Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix pre-start.sh script for Vagrant environment #479

Merged
merged 3 commits into from
Oct 21, 2024
Merged

Fix pre-start.sh script for Vagrant environment #479

merged 3 commits into from
Oct 21, 2024

Conversation

QU3B1M
Copy link
Member

@QU3B1M QU3B1M commented Oct 18, 2024
edited
Loading

Description

Fixes the openssl error at certificates generation when Vagrant executes the pre-start script.

The error was caused because Vagrant modifies the context of the shell session overriding some environment variables, one of them being OPENSSL_CONF required by the cert generation tool. The fix consists on re-overwrite that variable

Execution evidence 
vagrant up
Executing pre-start script.
18/10/2024 17:03:20 INFO: Verbose logging redirected to /home/fede/src/wazuh-indexer/test-tools/wazuh-certificates-tool.log
18/10/2024 17:03:20 INFO: Generating the root certificate.
18/10/2024 17:03:20 INFO: Generating Admin certificates.
18/10/2024 17:03:20 INFO: Admin certificates created.
18/10/2024 17:03:20 INFO: Generating Wazuh indexer certificates.
18/10/2024 17:03:20 INFO: Wazuh indexer certificates created.
./
./root-ca.pem
./admin-key.pem
./admin.pem
./root-ca.key
./node-1.pem
./node-2-key.pem
./node-2.pem
./node-1-key.pem
Setup complete and certificates archived.
Bringing machine 'indexer_1' up with 'libvirt' provider...
Bringing machine 'indexer_2' up with 'libvirt' provider...
==> indexer_1: Checking if box 'generic/rhel9' version '4.3.12' is up to date...
==> indexer_2: Checking if box 'generic/ubuntu2204' version '4.3.12' is up to date...
==> indexer_1: Creating image (snapshot of base box volume).
==> indexer_2: Creating image (snapshot of base box volume).
==> indexer_1: Creating domain with the following settings...
==> indexer_2: Creating domain with the following settings...
==> indexer_1:  -- Name:              test-tools_indexer_1
==> indexer_2:  -- Name:              test-tools_indexer_2
==> indexer_1:  -- Description:       Source: /home/fede/src/wazuh-indexer/test-tools/Vagrantfile
==> indexer_2:  -- Description:       Source: /home/fede/src/wazuh-indexer/test-tools/Vagrantfile
==> indexer_1:  -- Domain type:       kvm
==> indexer_2:  -- Domain type:       kvm
==> indexer_2:  -- Cpus:              4
==> indexer_1:  -- Cpus:              4
==> indexer_2:  -- Feature:           acpi
==> indexer_2:  -- Feature:           apic
==> indexer_1:  -- Feature:           acpi
==> indexer_1:  -- Feature:           apic
==> indexer_1:  -- Feature:           pae
==> indexer_2:  -- Feature:           pae
==> indexer_1:  -- Clock offset:      utc
==> indexer_2:  -- Clock offset:      utc
==> indexer_1:  -- Memory:            6144M
==> indexer_1:  -- Base box:          generic/rhel9
==> indexer_2:  -- Memory:            6144M
==> indexer_1:  -- Storage pool:      default
==> indexer_1:  -- Image(vda):        /home/fede/.libvirt/images/test-tools_indexer_1.img, virtio, 128G
==> indexer_2:  -- Base box:          generic/ubuntu2204
==> indexer_1:  -- Disk driver opts:  cache='default'
==> indexer_1:  -- Graphics Type:     vnc
==> indexer_2:  -- Storage pool:      default
==> indexer_1:  -- Video Type:        cirrus
==> indexer_2:  -- Image(vda):        /home/fede/.libvirt/images/test-tools_indexer_2.img, virtio, 128G
==> indexer_1:  -- Video VRAM:        256
==> indexer_1:  -- Video 3D accel:    false
==> indexer_1:  -- Keymap:            en-us
==> indexer_1:  -- TPM Backend:       passthrough
==> indexer_1:  -- INPUT:             type=mouse, bus=ps2
==> indexer_2:  -- Disk driver opts:  cache='default'
==> indexer_2:  -- Graphics Type:     vnc
==> indexer_2:  -- Video Type:        cirrus
==> indexer_2:  -- Video VRAM:        256
==> indexer_2:  -- Video 3D accel:    false
==> indexer_2:  -- Keymap:            en-us
==> indexer_2:  -- TPM Backend:       passthrough
==> indexer_2:  -- INPUT:             type=mouse, bus=ps2
==> indexer_1: Creating shared folders metadata...
==> indexer_2: Creating shared folders metadata...
==> indexer_1: Starting domain.
==> indexer_2: Starting domain.
==> indexer_1: Domain launching with graphics connection settings...
==> indexer_2: Domain launching with graphics connection settings...
==> indexer_1:  -- Graphics Port:      5900
==> indexer_2:  -- Graphics Port:      5901
==> indexer_2:  -- Graphics IP:        127.0.0.1
==> indexer_2:  -- Graphics Password:  Not defined
==> indexer_2:  -- Graphics Websocket: 5701
==> indexer_1:  -- Graphics IP:        127.0.0.1
==> indexer_2: Waiting for domain to get an IP address...
==> indexer_1:  -- Graphics Password:  Not defined
==> indexer_1:  -- Graphics Websocket: 5700
==> indexer_1: Waiting for domain to get an IP address...
==> indexer_2: Waiting for machine to boot. This may take a few minutes...
    indexer_2: SSH address: 192.168.121.247:22
    indexer_2: SSH username: vagrant
    indexer_2: SSH auth method: private key
    indexer_2: Warning: Connection refused. Retrying...
==> indexer_1: Waiting for machine to boot. This may take a few minutes...
    indexer_1: SSH address: 192.168.121.129:22
    indexer_1: SSH username: vagrant
    indexer_1: SSH auth method: private key
    indexer_1: 
    indexer_1: Vagrant insecure key detected. Vagrant will automatically replace
    indexer_1: this with a newly generated keypair for better security.
    indexer_2: Warning: Connection refused. Retrying...
    indexer_1: 
    indexer_1: Inserting generated public key within guest...
    indexer_1: Removing insecure key from the guest if it's present...
    indexer_1: Key inserted! Disconnecting and reconnecting using new SSH key...
==> indexer_1: Machine booted and ready!
==> indexer_1: Setting hostname...
==> indexer_1: Rsyncing folder: /home/fede/src/wazuh-indexer/test-tools/ => /vagrant
    indexer_2: Warning: Connection refused. Retrying...
==> indexer_1: Configuring and enabling network interfaces...
==> indexer_1: Running provisioner: shell...
    indexer_1: Running: inline script
    indexer_1: Removed "/etc/systemd/system/multi-user.target.wants/firewalld.service".
    indexer_1: Removed "/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service".
    indexer_1: 0 files removed
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: Warning: Connection refused. Retrying...
    indexer_2: 
    indexer_2: Vagrant insecure key detected. Vagrant will automatically replace
    indexer_2: this with a newly generated keypair for better security.
    indexer_2: 
    indexer_2: Inserting generated public key within guest...
    indexer_2: Removing insecure key from the guest if it's present...
    indexer_2: Key inserted! Disconnecting and reconnecting using new SSH key...
==> indexer_2: Machine booted and ready!
==> indexer_2: Setting hostname...
==> indexer_2: Rsyncing folder: /home/fede/src/wazuh-indexer/test-tools/ => /vagrant
==> indexer_2: Configuring and enabling network interfaces...
==> indexer_2: Running provisioner: shell...
    indexer_2: Running: inline script
    indexer_2: Synchronizing state of ufw.service with SysV service script with /lib/systemd/systemd-sysv-install.
    indexer_2: Executing: /lib/systemd/systemd-sysv-install disable ufw
    indexer_2: Removed /etc/systemd/system/multi-user.target.wants/ufw.service.
    indexer_2: 
    indexer_2: WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
    indexer_2: 
    indexer_2: Reading package lists...
    indexer_2: Building dependency tree...
    indexer_2: Reading state information...
    indexer_2: The following NEW packages will be installed:
    indexer_2:   sshpass
    indexer_2: 0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded.
    indexer_2: Need to get 11.7 kB of archives.
    indexer_2: After this operation, 35.8 kB of additional disk space will be used.
    indexer_2: Get:1 https://mirrors.edge.kernel.org/ubuntu jammy/universe amd64 sshpass amd64 1.09-1 [11.7 kB]
    indexer_2: dpkg-preconfigure: unable to re-open stdin: No such file or directory
    indexer_2: Fetched 11.7 kB in 3s (4,344 B/s)
    indexer_2: Selecting previously unselected package sshpass.
(Reading database ... 76233 files and directories currently installed.)
    indexer_2: Preparing to unpack .../sshpass_1.09-1_amd64.deb ...
    indexer_2: Unpacking sshpass (1.09-1) ...
    indexer_2: Setting up sshpass (1.09-1) ...
    indexer_2: Processing triggers for man-db (2.10.2-1) ...
    indexer_2: 
    indexer_2: Running kernel seems to be up-to-date.
    indexer_2: 
    indexer_2: No services need to be restarted.
    indexer_2: 
    indexer_2: No containers need to be restarted.
    indexer_2: 
    indexer_2: No user sessions are running outdated binaries.
    indexer_2: 
    indexer_2: No VM guests are running outdated hypervisor (qemu) binaries on this host.

Related Issues

Resolves #459

Check List

  • Functionality includes testing.
  • API changes companion pull request created, if applicable.
  • Public documentation issue/PR created, if applicable.

@QU3B1M QU3B1M self-assigned this Oct 18, 2024
@QU3B1M QU3B1M requested a review from a team as a code owner October 18, 2024 19:58
AlexRuiz7
AlexRuiz7 approved these changes Oct 21, 2024
View reviewed changes
Copy link
Member

@AlexRuiz7 AlexRuiz7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@alex-GL66 ➜ test-tools git:(enhancement/459-fix-pre-start-script) ✗ vagrant ssh indexer_1
Register this system with Red Hat Insights: insights-client --register
Create an account or view all your systems at https://red.ht/insights-dashboard
[vagrant@node-1 ~]$ ls
wazuh-certificates.tar
[vagrant@node-1 ~]$ ls -l
total 20
-rw-r--r--. 1 root root 20480 Oct 21 09:44 wazuh-certificates.tar

@AlexRuiz7 AlexRuiz7 merged commit 4a91008 into master Oct 21, 2024
5 checks passed
@AlexRuiz7 AlexRuiz7 deleted the enhancement/459-fix-pre-start-script branch October 21, 2024 09:49
AlexRuiz7 added a commit that referenced this pull request Oct 22, 2024
@QU3B1M @AlexRuiz7
Fix pre-start.sh script for Vagrant environment (#479)
7918036 
* Fix openssl error at generating wazuh credentials

* Remove installation of unused sspass package

* Reduce RAM to 4 GB per node

---------

Co-authored-by: Álex Ruiz <[email protected]>
AlexRuiz7 added a commit that referenced this pull request Nov 8, 2024
@QU3B1M @AlexRuiz7
Fix pre-start.sh script for Vagrant environment (#479)
9a31190 
* Fix openssl error at generating wazuh credentials

* Remove installation of unused sspass package

* Reduce RAM to 4 GB per node

---------

Co-authored-by: Álex Ruiz <[email protected]>
AlexRuiz7 added a commit that referenced this pull request Nov 18, 2024
@QU3B1M @AlexRuiz7
Fix pre-start.sh script for Vagrant environment (#479)
86c3491 
* Fix openssl error at generating wazuh credentials

* Remove installation of unused sspass package

* Reduce RAM to 4 GB per node

---------

Co-authored-by: Álex Ruiz <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlexRuiz7 AlexRuiz7 AlexRuiz7 approved these changes

Assignees

@QU3B1M QU3B1M

@f-galland f-galland

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Vagrantfile for testing purposes
3 participants
@QU3B1M @AlexRuiz7 @f-galland