Cannot Install Fleet Server

francescouk · June 2, 2021, 2:09pm

Hello there,

Server info:
1 - I´m running ubuntu server 18.04
2 - Elk stack running on 7.13 version

I´m trying to add a fleet server on a self managed host but no luck. Following the kibana instructions this is what I´m getting so far:

1 - From kibana screen, I´m trying to add the fleet server
2 - Downloaded the elastic agent to the same elk server (DEB x64 version)
3 - Generated the token
4 - Followed the instructions for the commands to be used

Then, I receive a lot of X509 errors. So my question is, I´m doing something wrong?

root@elk:/opt/Elastic# ll
total 170876
drwxr-xr-x 2 root root      4096 Jun  2 13:49 ./
drwxr-xr-x 4 root root      4096 Jun  2 13:49 ../
-rw-r--r-- 1 root root 174967550 May 25 10:29 elastic-agent-7.13.0-amd64.deb
root@elk:/opt/Elastic# dpkg -i elastic-agent-7.13.0-amd64.deb
Selecting previously unselected package elastic-agent.
(Reading database ... 131027 files and directories currently installed.)
Preparing to unpack elastic-agent-7.13.0-amd64.deb ...
Unpacking elastic-agent (7.13.0) ...
Setting up elastic-agent (7.13.0) ...
Processing triggers for systemd (237-3ubuntu10.47) ...
Processing triggers for ureadahead (0.100.0-21) ...
root@elk:/opt/Elastic#

root@elk:/# elastic-agent version
Binary: 7.13.0 (build: 054e224d226b42a1dd7c72dcf48c3f18de452e22 at 2021-05-20 00:57:04 +0000 UTC)
Daemon: 7.13.0 (build: 054e224d226b42a1dd7c72dcf48c3f18de452e22 at 2021-05-20 00:57:04 +0000 UTC)

root@elk:/# sudo elastic-agent enroll -i -f --fleet-server-es=https://XX.XX.X.XX:9200 --fleet-server-service-token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The Elastic Agent is currently in BETA and should not be used in production

2021-06-02T14:05:57.512Z        INFO    cmd/enroll_cmd.go:300   Generating self-signed certificate for Fleet Server
2021-06-02T14:05:59.181Z        INFO    cmd/enroll_cmd.go:610   Waiting for Elastic Agent to start Fleet Server
2021-06-02T14:06:01.187Z        INFO    cmd/enroll_cmd.go:643   Fleet Server - Starting
2021-06-02T14:06:02.190Z        INFO    cmd/enroll_cmd.go:643   Fleet Server - Error - x509: certificate signed by unknown authority
2021-06-02T14:06:08.202Z        INFO    cmd/enroll_cmd.go:648   Fleet Server - Error - x509: certificate signed by unknown authority

Can anyone help?

Thanks!

nchaulet · June 2, 2021, 2:45pm

Hi Francesco

From what I see you are hosting Elasticsearch with a custom CA, in this scenario you probably will have to add the argument
--fleet-server-es-ca=<Path to certificate authority to use to communicate with Elasticsearch.>

francescouk · June 2, 2021, 5:17pm

Hi there,
First I would like to thank you!!! You are the best!!!

Following your instructions, I could enroll without any issues the fleet server using the command bellow:

sudo elastic-agent enroll -f --fleet-server-es=https://XX.XX.X.XX:9200 --fleet-server-es-ca=cert.crt --fleet-server-service-token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

And the expected results:

The Elastic Agent is currently in BETA and should not be used in production

2021-06-02T17:10:41.724Z        INFO    cmd/enroll_cmd.go:300   Generating self-signed certificate for Fleet Server
2021-06-02T17:10:44.020Z        INFO    cmd/enroll_cmd.go:643   Fleet Server - Stopped
2021-06-02T17:10:50.037Z        INFO    cmd/enroll_cmd.go:648   Fleet Server - Stopped
2021-06-02T17:10:56.055Z        INFO    cmd/enroll_cmd.go:648   Fleet Server - Stopped
2021-06-02T17:11:02.065Z        INFO    cmd/enroll_cmd.go:648   Fleet Server - Stopped
2021-06-02T17:11:08.080Z        INFO    cmd/enroll_cmd.go:648   Fleet Server - Stopped
2021-06-02T17:11:13.088Z        INFO    cmd/enroll_cmd.go:593   Waiting for Elastic Agent to start
2021-06-02T17:11:15.092Z        INFO    cmd/enroll_cmd.go:643   Fleet Server - Starting
2021-06-02T17:11:17.095Z        INFO    cmd/enroll_cmd.go:624   Fleet Server - Running on default policy with Fleet Server integration; missing config fleet.agent.id (expected during bootstrap process)
2021-06-02T17:11:19.657Z        INFO    cmd/enroll_cmd.go:203   Successfully triggered restart on running Elastic Agent.
Successfully enrolled the Elastic Agent.

Best regards,

Franthesco Ferrari

system · June 30, 2021, 5:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cannot Install Fleet Server Endpoint Security fleet	2	555	July 8, 2021
Unable to install Fleet/Agent Elastic Security fleet	2	388	September 22, 2021
Issues with Fleet Server (Elastic Agent Setup) in local Elasticsearch deployment with self signed certificates Beats docker , fleet , elastic-agent	2	1361	July 16, 2021
Clear ELK installation cant add Fleet server 8.12 Elastic Agent fleet	3	179	April 10, 2024
Fleet Server not available after reboot Kibana fleet	2	917	August 23, 2021

Cannot Install Fleet Server

Related Topics