Skip to content

Commit

Permalink
[Fleet] Create default Fleet Server policy with fleet server package (#…
Browse files Browse the repository at this point in the history 
…90973)
  • Loading branch information
@nchaulet
nchaulet authored Feb 16, 2021
1 parent 58849bc commit e8fea28
Show file tree
Hide file tree
Showing 6 changed files with 82 additions and 13 deletions.
15 changes: 15 additions & 0 deletions x-pack/plugins/fleet/common/constants/agent_policy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,19 @@ export const DEFAULT_AGENT_POLICY: Omit<
monitoring_enabled: ['logs', 'metrics'] as Array<'logs' | 'metrics'>,
};

export const DEFAULT_FLEET_SERVER_AGENT_POLICY: Omit<
AgentPolicy,
'id' | 'updated_at' | 'updated_by' | 'revision'
> = {
name: 'Default Fleet Server policy',
namespace: 'default',
description: 'Default Fleet Server agent policy created by Kibana',
status: agentPolicyStatuses.Active,
package_policies: [],
is_default: false,
is_default_fleet_server: true,
is_managed: false,
monitoring_enabled: ['logs', 'metrics'] as Array<'logs' | 'metrics'>,
};

export const DEFAULT_AGENT_POLICIES_PACKAGES = [defaultPackages.System];
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/common/types/models/agent_policy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ export interface NewAgentPolicy {
namespace: string;
description?: string;
is_default?: boolean;
is_default_fleet_server?: boolean; // Optional when creating a policy
is_managed?: boolean; // Optional when creating a policy
monitoring_enabled?: Array<ValueOf<DataType>>;
}
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/server/saved_objects/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,7 @@ const getSavedObjectTypes = (
description: { type: 'text' },
namespace: { type: 'keyword' },
is_default: { type: 'boolean' },
is_default_fleet_server: { type: 'boolean' },
is_managed: { type: 'boolean' },
status: { type: 'keyword' },
package_policies: { type: 'keyword' },
Expand Down
9 changes: 4 additions & 5 deletions x-pack/plugins/fleet/server/saved_objects/migrations/to_v7_12_0.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,11 @@ export const migrateAgentToV7120: SavedObjectMigrationFn<Agent & { shared_id?: s
};

export const migrateAgentPolicyToV7120: SavedObjectMigrationFn<
Exclude<AgentPolicy, 'is_managed'>,
Exclude<AgentPolicy, 'is_managed' & 'is_default_fleet_server'>,
AgentPolicy
> = (agentPolicyDoc) => {
const isV12 = 'is_managed' in agentPolicyDoc.attributes;
if (!isV12) {
agentPolicyDoc.attributes.is_managed = false;
}
agentPolicyDoc.attributes.is_managed = false;
agentPolicyDoc.attributes.is_default_fleet_server = false;

return agentPolicyDoc;
};
47 changes: 41 additions & 6 deletions x-pack/plugins/fleet/server/services/agent_policy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ import {
dataTypes,
FleetServerPolicy,
AGENT_POLICY_INDEX,
DEFAULT_FLEET_SERVER_AGENT_POLICY,
} from '../../common';
import {
AgentPolicyNameExistsError,
Expand Down Expand Up @@ -133,6 +134,39 @@ class AgentPolicyService {
};
}

public async ensureDefaultFleetServerAgentPolicy(
soClient: SavedObjectsClientContract,
esClient: ElasticsearchClient
): Promise<{
created: boolean;
policy: AgentPolicy;
}> {
const agentPolicies = await soClient.find<AgentPolicySOAttributes>({
type: AGENT_POLICY_SAVED_OBJECT_TYPE,
searchFields: ['is_default_fleet_server'],
search: 'true',
});

if (agentPolicies.total === 0) {
const newDefaultAgentPolicy: NewAgentPolicy = {
...DEFAULT_FLEET_SERVER_AGENT_POLICY,
};

return {
created: true,
policy: await this.create(soClient, esClient, newDefaultAgentPolicy),
};
}

return {
created: false,
policy: {
id: agentPolicies.saved_objects[0].id,
...agentPolicies.saved_objects[0].attributes,
},
};
}

public async create(
soClient: SavedObjectsClientContract,
esClient: ElasticsearchClient,
Expand Down Expand Up @@ -569,18 +603,19 @@ class AgentPolicyService {
if (!(await isAgentsSetup(soClient))) {
return;
}
const policy = await agentPolicyService.getFullAgentPolicy(soClient, agentPolicyId);
if (!policy || !policy.revision) {
const policy = await agentPolicyService.get(soClient, agentPolicyId);
const fullPolicy = await agentPolicyService.getFullAgentPolicy(soClient, agentPolicyId);
if (!policy || !fullPolicy || !fullPolicy.revision) {
return;
}

const fleetServerPolicy: FleetServerPolicy = {
'@timestamp': new Date().toISOString(),
revision_idx: policy.revision,
revision_idx: fullPolicy.revision,
coordinator_idx: 0,
data: (policy as unknown) as FleetServerPolicy['data'],
policy_id: policy.id,
default_fleet_server: false,
data: (fullPolicy as unknown) as FleetServerPolicy['data'],
policy_id: fullPolicy.id,
default_fleet_server: policy.is_default_fleet_server === true,
};

await esClient.create({
Expand Down
22 changes: 20 additions & 2 deletions x-pack/plugins/fleet/server/services/setup.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,15 +56,20 @@ async function createSetupSideEffects(
esClient: ElasticsearchClient,
callCluster: CallESAsCurrentUser
): Promise<SetupStatus> {
const isFleetServerEnabled = appContextService.getConfig()?.agents.fleetServerEnabled;
const [
installedPackages,
defaultOutput,
{ created: defaultAgentPolicyCreated, defaultAgentPolicy },
{ created: defaultFleetServerPolicyCreated, policy: defaultFleetServerPolicy },
] = await Promise.all([
// packages installed by default
ensureInstalledDefaultPackages(soClient, callCluster),
outputService.ensureDefaultOutput(soClient),
agentPolicyService.ensureDefaultAgentPolicy(soClient, esClient),
isFleetServerEnabled
? agentPolicyService.ensureDefaultFleetServerAgentPolicy(soClient, esClient)
: {},
updateFleetRoleIfExists(callCluster),
settingsService.getSettings(soClient).catch((e: any) => {
if (e.isBoom && e.output.statusCode === 404) {
Expand All @@ -83,7 +88,7 @@ async function createSetupSideEffects(
// By moving this outside of the Promise.all, the upgrade will occur first, and then we'll attempt to reinstall any
// packages that are stuck in the installing state.
await ensurePackagesCompletedInstall(soClient, callCluster);
if (appContextService.getConfig()?.agents.fleetServerEnabled) {
if (isFleetServerEnabled) {
await ensureInstalledPackage({
savedObjectsClient: soClient,
pkgName: FLEET_SERVER_PACKAGE,
Expand All @@ -94,15 +99,28 @@ async function createSetupSideEffects(
}

if (appContextService.getConfig()?.agents?.fleetServerEnabled) {
await ensureInstalledPackage({
const fleetServerPackage = await ensureInstalledPackage({
savedObjectsClient: soClient,
pkgName: FLEET_SERVER_PACKAGE,
callCluster,
});
await ensureFleetServerIndicesCreated(esClient);
await runFleetServerMigration();

if (defaultFleetServerPolicyCreated) {
await addPackageToAgentPolicy(
soClient,
esClient,
callCluster,
fleetServerPackage,
defaultFleetServerPolicy,
defaultOutput
);
}
}

// If we just created the default fleet server policy add the fleet server package

// If we just created the default policy, ensure default packages are added to it
if (defaultAgentPolicyCreated) {
const agentPolicyWithPackagePolicies = await agentPolicyService.get(
Expand Down

0 comments on commit e8fea28

Please sign in to comment.