search

wazuh / wazuh-docker

Wazuh - Docker containers
https://wazuh.com
Other
706 stars 400 forks source link

Wazuh dashboard server is not ready yet #4.5.2 #Docker #999

Open SylvainDx opened 1 year ago

SylvainDx commented 1 year ago

Hello I'm trying to deploy Wazuh on Docker with single-node configuration. I followed step by step instruction but end up with a DashBoard not ready...

I deleted every thing and start over without any change on the docker compose files withou any more succes.

I've got this on Manager : 023-09-17T16:19:03.383Z ERROR [publisher_pipeline_output] pipeline/output.go:154 Failed to connect to backoff(elasticsearch(https://wazuh.indexer:9200)): Get "https://wazuh.indexer:9200": dial tcp 172.25.0.3:9200: connect: connection refused

on Dashoboard [ConnectionError]: connect ECONNREFUSED 172.25.0.3:9200 | type=log @timestamp=2023-09-17T16:20:03Z tags=["error","opensearch","data"] pid=39

On Indexer in the /var/log/wazuh-indexer/opensearch.log [2023-09-16T18:01:18,754][ERROR][o.o.b.Bootstrap ] [wazuh.indexer] Exception org.opensearch.OpenSearchException: failed to bind service at org.opensearch.node.Node.(Node.java:1124) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.node.Node.(Node.java:361) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap$5.(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.setup(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.init(Bootstrap.java:404) [opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:180) [opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.execute(OpenSearch.java:171) [opensearch-2.6.0.jar:2.6.0] at org.opensearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:104) [opensearch-2.6.0.jar:2.6.0] at org.opensearch.cli.Command.mainWithoutErrorHandling(Command.java:138) [opensearch-cli-2.6.0.jar:2.6.0] at org.opensearch.cli.Command.main(Command.java:101) [opensearch-cli-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:137) [opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:103) [opensearch-2.6.0.jar:2.6.0] Caused by: java.nio.file.AccessDeniedException: /var/lib/wazuh-indexer/nodes at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?] at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) ~[?:?] at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?] at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:397) ~[?:?] at java.nio.file.Files.createDirectory(Files.java:700) ~[?:?] at java.nio.file.Files.createAndCheckIsDirectory(Files.java:807) ~[?:?] at java.nio.file.Files.createDirectories(Files.java:793) ~[?:?] at org.opensearch.env.NodeEnvironment.lambda$new$0(NodeEnvironment.java:313) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.env.NodeEnvironment$NodeLock.(NodeEnvironment.java:251) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.env.NodeEnvironment.(NodeEnvironment.java:311) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.node.Node.(Node.java:464) ~[opensearch-2.6.0.jar:2.6.0] ... 11 more [2023-09-16T18:01:18,759][ERROR][o.o.b.OpenSearchUncaughtExceptionHandler] [wazuh.indexer] uncaught exception in thread [main] org.opensearch.bootstrap.StartupException: OpenSearchException[failed to bind service]; nested: AccessDeniedException[/var/lib/wazuh-indexer/nodes]; at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:184) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.execute(OpenSearch.java:171) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:104) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.cli.Command.mainWithoutErrorHandling(Command.java:138) ~[opensearch-cli-2.6.0.jar:2.6.0] at org.opensearch.cli.Command.main(Command.java:101) ~[opensearch-cli-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:137) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.main(OpenSearch.java:103) ~[opensearch-2.6.0.jar:2.6.0] Caused by: org.opensearch.OpenSearchException: failed to bind service at org.opensearch.node.Node.(Node.java:1124) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.node.Node.(Node.java:361) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap$5.(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.setup(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.init(Bootstrap.java:404) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:180) ~[opensearch-2.6.0.jar:2.6.0] ... 6 more Caused by: java.nio.file.AccessDeniedException: /var/lib/wazuh-indexer/nodes at sun.nio.fs.UnixException.translateToIOException(UnixException.java:90) ~[?:?] at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106) ~[?:?] at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[?:?] at sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:397) ~[?:?] at java.nio.file.Files.createDirectory(Files.java:700) ~[?:?] at java.nio.file.Files.createAndCheckIsDirectory(Files.java:807) ~[?:?] at java.nio.file.Files.createDirectories(Files.java:793) ~[?:?] at org.opensearch.env.NodeEnvironment.lambda$new$0(NodeEnvironment.java:313) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.env.NodeEnvironment$NodeLock.(NodeEnvironment.java:251) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.env.NodeEnvironment.(NodeEnvironment.java:311) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.node.Node.(Node.java:464) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.node.Node.(Node.java:361) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap$5.(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.setup(Bootstrap.java:242) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.Bootstrap.init(Bootstrap.java:404) ~[opensearch-2.6.0.jar:2.6.0] at org.opensearch.bootstrap.OpenSearch.init(OpenSearch.java:180) ~[opensearch-2.6.0.jar:2.6.0] ... 6 more

thanks for your assistance !

SylvainDx commented 1 year ago

according to #771

docker ps |grep wazuh 178f8519695e wazuh/wazuh-dashboard:4.5.2 "/entrypoint.sh" 24 hours ago Up 22 hours 443/tcp, 0.0.0.0:8443->5601/tcp, :::8443->5601/tcp wazuh-wazuh.dashboard-10

a1e6b4203395 wazuh/wazuh-manager:4.5.2 "/init" 24 hours ago Up 22 hours 0.0.0.0:1514-1515->1514-1515/tcp, :::1514-1515->1514-1515/tcp, 0.0.0.0:514->514/udp, :::514->514/udp, 0.0.0.0:55000->55000/tcp, :::55000->55000/tcp, 1516/tcp wazuh-wazuh.manager-10

8599e3d36c50 wazuh/wazuh-indexer:4.5.2 "/entrypoint.sh open…" 24 hours ago Up 22 hours 0.0.0.0:9200->9200/tcp, :::9200->9200/tcp wazuh-wazuh.indexer-10

but the curl return an error : curl https://localhost:9200/_cluster/health?pretty -k -u admin:SecretPassword curl: (35) error:0A000126:SSL routines::unexpected eof while reading

alphaDev23 commented 5 months ago

Why is this issue still open after almost a year. There are multiple issues on the same. The single-node docker deployment does not work, there are numerous permission errors in the log files, and the indexer fails to properly come up. Has anyone tested this because it also doesn't work in 4.7.5.

Here is an example: [2024-06-10T05:30:19,312][WARN ][o.o.s.OpenSearchSecurityPlugin] [wazuh.indexer] File /usr/share/wazuh-indexer/bin/opensearch-env has insecure file permissions (should be 0600)

and another Caused by: org.opensearch.cluster.coordination.CoordinationStateRejectedException: incoming term 1 does not match current term 2 at org.opensearch.cluster.coordination.CoordinationState.handleJoin(CoordinationState.java:256) ~[opensearch-2.8.0.jar:2.8.0] at org.opensearch.cluster.coordination.Coordinator.handleJoin(Coordinator.java:1180) ~[opensearch-2.8.0.jar:2.8.0] at java.util.Optional.ifPresent(Optional.java:178) ~[?:?] at org.opensearch.cluster.coordination.Coordinator.processJoinRequest(Coordinator.java:648) ~[opensearch-2.8.0.jar:2.8.0] at org.opensearch.cluster.coordination.Coordinator.lambda$handleJoinRequest$7(Coordinator.java:611) ~[opensearch-2.8.0.jar:2.8.0] at org.opensearch.action.ActionListener$1.onResponse(ActionListener.java:80) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.transport.TransportService.connectToNode(TransportService.java:469) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.transport.TransportService.connectToNode(TransportService.java:452) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.cluster.coordination.Coordinator.handleJoinRequest(Coordinator.java:593) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.cluster.coordination.JoinHelper.lambda$new$1(JoinHelper.java:190) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.security.ssl.transport.SecuritySSLRequestHandler.messageReceivedDecorate(SecuritySSLRequestHandler.java:192) [opensearch-security-2.8.0.0.jar:2.8.0.0] at org.opensearch.security.transport.SecurityRequestHandler.messageReceivedDecorate(SecurityRequestHandler.java:172) [opensearch-security-2.8.0.0.jar:2.8.0.0] at org.opensearch.security.ssl.transport.SecuritySSLRequestHandler.messageReceived(SecuritySSLRequestHandler.java:96) [opensearch-security-2.8.0.0.jar:2.8.0.0] at org.opensearch.security.OpenSearchSecurityPlugin$7$1.messageReceived(OpenSearchSecurityPlugin.java:673) [opensearch-security-2.8.0.0.jar:2.8.0.0] at org.opensearch.indexmanagement.rollup.interceptor.RollupInterceptor$interceptHandler$1.messageReceived(RollupInterceptor.kt:113) [opensearch-index-management-2.8.0.0.jar:2.8.0.0] at org.opensearch.performanceanalyzer.transport.PerformanceAnalyzerTransportRequestHandler.messageReceived(PerformanceAnalyzerTransportRequestHandler.java:43) [opensearch-performance-analyzer-2.8.0.0.jar:2.8.0.0] at org.opensearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:106) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.transport.TransportService$8.doRun(TransportService.java:1064) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:806) [opensearch-2.8.0.jar:2.8.0] at org.opensearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:52) [opensearch-2.8.0.jar:2.8.0] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) [?:?] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) [?:?] at java.lang.Thread.run(Thread.java:833) [?:?]

and another (multiple times) 2024-06-10T05:31:10,959][ERROR][o.o.s.a.BackendRegistry ] [wazuh.indexer] Not yet initialized (you may need to run securityadmin).

Reproduction:

  1. Clone the repo
  2. Followed the instructions in the README.