Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some indexer tasks are only executed once #1198

Merged
merged 2 commits into from
Feb 2, 2024
Merged

Some indexer tasks are only executed once #1198

merged 2 commits into from
Feb 2, 2024

Conversation

davidcr01
Copy link
Contributor

@davidcr01 davidcr01 commented Jan 31, 2024
edited
Loading

Description

Related: https://github.com/wazuh/wazuh-automation/issues/1479

The aim of this PR is to add a condition to some of the Wazuh indexer tasks of the wazuh-indexer role. These tasks are included in the security_actions.yml file, and they should be executed only once (Wazuh indexer cluster initialization, ISM script execution, etc).
Before, these tasks were executed in every node, and this may cause some unexpected errors:

18:44:31  TASK [/tmp/wazuh-ansible/roles/wazuh/wazuh-indexer : Initialize the Opensearch security index in Wazuh indexer] ***
18:44:31  changed: [54.151.68.99]
18:44:33  
18:44:33  TASK [/tmp/wazuh-ansible/roles/wazuh/wazuh-indexer : Initialize the Opensearch security index in Wazuh indexer] ***
18:44:33  changed: [54.177.124.185]
18:44:34  
18:44:34  TASK [/tmp/wazuh-ansible/roles/wazuh/wazuh-indexer : Initialize ISM script] ****
18:44:34  fatal: [54.151.68.99]: FAILED! => {
18:44:34      "changed": true,
18:44:34      "cmd": [
18:44:34          "/usr/share/wazuh-indexer/bin/indexer-ism-init.sh",
18:44:34          "-p",
18:44:34          "****",
18:44:34          "-i",
18:44:34          "10.0.2.81"
18:44:34      ],
18:44:34      "delta": "0:00:01.378543",
18:44:34      "end": "2023-12-19 17:44:34.038040",
18:44:34      "rc": 1,
18:44:34      "start": "2023-12-19 17:44:32.659497"
18:44:34  }
18:44:34  
18:44:34  STDOUT:
18:44:34  
18:44:34  Will create index templates to configure the alias
18:44:34   SUCC: 'wazuh-alerts' template created or updated
18:44:34   SUCC: 'wazuh-archives' template created or updated
18:44:34  Will create the 'rollover_policy' policy
18:44:34    ERROR: 'rollover_policy' policy not created => 409
18:44:34  ERROR: Indexer ISM initialization failed. Check /tmp/wazuh-indexer/ism-init.log for more information.

Now, with this change, this tasks are only executed in the first node of the Wazuh indexer cluster.

Testing

This PR should be merged also with this PR: https://github.com/wazuh/wazuh-automation/pull/1542

@davidcr01 davidcr01 self-assigned this Jan 31, 2024
@teddytpc1 teddytpc1 merged commit 0d30c50 into 4.8.1 Feb 2, 2024
14 of 20 checks passed
@teddytpc1 teddytpc1 deleted the enhancement/wa-1479-indexer-cluster-initialization-and-ism-execution-should-be-executed-once-in-demo branch February 2, 2024 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teddytpc1 teddytpc1 teddytpc1 approved these changes

@vcerenu vcerenu vcerenu approved these changes

Assignees

@davidcr01 davidcr01

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@davidcr01 @teddytpc1 @vcerenu