Update manifests to support Kubernetes 1.26

[c-bordon]

In some tests carried out on the deployment of the Kubernetes cluster in EKS for version 1.26, problems were detected in the startup of the pods that need an associated volume to function.

This is because we do not have manifests declaring the creation of the Persistent Volumes, we would have to add these definitions and validate that the cluster starts correctly.

k8s 1.22:

k8s 1.26:

Validation

Test1

• [x] Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22. :green_circle:
• [x] Test Wazuh upgrade to v4.4.3 on an EKS Cluster version 1.22. :green_circle:

Test2

• [x] Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22. :green_circle:
• [x] Upgrade the EKS Cluster to 1.23 without assigning de CSI driver. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Test Wazuh upgrade to v4.4.3 in the EKS Cluster version 1.23. :red_circle:
• [ ] Check if the Wazuh deployment is still working.
• [ ] Add a Wazuh indexer replica.
• [ ] Check if the Wazuh deployment is still working.

Test3

• [x] Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22. :green_circle:
• [x] Upgrade the EKS Cluster to 1.23 and assign de CSI driver. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Test Wazuh upgrade to v4.4.3 in the EKS Cluster version 1.23. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Add a Wazuh indexer replica. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:

Test4

• [x] With the Wazuh v4.4.3 deployment on EKS 1.23, upgrade the EKS Cluster to 1.24. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Add a Wazuh indexer replica. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:

Test5

• [x] With the Wazuh v4.4.3 deployment on EKS 1.24, upgrade the EKS Cluster to 1.25. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Add a Wazuh indexer replica. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:

Test6

• [x] With the Wazuh v4.4.3 deployment on EKS 1.25, upgrade the EKS Cluster to 1.26. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Add a Wazuh indexer replica. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:

Test7

• [x] With the Wazuh v4.4.3 deployment on EKS 1.26, upgrade the EKS Cluster to 1.27. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:
• [x] Add a Wazuh indexer replica. :green_circle:
• [x] Check if the Wazuh deployment is still working. :green_circle:

Provide evidence of every test.

[vcerenu]

The cause of this problem was investigated and it is generated since Kubernetes version 1.23 in EKS, the EBS CSI driver has been removed: https://docs.aws.amazon.com/eks/latest/userguide/ebs-csi.html

In order to generate the deployment in Kubernetes versions 1.23 or later, it is necessary to assign the driver again with its corresponding permission to the cluster explicitly: https://docs.aws.amazon.com/eks/latest/userguide/csi-iam-role.html

We proceed to verify that by making this change the deployment works correctly.

[vcerenu]

Test 1

Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22.

$ git checkout v4.4.1
Note: switching to 'v4.4.1'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -c with the switch command. Example:

  git switch -c <new-branch-name>

Or undo this operation with:

  git switch -

Turn off this advice by setting config variable advice.detachedHead to false

HEAD is now at ced7830 Merge pull request #338 from wazuh/bump-4-4-1
$ git branch
* (HEAD detached at v4.4.1)
  master
$ kubectl version --short | grep Server
Server Version: v1.22.17-eks-0a21954
$ kubectl apply -k envs/eks/
namespace/wazuh created
storageclass.storage.k8s.io/wazuh-storage created
configmap/dashboard-conf-tgmhtkc5dm created
configmap/indexer-conf-67g4h64bf2 created
configmap/wazuh-conf-2688dmmd4d created
secret/dashboard-certs-2m74fm8dgb created
secret/dashboard-cred created
secret/indexer-certs-chhg6t75hb created
secret/indexer-cred created
secret/wazuh-api-cred created
secret/wazuh-authd-pass created
secret/wazuh-cluster-key created
service/dashboard created
service/indexer created
service/wazuh created
service/wazuh-cluster created
service/wazuh-indexer created
service/wazuh-workers created
deployment.apps/wazuh-dashboard created
statefulset.apps/wazuh-indexer created
statefulset.apps/wazuh-manager-master created
statefulset.apps/wazuh-manager-worker created
$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-5ddffbb784-9mtds   1/1     Running   0          4m2s
pod/wazuh-indexer-0                    1/1     Running   0          4m2s
pod/wazuh-indexer-1                    1/1     Running   0          3m5s
pod/wazuh-indexer-2                    1/1     Running   0          2m16s
pod/wazuh-manager-master-0             1/1     Running   0          4m1s
pod/wazuh-manager-worker-0             1/1     Running   0          4m1s
pod/wazuh-manager-worker-1             1/1     Running   0          4m1s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                      PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.84.248    a5ab240cf7fac43288298fd99c3f875d-855133290.us-west-1.elb.amazonaws.com           443:32315/TCP                    4m7s
service/indexer         LoadBalancer   10.100.75.60     affd41946f3d94ec89b828b87362863c-1350297416.us-west-1.elb.amazonaws.com          9200:32077/TCP                   4m7s
service/wazuh           LoadBalancer   10.100.101.13    a7552fa6788f142a39689d1e873395c6-2113584252.us-west-1.elb.amazonaws.com          1515:31346/TCP,55000:31427/TCP   4m6s
service/wazuh-cluster   ClusterIP      None             <none>                                                                           1516/TCP                         4m5s
service/wazuh-indexer   ClusterIP      None             <none>                                                                           9300/TCP                         4m5s
service/wazuh-workers   LoadBalancer   10.100.177.115   internal-a58acb24ffbbb442bbc5fa48681990c7-77096602.us-west-1.elb.amazonaws.com   1514:30690/TCP                   4m4s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           4m4s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5ddffbb784   1         1         1       4m4s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     4m4s
statefulset.apps/wazuh-manager-master   1/1     4m3s
statefulset.apps/wazuh-manager-worker   2/2     4m3s
$

Test Wazuh upgrade to v4.4.3 on an EKS Cluster version 1.22.

$ git checkout v4.4.3
Previous HEAD position was ced7830 Merge pull request #338 from wazuh/bump-4-4-1
HEAD is now at 4cc4782 Merge pull request #366 from wazuh/bump-4.4.3
$ kubectl apply -k envs/eks/
namespace/wazuh unchanged
storageclass.storage.k8s.io/wazuh-storage unchanged
configmap/dashboard-conf-tgmhtkc5dm unchanged
configmap/indexer-conf-67g4h64bf2 unchanged
configmap/wazuh-conf-6m85mmhm48 created
secret/dashboard-certs-2m74fm8dgb configured
secret/dashboard-cred unchanged
secret/indexer-certs-chhg6t75hb configured
secret/indexer-cred unchanged
secret/wazuh-api-cred unchanged
secret/wazuh-authd-pass unchanged
secret/wazuh-cluster-key unchanged
service/dashboard unchanged
service/indexer unchanged
service/wazuh unchanged
service/wazuh-cluster unchanged
service/wazuh-indexer unchanged
service/wazuh-workers unchanged
deployment.apps/wazuh-dashboard configured
statefulset.apps/wazuh-indexer configured
statefulset.apps/wazuh-manager-master configured
statefulset.apps/wazuh-manager-worker configured
$ kubectl get all -n wazuh
NAME                                  READY   STATUS    RESTARTS      AGE
pod/wazuh-dashboard-8885b7cb6-lts2w   1/1     Running   1 (54s ago)   2m17s
pod/wazuh-indexer-0                   1/1     Running   0             50s
pod/wazuh-indexer-1                   1/1     Running   0             98s
pod/wazuh-indexer-2                   1/1     Running   0             2m15s
pod/wazuh-manager-master-0            1/1     Running   0             2m11s
pod/wazuh-manager-worker-0            1/1     Running   0             93s
pod/wazuh-manager-worker-1            1/1     Running   0             2m9s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                      PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.84.248    a5ab240cf7fac43288298fd99c3f875d-855133290.us-west-1.elb.amazonaws.com           443:32315/TCP                    11m
service/indexer         LoadBalancer   10.100.75.60     affd41946f3d94ec89b828b87362863c-1350297416.us-west-1.elb.amazonaws.com          9200:32077/TCP                   11m
service/wazuh           LoadBalancer   10.100.101.13    a7552fa6788f142a39689d1e873395c6-2113584252.us-west-1.elb.amazonaws.com          1515:31346/TCP,55000:31427/TCP   11m
service/wazuh-cluster   ClusterIP      None             <none>                                                                           1516/TCP                         11m
service/wazuh-indexer   ClusterIP      None             <none>                                                                           9300/TCP                         11m
service/wazuh-workers   LoadBalancer   10.100.177.115   internal-a58acb24ffbbb442bbc5fa48681990c7-77096602.us-west-1.elb.amazonaws.com   1514:30690/TCP                   11m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           11m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5ddffbb784   0         0         0       11m
replicaset.apps/wazuh-dashboard-8885b7cb6    1         1         1       2m19s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     11m
statefulset.apps/wazuh-manager-master   1/1     11m
statefulset.apps/wazuh-manager-worker   2/2     11m
$ kubectl version --short | grep Server
Server Version: v1.22.17-eks-0a21954
$ git branch
* (HEAD detached at v4.4.3)
  master
$ 

[vcerenu]

Test 2

Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22.

$ git checkout v4.4.1
Previous HEAD position was 4cc4782 Merge pull request #366 from wazuh/bump-4.4.3
HEAD is now at ced7830 Merge pull request #338 from wazuh/bump-4-4-1
$ kubectl version --short | grep Server
Server Version: v1.22.17-eks-0a21954
$ kubectl apply -k envs/eks/
namespace/wazuh created
storageclass.storage.k8s.io/wazuh-storage created
configmap/dashboard-conf-tgmhtkc5dm created
configmap/indexer-conf-67g4h64bf2 created
configmap/wazuh-conf-2688dmmd4d created
secret/dashboard-certs-2m74fm8dgb created
secret/dashboard-cred created
secret/indexer-certs-chhg6t75hb created
secret/indexer-cred created
secret/wazuh-api-cred created
secret/wazuh-authd-pass created
secret/wazuh-cluster-key created
service/dashboard created
service/indexer created
service/wazuh created
service/wazuh-cluster created
service/wazuh-indexer created
service/wazuh-workers created
deployment.apps/wazuh-dashboard created
statefulset.apps/wazuh-indexer created
statefulset.apps/wazuh-manager-master created
statefulset.apps/wazuh-manager-worker created
$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-5ddffbb784-z2nfl   1/1     Running   0          2m9s
pod/wazuh-indexer-0                    1/1     Running   0          2m9s
pod/wazuh-indexer-1                    1/1     Running   0          114s
pod/wazuh-indexer-2                    1/1     Running   0          95s
pod/wazuh-manager-master-0             1/1     Running   0          2m8s
pod/wazuh-manager-worker-0             1/1     Running   0          2m7s
pod/wazuh-manager-worker-1             1/1     Running   0          2m7s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.162.131   af3de35e5643f4cd28b23fb2a0178dfe-168099681.us-west-1.elb.amazonaws.com            443:32704/TCP                    2m14s
service/indexer         LoadBalancer   10.100.164.186   a505382f968734c57bc3af6e308a064b-497715851.us-west-1.elb.amazonaws.com            9200:30106/TCP                   2m13s
service/wazuh           LoadBalancer   10.100.201.25    ae8aabf8e6c54497bb7a17302e0bd8d5-1569908488.us-west-1.elb.amazonaws.com           1515:32284/TCP,55000:31917/TCP   2m13s
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         2m12s
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         2m12s
service/wazuh-workers   LoadBalancer   10.100.186.220   internal-a82ab04dc6a2041199895be28f502fea-107229973.us-west-1.elb.amazonaws.com   1514:31061/TCP                   2m11s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           2m10s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5ddffbb784   1         1         1       2m10s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     2m11s
statefulset.apps/wazuh-manager-master   1/1     2m10s
statefulset.apps/wazuh-manager-worker   2/2     2m9s
$

Upgrade the EKS Cluster to 1.23 without assigning de CSI driver.

Before upgrade

$ git checkout v4.4.1
Previous HEAD position was 4cc4782 Merge pull request #366 from wazuh/bump-4.4.3
HEAD is now at ced7830 Merge pull request #338 from wazuh/bump-4-4-1
$ kubectl version --short | grep Server
Server Version: v1.22.17-eks-0a21954
$ kubectl apply -k envs/eks/
namespace/wazuh created
storageclass.storage.k8s.io/wazuh-storage created
configmap/dashboard-conf-tgmhtkc5dm created
configmap/indexer-conf-67g4h64bf2 created
configmap/wazuh-conf-2688dmmd4d created
secret/dashboard-certs-2m74fm8dgb created
secret/dashboard-cred created
secret/indexer-certs-chhg6t75hb created
secret/indexer-cred created
secret/wazuh-api-cred created
secret/wazuh-authd-pass created
secret/wazuh-cluster-key created
service/dashboard created
service/indexer created
service/wazuh created
service/wazuh-cluster created
service/wazuh-indexer created
service/wazuh-workers created
deployment.apps/wazuh-dashboard created
statefulset.apps/wazuh-indexer created
statefulset.apps/wazuh-manager-master created
statefulset.apps/wazuh-manager-worker created
vcerenu@vcerenu-VirtualBox:~/Repositorios/bump-4-4-1/wazuh-kubernetes$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-5ddffbb784-z2nfl   1/1     Running   0          2m9s
pod/wazuh-indexer-0                    1/1     Running   0          2m9s
pod/wazuh-indexer-1                    1/1     Running   0          114s
pod/wazuh-indexer-2                    1/1     Running   0          95s
pod/wazuh-manager-master-0             1/1     Running   0          2m8s
pod/wazuh-manager-worker-0             1/1     Running   0          2m7s
pod/wazuh-manager-worker-1             1/1     Running   0          2m7s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.162.131   af3de35e5643f4cd28b23fb2a0178dfe-168099681.us-west-1.elb.amazonaws.com            443:32704/TCP                    2m14s
service/indexer         LoadBalancer   10.100.164.186   a505382f968734c57bc3af6e308a064b-497715851.us-west-1.elb.amazonaws.com            9200:30106/TCP                   2m13s
service/wazuh           LoadBalancer   10.100.201.25    ae8aabf8e6c54497bb7a17302e0bd8d5-1569908488.us-west-1.elb.amazonaws.com           1515:32284/TCP,55000:31917/TCP   2m13s
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         2m12s
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         2m12s
service/wazuh-workers   LoadBalancer   10.100.186.220   internal-a82ab04dc6a2041199895be28f502fea-107229973.us-west-1.elb.amazonaws.com   1514:31061/TCP                   2m11s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           2m10s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5ddffbb784   1         1         1       2m10s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     2m11s
statefulset.apps/wazuh-manager-master   1/1     2m10s
statefulset.apps/wazuh-manager-worker   2/2     2m9s
$

Upgrading

After upgrade

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-5ddffbb784-8bgf6   1/1     Running   0          30m
pod/wazuh-indexer-0                    0/1     Pending   0          27m
pod/wazuh-indexer-1                    0/1     Pending   0          33m
pod/wazuh-manager-master-0             0/1     Pending   0          33m
pod/wazuh-manager-worker-0             0/1     Pending   0          30m
pod/wazuh-manager-worker-1             0/1     Pending   0          27m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.162.131   af3de35e5643f4cd28b23fb2a0178dfe-168099681.us-west-1.elb.amazonaws.com            443:32704/TCP                    61m
service/indexer         LoadBalancer   10.100.164.186   a505382f968734c57bc3af6e308a064b-497715851.us-west-1.elb.amazonaws.com            9200:30106/TCP                   61m
service/wazuh           LoadBalancer   10.100.201.25    ae8aabf8e6c54497bb7a17302e0bd8d5-1569908488.us-west-1.elb.amazonaws.com           1515:32284/TCP,55000:31917/TCP   61m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         61m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         61m
service/wazuh-workers   LoadBalancer   10.100.186.220   internal-a82ab04dc6a2041199895be28f502fea-107229973.us-west-1.elb.amazonaws.com   1514:31061/TCP                   61m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           61m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5ddffbb784   1         1         1       61m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          0/3     61m
statefulset.apps/wazuh-manager-master   0/1     61m
statefulset.apps/wazuh-manager-worker   0/2     61m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS     CLAIM                                               STORAGECLASS    REASON   AGE
pvc-2b7daedd-ab64-48b3-8053-0a0e5444d7d6   10Gi       RWO            Retain           Released   wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            104m
pvc-35fc0d64-98cf-47bc-9fae-365395dcec3a   10Gi       RWO            Retain           Bound      wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            61m
pvc-4b45977a-b0f3-454f-88a3-dbe669da0f5b   50Gi       RWO            Retain           Released   wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            105m
pvc-4c0cc902-b6c4-4a01-a794-c0f7242f64da   10Gi       RWO            Retain           Released   wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            104m
pvc-5f9466d5-b5a2-4aba-946c-5f8a76691c2a   10Gi       RWO            Retain           Bound      wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            61m
pvc-81768ee1-7562-47e0-a982-3b4e4b9a7fa1   50Gi       RWO            Retain           Released   wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            105m
pvc-aa468c16-a76c-4327-b402-c405ad0fa15c   50Gi       RWO            Retain           Released   wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            105m
pvc-d0c75737-8e8b-4298-abaa-6f2f6a4e79c2   10Gi       RWO            Retain           Bound      wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            60m
pvc-d3ae4960-7f4d-4be5-b849-6c8e2bc2b99b   10Gi       RWO            Retain           Released   wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            105m
pvc-d4c5eed0-462b-497b-8378-c9c5e71af343   50Gi       RWO            Retain           Bound      wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            61m
pvc-d6ce157c-494e-4bdb-bb15-20199910e2fb   50Gi       RWO            Retain           Bound      wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            61m
pvc-da95b155-05c3-4c9a-a7d6-62ffbc4d2264   50Gi       RWO            Retain           Bound      wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            61m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-5f9466d5-b5a2-4aba-946c-5f8a76691c2a   10Gi       RWO            wazuh-storage   138m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-35fc0d64-98cf-47bc-9fae-365395dcec3a   10Gi       RWO            wazuh-storage   138m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-d0c75737-8e8b-4298-abaa-6f2f6a4e79c2   10Gi       RWO            wazuh-storage   137m
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-da95b155-05c3-4c9a-a7d6-62ffbc4d2264   50Gi       RWO            wazuh-storage   138m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-d4c5eed0-462b-497b-8378-c9c5e71af343   50Gi       RWO            wazuh-storage   138m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-d6ce157c-494e-4bdb-bb15-20199910e2fb   50Gi       RWO            wazuh-storage   138m
$ kubectl describe pod/wazuh-manager-master-0 -n wazuh
Name:             wazuh-manager-master-0
Namespace:        wazuh
Priority:         0
Service Account:  default
Node:             <none>
Labels:           app=wazuh-manager
                  controller-revision-hash=wazuh-manager-master-9cdd6ff
                  node-type=master
                  statefulset.kubernetes.io/pod-name=wazuh-manager-master-0
Annotations:      kubernetes.io/psp: eks.privileged
Status:           Pending
IP:               
IPs:              <none>
Controlled By:    StatefulSet/wazuh-manager-master
Containers:
  wazuh-manager:
    Image:       wazuh/wazuh-manager:4.4.1
    Ports:       1515/TCP, 1516/TCP, 55000/TCP
    Host Ports:  0/TCP, 0/TCP, 0/TCP
    Limits:
      cpu:     2
      memory:  2Gi
    Requests:
      cpu:     1
      memory:  1Gi
    Environment:
      INDEXER_URL:                     https://wazuh-indexer-0.wazuh-indexer:9200
      INDEXER_USERNAME:                <set to the key 'username' in secret 'indexer-cred'>  Optional: false
      INDEXER_PASSWORD:                <set to the key 'password' in secret 'indexer-cred'>  Optional: false
      FILEBEAT_SSL_VERIFICATION_MODE:  full
      SSL_CERTIFICATE_AUTHORITIES:     /etc/ssl/root-ca.pem
      SSL_CERTIFICATE:                 /etc/ssl/filebeat.pem
      SSL_KEY:                         /etc/ssl/filebeat.key
      API_USERNAME:                    <set to the key 'username' in secret 'wazuh-api-cred'>  Optional: false
      API_PASSWORD:                    <set to the key 'password' in secret 'wazuh-api-cred'>  Optional: false
      WAZUH_CLUSTER_KEY:               <set to the key 'key' in secret 'wazuh-cluster-key'>    Optional: false
    Mounts:
      /etc/filebeat from wazuh-manager-master (rw,path="filebeat/etc/filebeat")
      /etc/ssl/filebeat.key from filebeat-certs (ro,path="filebeat-key.pem")
      /etc/ssl/filebeat.pem from filebeat-certs (ro,path="filebeat.pem")
      /etc/ssl/root-ca.pem from filebeat-certs (ro,path="root-ca.pem")
      /var/lib/filebeat from wazuh-manager-master (rw,path="filebeat/var/lib/filebeat")
      /var/ossec/active-response/bin from wazuh-manager-master (rw,path="wazuh/var/ossec/active-response/bin")
      /var/ossec/agentless from wazuh-manager-master (rw,path="wazuh/var/ossec/agentless")
      /var/ossec/api/configuration from wazuh-manager-master (rw,path="wazuh/var/ossec/api/configuration")
      /var/ossec/etc from wazuh-manager-master (rw,path="wazuh/var/ossec/etc")
      /var/ossec/integrations from wazuh-manager-master (rw,path="wazuh/var/ossec/integrations")
      /var/ossec/logs from wazuh-manager-master (rw,path="wazuh/var/ossec/logs")
      /var/ossec/queue from wazuh-manager-master (rw,path="wazuh/var/ossec/queue")
      /var/ossec/var/multigroups from wazuh-manager-master (rw,path="wazuh/var/ossec/var/multigroups")
      /var/ossec/wodles from wazuh-manager-master (rw,path="wazuh/var/ossec/wodles")
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-6lnss (ro)
      /wazuh-config-mount/etc/authd.pass from wazuh-authd-pass (ro,path="authd.pass")
      /wazuh-config-mount/etc/ossec.conf from config (ro,path="master.conf")
Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  wazuh-manager-master:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  wazuh-manager-master-wazuh-manager-master-0
    ReadOnly:   false
  config:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      wazuh-conf-2688dmmd4d
    Optional:  false
  filebeat-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  indexer-certs-chhg6t75hb
    Optional:    false
  wazuh-authd-pass:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  wazuh-authd-pass
    Optional:    false
  kube-api-access-6lnss:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age               From               Message
  ----     ------            ----              ----               -------
  Warning  FailedScheduling  8s (x2 over 71s)  default-scheduler  0/3 nodes are available: 3 node(s) had volume node affinity conflict.
$ kubectl describe pod/wazuh-indexer-0 -n wazuh
Name:             wazuh-indexer-0
Namespace:        wazuh
Priority:         0
Service Account:  default
Node:             <none>
Labels:           app=wazuh-indexer
                  controller-revision-hash=wazuh-indexer-ff8cb6b95
                  statefulset.kubernetes.io/pod-name=wazuh-indexer-0
Annotations:      kubernetes.io/psp: eks.privileged
Status:           Pending
IP:               
IPs:              <none>
Controlled By:    StatefulSet/wazuh-indexer
Init Containers:
  volume-mount-hack:
    Image:      busybox
    Port:       <none>
    Host Port:  <none>
    Command:
      sh
      -c
      chown -R 1000:1000 /var/lib/wazuh-indexer
    Limits:
      cpu:     100m
      memory:  256Mi
    Requests:
      cpu:        50m
      memory:     128Mi
    Environment:  <none>
    Mounts:
      /var/lib/wazuh-indexer from wazuh-indexer (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-dft8z (ro)
  increase-the-vm-max-map-count:
    Image:      busybox
    Port:       <none>
    Host Port:  <none>
    Command:
      sysctl
      -w
      vm.max_map_count=262144
    Environment:  <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-dft8z (ro)
Containers:
  wazuh-indexer:
    Image:       wazuh/wazuh-indexer:4.4.1
    Ports:       9200/TCP, 9300/TCP
    Host Ports:  0/TCP, 0/TCP
    Limits:
      cpu:     1
      memory:  2Gi
    Requests:
      cpu:     500m
      memory:  1Gi
    Environment:
      OPENSEARCH_JAVA_OPTS:         -Xms1g -Xmx1g -Dlog4j2.formatMsgNoLookups=true
      CLUSTER_NAME:                 wazuh
      NETWORK_HOST:                 0.0.0.0
      NODE_NAME:                    wazuh-indexer-0 (v1:metadata.name)
      DISCOVERY_SERVICE:            wazuh-indexer
      KUBERNETES_NAMESPACE:         wazuh (v1:metadata.namespace)
      DISABLE_INSTALL_DEMO_CONFIG:  true
    Mounts:
      /usr/share/wazuh-indexer/certs/admin-key.pem from indexer-certs (ro,path="admin-key.pem")
      /usr/share/wazuh-indexer/certs/admin.pem from indexer-certs (ro,path="admin.pem")
      /usr/share/wazuh-indexer/certs/node-key.pem from indexer-certs (ro,path="node-key.pem")
      /usr/share/wazuh-indexer/certs/node.pem from indexer-certs (ro,path="node.pem")
      /usr/share/wazuh-indexer/certs/root-ca.pem from indexer-certs (ro,path="root-ca.pem")
      /usr/share/wazuh-indexer/opensearch-security/internal_users.yml from indexer-conf (ro,path="internal_users.yml")
      /usr/share/wazuh-indexer/opensearch.yml from indexer-conf (ro,path="opensearch.yml")
      /var/lib/wazuh-indexer from wazuh-indexer (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-dft8z (ro)
Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  wazuh-indexer:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  wazuh-indexer-wazuh-indexer-0
    ReadOnly:   false
  indexer-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  indexer-certs-chhg6t75hb
    Optional:    false
  indexer-conf:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      indexer-conf-67g4h64bf2
    Optional:  false
  kube-api-access-dft8z:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age                 From               Message
  ----     ------            ----                ----               -------
  Warning  FailedScheduling  25m (x3 over 27m)   default-scheduler  0/4 nodes are available: 1 node(s) were unschedulable, 3 node(s) had volume node affinity conflict.
  Warning  FailedScheduling  37s (x23 over 24m)  default-scheduler  0/3 nodes are available: 3 node(s) had volume node affinity conflict.
$

Test Failed

[vcerenu]

Test 3

Test Wazuh v4.4.1 deployment on an EKS Cluster version 1.22.

$ git checkout v4.4.1
Previous HEAD position was 4cc4782 Merge pull request #366 from wazuh/bump-4.4.3
HEAD is now at ced7830 Merge pull request #338 from wazuh/bump-4-4-1
$ kubectl version --short | grep Server
Server Version: v1.22.17-eks-0a21954
$ kubectl apply -k envs/eks/
namespace/wazuh created
storageclass.storage.k8s.io/wazuh-storage created
configmap/dashboard-conf-tgmhtkc5dm created
configmap/indexer-conf-67g4h64bf2 created
configmap/wazuh-conf-2688dmmd4d created
secret/dashboard-certs-2m74fm8dgb created
secret/dashboard-cred created
secret/indexer-certs-chhg6t75hb created
secret/indexer-cred created
secret/wazuh-api-cred created
secret/wazuh-authd-pass created
secret/wazuh-cluster-key created
service/dashboard created
service/indexer created
service/wazuh created
service/wazuh-cluster created
service/wazuh-indexer created
service/wazuh-workers created
deployment.apps/wazuh-dashboard created
statefulset.apps/wazuh-indexer created
statefulset.apps/wazuh-manager-master created
statefulset.apps/wazuh-manager-worker created
$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-5ddffbb784-6q2hd   1/1     Running   0          4m47s
pod/wazuh-indexer-0                    1/1     Running   0          4m47s
pod/wazuh-indexer-1                    1/1     Running   0          3m54s
pod/wazuh-indexer-2                    1/1     Running   0          3m8s
pod/wazuh-manager-master-0             1/1     Running   0          4m46s
pod/wazuh-manager-worker-0             1/1     Running   0          4m46s
pod/wazuh-manager-worker-1             1/1     Running   0          4m46s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.206.252   a7fb1519316bf4583a8548f324dd27e4-2110714112.us-west-1.elb.amazonaws.com           443:32557/TCP                    4m53s
service/indexer         LoadBalancer   10.100.82.215    a6a1082c1e5664aa999002074dc35762-715311332.us-west-1.elb.amazonaws.com            9200:30219/TCP                   4m52s
service/wazuh           LoadBalancer   10.100.209.86    a8f498de3fa77453392f3e84b723c2ce-26755426.us-west-1.elb.amazonaws.com             1515:30441/TCP,55000:30179/TCP   4m51s
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         4m51s
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         4m50s
service/wazuh-workers   LoadBalancer   10.100.24.2      internal-a3dad1a14f90148f6bdafe61e5a1ed1e-780801690.us-west-1.elb.amazonaws.com   1514:31173/TCP                   4m49s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           4m49s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-d4f5847f6    1         1         1       4m49s
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-a811cc8f-e27a-41ac-976a-621113c26607   10Gi       RWO            wazuh-storage   8m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-a2e431c7-b64f-4a8d-add6-66ed1852b397   10Gi       RWO            wazuh-storage   8m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-47315b80-9b4c-4610-80d3-0ab37dbcc8b7   10Gi       RWO            wazuh-storage   7m
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-a2500a43-6bcd-4195-8b7a-40f0cabeee31   50Gi       RWO            wazuh-storage   8m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-adb8be85-daa9-40e8-92d4-43c09c8efee6   50Gi       RWO            wazuh-storage   8m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-eb976988-288d-4387-9844-393e7894f3e4   50Gi       RWO            wazuh-storage   8m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-47315b80-9b4c-4610-80d3-0ab37dbcc8b7   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            7m
pvc-a2500a43-6bcd-4195-8b7a-40f0cabeee31   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            8m
pvc-a2e431c7-b64f-4a8d-add6-66ed1852b397   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            8m
pvc-a811cc8f-e27a-41ac-976a-621113c26607   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            8m
pvc-adb8be85-daa9-40e8-92d4-43c09c8efee6   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            8m
pvc-eb976988-288d-4387-9844-393e7894f3e4   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            8m
$

Upgrade the EKS Cluster to 1.23 and assign de CSI driver.

Check if the Wazuh deployment is still working.

After updating the kubernetes version we had problems with two pods due to lack of CPU, so I had to add one more node to the cluster

$ kubectl describe pod/wazuh-indexer-2 -n wazuh
Name:             wazuh-indexer-2
Namespace:        wazuh
Priority:         0
Service Account:  default
Node:             <none>
Labels:           app=wazuh-indexer
                  controller-revision-hash=wazuh-indexer-ff8cb6b95
                  statefulset.kubernetes.io/pod-name=wazuh-indexer-2
Annotations:      kubernetes.io/psp: eks.privileged
Status:           Pending
IP:               
IPs:              <none>
Controlled By:    StatefulSet/wazuh-indexer
Init Containers:
  volume-mount-hack:
    Image:      busybox
    Port:       <none>
    Host Port:  <none>
    Command:
      sh
      -c
      chown -R 1000:1000 /var/lib/wazuh-indexer
    Limits:
      cpu:     100m
      memory:  256Mi
    Requests:
      cpu:        50m
      memory:     128Mi
    Environment:  <none>
    Mounts:
      /var/lib/wazuh-indexer from wazuh-indexer (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-llsm6 (ro)
  increase-the-vm-max-map-count:
    Image:      busybox
    Port:       <none>
    Host Port:  <none>
    Command:
      sysctl
      -w
      vm.max_map_count=262144
    Environment:  <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-llsm6 (ro)
Containers:
  wazuh-indexer:
    Image:       wazuh/wazuh-indexer:4.4.1
    Ports:       9200/TCP, 9300/TCP
    Host Ports:  0/TCP, 0/TCP
    Limits:
      cpu:     1
      memory:  2Gi
    Requests:
      cpu:     500m
      memory:  1Gi
    Environment:
      OPENSEARCH_JAVA_OPTS:         -Xms1g -Xmx1g -Dlog4j2.formatMsgNoLookups=true
      CLUSTER_NAME:                 wazuh
      NETWORK_HOST:                 0.0.0.0
      NODE_NAME:                    wazuh-indexer-2 (v1:metadata.name)
      DISCOVERY_SERVICE:            wazuh-indexer
      KUBERNETES_NAMESPACE:         wazuh (v1:metadata.namespace)
      DISABLE_INSTALL_DEMO_CONFIG:  true
    Mounts:
      /usr/share/wazuh-indexer/certs/admin-key.pem from indexer-certs (ro,path="admin-key.pem")
      /usr/share/wazuh-indexer/certs/admin.pem from indexer-certs (ro,path="admin.pem")
      /usr/share/wazuh-indexer/certs/node-key.pem from indexer-certs (ro,path="node-key.pem")
      /usr/share/wazuh-indexer/certs/node.pem from indexer-certs (ro,path="node.pem")
      /usr/share/wazuh-indexer/certs/root-ca.pem from indexer-certs (ro,path="root-ca.pem")
      /usr/share/wazuh-indexer/opensearch-security/internal_users.yml from indexer-conf (ro,path="internal_users.yml")
      /usr/share/wazuh-indexer/opensearch.yml from indexer-conf (ro,path="opensearch.yml")
      /var/lib/wazuh-indexer from wazuh-indexer (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-llsm6 (ro)
Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  wazuh-indexer:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  wazuh-indexer-wazuh-indexer-2
    ReadOnly:   false
  indexer-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  indexer-certs-chhg6t75hb
    Optional:    false
  indexer-conf:
    Type:      ConfigMap (a volume populated by a ConfigMap)
    Name:      indexer-conf-67g4h64bf2
    Optional:  false
  kube-api-access-llsm6:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Burstable
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               -------
  Warning  FailedScheduling  18s   default-scheduler  0/3 nodes are available: 1 Insufficient cpu, 2 node(s) had volume node affinity conflict.

After the node assignment the pods went up without problems and I was able to access Wazuh

Test Wazuh upgrade to v4.4.3 in the EKS Cluster version 1.23.

$ git checkout v4.4.3
Previous HEAD position was ced7830 Merge pull request #338 from wazuh/bump-4-4-1
HEAD is now at 4cc4782 Merge pull request #366 from wazuh/bump-4.4.3
$ kubectl apply -k envs/eks/
namespace/wazuh unchanged
storageclass.storage.k8s.io/wazuh-storage unchanged
configmap/dashboard-conf-tgmhtkc5dm unchanged
configmap/indexer-conf-67g4h64bf2 unchanged
configmap/wazuh-conf-6m85mmhm48 created
secret/dashboard-certs-2m74fm8dgb configured
secret/dashboard-cred unchanged
secret/indexer-certs-chhg6t75hb configured
secret/indexer-cred unchanged
secret/wazuh-api-cred unchanged
secret/wazuh-authd-pass unchanged
secret/wazuh-cluster-key unchanged
service/dashboard unchanged
service/indexer unchanged
service/wazuh unchanged
service/wazuh-cluster unchanged
service/wazuh-indexer unchanged
service/wazuh-workers unchanged
deployment.apps/wazuh-dashboard configured
statefulset.apps/wazuh-indexer configured
statefulset.apps/wazuh-manager-master configured
statefulset.apps/wazuh-manager-worker configured
$ kubectl get all -n wazuh
NAME                                  READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-d4f5847f6-h9bjq   1/1     Running   0          6m38s
pod/wazuh-indexer-0                   1/1     Running   0          6m12s
pod/wazuh-indexer-1                   1/1     Running   0          6m24s
pod/wazuh-indexer-2                   1/1     Running   0          6m37s
pod/wazuh-manager-master-0            1/1     Running   0          6m33s
pod/wazuh-manager-worker-0            1/1     Running   0          6m21s
pod/wazuh-manager-worker-1            1/1     Running   0          6m33s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.206.252   a7fb1519316bf4583a8548f324dd27e4-2110714112.us-west-1.elb.amazonaws.com           443:32557/TCP                    27m
service/indexer         LoadBalancer   10.100.82.215    a6a1082c1e5664aa999002074dc35762-715311332.us-west-1.elb.amazonaws.com            9200:30219/TCP                   27m
service/wazuh           LoadBalancer   10.100.209.86    a8f498de3fa77453392f3e84b723c2ce-26755426.us-west-1.elb.amazonaws.com             1515:30441/TCP,55000:30179/TCP   27m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         27m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         27m
service/wazuh-workers   LoadBalancer   10.100.24.2      internal-a3dad1a14f90148f6bdafe61e5a1ed1e-780801690.us-west-1.elb.amazonaws.com   1514:31173/TCP                   27m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           27m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5c7d86b778   0         0         0       27m
replicaset.apps/wazuh-dashboard-d4f5847f6    1         1         1       6m39s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     27m
statefulset.apps/wazuh-manager-master   1/1     27m
statefulset.apps/wazuh-manager-worker   2/2     27m

Check if the Wazuh deployment is still working.

Add a Wazuh indexer replica.

$ kubectl scale statefulset.apps/wazuh-indexer -n wazuh --replicas 4
statefulset.apps/wazuh-indexer scaled

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                  READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-d4f5847f6-h9bjq   1/1     Running   0          7m41s
pod/wazuh-indexer-0                   1/1     Running   0          7m15s
pod/wazuh-indexer-1                   1/1     Running   0          7m27s
pod/wazuh-indexer-2                   1/1     Running   0          7m40s
pod/wazuh-indexer-3                   1/1     Running   0          23s
pod/wazuh-manager-master-0            1/1     Running   0          7m36s
pod/wazuh-manager-worker-0            1/1     Running   0          7m24s
pod/wazuh-manager-worker-1            1/1     Running   0          7m36s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.206.252   a7fb1519316bf4583a8548f324dd27e4-2110714112.us-west-1.elb.amazonaws.com           443:32557/TCP                    28m
service/indexer         LoadBalancer   10.100.82.215    a6a1082c1e5664aa999002074dc35762-715311332.us-west-1.elb.amazonaws.com            9200:30219/TCP                   28m
service/wazuh           LoadBalancer   10.100.209.86    a8f498de3fa77453392f3e84b723c2ce-26755426.us-west-1.elb.amazonaws.com             1515:30441/TCP,55000:30179/TCP   28m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         28m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         28m
service/wazuh-workers   LoadBalancer   10.100.24.2      internal-a3dad1a14f90148f6bdafe61e5a1ed1e-780801690.us-west-1.elb.amazonaws.com   1514:31173/TCP                   28m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           28m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5c7d86b778   0         0         0       28m
replicaset.apps/wazuh-dashboard-d4f5847f6    1         1         1       7m43s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     28m
statefulset.apps/wazuh-manager-master   1/1     28m
statefulset.apps/wazuh-manager-worker   2/2     28m
vcerenu@vcerenu-VirtualBox:~/Repositorios/bump-4-4-1/wazuh-kubernetes$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-a811cc8f-e27a-41ac-976a-621113c26607   10Gi       RWO            wazuh-storage   28m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-a2e431c7-b64f-4a8d-add6-66ed1852b397   10Gi       RWO            wazuh-storage   28m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-47315b80-9b4c-4610-80d3-0ab37dbcc8b7   10Gi       RWO            wazuh-storage   27m
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-1001de1f-c587-40bd-a406-57899670f31b   10Gi       RWO            wazuh-storage   36s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-a2500a43-6bcd-4195-8b7a-40f0cabeee31   50Gi       RWO            wazuh-storage   28m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-adb8be85-daa9-40e8-92d4-43c09c8efee6   50Gi       RWO            wazuh-storage   28m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-eb976988-288d-4387-9844-393e7894f3e4   50Gi       RWO            wazuh-storage   28m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-1001de1f-c587-40bd-a406-57899670f31b   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            39s
pvc-47315b80-9b4c-4610-80d3-0ab37dbcc8b7   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            27m
pvc-a2500a43-6bcd-4195-8b7a-40f0cabeee31   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            28m
pvc-a2e431c7-b64f-4a8d-add6-66ed1852b397   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            28m
pvc-a811cc8f-e27a-41ac-976a-621113c26607   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            28m
pvc-adb8be85-daa9-40e8-92d4-43c09c8efee6   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            28m
pvc-eb976988-288d-4387-9844-393e7894f3e4   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            28m
$

[vcerenu]

Test 4

With the Wazuh v4.4.3 deployment on EKS 1.23, upgrade the EKS Cluster to 1.24.

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                  READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-d4f5847f6-x65lp   1/1     Running   0          20m
pod/wazuh-indexer-0                   1/1     Running   0          20m
pod/wazuh-indexer-1                   1/1     Running   0          23m
pod/wazuh-indexer-2                   1/1     Running   0          20m
pod/wazuh-indexer-3                   1/1     Running   0          26m
pod/wazuh-manager-master-0            1/1     Running   0          26m
pod/wazuh-manager-worker-0            1/1     Running   0          16h
pod/wazuh-manager-worker-1            1/1     Running   0          17m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.206.252   a7fb1519316bf4583a8548f324dd27e4-2110714112.us-west-1.elb.amazonaws.com           443:32557/TCP                    17h
service/indexer         LoadBalancer   10.100.82.215    a6a1082c1e5664aa999002074dc35762-715311332.us-west-1.elb.amazonaws.com            9200:30219/TCP                   17h
service/wazuh           LoadBalancer   10.100.209.86    a8f498de3fa77453392f3e84b723c2ce-26755426.us-west-1.elb.amazonaws.com             1515:30441/TCP,55000:30179/TCP   17h
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         17h
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         17h
service/wazuh-workers   LoadBalancer   10.100.24.2      internal-a3dad1a14f90148f6bdafe61e5a1ed1e-780801690.us-west-1.elb.amazonaws.com   1514:31173/TCP                   17h

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           17h

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-5c7d86b778   0         0         0       17h
replicaset.apps/wazuh-dashboard-d4f5847f6    1         1         1       17h

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     17h
statefulset.apps/wazuh-manager-master   1/1     17h
statefulset.apps/wazuh-manager-worker   2/2     17h
$ 

New Deploy

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-6b8f6847c4-84s22   1/1     Running   0          10m
pod/wazuh-indexer-0                    1/1     Running   0          10m
pod/wazuh-indexer-1                    1/1     Running   0          10m
pod/wazuh-indexer-2                    1/1     Running   0          10m
pod/wazuh-manager-master-0             1/1     Running   0          10m
pod/wazuh-manager-worker-0             1/1     Running   0          10m
pod/wazuh-manager-worker-1             1/1     Running   0          10m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.189.153   a0b9cfa91dc81401b8be7f106c3f311a-251730991.us-west-1.elb.amazonaws.com            443:32556/TCP                    10m
service/indexer         LoadBalancer   10.100.61.134    a1c6bd3299d24487ca3869b6358a1dfd-954869771.us-west-1.elb.amazonaws.com            9200:30887/TCP                   10m
service/wazuh           LoadBalancer   10.100.121.118   a7446d6b9bbf24233a7be573423df51e-264613053.us-west-1.elb.amazonaws.com            1515:31947/TCP,55000:30555/TCP   10m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         10m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         10m
service/wazuh-workers   LoadBalancer   10.100.87.219    internal-a6a66850b959844d5b08c1e86a153639-417072875.us-west-1.elb.amazonaws.com   1514:31967/TCP                   10m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           10m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-6b8f6847c4   1         1         1       10m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     10m
statefulset.apps/wazuh-manager-master   1/1     10m
statefulset.apps/wazuh-manager-worker   2/2     10m
$

Add a Wazuh indexer replica.

$ kubectl scale statefulset.apps/wazuh-indexer -n wazuh --replicas 4
statefulset.apps/wazuh-indexer scaled

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-6b8f6847c4-84s22   1/1     Running   0          32m
pod/wazuh-indexer-0                    1/1     Running   0          32m
pod/wazuh-indexer-1                    1/1     Running   0          31m
pod/wazuh-indexer-2                    1/1     Running   0          31m
pod/wazuh-indexer-3                    1/1     Running   0          106s
pod/wazuh-manager-master-0             1/1     Running   0          32m
pod/wazuh-manager-worker-0             1/1     Running   0          32m
pod/wazuh-manager-worker-1             1/1     Running   0          32m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.189.153   a0b9cfa91dc81401b8be7f106c3f311a-251730991.us-west-1.elb.amazonaws.com            443:32556/TCP                    32m
service/indexer         LoadBalancer   10.100.61.134    a1c6bd3299d24487ca3869b6358a1dfd-954869771.us-west-1.elb.amazonaws.com            9200:30887/TCP                   32m
service/wazuh           LoadBalancer   10.100.121.118   a7446d6b9bbf24233a7be573423df51e-264613053.us-west-1.elb.amazonaws.com            1515:31947/TCP,55000:30555/TCP   32m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         32m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         32m
service/wazuh-workers   LoadBalancer   10.100.87.219    internal-a6a66850b959844d5b08c1e86a153639-417072875.us-west-1.elb.amazonaws.com   1514:31967/TCP                   32m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           32m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-6b8f6847c4   1         1         1       32m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     32m
statefulset.apps/wazuh-manager-master   1/1     32m
statefulset.apps/wazuh-manager-worker   2/2     32m
$ 

[vcerenu]

Test 5

With the Wazuh v4.4.3 deployment on EKS 1.24, upgrade the EKS Cluster to 1.25.

Cluster

Nodes

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-6b8f6847c4-q6ngd   1/1     Running   0          3m1s
pod/wazuh-indexer-0                    1/1     Running   0          15m
pod/wazuh-indexer-1                    1/1     Running   0          9m39s
pod/wazuh-indexer-2                    1/1     Running   0          12m
pod/wazuh-indexer-3                    1/1     Running   0          6m35s
pod/wazuh-manager-master-0             1/1     Running   0          9m36s
pod/wazuh-manager-worker-0             1/1     Running   0          12m
pod/wazuh-manager-worker-1             1/1     Running   0          6m32s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.189.153   a0b9cfa91dc81401b8be7f106c3f311a-251730991.us-west-1.elb.amazonaws.com            443:32556/TCP                    84m
service/indexer         LoadBalancer   10.100.61.134    a1c6bd3299d24487ca3869b6358a1dfd-954869771.us-west-1.elb.amazonaws.com            9200:30887/TCP                   84m
service/wazuh           LoadBalancer   10.100.121.118   a7446d6b9bbf24233a7be573423df51e-264613053.us-west-1.elb.amazonaws.com            1515:31947/TCP,55000:30555/TCP   84m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         84m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         84m
service/wazuh-workers   LoadBalancer   10.100.87.219    internal-a6a66850b959844d5b08c1e86a153639-417072875.us-west-1.elb.amazonaws.com   1514:31967/TCP                   84m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           84m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-6b8f6847c4   1         1         1       84m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     84m
statefulset.apps/wazuh-manager-master   1/1     84m
statefulset.apps/wazuh-manager-worker   2/2     84m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-9a3938fc-d227-4708-8fd5-aa26fb9a67e0   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-06dfd6b7-e2d5-433f-98c1-717e958f5c79   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-f37ab64d-4239-4477-ae7f-eb0378695f78   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-5303c6ec-d874-4545-805f-0941738758ae   10Gi       RWO            wazuh-storage   54m
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-27cbcf7b-197b-4638-9559-d1fe6a93b2fa   50Gi       RWO            wazuh-storage   84m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-18059fda-e77d-4442-92f1-0447e2559ae4   50Gi       RWO            wazuh-storage   84m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-971619f6-2545-4f11-a7ee-a0db4d8afe27   50Gi       RWO            wazuh-storage   84m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-06dfd6b7-e2d5-433f-98c1-717e958f5c79   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            84m
pvc-18059fda-e77d-4442-92f1-0447e2559ae4   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            84m
pvc-27cbcf7b-197b-4638-9559-d1fe6a93b2fa   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            84m
pvc-5303c6ec-d874-4545-805f-0941738758ae   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            54m
pvc-971619f6-2545-4f11-a7ee-a0db4d8afe27   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            84m
pvc-9a3938fc-d227-4708-8fd5-aa26fb9a67e0   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            84m
pvc-f37ab64d-4239-4477-ae7f-eb0378695f78   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            84m
$ 

New Deploy

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-7fcb589fb5-vmxf2   1/1     Running   0          3m
pod/wazuh-indexer-0                    1/1     Running   0          2m59s
pod/wazuh-indexer-1                    1/1     Running   0          2m48s
pod/wazuh-indexer-2                    1/1     Running   0          2m32s
pod/wazuh-manager-master-0             1/1     Running   0          2m58s
pod/wazuh-manager-worker-0             1/1     Running   0          2m58s
pod/wazuh-manager-worker-1             1/1     Running   0          2m58s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.163.22    a2ad21b618e5b45f7a1d6080f609941f-1788597639.us-west-1.elb.amazonaws.com           443:31868/TCP                    3m4s
service/indexer         LoadBalancer   10.100.42.26     ae098584283054906ac42385480c08e1-1669008968.us-west-1.elb.amazonaws.com           9200:32212/TCP                   3m4s
service/wazuh           LoadBalancer   10.100.254.249   afc3dc7222718415c8d7f72008e35490-175180515.us-west-1.elb.amazonaws.com            1515:32343/TCP,55000:32104/TCP   3m3s
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         3m3s
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         3m2s
service/wazuh-workers   LoadBalancer   10.100.239.124   internal-ad3eaba59deb343e18ce4e3d4d5ce23c-210890317.us-west-1.elb.amazonaws.com   1514:31114/TCP                   3m1s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           3m2s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-7fcb589fb5   1         1         1       3m2s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     3m1s
statefulset.apps/wazuh-manager-master   1/1     3m
statefulset.apps/wazuh-manager-worker   2/2     3m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            wazuh-storage   3m22s
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            wazuh-storage   3m11s
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            wazuh-storage   2m55s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            wazuh-storage   3m21s
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            wazuh-storage   3m21s
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            wazuh-storage   3m21s
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            4m12s
pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            4m10s
pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            4m11s
pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            4m10s
pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            3m45s
pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            4m
$ 

Add a Wazuh indexer replica.

$ kubectl scale statefulset.apps/wazuh-indexer -n wazuh --replicas 4
statefulset.apps/wazuh-indexer scaled

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-7fcb589fb5-vmxf2   1/1     Running   0          11m
pod/wazuh-indexer-0                    1/1     Running   0          11m
pod/wazuh-indexer-1                    1/1     Running   0          11m
pod/wazuh-indexer-2                    1/1     Running   0          11m
pod/wazuh-indexer-3                    1/1     Running   0          4m8s
pod/wazuh-manager-master-0             1/1     Running   0          11m
pod/wazuh-manager-worker-0             1/1     Running   0          11m
pod/wazuh-manager-worker-1             1/1     Running   0          11m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.163.22    a2ad21b618e5b45f7a1d6080f609941f-1788597639.us-west-1.elb.amazonaws.com           443:31868/TCP                    11m
service/indexer         LoadBalancer   10.100.42.26     ae098584283054906ac42385480c08e1-1669008968.us-west-1.elb.amazonaws.com           9200:32212/TCP                   11m
service/wazuh           LoadBalancer   10.100.254.249   afc3dc7222718415c8d7f72008e35490-175180515.us-west-1.elb.amazonaws.com            1515:32343/TCP,55000:32104/TCP   11m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         11m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         11m
service/wazuh-workers   LoadBalancer   10.100.239.124   internal-ad3eaba59deb343e18ce4e3d4d5ce23c-210890317.us-west-1.elb.amazonaws.com   1514:31114/TCP                   11m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           11m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-7fcb589fb5   1         1         1       11m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     11m
statefulset.apps/wazuh-manager-master   1/1     11m
statefulset.apps/wazuh-manager-worker   2/2     11m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            wazuh-storage   11m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            wazuh-storage   11m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            wazuh-storage   11m
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-c5f1501b-bcd8-4851-b56e-67bdd35bd553   10Gi       RWO            wazuh-storage   4m18s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            wazuh-storage   11m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            wazuh-storage   11m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            wazuh-storage   11m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            11m
pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            11m
pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            11m
pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            11m
pvc-c5f1501b-bcd8-4851-b56e-67bdd35bd553   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            4m19s
pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            11m
pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            11m
$ 

[vcerenu]

Test 6

With the Wazuh v4.4.3 deployment on EKS 1.25, upgrade the EKS Cluster to 1.26.

Cluster

Nodes

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-7fcb589fb5-rd4zr   1/1     Running   0          19m
pod/wazuh-indexer-0                    1/1     Running   0          10m
pod/wazuh-indexer-1                    1/1     Running   0          16m
pod/wazuh-indexer-2                    1/1     Running   0          13m
pod/wazuh-indexer-3                    1/1     Running   0          19m
pod/wazuh-manager-master-0             1/1     Running   0          16m
pod/wazuh-manager-worker-0             1/1     Running   0          12m
pod/wazuh-manager-worker-1             1/1     Running   0          19m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.163.22    a2ad21b618e5b45f7a1d6080f609941f-1788597639.us-west-1.elb.amazonaws.com           443:31868/TCP                    51m
service/indexer         LoadBalancer   10.100.42.26     ae098584283054906ac42385480c08e1-1669008968.us-west-1.elb.amazonaws.com           9200:32212/TCP                   51m
service/wazuh           LoadBalancer   10.100.254.249   afc3dc7222718415c8d7f72008e35490-175180515.us-west-1.elb.amazonaws.com            1515:32343/TCP,55000:32104/TCP   51m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         51m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         51m
service/wazuh-workers   LoadBalancer   10.100.239.124   internal-ad3eaba59deb343e18ce4e3d4d5ce23c-210890317.us-west-1.elb.amazonaws.com   1514:31114/TCP                   51m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           51m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-7fcb589fb5   1         1         1       51m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     51m
statefulset.apps/wazuh-manager-master   1/1     51m
statefulset.apps/wazuh-manager-worker   2/2     51m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            wazuh-storage   51m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            wazuh-storage   51m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            wazuh-storage   51m
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-c5f1501b-bcd8-4851-b56e-67bdd35bd553   10Gi       RWO            wazuh-storage   43m
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            wazuh-storage   51m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            wazuh-storage   51m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            wazuh-storage   51m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-29103fec-6dd0-4b0c-b2f1-0fd624e425d8   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            51m
pvc-5cb8da4f-5e8a-4e69-af17-9a97059c60c0   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            51m
pvc-7a91fc1d-ce89-4b8d-87a3-b9fe2be3158f   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            51m
pvc-bfd8333b-6d57-4d49-9007-41b316baf203   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            51m
pvc-c5f1501b-bcd8-4851-b56e-67bdd35bd553   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            43m
pvc-c7862d91-fddb-4e31-a698-56b2fb8db7f2   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            51m
pvc-f0e9a13b-e17b-49ae-9142-a95dd5727037   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            51m
$ 

New Deploy

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-86b9777c75-w79cz   1/1     Running   0          2m52s
pod/wazuh-indexer-0                    1/1     Running   0          2m51s
pod/wazuh-indexer-1                    1/1     Running   0          2m38s
pod/wazuh-indexer-2                    1/1     Running   0          2m23s
pod/wazuh-manager-master-0             1/1     Running   0          2m51s
pod/wazuh-manager-worker-0             1/1     Running   0          2m50s
pod/wazuh-manager-worker-1             1/1     Running   0          2m50s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.124.185   a0bb16d886bf34c018d16f56102fb567-106549525.us-west-1.elb.amazonaws.com            443:32545/TCP                    2m57s
service/indexer         LoadBalancer   10.100.217.217   afd9c2ca1925748d5b394f09cada6893-1146509675.us-west-1.elb.amazonaws.com           9200:30277/TCP                   2m56s
service/wazuh           LoadBalancer   10.100.219.231   a3784524fde964fc681f5e8a153423ab-222130118.us-west-1.elb.amazonaws.com            1515:32228/TCP,55000:30637/TCP   2m56s
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         2m55s
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         2m54s
service/wazuh-workers   LoadBalancer   10.100.73.152    internal-a7e855317c88946c9bca990b73e2c95f-362494334.us-west-1.elb.amazonaws.com   1514:32446/TCP                   2m54s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           2m53s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-86b9777c75   1         1         1       2m54s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     2m53s
statefulset.apps/wazuh-manager-master   1/1     2m53s
statefulset.apps/wazuh-manager-worker   2/2     2m52s
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            wazuh-storage   3m2s
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            wazuh-storage   2m49s
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            wazuh-storage   2m34s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            wazuh-storage   3m2s
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            wazuh-storage   3m1s
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            wazuh-storage   3m1s
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            3m49s
pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            3m48s
pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            3m20s
pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            3m36s
pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            3m48s
pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            3m48s
$ 

Add a Wazuh indexer replica.

$ kubectl scale statefulset.apps/wazuh-indexer -n wazuh --replicas 4
statefulset.apps/wazuh-indexer scaled

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-86b9777c75-w79cz   1/1     Running   0          9m58s
pod/wazuh-indexer-0                    1/1     Running   0          9m57s
pod/wazuh-indexer-1                    1/1     Running   0          9m44s
pod/wazuh-indexer-2                    1/1     Running   0          9m29s
pod/wazuh-indexer-3                    1/1     Running   0          85s
pod/wazuh-manager-master-0             1/1     Running   0          9m57s
pod/wazuh-manager-worker-0             1/1     Running   0          9m56s
pod/wazuh-manager-worker-1             1/1     Running   0          9m56s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.124.185   a0bb16d886bf34c018d16f56102fb567-106549525.us-west-1.elb.amazonaws.com            443:32545/TCP                    10m
service/indexer         LoadBalancer   10.100.217.217   afd9c2ca1925748d5b394f09cada6893-1146509675.us-west-1.elb.amazonaws.com           9200:30277/TCP                   10m
service/wazuh           LoadBalancer   10.100.219.231   a3784524fde964fc681f5e8a153423ab-222130118.us-west-1.elb.amazonaws.com            1515:32228/TCP,55000:30637/TCP   10m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         10m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         10m
service/wazuh-workers   LoadBalancer   10.100.73.152    internal-a7e855317c88946c9bca990b73e2c95f-362494334.us-west-1.elb.amazonaws.com   1514:32446/TCP                   10m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           10m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-86b9777c75   1         1         1       10m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     9m59s
statefulset.apps/wazuh-manager-master   1/1     9m59s
statefulset.apps/wazuh-manager-worker   2/2     9m58s
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            wazuh-storage   10m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            wazuh-storage   10m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            wazuh-storage   9m54s
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-a335091d-28b2-486b-965d-07eef5e50c9e   10Gi       RWO            wazuh-storage   110s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            wazuh-storage   10m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            wazuh-storage   10m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            wazuh-storage   10m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            10m
pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            10m
pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            9m55s
pvc-a335091d-28b2-486b-965d-07eef5e50c9e   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            111s
pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            10m
pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            10m
pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            10m
$ 

[vcerenu]

Test 7

With the Wazuh v4.4.3 deployment on EKS 1.26, upgrade the EKS Cluster to 1.27.

Cluster

Nodes

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-86b9777c75-vcvdd   1/1     Running   0          20m
pod/wazuh-indexer-0                    1/1     Running   0          14m
pod/wazuh-indexer-1                    1/1     Running   0          23m
pod/wazuh-indexer-2                    1/1     Running   0          17m
pod/wazuh-indexer-3                    1/1     Running   0          20m
pod/wazuh-manager-master-0             1/1     Running   0          23m
pod/wazuh-manager-worker-0             1/1     Running   0          17m
pod/wazuh-manager-worker-1             1/1     Running   0          20m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                       PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.124.185   a0bb16d886bf34c018d16f56102fb567-106549525.us-west-1.elb.amazonaws.com            443:32545/TCP                    84m
service/indexer         LoadBalancer   10.100.217.217   afd9c2ca1925748d5b394f09cada6893-1146509675.us-west-1.elb.amazonaws.com           9200:30277/TCP                   84m
service/wazuh           LoadBalancer   10.100.219.231   a3784524fde964fc681f5e8a153423ab-222130118.us-west-1.elb.amazonaws.com            1515:32228/TCP,55000:30637/TCP   84m
service/wazuh-cluster   ClusterIP      None             <none>                                                                            1516/TCP                         84m
service/wazuh-indexer   ClusterIP      None             <none>                                                                            9300/TCP                         84m
service/wazuh-workers   LoadBalancer   10.100.73.152    internal-a7e855317c88946c9bca990b73e2c95f-362494334.us-west-1.elb.amazonaws.com   1514:32446/TCP                   84m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           84m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-86b9777c75   1         1         1       84m

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     84m
statefulset.apps/wazuh-manager-master   1/1     84m
statefulset.apps/wazuh-manager-worker   2/2     84m
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            wazuh-storage   84m
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-a335091d-28b2-486b-965d-07eef5e50c9e   10Gi       RWO            wazuh-storage   76m
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            wazuh-storage   84m
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            wazuh-storage   84m
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            wazuh-storage   84m
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-112a3e11-83cd-40f9-91d4-6eca05502813   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            84m
pvc-31346b6f-fb0d-4778-81f7-5d4e42994a5a   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            84m
pvc-538a207b-dd76-4d12-899a-2628ec3926f6   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            84m
pvc-a335091d-28b2-486b-965d-07eef5e50c9e   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            76m
pvc-e32de78d-f406-4221-b6c9-e398fd30e435   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            84m
pvc-e56b41d5-199a-4598-91e0-600fee048278   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            84m
pvc-ef5aebba-4ea7-4181-b5eb-2d2447de3866   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            84m
$ 

New Deploy

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-59f8bfb5f7-hqkk2   1/1     Running   0          2m11s
pod/wazuh-indexer-0                    1/1     Running   0          2m11s
pod/wazuh-indexer-1                    1/1     Running   0          118s
pod/wazuh-indexer-2                    1/1     Running   0          68s
pod/wazuh-manager-master-0             1/1     Running   0          2m10s
pod/wazuh-manager-worker-0             1/1     Running   0          2m9s
pod/wazuh-manager-worker-1             1/1     Running   0          2m9s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                        PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.109.27    a34872bd59cbe492d933e2c65d1970dc-33428552.us-west-1.elb.amazonaws.com              443:30547/TCP                    2m17s
service/indexer         LoadBalancer   10.100.161.251   abea0addc0a68411889e1e1487bd26bf-1584890148.us-west-1.elb.amazonaws.com            9200:31030/TCP                   2m15s
service/wazuh           LoadBalancer   10.100.38.9      a62dcd0fabe644698ad5d99aa98e47ac-1080764116.us-west-1.elb.amazonaws.com            1515:32278/TCP,55000:30642/TCP   2m15s
service/wazuh-cluster   ClusterIP      None             <none>                                                                             1516/TCP                         2m14s
service/wazuh-indexer   ClusterIP      None             <none>                                                                             9300/TCP                         2m13s
service/wazuh-workers   LoadBalancer   10.100.64.240    internal-a0164d495783445b4a2b8dc17f2f471a-1651145782.us-west-1.elb.amazonaws.com   1514:32389/TCP                   2m13s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           2m12s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-59f8bfb5f7   1         1         1       2m12s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          3/3     2m12s
statefulset.apps/wazuh-manager-master   1/1     2m11s
statefulset.apps/wazuh-manager-worker   2/2     2m10s
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-ff36d888-a24e-43a7-9105-d331bd178430   10Gi       RWO            wazuh-storage   2m23s
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-0bb48b81-628e-444a-9d5b-50727f84229e   10Gi       RWO            wazuh-storage   2m10s
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-aeba8bc8-a946-4912-9090-7668d64fba98   10Gi       RWO            wazuh-storage   80s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-f652d185-b8b6-4bf0-a1b1-231895accb2e   50Gi       RWO            wazuh-storage   2m22s
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-c420a4fc-c95c-441b-8a67-e30ec492fe6d   50Gi       RWO            wazuh-storage   2m21s
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-3c0e6582-144f-4124-a834-0afaf8de6431   50Gi       RWO            wazuh-storage   2m21s
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-0bb48b81-628e-444a-9d5b-50727f84229e   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            2m36s
pvc-3c0e6582-144f-4124-a834-0afaf8de6431   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            2m47s
pvc-aeba8bc8-a946-4912-9090-7668d64fba98   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            105s
pvc-c420a4fc-c95c-441b-8a67-e30ec492fe6d   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            2m47s
pvc-f652d185-b8b6-4bf0-a1b1-231895accb2e   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            2m48s
pvc-ff36d888-a24e-43a7-9105-d331bd178430   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            2m48s
$ 

Add a Wazuh indexer replica.

$ kubectl scale statefulset.apps/wazuh-indexer -n wazuh --replicas 4
statefulset.apps/wazuh-indexer scaled

Check if the Wazuh deployment is still working.

$ kubectl get all -n wazuh
NAME                                   READY   STATUS    RESTARTS   AGE
pod/wazuh-dashboard-59f8bfb5f7-hqkk2   1/1     Running   0          8m21s
pod/wazuh-indexer-0                    1/1     Running   0          8m21s
pod/wazuh-indexer-1                    1/1     Running   0          8m8s
pod/wazuh-indexer-2                    1/1     Running   0          7m18s
pod/wazuh-indexer-3                    1/1     Running   0          2m37s
pod/wazuh-manager-master-0             1/1     Running   0          8m20s
pod/wazuh-manager-worker-0             1/1     Running   0          8m19s
pod/wazuh-manager-worker-1             1/1     Running   0          8m19s

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                        PORT(S)                          AGE
service/dashboard       LoadBalancer   10.100.109.27    a34872bd59cbe492d933e2c65d1970dc-33428552.us-west-1.elb.amazonaws.com              443:30547/TCP                    8m27s
service/indexer         LoadBalancer   10.100.161.251   abea0addc0a68411889e1e1487bd26bf-1584890148.us-west-1.elb.amazonaws.com            9200:31030/TCP                   8m25s
service/wazuh           LoadBalancer   10.100.38.9      a62dcd0fabe644698ad5d99aa98e47ac-1080764116.us-west-1.elb.amazonaws.com            1515:32278/TCP,55000:30642/TCP   8m25s
service/wazuh-cluster   ClusterIP      None             <none>                                                                             1516/TCP                         8m24s
service/wazuh-indexer   ClusterIP      None             <none>                                                                             9300/TCP                         8m23s
service/wazuh-workers   LoadBalancer   10.100.64.240    internal-a0164d495783445b4a2b8dc17f2f471a-1651145782.us-west-1.elb.amazonaws.com   1514:32389/TCP                   8m23s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/wazuh-dashboard   1/1     1            1           8m22s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/wazuh-dashboard-59f8bfb5f7   1         1         1       8m23s

NAME                                    READY   AGE
statefulset.apps/wazuh-indexer          4/4     8m23s
statefulset.apps/wazuh-manager-master   1/1     8m22s
statefulset.apps/wazuh-manager-worker   2/2     8m21s
$ kubectl get pvc -n wazuh
NAME                                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS    AGE
wazuh-indexer-wazuh-indexer-0                 Bound    pvc-ff36d888-a24e-43a7-9105-d331bd178430   10Gi       RWO            wazuh-storage   8m31s
wazuh-indexer-wazuh-indexer-1                 Bound    pvc-0bb48b81-628e-444a-9d5b-50727f84229e   10Gi       RWO            wazuh-storage   8m18s
wazuh-indexer-wazuh-indexer-2                 Bound    pvc-aeba8bc8-a946-4912-9090-7668d64fba98   10Gi       RWO            wazuh-storage   7m28s
wazuh-indexer-wazuh-indexer-3                 Bound    pvc-b6b0c89c-064c-48fb-b8ef-1f111480f645   10Gi       RWO            wazuh-storage   2m47s
wazuh-manager-master-wazuh-manager-master-0   Bound    pvc-f652d185-b8b6-4bf0-a1b1-231895accb2e   50Gi       RWO            wazuh-storage   8m30s
wazuh-manager-worker-wazuh-manager-worker-0   Bound    pvc-c420a4fc-c95c-441b-8a67-e30ec492fe6d   50Gi       RWO            wazuh-storage   8m29s
wazuh-manager-worker-wazuh-manager-worker-1   Bound    pvc-3c0e6582-144f-4124-a834-0afaf8de6431   50Gi       RWO            wazuh-storage   8m29s
$ kubectl get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                               STORAGECLASS    REASON   AGE
pvc-0bb48b81-628e-444a-9d5b-50727f84229e   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-1                 wazuh-storage            8m21s
pvc-3c0e6582-144f-4124-a834-0afaf8de6431   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-1   wazuh-storage            8m32s
pvc-aeba8bc8-a946-4912-9090-7668d64fba98   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-2                 wazuh-storage            7m30s
pvc-b6b0c89c-064c-48fb-b8ef-1f111480f645   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-3                 wazuh-storage            2m50s
pvc-c420a4fc-c95c-441b-8a67-e30ec492fe6d   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-worker-wazuh-manager-worker-0   wazuh-storage            8m32s
pvc-f652d185-b8b6-4bf0-a1b1-231895accb2e   50Gi       RWO            Retain           Bound    wazuh/wazuh-manager-master-wazuh-manager-master-0   wazuh-storage            8m33s
pvc-ff36d888-a24e-43a7-9105-d331bd178430   10Gi       RWO            Retain           Bound    wazuh/wazuh-indexer-wazuh-indexer-0                 wazuh-storage            8m33s
$ 

[teddytpc1]

GJ @vcerenu. We should add a note to the documentation stating that we must perform these actions to make the deployment work.

[vcerenu]

Added note regarding this issue in the Wazuh installation documentation