Fix issues with enrollment w/ fleet-server.

elastic · Feb 20, 2021 · c2449ea · c2449ea
1 parent 01796bf
commit c2449ea
Showing 1 changed file with 53 additions and 41 deletions.
diff --git a/x-pack/elastic-agent/pkg/agent/application/enroll_cmd.go b/x-pack/elastic-agent/pkg/agent/application/enroll_cmd.go
@@ -33,8 +33,9 @@ import (
 )
 
 const (
-	waitingForAgent       = "waiting for Elastic Agent to start"
-	waitingForFleetServer = "waiting for Elastic Agent to start Fleet Server"
+	waitingForAgent        = "waiting for Elastic Agent to start"
+	waitingForFleetServer  = "waiting for Elastic Agent to start Fleet Server"
+	defaultFleetServerPort = 8220
 )
 
 var (
@@ -146,46 +147,40 @@ func NewEnrollCmdWithStore(
 	configPath string,
 	store store,
 ) (*EnrollCmd, error) {
-
-	cfg, err := options.kibanaConfig()
-	if err != nil {
-		return nil, errors.New(
-			err, "Error",
-			errors.TypeConfig,
-			errors.M(errors.MetaKeyURI, options.URL))
-	}
-
-	client, err := fleetapi.NewWithConfig(log, cfg)
-	if err != nil {
-		return nil, errors.New(
-			err, "Error",
-			errors.TypeNetwork,
-			errors.M(errors.MetaKeyURI, options.URL))
-	}
-
 	return &EnrollCmd{
-		log:          log,
-		client:       client,
-		options:      options,
-		kibanaConfig: cfg,
-		configStore:  store,
+		log:         log,
+		options:     options,
+		configStore: store,
 	}, nil
 }
 
 // Execute tries to enroll the agent into Fleet.
 func (c *EnrollCmd) Execute(ctx context.Context) error {
+	var err error
 	if c.options.FleetServerConnStr != "" {
-		err := c.fleetServerBootstrap(ctx)
+		err = c.fleetServerBootstrap(ctx)
 		if err != nil {
 			return err
 		}
+	}
+
+	c.kibanaConfig, err = c.options.kibanaConfig()
+	if err != nil {
+		return errors.New(
+			err, "Error",
+			errors.TypeConfig,
+			errors.M(errors.MetaKeyURI, c.options.URL))
+	}
 
-		// enroll should use localhost as fleet-server is now running
-		// it must also restart
-		c.options.URL = "http://localhost:8000"
+	c.client, err = fleetapi.NewWithConfig(c.log, c.kibanaConfig)
+	if err != nil {
+		return errors.New(
+			err, "Error",
+			errors.TypeNetwork,
+			errors.M(errors.MetaKeyURI, c.options.URL))
 	}
 
-	err := c.enrollWithBackoff(ctx)
+	err = c.enrollWithBackoff(ctx)
 	if err != nil {
 		return errors.New(err, "fail to enroll")
 	}
@@ -198,16 +193,16 @@ func (c *EnrollCmd) Execute(ctx context.Context) error {
 }
 
 func (c *EnrollCmd) fleetServerBootstrap(ctx context.Context) error {
-	err := c.prepareFleetTLS()
+	c.log.Debug("verifying communication with running Elastic Agent daemon")
+	_, err := getDaemonStatus(ctx)
 	if err != nil {
-		return err
+		return errors.New("failed to communicate with elastic-agent daemon; is elastic-agent running?")
 	}
 
-	c.log.Debug("verifying communication with running Elastic Agent daemon")
-	//_, err = getDaemonStatus(ctx)
-	//if err != nil {
-	//	return errors.New("failed to communicate with elastic-agent daemon; is elastic-agent running?")
-	//}
+	err = c.prepareFleetTLS()
+	if err != nil {
+		return err
+	}
 
 	fleetConfig, err := createFleetServerBootstrapConfig(
 		c.options.FleetServerConnStr, c.options.FleetServerPolicyID,
@@ -237,6 +232,14 @@ func (c *EnrollCmd) fleetServerBootstrap(ctx context.Context) error {
 }
 
 func (c *EnrollCmd) prepareFleetTLS() error {
+	host := c.options.FleetServerHost
+	if host == "" {
+		host = "localhost"
+	}
+	port := c.options.FleetServerPort
+	if port == 0 {
+		port = defaultFleetServerPort
+	}
 	if c.options.FleetServerCert != "" && c.options.FleetServerCertKey == "" {
 		return errors.New("certificate private key is required when certificate provided")
 	}
@@ -249,10 +252,12 @@ func (c *EnrollCmd) prepareFleetTLS() error {
 			if c.options.FleetServerHost == "" {
 				c.options.FleetServerHost = "localhost"
 			}
+			c.options.URL = fmt.Sprintf("http://%s:%d", host, port)
+			c.options.Insecure = true
 			return nil
 		}
 
-		c.log.Info("generating self-signed certificate for Fleet Server")
+		c.log.Info("Generating self-signed certificate for Fleet Server")
 		hostname, err := os.Hostname()
 		if err != nil {
 			return err
@@ -267,6 +272,8 @@ func (c *EnrollCmd) prepareFleetTLS() error {
 		}
 		c.options.FleetServerCert = string(pair.Crt)
 		c.options.FleetServerCertKey = string(pair.Key)
+		c.options.URL = fmt.Sprintf("https://%s:%d", hostname, port)
+		c.options.CAs = []string{string(ca.Crt())}
 	}
 	return nil
 }
@@ -325,6 +332,9 @@ func (c *EnrollCmd) enroll(ctx context.Context) error {
 	}
 
 	fleetConfig, err := createFleetConfigFromEnroll(resp.Item.AccessAPIKey, c.kibanaConfig)
+	if err != nil {
+		return err
+	}
 	agentConfig := map[string]interface{}{
 		"id": resp.Item.ID,
 	}
@@ -452,10 +462,12 @@ func waitForFleetServer(ctx context.Context, log *logger.Logger) error {
 				resChan <- waitResult{}
 				break
 			}
-			appMsg := fmt.Sprintf("Fleet Server - %s", app.Message)
-			if msg != appMsg {
-				msg = appMsg
-				log.Info(appMsg)
+			if app.Message != "" {
+				appMsg := fmt.Sprintf("Fleet Server - %s", app.Message)
+				if msg != appMsg {
+					msg = appMsg
+					log.Info(appMsg)
+				}
 			}
 		}
 	}()