-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run only providers that have references in the policy #3609
Comments
Pinging @elastic/elastic-agent (Team:Elastic-Agent) |
An additional problem we discovered recently is that the elastic-agent/internal/pkg/composable/controller.go Lines 52 to 71 in be04fba
This means disabling a provider in the policy has no effect unless you also restart the agent. The change proposed here would also fix this problem. For context we were attempting to disable the k8s leader election provider with a Fleet policy override and found this wasn't possible without restarting the agent manually afterwards. |
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
Describe the enhancement:
Currently the Elastic Agent runs all of its providers all the time. Context providers are rather low overhead, but dynamic providers are not and when they are not even being used its adding load for no benefit to the running policy.
We should adjust the Elastic Agent to only run providers that are referenced in the policy. Variable referencing is always prefixed with a provider name aka
${kubernetes.*}
that means its rather easy to identify which providers should be enabled based on what is in the policy.This also removes the need to add any configuration to Fleet to disable or enable a provide for the Elastic Agent. If the policy from Fleet doesn't use a provider then the Elastic Agent will not run it.
Describe a specific use case for the enhancement or feature:
Reduce load of an Elastic Agent, prevents it from trying to communicate with Docker or Kubernetes in the case that its not even running a Docker or Kubernetes inputs in the policy.
What is the definition of done?
I propose the following change:
The text was updated successfully, but these errors were encountered: