Question 38430 in Ubuntu Question posted in
The official Ubuntu documentation can be found here.

Wazuh docker deployment unexpected behaviour – Ubuntu

I am attempting to deploy a Wazuh docker container in an Ubuntu EC2 instance using the following steps (docker and docker compose are installed).

git -c http.proxy="http://tstark:[email protected]:8888" clone https://github.com/wazuh/wazuh-docker.git -b v4.3.10 --depth=1   
docker-compose -f generate-indexer-certs.yml run --rm generator  
docker-compose up -d

I a running through a proxy and have created the following service

echo "[Service]" >> /etc/systemd/system/docker.service.d/proxy.conf 
echo "Environment="HTTP_PROXY=http://a:b@ip:port"" >> /etc/systemd/system/docker.service.d/proxy.conf 
echo "Environment="HTTPS_PROXY=a:b@ip:port"" >> /etc/systemd/system/docker.service.d/proxy.conf 
echo "Environment="NO_PROXY=localhost,127.0.0.1,::1"" >> /etc/systemd/system/docker.service.d/proxy.conf

Expected behaviour (based on deployment in a vanilla Ubuntu20 VM)

The output of these commands should be

% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 26847  100 26847    0     0   229k      0 --:--:-- --:--:-- --:--:--  227k
Cert tool exists in Packages bucket
07/12/2022 07:45:30 INFO: Admin certificates created.
07/12/2022 07:45:30 INFO: Wazuh indexer certificates created.
07/12/2022 07:45:30 INFO: Wazuh server certificates created.
07/12/2022 07:45:30 INFO: Wazuh dashboard certificates created.
Moving created certificates to destination directory
changing certificate permissions
Setting UID indexer and dashboard
Setting UID for wazuh manager and worker

Actual behaviour

docker-compose -f generate-indexer-certs.yml run --rm generator
Creating network "single-node_default" with the default driver
Pulling generator (wazuh/wazuh-certs-generator:0.0.1)...
0.0.1: Pulling from wazuh/wazuh-certs-generator
d7bfe07ed847: Pull complete
a6023cfa8265: Pull complete
6135753eefe9: Pull complete
9aaf0dae5d3f: Pull complete
Digest: sha256:6fc929d58d01b789d4a19c5da476c78cc267c0af07d1b22227ccae49acb084dc
Status: Downloaded newer image for wazuh/wazuh-certs-generator:0.0.1
Cert tool does not exist in any bucket
ERROR: certificates were not created

Could anyone please suggest what may be causing this error?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I finally figured this out. Whilst I'd configured Docker to use a proxy, I also needed to add an environment variable in generate-indexer-certs.yml to point to the proxy

    services:
  generator:
    image: wazuh/wazuh-certs-generator:0.0.1
    hostname: wazuh-certs-generator
    volumes:
      - ./config/wazuh_indexer_ssl_certs/:/certificates/
      - ./config/certs.yml:/config/certs.yml
    environment:
      - HTTP_PROXY=<Proxy address>

  2. 0

    The container created by generate-indexer-certs.yml runs a script named entrypoint.sh. That script tries to download a tool from https://packages.wazuh.com/4.3/wazuh-certs-tool.sh. When this download fails the error "Cert tool does not exist in any bucket" is printed. Most likely your container does not have functional networking. You’ll need to address that problem.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search