search

wazuh / wazuh-documentation

Wazuh - Project documentation
https://wazuh.com
187 stars 326 forks source link

Ansible installation documentation update #7295

Closed adavinchi closed 2 weeks ago

adavinchi commented 2 months ago

The Wazuh documentation for installation via Ansible is not very clear and there are steps that can be improved.

  1. The Windows endpoints subsection is not consistent with similar subsections making it seem like it is a different step rather than an optional step
  2. The Remote Connection section includes the command cat ~/.ssh/id_rsa.pub | ssh centos@192.168.33.31 "cat >> ~/.ssh/authorized_keys" this command fails because the Ansible server does not yet have access to the remote server. this steps is supposed to created the access. It also does not clearly state that some values are placeholders that should be replaced eg centos
  3. The guide does not clearly separate all-in-one installation from cluster installation.
  4. The cluster installation section does not clearly guide the user on how to modify the/etc/ansible/roles/wazuh-ansible/playbooks/wazuh-production-ready.yml file
teddytpc1 commented 1 month ago

Hi, @adavinchi. Could you update the issue description with links to the documentation and screenshots related to each item, please? We need it to have a better understanding of what you mean.

adavinchi commented 1 month ago
  1. The Windows endpoints subsection: This section is found at Installation alternatives > Deployment with Ansible > Installation Guide > Install Ansible. This section provides multiple methods for installing Ansible: Centos/rhel/fedora, Debian/ubuntu.

As seen in the image below, the Windows endpoints is under the Installation guide, this is confusing and makes it seem like it is a configuration that is required for installing Ansible. I think it is better suited under the Remote Connection section so the user understands that this is only related to deploying on Windows agents with Ansible.

image
  1. Remote Connection: There is a step to run command cat ~/.ssh/id_rsa.pub | ssh centos@192.168.33.31 "cat >> ~/.ssh/authorized_keys" in step 3 here

This commands attempts to use ssh to write the ssh key to the remote server. The document contains an actual IP and user instead of a placeholder and we do not notify the user that the remote user needs to have required permissions on the remote machine. it should be clearer to the user that they need to replace those values.

  1. all-in-one installation and cluster installation not clearly separated: As seen in the below image, the single node and cluster installation is not clearly separated like in other documentation, for example in Deployment with puppet

    image

  2. Cluster installation section does not clearly guide the user on how to modify the /etc/ansible/roles/wazuh-ansible/playbooks/wazuh-production-ready.yml file: The default configuration contains 2 Wazuh nodes, 3 Wazuh indexer nodes, and a Wazuh dashboard node. In a case where the user needs a different architecture, the document does not guide the user on how to modify this document like in other installation document, for example as seen in the puppet documentation:

    image
vcerenu commented 2 weeks ago

Changes made to the documentation regarding deployment with Ansible have been merged into the current documentation (4.8.0)