Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change cluster files to make it enabled by default #13655

Merged
merged 4 commits into from
Jun 7, 2022
Merged

Change cluster files to make it enabled by default #13655

merged 4 commits into from
Jun 7, 2022

Conversation

Selutario
Copy link
Contributor

@Selutario Selutario commented Jun 1, 2022
edited

Related issue
Closes #13351

Description

Removed cluster options:

  • Disabled
  • Key
  • Name

Changed default value:

  • nodes is now 127.0.0.1 instead of NODE_IP.
  • node_name is now the hostname instead of node01 (changes in core will be required as explained here).

Added cluster options:

  • certfile: Path to certfile (default value is /var/ossec/etc/sslmanager.cert).
  • keyfile: Path to keyfile (default value is /var/ossec/etc/sslmanager.key).
  • keyfile_password: Keyfile password if any (default value is '')

In addition, when 127.0.0.1 is used as bind_addr in a master node, it means that workers won't be able to connect. As a consequence, children processes creation is disabled in the wazuh-clusterd process of the master node. Most of the tasks (Local integrity, Local agent-groups, Sendsync, etc) are disabled too.

Some warnings and info messages are shown in the cluster.log to notify all this:

# /var/ossec/bin/wazuh-clusterd -f
2022/06/01 11:18:22 WARNING: [Cluster] [Main] The following cluster settings are deprecated and will have no effect: disabled, key, name.
Starting cluster in foreground (pid: 1234)
2022/06/01 11:18:22 INFO: [Master] [Main] This is a master node but "bind_addr" is localhost. Some tasks are disabled.
2022/06/01 11:18:22 INFO: [Local Server] [Main] Serving on /var/ossec/queue/cluster/c-internal.sock
2022/06/01 11:18:22 INFO: [Master] [Main] Serving on ('127.0.0.1', 1516)

Coverage

----------- coverage: platform linux, python 3.9.5-final-0 -----------
Name                                                       Stmts   Miss  Cover
------------------------------------------------------------------------------
api/api/__init__.py                                            0      0   100%
api/api/api_exception.py                                      11      5    55%
api/api/authentication.py                                    106     72    32%
api/api/configuration.py                                      87     42    52%
api/api/constants.py                                          11      0   100%
api/api/middlewares.py                                        95     65    32%
api/api/util.py                                              130     80    38%
api/api/validator.py                                         149     50    66%
framework/__init__.py                                          0      0   100%
framework/scripts/__init__.py                                  0      0   100%
framework/scripts/agent_groups.py                            182     18    90%
framework/scripts/agent_upgrade.py                           116      6    95%
framework/scripts/cluster_control.py                         125      1    99%
framework/scripts/tests/test_agent_groups.py                 353      0   100%
framework/scripts/tests/test_agent_upgrade.py                111      0   100%
framework/scripts/tests/test_cluster_control.py              168      1    99%
framework/scripts/tests/test_wazuh_clusterd.py               280      7    98%
framework/scripts/tests/test_wazuh_logtest.py                371      2    99%
framework/scripts/wazuh_clusterd.py                          129     15    88%
framework/scripts/wazuh_logtest.py                           239      4    98%
framework/wazuh/__init__.py                                   56     13    77%
framework/wazuh/active_response.py                            25      0   100%
framework/wazuh/agent.py                                     522      6    99%
framework/wazuh/cdb_list.py                                   77      2    97%
framework/wazuh/ciscat.py                                     27      0   100%
framework/wazuh/cluster.py                                    51      0   100%
framework/wazuh/core/InputValidator.py                        19      0   100%
framework/wazuh/core/__init__.py                               0      0   100%
framework/wazuh/core/active_response.py                       47      0   100%
framework/wazuh/core/agent.py                                490     30    94%
framework/wazuh/core/cdb_list.py                             105      2    98%
framework/wazuh/core/cluster/__init__.py                       5      0   100%
framework/wazuh/core/cluster/client.py                       144      1    99%
framework/wazuh/core/cluster/cluster.py                      260      1    99%
framework/wazuh/core/cluster/common.py                       653      2    99%
framework/wazuh/core/cluster/control.py                       69      1    99%
framework/wazuh/core/cluster/dapi/__init__.py                  0      0   100%
framework/wazuh/core/cluster/dapi/dapi.py                    386     17    96%
framework/wazuh/core/cluster/dapi/tests/test_dapi.py         382      6    98%
framework/wazuh/core/cluster/local_client.py                  95      0   100%
framework/wazuh/core/cluster/local_server.py                 147      0   100%
framework/wazuh/core/cluster/master.py                       454      4    99%
framework/wazuh/core/cluster/server.py                       193      0   100%
framework/wazuh/core/cluster/tests/__init__.py                 0      0   100%
framework/wazuh/core/cluster/tests/test_client.py            294      9    97%
framework/wazuh/core/cluster/tests/test_cluster.py           297      7    98%
framework/wazuh/core/cluster/tests/test_common.py           1079     38    96%
framework/wazuh/core/cluster/tests/test_control.py           102      0   100%
framework/wazuh/core/cluster/tests/test_local_client.py      166      0   100%
framework/wazuh/core/cluster/tests/test_local_server.py      374     11    97%
framework/wazuh/core/cluster/tests/test_master.py            980     17    98%
framework/wazuh/core/cluster/tests/test_server.py            399      5    99%
framework/wazuh/core/cluster/tests/test_utils.py             153      1    99%
framework/wazuh/core/cluster/tests/test_worker.py            767     15    98%
framework/wazuh/core/cluster/utils.py                        141      2    99%
framework/wazuh/core/cluster/worker.py                       344     12    97%
framework/wazuh/core/common.py                               129      3    98%
framework/wazuh/core/configuration.py                        418      2    99%
framework/wazuh/core/database.py                              55      5    91%
framework/wazuh/core/decoder.py                               50      0   100%
framework/wazuh/core/exception.py                            113      3    97%
framework/wazuh/core/logtest.py                               15      2    87%
framework/wazuh/core/manager.py                               85      0   100%
framework/wazuh/core/mitre.py                                277     15    95%
framework/wazuh/core/pyDaemonModule.py                        63     17    73%
framework/wazuh/core/results.py                              334     25    93%
framework/wazuh/core/rootcheck.py                             61      0   100%
framework/wazuh/core/rule.py                                 121      0   100%
framework/wazuh/core/sca.py                                   65      0   100%
framework/wazuh/core/security.py                              62     16    74%
framework/wazuh/core/stats.py                                104      1    99%
framework/wazuh/core/syscheck.py                              28      0   100%
framework/wazuh/core/syscollector.py                          38      0   100%
framework/wazuh/core/task.py                                  37      0   100%
framework/wazuh/core/tests/__init__.py                         0      0   100%
framework/wazuh/core/tests/test_active_response.py            54      3    94%
framework/wazuh/core/tests/test_agent.py                     550     12    98%
framework/wazuh/core/tests/test_cdb_list.py                  104      4    96%
framework/wazuh/core/tests/test_common.py                     37      0   100%
framework/wazuh/core/tests/test_configuration.py             238      1    99%
framework/wazuh/core/tests/test_database.py                   62      0   100%
framework/wazuh/core/tests/test_decoder.py                    46      0   100%
framework/wazuh/core/tests/test_exception.py                  17      0   100%
framework/wazuh/core/tests/test_input_validator.py            31      0   100%
framework/wazuh/core/tests/test_logtest.py                    17      0   100%
framework/wazuh/core/tests/test_manager.py                   109      0   100%
framework/wazuh/core/tests/test_mitre.py                      28      2    93%
framework/wazuh/core/tests/test_pyDaemonModule.py             40      0   100%
framework/wazuh/core/tests/test_results.py                   150      2    99%
framework/wazuh/core/tests/test_rootcheck.py                  87      0   100%
framework/wazuh/core/tests/test_rule.py                       71      0   100%
framework/wazuh/core/tests/test_sca.py                        85      0   100%
framework/wazuh/core/tests/test_security.py                   40      0   100%
framework/wazuh/core/tests/test_stats.py                     106      8    92%
framework/wazuh/core/tests/test_syscheck.py                   37      0   100%
framework/wazuh/core/tests/test_syscollector.py               24      0   100%
framework/wazuh/core/tests/test_task.py                       55      0   100%
framework/wazuh/core/tests/test_utils.py                     787      2    99%
framework/wazuh/core/tests/test_vulnerability.py              42      0   100%
framework/wazuh/core/tests/test_wazuh_queue.py                73      0   100%
framework/wazuh/core/tests/test_wazuh_socket.py               94      0   100%
framework/wazuh/core/tests/test_wdb.py                       131      0   100%
framework/wazuh/core/tests/test_wlogging.py                   83      0   100%
framework/wazuh/core/utils.py                                945     68    93%
framework/wazuh/core/vulnerability.py                         44      6    86%
framework/wazuh/core/wazuh_queue.py                           64      0   100%
framework/wazuh/core/wazuh_socket.py                         151     73    52%
framework/wazuh/core/wdb.py                                  172      9    95%
framework/wazuh/core/wlogging.py                              74      2    97%
framework/wazuh/decoder.py                                   121      0   100%
framework/wazuh/logtest.py                                    20      0   100%
framework/wazuh/manager.py                                   131      7    95%
framework/wazuh/mitre.py                                      53      0   100%
framework/wazuh/rbac/__init__.py                               0      0   100%
framework/wazuh/rbac/auth_context.py                         196     37    81%
framework/wazuh/rbac/decorators.py                           230     63    73%
framework/wazuh/rbac/orm.py                                 1153    235    80%
framework/wazuh/rbac/preprocessor.py                          72     22    69%
framework/wazuh/rbac/tests/__init__.py                         0      0   100%
framework/wazuh/rbac/tests/test_auth_context.py               80      6    92%
framework/wazuh/rbac/tests/test_decorators.py                 77      0   100%
framework/wazuh/rbac/tests/test_default_configuration.py      84      0   100%
framework/wazuh/rbac/tests/test_orm.py                       551      0   100%
framework/wazuh/rbac/tests/test_preprocessor.py               31      0   100%
framework/wazuh/rbac/tests/utils.py                           24      0   100%
framework/wazuh/rbac/utils.py                                 23     10    57%
framework/wazuh/rootcheck.py                                  65      3    95%
framework/wazuh/rule.py                                      135      0   100%
framework/wazuh/sca.py                                        50      0   100%
framework/wazuh/security.py                                  546    199    64%
framework/wazuh/stats.py                                      46      0   100%
framework/wazuh/syscheck.py                                  111      4    96%
framework/wazuh/syscollector.py                               35      8    77%
framework/wazuh/task.py                                       20      0   100%
framework/wazuh/tests/test_active_response.py                 32      0   100%
framework/wazuh/tests/test_agent.py                          604     13    98%
framework/wazuh/tests/test_cdb_list.py                       173      2    99%
framework/wazuh/tests/test_ciscat.py                         108      0   100%
framework/wazuh/tests/test_cluster.py                         59      0   100%
framework/wazuh/tests/test_decoder.py                        120      0   100%
framework/wazuh/tests/test_group.py                           29      3    90%
framework/wazuh/tests/test_logtest.py                         55      0   100%
framework/wazuh/tests/test_manager.py                        169      9    95%
framework/wazuh/tests/test_mitre.py                           79      0   100%
framework/wazuh/tests/test_rootcheck.py                      124      0   100%
framework/wazuh/tests/test_rule.py                           168      3    98%
framework/wazuh/tests/test_sca.py                            166     15    91%
framework/wazuh/tests/test_security.py                       188      0   100%
framework/wazuh/tests/test_stats.py                           44      0   100%
framework/wazuh/tests/test_syscheck.py                       129      0   100%
framework/wazuh/tests/test_syscollector.py                    58      0   100%
framework/wazuh/tests/test_task.py                           121      2    98%
framework/wazuh/tests/test_vulnerability.py                   54      0   100%
framework/wazuh/tests/util.py                                 42      0   100%
framework/wazuh/vulnerability.py                              25      6    76%
------------------------------------------------------------------------------
TOTAL                                                      25070   1498    94%

============================================================================== 1972 passed, 3774 warnings in 413.48s (0:06:53) ==============================================================================

@Selutario Selutario self-assigned this Jun 1, 2022
@Selutario Selutario linked an issue Jun 2, 2022 that may be closed by this pull request
Refactor or remove cluster configuration options to make it enabled by default #13351
Closed
13 tasks
@Selutario Selutario force-pushed the feature/13351-cluster-enabled-default branch from 0c7fc23 to 3cd257c Compare June 3, 2022 12:26
@Selutario Selutario force-pushed the dev-7108-cluster-by-default branch from 3834a42 to dab2244 Compare June 3, 2022 12:54
@Selutario Selutario force-pushed the feature/13351-cluster-enabled-default branch from 3cd257c to 1d08153 Compare June 3, 2022 12:59
@Selutario Selutario merged commit 3a0f5c0 into dev-7108-cluster-by-default Jun 7, 2022
@Selutario Selutario deleted the feature/13351-cluster-enabled-default branch June 7, 2022 07:47
@Selutario Selutario mentioned this pull request Jun 10, 2022
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AdriiiPRodri AdriiiPRodri AdriiiPRodri approved these changes

Assignees

@Selutario Selutario

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Refactor or remove cluster configuration options to make it enabled by default
2 participants
@Selutario @AdriiiPRodri