Wazuh High Availability Roadmap

Timeline and Milestones

This roadmap outlines our roadmap to set up a high-availability, high-performance Wazuh instance using Kubernetes over the next 10 weeks. Our Wazuh instance will be released to the public by 8am Monday Feburary 17th, 2025 AWST.

Week 1 (Dec 9 2024): Research and Planning

• Review Wazuh documentation for cluster deployment.
• Study Kubernetes fundamentals for high availability.
• Identify cloud provider/on-premises resources.
• Plan Wazuh components: Manager, Indexer, Dashboard.
• Deliverable: Documented deployment plan with architecture diagram.

Week 2 (Dec 16 2024): Environment Preparation

• Choose a Kubernetes distribution (e.g., K3s, AKS, EKS).
• Install and configure Kubernetes.
• Set up Helm and kubectl.
• Deploy basic monitoring tools (e.g., Metrics Server, Prometheus).
• Deliverable: Working Kubernetes cluster with monitoring.

Week 3 (Dec 30 2024): Persistent Storage and Networking

• Set up storage class (e.g., Ceph, NFS, cloud-based).
• Configure Ingress controller for external access.
• Ensure inter-component networking.
• Deliverable: Persistent volumes and networking configurations tested.

Week 4 (Jan 6 2025): Initial Wazuh Deployment

• Create Kubernetes manifests or Helm charts for Wazuh.
• Deploy Wazuh Indexer, Manager, and Dashboard with persistent storage.
• Validate communication between components.
• Deliverable: Single-node Wazuh instance running in Kubernetes.

Week 5 (Jan 13 2025): Scaling and High Availability

• Set up replica sets for Wazuh components.
• Configure load balancing for Manager and Dashboard.
• Use StatefulSets for stable identities and storage.
• Deliverable: High-availability Wazuh cluster deployed.

Week 6 (Jan 20 2025): Performance Optimization

• Enable resource limits and requests for Wazuh pods.
• Configure Indexer heap size and memory settings.
• Use monitoring tools to track performance.
• Deliverable: Optimized and monitored Wazuh deployment.

Week 7 (Jan 27 2025): Security Hardening

• Set up RBAC policies in Kubernetes.
• Configure TLS for all Wazuh services.
• Secure ingress with HTTPS and enable authentication.
• Deliverable: Secure Wazuh cluster with RBAC and TLS.

Week 8 (Feb 3 2025): Testing and Validation

• Perform stress tests to validate scaling and HA.
• Simulate failure scenarios and verify recovery.
• Test log ingestion and analysis.
• Deliverable: Validated Wazuh deployment.

Week 9 (Feb 10 2025): Documentation and Final Tweaks

• Write detailed deployment and operational documentation.
• Apply final tweaks based on test results.
• Train team members if necessary.
• Enable logging and alerts for operational visibility.
• Deliverable: Fully documented Wazuh cluster.

Week 10 (Feb 17 2025): Production Deployment

• Deliverable: Release!