] ADD https://raw.githubusercontent.com/wazuh/wazuh/v4.9.2/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat 0.0s
=> [ 1/17] FROM docker.io/library/amazonlinux:2023@sha256:6c2c3bb2ce484e8496c83bd672a62528406b96c74594b195f70dc3d7b420c296 14.3s
=> => resolve docker.io/library/amazonlinux:2023@sha256:6c2c3bb2ce484e8496c83bd672a62528406b96c74594b195f70dc3d7b420c296 0.1s
=> => sha256:6c2c3bb2ce484e8496c83bd672a62528406b96c74594b195f70dc3d7b420c296 2.38kB / 2.38kB 0.0s
=> => sha256:896212a6eb4bac05279a901518ced7b04623652be4aed944e5a3f63fed0ec981 1.02kB / 1.02kB 0.0s
=> => sha256:77424cbe957ca5d9b174abd840881380567113c8e42acebdb0bd698b5dcdf166 575B / 575B 0.0s
=> => sha256:46453255c2f610c1cb9c8197635e6d542bbd326425a9898df0de76e5bb566461 52.38MB / 52.38MB 3.3s
=> => extracting sha256:46453255c2f610c1cb9c8197635e6d542bbd326425a9898df0de76e5bb566461 10.7s
=> [internal] load build context 0.1s
=> => transferring context: 27.79kB 0.0s
=> [ 2/17] RUN rm /bin/sh && ln -s /bin/bash /bin/sh 1.6s
=> [ 3/17] RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y && yum clean all 17.3s
=> [ 4/17] COPY config/check_repository.sh / 0.2s
=> [ 5/17] COPY config/filebeat_module.sh / 0.1s
=> [ 6/17] COPY config/permanent_data.env config/permanent_data.sh / 0.1s
=> [ 7/17] RUN chmod 775 /check_repository.sh 0.4s
=> [ 8/17] RUN source /check_repository.sh 1.4s
=> [ 9/17] RUN yum install wazuh-manager-4.9.2-1 -y && yum clean all && chmod 775 /filebeat_module.sh && source /filebeat_module.sh && rm /filebeat_module.sh & 96.3s
=> [10/17] COPY config/etc/ /etc/ 0.1s
=> [11/17] COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py 0.2s
=> [12/17] COPY config/filebeat.yml /etc/filebeat/ 0.1s
=> [13/17] RUN chmod go-w /etc/filebeat/filebeat.yml 0.5s
=> [14/17] ADD https://raw.githubusercontent.com/wazuh/wazuh/v4.9.2/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat 0.1s
=> [15/17] RUN chmod go-w /etc/filebeat/wazuh-template.json 0.4s
=> [16/17] RUN mkdir -p /var/ossec/var/multigroups && chown root:wazuh /var/ossec/var/multigroups && chmod 770 /var/ossec/var/multigroups && mkdir -p /var/ossec/age 1.5s
=> [17/17] RUN rm /etc/yum.repos.d/wazuh.repo 0.5s
=> exporting to image 6.3s
=> => exporting layers 6.2s
=> => writing image sha256:2e96d7e9c374afcb8b3b07d3aa0b9ba76a62d860dfe93569eda2bb2ae2d1b96e 0.0s
=> => naming to docker.io/wazuh/wazuh-manager:4.9.2 Wazuh indexer
$ docker build -t wazuh/wazuh-indexer:4.9.2 .
[+] Building 118.6s (33/33) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 2.77kB 0.0s
=> [internal] load metadata for docker.io/library/amazonlinux:2023 0.8s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 2B 0.0s
=> CACHED [builder 1/13] FROM docker.io/library/amazonlinux:2023@sha256:6c2c3bb2ce484e8496c83bd672a62528406b96c74594b195f70dc3d7b420c296 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 19.34kB 0.0s
=> [stage-1 2/16] RUN yum install curl-minimal shadow-utils findutils hostname -y 22.6s
=> [builder 2/13] RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y 13.3s
=> [builder 3/13] COPY config/check_repository.sh / 0.2s
=> [builder 4/13] RUN chmod 775 /check_repository.sh && source /check_repository.sh 1.1s
=> [builder 5/13] RUN yum install wazuh-indexer-4.9.2-1 -y && yum clean all 77.1s
=> [stage-1 3/16] RUN getent group wazuh-indexer || groupadd -r -g 1000 wazuh-indexer 0.6s
=> [stage-1 4/16] RUN useradd --system --uid 1000 --no-create-home --home-dir /usr/share/wazuh-indexer --gid wazuh-indexer 1.9s
=> [stage-1 5/16] WORKDIR /usr/share/wazuh-indexer 0.4s
=> [stage-1 6/16] COPY config/entrypoint.sh / 0.3s
=> [stage-1 7/16] COPY config/securityadmin.sh / 0.3s
=> [stage-1 8/16] RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh 1.1s
=> [stage-1 9/16] RUN chown 1000:1000 /*.sh 1.1s
=> [builder 6/13] COPY config/opensearch.yml / 0.1s
=> [builder 7/13] COPY config/config.sh . 0.1s
=> [builder 8/13] COPY config/config.yml / 0.1s
=> [builder 9/13] COPY config/action_groups.yml / 0.1s
=> [builder 10/13] COPY config/internal_users.yml / 0.1s
=> [builder 11/13] COPY config/roles_mapping.yml / 0.1s
=> [builder 12/13] COPY config/roles.yml / 0.1s
=> [builder 13/13] RUN bash config.sh 4.2s
=> [stage-1 10/16] COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer 2.5s
=> [stage-1 11/16] COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer 0.1s
=> [stage-1 12/16] COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd 0.1s
=> [stage-1 13/16] COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d 0.2s
=> [stage-1 14/16] COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d 0.2s
=> [stage-1 15/16] RUN chown -R 1000:1000 /usr/share/wazuh-indexer 7.7s
=> [stage-1 16/16] RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/waz 0.6s
=> exporting to image 5.0s
=> => exporting layers 5.0s
=> => writing image sha256:a110f44fbd70f5af2ba38be179269803a65f378cb7b44625fc8e3f4b6b4c91c6 0.0s
=> => naming to docker.io/wazuh/wazuh-indexer:4.9.2 Wazuh dashboard
$ docker build -t wazuh/wazuh-dashboard:4.9.2 .
[+] Building 147.4s (30/30) FINISHED
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 3.23kB 0.0s
=> [internal] load metadata for docker.io/library/amazonlinux:2023 1.7s
=> [auth] library/amazonlinux:pull token for registry-1.docker.io 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 10.19kB 0.0s
=> CACHED [builder 1/12] FROM docker.io/library/amazonlinux:2023@sha256:6c2c3bb2ce484e8496c83bd672a62528406b96c74594b195f70dc3d7b420c296 0.0s
=> [stage-1 2/13] RUN yum install shadow-utils -y 21.8s
=> [builder 2/12] RUN yum install curl-minimal libcap openssl -y 10.5s
=> [builder 3/12] COPY config/check_repository.sh / 0.2s
=> [builder 4/12] RUN chmod 775 /check_repository.sh && source /check_repository.sh 1.1s
=> [builder 5/12] RUN yum install wazuh-dashboard-4.9.2-1 -y && yum clean all 66.5s
=> [stage-1 3/13] RUN getent group wazuh-dashboard || groupadd -r -g 1000 wazuh-dashboard 0.7s
=> [stage-1 4/13] RUN useradd --system --uid 1000 --no-create-home --home-dir /usr/share/wazuh-dashboard --gid wazuh-dashboard 0.5s
=> [stage-1 5/13] COPY config/entrypoint.sh / 0.1s
=> [stage-1 6/13] COPY config/wazuh_app_config.sh / 0.1s
=> [stage-1 7/13] RUN chmod 700 /entrypoint.sh 0.7s
=> [stage-1 8/13] RUN chmod 700 /wazuh_app_config.sh 0.8s
=> [stage-1 9/13] RUN chown 1000:1000 /*.sh 0.8s
=> [builder 6/12] RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh 0.4s
=> [builder 7/12] RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config 0.4s
=> [builder 8/12] RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/logs && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/logs 0.4s
=> [builder 9/12] COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ 0.1s
=> [builder 10/12] COPY config/config.sh . 0.1s
=> [builder 11/12] COPY config/config.yml / 0.1s
=> [builder 12/12] RUN bash config.sh 2.8s
=> [stage-1 10/13] COPY --from=builder --chown=1000:1000 /usr/share/wazuh-dashboard /usr/share/wazuh-dashboard 42.4s
=> [stage-1 11/13] RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom 0.4s
=> [stage-1 12/13] RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom 0.4s
=> [stage-1 13/13] WORKDIR /usr/share/wazuh-dashboard 0.1s
=> exporting to image 8.7s
=> => exporting layers 8.7s
=> => writing image sha256:f1ef95f13668c0f7a7bb4a102d46f3682277b1f6114e9dfbadc87013af4f611b 0.0s
=> => naming to docker.io/wazuh/wazuh-dashboard:4.9.2 Regarding the details of the spike, I have doubts regarding the modification of the build of the images, which require several changes and in many cases, adding functionalities that are not currently contemplated and that are necessary to be able to deploy the integrations that Wazuh currently has developed.
Description
As part of the DevOps overhaul objective we need to conduct research, analyze alternatives, and design how to implement the following changes.
Docker image ownership:
DevOps-Owned Docker testing and image build:
Docker Registry Analysis:
Repository Scope Clarification:
Build Process Simplification:
Testing Improvements:
Documentation Updates:
Multi-Node Deployment Decision:
Implementation restrictions
Plan
Research & Analysis:
Repository Restructuring:
Workflow Development:
Test Design and Development:
Configuration & Build Updates:
Documentation Updates:
Multi-Node Decision: