Agent delivery on port 1514 is only exposed for worker nodes

[dlouzan]

According to https://documentation.wazuh.com/4.7/user-manual/configuring-cluster/advanced-settings.html, agent events delivery on port 1514 can be served from both the master and the workers.

But the setup in this repository makes it so that the workers service that exposes port 1514 https://github.com/wazuh/wazuh-kubernetes/blob/master/wazuh/wazuh_managers/wazuh-workers-svc.yaml only delivers data to the workers:

  selector:
    app: wazuh-manager
    node-type: worker

Is this intended or a bug?

Thanks!

[bmm-alc]

Does someone monitor the projet issues ?

[Thorgrym]

Please I can't register any agent because of this, once they enroll on port 1515 they can't reach 1514 because closed in the master. If I put the ip of the worker load balancer it won't even connect (and this ip doesn't respond to ping I don't know why)

Edit : I just found another issue about that : #308
Where this was posted :

          I added the following additional port to the `./wazuh/wazuh_managers/wazuh-master-svc.yaml` file. 
          This is probably a band aid over an actual fix, but it finally allowed me to register an agent.

- name: agents-events
  port: 1514
  targetPort: 1514

Originally posted by @evanreichard in #308 (comment)

it solve the issue for me but i don't know why it isn't the default configuration in this repo and/or why nobody else talk about this problem. This solution make wazuh work even if the service wazuh-workers is still unreachable by any agent (or ping/telnet)

I hope someone find a better fix but that do the job for now

[AlaaDan]

Another work around to get the agent enrolled can be found here #308 (comment)

[dlouzan]

@gdiazlo @JcabreraC Mentioning you from previous interactions in wazuh/wazuh#12862 🙇

WDYT about this issue / question? If the behaviour is unintended, the fix is pretty easy and I'm willing to create a PR. Thanks!