# The Installation of Wazuh on Docker

You can deploy Wazuh as either a single-node or multi-node stack:

* **Single Node Deployment**: Installs one Wazuh manager, indexer, and dashboard node.
* **Multi-Node Deployment**: Installs two Wazuh manager nodes, three Wazuh indexer nodes, and one Wazuh dashboard.

Both deployment types provide persistence and enable certificate configuration to secure communication between nodes. High availability is only available in multi-node deployments.

### Single Node Deployment

1. Clone the Wazuh repository onto your system:

   ```
   git clone https://github.com/wazuh/wazuh-docker.git -b v4.10.0
   ```

   Then navigate to the `single-node` directory to execute the commands described below.
2. Generate certificates for secure communication between nodes. You have two options:
   * **Generate certificates with the following command**:

     ```
     docker-compose -f generate-indexer-certs.yml run --rm generator
     ```
   * **Provide your own certificates** by placing them in the following directory:\
     \&#xNAN;**`config/wazuh_indexer_ssl_certs`**

     **Wazuh Indexer:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca.pem
     config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh.indexer.pem
     config/wazuh_indexer_ssl_certs/admin.pem
     config/wazuh_indexer_ssl_certs/admin-key.pem
     ```

     **Wazuh Manager:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca-manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem
     ```

     **Wazuh Dashboard:**

     ```
     config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem
     config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem
     config/wazuh_indexer_ssl_certs/root-ca.pem
     ```
3. Start the Wazuh single-node deployment using Docker Compose:
   * To run in the foreground:

     ```
     docker compose up
     ```
   * To run in detached mode:

     ```
     docker compose up -d
     ```

The default Wazuh dashboard credentials are:

* **Username**: `admin`
* **Password**: `SecretPassword`

You can change the default password for the Wazuh indexer admin user for additional security.

While the Wazuh indexer starts, the Wazuh dashboard container may make multiple requests to the Wazuh indexer API using `curl`. During this time, you might encounter error messages such as:

* "Failed to connect to Wazuh indexer port 9200"
* "Wazuh dashboard server is not ready yet"

These messages will resolve once the Wazuh indexer is up and running, which usually takes about 1 minute.

You can find the default Wazuh indexer credentials in the `docker-compose.yml` file.

***

### Multi-Node Deployment

1. Clone the Wazuh repository onto your system:

   ```
   git clone https://github.com/wazuh/wazuh-docker.git -b v4.10.0
   ```
2. Generate certificates for secure communication between nodes. You have two options:
   * **Generate certificates with the following command**:

     ```
     docker-compose -f generate-indexer-certs.yml run --rm generator
     ```
   * **Provide your own certificates**:\
     **Wazuh Indexer:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca.pem
     config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem
     config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem
     config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem
     config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem
     config/wazuh_indexer_ssl_certs/admin.pem
     config/wazuh_indexer_ssl_certs/admin-key.pem
     ```

     **Wazuh Manager:**

     ```
     config/wazuh_indexer_ssl_certs/root-ca-manager.pem
     config/wazuh_indexer_ssl_certs/wazuh.master.pem
     config/wazuh_indexer_ssl_certs/wazuh.master-key.pem
     config/wazuh_indexer_ssl_certs/wazuh.worker.pem
     config/wazuh_indexer_ssl_certs/wazuh.worker-key.pem
     ```

     **Wazuh Dashboard:**

     ```
     config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem
     config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem
     config/wazuh_indexer_ssl_certs/root-ca.pem
     ```
3. Start the Wazuh multi-node deployment using Docker Compose:
   * To run in the foreground:

     ```
     docker compose up
     ```
   * To run in detached mode:

     ```
     docker compose up -d
     ```

***

### References

<details>

<summary>Sources for Installation</summary>

* [Wazuh Docker Deployment](https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html#multi-node-deployment)
* [Christian Lempa](https://www.youtube.com/watch?v=RjvKn0Q3rgg\&ab_channel=ChristianLempa)

</details>

This guide was prepared by [Çetin Boran Mesüm](https://github.com/cetinboran).