> For the complete documentation index, see [llms.txt](https://docs.siberaltay.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.siberaltay.org/en/installations/wazuh-docker-installation.md).

# The Installation of Wazuh on Docker

You can deploy Wazuh as either a single-node or multi-node stack:

* **Single Node Deployment**: Installs one Wazuh manager, indexer, and dashboard node.
* **Multi-Node Deployment**: Installs two Wazuh manager nodes, three Wazuh indexer nodes, and one Wazuh dashboard.

Both deployment types provide persistence and enable certificate configuration to secure communication between nodes. High availability is only available in multi-node deployments.

### Single Node Deployment

1. Clone the Wazuh repository onto your system:

   ```
   git clone https://github.com/wazuh/wazuh-docker.git -b v4.10.0
   ```

   Then navigate to the `single-node` directory to execute the commands described below.
2. Generate certificates for secure communication between nodes. You have two options:
   * **Generate certificates with the following command**:

     ```
     docker-compose -f generate-indexer-certs.yml run --rm generator
     ```
   * **Provide your own certificates** by placing them in the following directory:\
     \&#xNAN;**`config/wazuh_indexer_ssl_certs`**

     **Wazuh Indexer:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca.pem
     config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh.indexer.pem
     config/wazuh_indexer_ssl_certs/admin.pem
     config/wazuh_indexer_ssl_certs/admin-key.pem
     ```

     **Wazuh Manager:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca-manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem
     ```

     **Wazuh Dashboard:**

     ```
     config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem
     config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem
     config/wazuh_indexer_ssl_certs/root-ca.pem
     ```
3. Start the Wazuh single-node deployment using Docker Compose:
   * To run in the foreground:

     ```
     docker compose up
     ```
   * To run in detached mode:

     ```
     docker compose up -d
     ```

The default Wazuh dashboard credentials are:

* **Username**: `admin`
* **Password**: `SecretPassword`

You can change the default password for the Wazuh indexer admin user for additional security.

While the Wazuh indexer starts, the Wazuh dashboard container may make multiple requests to the Wazuh indexer API using `curl`. During this time, you might encounter error messages such as:

* "Failed to connect to Wazuh indexer port 9200"
* "Wazuh dashboard server is not ready yet"

These messages will resolve once the Wazuh indexer is up and running, which usually takes about 1 minute.

You can find the default Wazuh indexer credentials in the `docker-compose.yml` file.

***

### Multi-Node Deployment

1. Clone the Wazuh repository onto your system:

   ```
   git clone https://github.com/wazuh/wazuh-docker.git -b v4.10.0
   ```
2. Generate certificates for secure communication between nodes. You have two options:
   * **Generate certificates with the following command**:

     ```
     docker-compose -f generate-indexer-certs.yml run --rm generator
     ```
   * **Provide your own certificates**:\
     **Wazuh Indexer:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca.pem
     config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem
     config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem
     config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem
     config/wazuh_indexer_ssl_certs/admin.pem
     config/wazuh_indexer_ssl_certs/admin-key.pem
     ```

     **Wazuh Manager:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca-manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.master.pem
     config/wazuh_indexer_ssl_certs/wazuh.master-key.pem
     config/wazuh_indexer_ssl_certs/wazuh.worker.pem
     config/wazuh_indexer_ssl_certs/wazuh.worker-key.pem
     ```

     **Wazuh Dashboard:**

     ```
     config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem
     config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem
     config/wazuh_indexer_ssl_certs/root-ca.pem
     ```
3. Start the Wazuh multi-node deployment using Docker Compose:
   * To run in the foreground:

     ```
     docker compose up
     ```
   * To run in detached mode:

     ```
     docker compose up -d
     ```

***

### References

<details>

<summary>Sources for Installation</summary>

* [Wazuh Docker Deployment](https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html#multi-node-deployment)
* [Christian Lempa](https://www.youtube.com/watch?v=RjvKn0Q3rgg\&ab_channel=ChristianLempa)

</details>

This guide was prepared by [Çetin Boran Mesüm](https://github.com/cetinboran).


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.siberaltay.org/en/installations/wazuh-docker-installation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.