Merge remote-tracking branch 'remotes/origin/2.4/dev' into fleet-sa

2026-02-13 10:43:32 +01:00 · 2023-04-03 07:27:04 -04:00
parent e4b10aa28c a0bb6a700a
commit af392681e3
572 changed files with 7060 additions and 31492 deletions
--- a/salt/docker/defaults.yaml
+++ b/salt/docker/defaults.yaml
@@ -1,8 +1,8 @@
 docker:
  bip: '172.17.0.1'
  range: '172.17.0.0/24'
-  sosrange: '172.17.1.0/24'
-  sosbip: '172.17.1.1'
+  sorange: '172.17.1.0/24'
+  sobip: '172.17.1.1'
  containers:
    'so-dockerregistry':
      final_octet: 20
@@ -17,16 +17,6 @@ docker:
      port_bindings:
        - 0.0.0.0:9200:9200/tcp
        - 0.0.0.0:9300:9300/tcp
-    'so-filebeat':
-      final_octet: 23
-      port_bindings:
-        - 0.0.0.0:514:514/udp
-        - 0.0.0.0:514:514/tcp
-        - 0.0.0.0:5066:5066/tcp
-    'so-grafana':
-      final_octet: 24
-      port_bindings:
-        - 0.0.0.0:3000:3000
    'so-idstools':
      final_octet: 25
    'so-influxdb':
@@ -67,7 +57,7 @@ docker:
    'so-playbook':
      final_octet: 32
      port_bindings:
-        - 0.0.0.0:3200:3000
+        - 0.0.0.0:3000:3000
    'so-redis':
      final_octet: 33
      port_bindings:
@@ -107,3 +97,5 @@ docker:
      final_octet: 44
      port_bindings:
        - 0.0.0.0:8080:8080/tcp
+    'so-idh':
+      final_octet: 45
--- a/salt/docker/docker.map.jinja
+++ b/salt/docker/docker.map.jinja
@@ -1,6 +1,6 @@
 {% import_yaml 'docker/defaults.yaml' as DOCKERDEFAULTS %}
 {% set DOCKER = salt['pillar.get']('docker', DOCKERDEFAULTS.docker, merge=True) %}
-{% set RANGESPLIT = DOCKER.sosrange.split('.') %}
+{% set RANGESPLIT = DOCKER.sorange.split('.') %}
 {% set FIRSTTHREE = RANGESPLIT[0] ~ '.' ~ RANGESPLIT[1] ~ '.' ~ RANGESPLIT[2] ~ '.' %}

 {% for container, vals in DOCKER.containers.items() %}
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -26,10 +26,10 @@ dockerheldpackages:
 dockerheldpackages:
  pkg.installed:
    - pkgs:
-      - containerd.io: 1.4.4-3.1.el7
-      - docker-ce: 3:20.10.5-3.el7
-      - docker-ce-cli: 1:20.10.5-3.el7
-      - docker-ce-rootless-extras: 20.10.5-3.el7
+      - containerd.io: 1.6.18-3.1.el9
+      - docker-ce: 23.0.1-1.el9
+      - docker-ce-cli: 23.0.1-1.el9
+      - docker-ce-rootless-extras: 23.0.1-1.el9
    - hold: True
    - update_holds: True
 {% endif %}
@@ -79,13 +79,13 @@ dockerreserveports:

 sos_docker_net:
  docker_network.present:
-    - name: sosbridge
-    - subnet: {{ DOCKER.sosrange }}
-    - gateway: {{ DOCKER.sosbip }}
+    - name: sobridge
+    - subnet: {{ DOCKER.sorange }}
+    - gateway: {{ DOCKER.sobip }}
    - options:
-        com.docker.network.bridge.name: 'sosbridge'
+        com.docker.network.bridge.name: 'sobridge'
        com.docker.network.driver.mtu: '1500'
        com.docker.network.bridge.enable_ip_masquerade: 'true'
        com.docker.network.bridge.enable_icc: 'true'
        com.docker.network.bridge.host_binding_ipv4: '0.0.0.0'
-    - unless: 'docker network ls | grep sosbridge'
+    - unless: 'docker network ls | grep sobridge'
--- a/salt/docker/soc_docker.yaml
+++ b/salt/docker/soc_docker.yaml
@@ -0,0 +1,53 @@
+docker:
+  bip:
+    description: Bind IP for the default docker interface.
+    helpLink: docker.html
+    advanced: True
+  range:
+    description: Default docker IP range for containers.
+    helpLink: docker.html
+    advanced: True
+  sobip:
+    description: Bind IP for the SO docker interface.
+    helpLink: docker.html
+    advanced: True
+  sorange:
+    description: IP range for the SO docker containers.
+    helpLink: docker.html
+    advanced: True
+  containers:
+    so-curator: &dockerOptions
+      final_octet:
+        description: Last octet of the container IP address.
+        helpLink: docker.html
+        readonly: True
+        advanced: True
+        global: True
+      port_bindings:
+        description: List of port bindings for the container.
+        helpLink: docker.html
+        advanced: True
+        multiline: True
+    so-dockerregistry: *dockerOptions
+    so-elastalert: *dockerOptions
+    so-elastic-fleet-package-registry: *dockerOptions
+    so-elastic-fleet: *dockerOptions
+    so-elasticsearch: *dockerOptions
+    so-idh: *dockerOptions
+    so-idstools: *dockerOptions
+    so-influxdb: *dockerOptions
+    so-kibana: *dockerOptions
+    so-kratos: *dockerOptions
+    so-logstash: *dockerOptions
+    so-mysql: *dockerOptions
+    so-nginx: *dockerOptions
+    so-playbook: *dockerOptions
+    so-redis: *dockerOptions
+    so-soc: *dockerOptions
+    so-soctopus: *dockerOptions
+    so-strelka-backend: *dockerOptions
+    so-strelka-coordinator: *dockerOptions
+    so-strelka-filestream: *dockerOptions
+    so-strelka-frontend: *dockerOptions
+    so-strelka-gatekeeper: *dockerOptions
+    so-strelka-manager: *dockerOptions