Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add etcd integration for Elastic Agent #8885

Closed
Alphayeeeet opened this issue Jan 15, 2024 · 5 comments
Closed

Add etcd integration for Elastic Agent #8885

Alphayeeeet opened this issue Jan 15, 2024 · 5 comments
Labels

Comments

@Alphayeeeet
Copy link
Contributor

Alphayeeeet commented Jan 15, 2024

Describe the enhancement:
The etcd module (currently only available for standalone Metricbeat deployments) should be available for Elastic Agent as a Fleet integration.
https://www.elastic.co/guide/en/beats/metricbeat/8.11/metricbeat-module-etcd.html

Describe a specific use case for the enhancement or feature:
When monitoring a Kubernetes cluster, you can already get metrics of control plane components like kube-scheduler or controller-manager. Etcd as the central database, where all cluster objects are stored, should be also available to monitoring via elastic agent.

What is the definition of done?
Added an integration to deploy via fleet, so etcd-metrics can be collected using Elastic Agent.

This root comment is resolved. Please take a look at this one: #8885 (comment)

@cmacknz cmacknz transferred this issue from elastic/elastic-agent Jan 15, 2024
@Alphayeeeet Alphayeeeet changed the title Add etcd Integration for Elastic Agent Add etcd integration for Elastic Agent Jan 30, 2024
@Alphayeeeet
Copy link
Contributor Author

Already resollved by upgrading to 8.12.x.

@Alphayeeeet
Copy link
Contributor Author

Alphayeeeet commented Feb 9, 2024

Reopen because of not enough features:
#6014 #8441

ETCD integration in Fleet UI needs option to specify paths for serving certificates (Client-Cert/Key and serving CA).
For now it is only possible to monitor non TLS protected etcd instances.

Kubernetes provides etcd-certificates to use on host-fs (/etc/kubernetes/static-pod-resources/...). Integration should use those paths including node name for getting correct peer certificates.

@Alphayeeeet Alphayeeeet reopened this Feb 9, 2024
@Alphayeeeet
Copy link
Contributor Author

Btw. perhaps consider opening a new issue to support trusted ca-certificates in Kubernetes kube-controller-manager and kube-scheduler config. (The option to set verification mode is available, but ca-certificates are missing.

@Alphayeeeet
Copy link
Contributor Author

Would be resolved by #9414

@Alphayeeeet
Copy link
Contributor Author

Should be resolved

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants