ae10472528
Added official Wazuh Kubernetes deployment repository for reference. This provides: - Kubernetes manifests for production deployments - Resource limits and health check configurations - Security best practices - Multi-node and HA deployment examples Useful for future improvements and K8s migration considerations. Size: 900K 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Wazuh Kubernetes
Deploy a Wazuh cluster with a basic indexer and dashboard stack on Kubernetes.
Branches
mainbranch contains the latest code, be aware of possible bugs on this branch.
Documentation
Amazon EKS development
To deploy a cluster on Amazon EKS cluster read the instructions on instructions.md. Note: For Kubernetes version 1.23 or higher, the assignment of an IAM Role is necessary for the CSI driver to function correctly. Within the AWS documentation you can find the instructions for the assignment: https://docs.aws.amazon.com/eks/latest/userguide/ebs-csi.html The installation of the CSI driver is mandatory for new and old deployments if you are going to use Kubernetes 1.23 for the first time or you need to upgrade the cluster.
Local development
To deploy a cluster on your local environment (like Minikube, Kind or Microk8s) read the instructions on local-environment.md.
Diagram
Directory structure
├── CHANGELOG.md
├── cleanup.md
├── envs
│ ├── eks
│ │ ├── dashboard-resources.yaml
│ │ ├── indexer-resources.yaml
│ │ ├── kustomization.yml
│ │ ├── storage-class.yaml
│ │ ├── wazuh-master-resources.yaml
│ │ └── wazuh-worker-resources.yaml
│ └── local-env
│ ├── indexer-resources.yaml
│ ├── kustomization.yml
│ ├── storage-class.yaml
│ └── wazuh-resources.yaml
├── instructions.md
├── LICENSE
├── local-environment.md
├── README.md
├── upgrade.md
├── VERSION.json
└── wazuh
├── base
│ ├── storage-class.yaml
│ └── wazuh-ns.yaml
├── certs
│ ├── dashboard_http
│ │ └── generate_certs.sh
│ └── indexer_cluster
│ └── generate_certs.sh
├── indexer_stack
│ ├── wazuh-dashboard
│ │ ├── dashboard_conf
│ │ │ └── opensearch_dashboards.yml
│ │ ├── dashboard-deploy.yaml
│ │ └── dashboard-svc.yaml
│ └── wazuh-indexer
│ ├── cluster
│ │ ├── indexer-api-svc.yaml
│ │ └── indexer-sts.yaml
│ ├── indexer_conf
│ │ ├── internal_users.yml
│ │ └── opensearch.yml
│ └── indexer-svc.yaml
├── kustomization.yml
├── secrets
│ ├── dashboard-cred-secret.yaml
│ ├── indexer-cred-secret.yaml
│ ├── wazuh-api-cred-secret.yaml
│ ├── wazuh-authd-pass-secret.yaml
│ └── wazuh-cluster-key-secret.yaml
└── wazuh_managers
├── wazuh-cluster-svc.yaml
├── wazuh_conf
│ ├── master.conf
│ └── worker.conf
├── wazuh-master-sts.yaml
├── wazuh-master-svc.yaml
├── wazuh-workers-svc.yaml
└── wazuh-worker-sts.yaml
Contribute
If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users mailing list or the Wazuh Slack community channel to ask questions and participate in discussions.
Credits and Thank you
Based on the previous work from JPLachance coveo/wazuh-kubernetes (2018/11/22).
License and copyright
WAZUH Copyright (C) 2016, Wazuh Inc. (License GPLv2)