Add/delete node without downtime in wazuh
145 views
Skip to first unread message
Pradeep
Feb 21, 2023, 12:59:32 AM2/21/23
to Wazuh mailing list
Hello Team,
Can you assist us how we can add/delete nodes of wazuh-indexer without restarting the whole cluster with the new certificates to avoid downtime?
what we learnt so far is that we need to create new config.yml to add new nodes in both wazuh-manager and wazuh-indexer, and to make it work with the existing cluster we need to replace the old certificates with the new ones.
what we learnt so far is that we need to create new config.yml to add new nodes in both wazuh-manager and wazuh-indexer, and to make it work with the existing cluster we need to replace the old certificates with the new ones.
Thanks!
Pradeep
Selu López
Feb 21, 2023, 2:21:26 AM2/21/23
to Wazuh mailing list
Hello Pradeep,
Take a look at this section of the documentation:
You should have a rootCA certificate that was generated along with the others during the Wazuh installation. It can be used when adding a new node to create its certificates. Just remember to use the same rootCA pem and key that it was used for the other nodes:
bash wazuh-certs-tool.sh -A /path/to/root-ca.pem /path/to/root-ca.keyThis is explained in more detail in the link I shared above. Basically, you would need to modify your config.yml to add the new nodes and then run this tool while using the rootCA that you already have. This way, you won’t need to re-generate and re-deploy all your certificates, just do it for the new nodes.
Hope this works for you, let me know otherwise!
Reply all
Reply to author
Forward
0 new messages