[Fleet] Clean up documents in .fleet* indices related to agents that were already unenrolled
#189506
Comments
criamico
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
|
thanks @criamico - can this be an option in the advanced section of the Fleet settings? I think it's a great idea but it would need to be an opt-in as mentioned, and it won't apply necessarily at an Agent Policy level. Globally however, I think we would want the user to make that decision about any agent that has un-enrolled (regardless of the timeout being configured or not). |
@nimarezainia yes I think it would be a good place to add it.
I too think that a global option would be more consistent and also more clear for the user. The text description and the docs should explain clearly what this option does, since it can be disruptive in some cases. I'll update the ticket description to clarify those points. |
|
FYI @amolnater-qasource I have added this as a QA issue for 8.16.0 |
Closes elastic#189506 Testing steps: - enable deleting unenrolled agents by adding `xpack.fleet.enableDeleteUnenrolledAgents: true` to `kibana.dev.yml` or turn it on on the UI - add some unenroll agents with the helper script ``` cd x-pack/plugins/fleet node scripts/create_agents/index.js --status unenrolled --count 10 info Creating 10 agents with statuses: info unenrolled: 10 info Batch complete, created 10 agent docs, took 0, errors: false info All batches complete. Created 10 agents in total. Goodbye! ``` - restart kibana or wait for the task to run and verify that the unenrolled agents were deleted ``` [2024-10-08T16:14:45.152+02:00][DEBUG][plugins.fleet.fleet:delete-unenrolled-agents-task:0.0.5] [DeleteUnenrolledAgentsTask] Executed deletion of 10 unenrolled agents [2024-10-08T16:14:45.153+02:00][INFO ][plugins.fleet.fleet:delete-unenrolled-agents-task:0.0.5] [DeleteUnenrolledAgentsTask] runTask ended: success ``` Added to UI settings: <img width="1057" alt="image" src="https://github.com/user-attachments/assets/2c9279f9-86a8-4630-a6cd-5aaa42e05fe7"> If the flag is preconfigured, disabled update on the UI with a tooltip: <img width="1009" alt="image" src="https://github.com/user-attachments/assets/45041020-6447-4295-995e-6848f0238f88"> The update is also prevented from the API: <img width="2522" alt="image" src="https://github.com/user-attachments/assets/cfbc8e21-e062-4e7f-9d08-9767fa387752"> Once the preconfiguration is removed, the UI update is allowed again. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
|
Hi Team, Observations:
Build details: Screenshots: Hence we are marking this ticket as QA:Validated. Please let us know if anything else is required from our end. |
amolnater-qasource
added
QA:Validated
Follow up of #179399
After unenrolling agents, we leave some documents related to these agents that can be a problem for some users, as they take up space.
However this constitutes a breaking change as we've never deleted those docs and in some cases they can be useful for recoverability purposes. So we should find a way to delete those documents only if the users want to.
Note that it should be a global option, i.e. it should apply to all the unenrolled agents, regardless of the inactive timeout being selected or not.
The text was updated successfully, but these errors were encountered: