-
Notifications
You must be signed in to change notification settings - Fork 117
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable Fleet Server #279
Enable Fleet Server #279
Changes from all commits
ae3f99b
3054a28
95008aa
abfc3c2
8474486
3d38884
1010dba
9e82f14
909673e
d6e4f8e
b1bd3f7
9cf2ede
5b2311e
3e2b85f
c1fa538
e069db0
f1d5135
5088df3
706ce73
9f68f0d
69ecf9b
fc1037e
58c47e0
a62148b
c46a537
649e2f1
50ece51
fc412cb
9ee732c
0f53750
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -75,25 +75,41 @@ services: | |
package-registry: | ||
condition: service_healthy | ||
|
||
elastic-agent: | ||
fleet-server: | ||
image: ${ELASTIC_AGENT_IMAGE_REF} | ||
depends_on: | ||
elasticsearch: | ||
condition: service_healthy | ||
kibana: | ||
condition: service_healthy | ||
healthcheck: | ||
test: "curl -f http://127.0.0.1:8220/api/status | grep HEALTHY 2>&1 >/dev/null" | ||
retries: 12 | ||
interval: 5s | ||
hostname: docker-fleet-server | ||
environment: | ||
- "FLEET_SERVER_ENABLE=1" | ||
- "FLEET_SERVER_INSECURE_HTTP=1" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I would rather see you run it without this flag. Why run it insecurely? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. For debugging purposes we can sniff network traffic and see requests/responses. It's not a production setup. |
||
- "KIBANA_FLEET_SETUP=1" | ||
- "KIBANA_FLEET_HOST=http://kibana:5601" | ||
ruflin marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- "FLEET_SERVER_HOST=0.0.0.0" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You should not need this anymore. By default Elastic Agent will start Fleet Server with it bound to There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Fixed There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Unfortunately this one is also required, otherwise the fleet server is not reachable anymore. Maybe something hasn't been backported here? |
||
ports: | ||
- "127.0.0.1:8220:8220" | ||
|
||
elastic-agent: | ||
image: ${ELASTIC_AGENT_IMAGE_REF} | ||
depends_on: | ||
fleet-server: | ||
condition: service_healthy | ||
healthcheck: | ||
test: "sh -c 'grep \"Agent is starting\" -r . --include=elastic-agent-json.log'" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The
Should be enough, as it returns exit code 0 when the agent is healthy. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Unfortunately it fails with:
I opened issue for this: elastic/beats#24956 |
||
retries: 30 | ||
retries: 90 | ||
interval: 1s | ||
hostname: docker-fleet-agent | ||
environment: | ||
- "FLEET_ENROLL=1" | ||
- "FLEET_ENROLL_INSECURE=1" | ||
- "FLEET_INSECURE=1" | ||
ruflin marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- "FLEET_SETUP=1" | ||
- "FLEET_URL=http://kibana:5601" | ||
- "KIBANA_HOST=http://kibana:5601" | ||
- "FLEET_URL=http://fleet-server:8220" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I wonder how in this scenario the elastic-agent will get the right enrollment token. We might still have to read it from Kibana. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Would prefer the usage of |
||
volumes: | ||
- type: bind | ||
source: ../tmp/service_logs/ | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can add
--insecure
to thecurl
command and change tohttps
if you remove theFLEET_SERVER_INSECURE_HTTP
below.