Wazuh Operator¶
A Kubernetes operator that owns the full lifecycle of a Wazuh
stack — indexer, manager (master + workers), and dashboard — for b'nerd's managed-apps
hosting. No Helm chart for the workload: the operator creates and reconciles every
Kubernetes resource directly from a single WazuhCluster custom resource.
| API group | wazuh.bnerd.com/v1alpha1 |
| Kind | WazuhCluster (namespaced, one per tenant) |
| Wazuh | 4.14.x |
What it does¶
- Provisions the indexer (OpenSearch), manager master/workers, and dashboard with the right Services, ConfigMaps, StatefulSets/Deployment and PVCs.
- Generates a self-signed CA and all TLS certificates; manages credentials in Secrets.
- Brings components up in dependency order with readiness gating and reports progress through status conditions.
- Drives ordered, rollout-aware upgrades when you bump
spec.version. - Supports HA and single-node topologies from one field.
Next steps¶
- Installation — install the operator.
- Quick Start — create your first cluster.
- Architecture — what gets deployed and why.
- Upgrades — how day-2 version upgrades work.