Connecting to remote fleet server

manpreet · May 24, 2022, 3:26pm

When configuring fleet server on the kubernetes cluster running the elasticssearch/kibana as well works, but when I try to use the same fleet server from a remote cluster the config I receive points to the "service" url in the fleet server cluster.

Fleet server running in cluster 1: https://fleet-server-agent.namespace.svc:8220

A load balancer than makes it available on https://monitoring.example.com:8220

Remote fleet agent is connecting to https://monitoring.example.com:8220

But then it receive fleet url as https://fleet-server-agent.namespace.svc:8220 even though i am creating a daemonset on remote cluster with env variable pointing to https://monitoring.example.com:8220

Do i need to run a fleet server on every cluster i create?

warkolm · May 24, 2022, 10:50pm

Are you using ECK to host things?

manpreet · May 25, 2022, 5:09am

Yes ECK to host

Elasticsearch
Kibana (User ref)
APM Server (using ref)
Fleet Server (using refs)
Elastic Agent (Using Refs)

Second cluster

Elastic Agent (using daemonset)

Kibana Config

elasticsearch:
  hosts:
  - https://cluster-es-http.esstack.svc:9200
  serviceAccountToken: <value>
  ssl:
    certificateAuthorities: /usr/share/kibana/config/elasticsearch-certs/ca.crt
    verificationMode: certificate
monitoring:
  ui:
    container:
      elasticsearch:
        enabled: true
server:
  host: 0.0.0.0
  name: es-cluster
  publicBaseUrl: https://monitoring.example.com
  ssl:
    certificate: /mnt/elastic-internal/http-certs/tls.crt
    enabled: true
    key: /mnt/elastic-internal/http-certs/tls.key
xpack:
  encryptedSavedObjects:
    encryptionKey: <value>
  fleet:
    agentPolicies:
    - id: eck-fleet-server
      is_default_fleet_server: true
      monitoring_enabled:
      - logs
      - metrics
      name: Fleet Server on ECK policy
      namespace: fleetserver
      package_policies:
      - id: fleet_server-1
        name: fleet_server-1
        package:
          name: fleet_server
    - id: eck-agent
      is_default: true
      monitoring_enabled:
      - logs
      - metrics
      name: Elastic Agent on ECK policy
      namespace: kubernetes
      package_policies:
      - id: system-1
        name: system-1
        package:
          name: system
      - id: kubernetes-1
        name: kubernetes-1
        package:
          name: kubernetes
      unenroll_timeout: 900
    agents:
      elasticsearch:
        hosts:
        - https://monitoring.example.com:9200
      fleet_server:
        hosts:
        - https://monitoring.example.com:8220
    packages:
    - name: system
      version: latest
    - name: elastic_agent
      version: latest
    - name: fleet_server
      version: latest
    - name: kubernetes
      version: latest
    - name: aws
      version: latest
  license_management:
    ui:
      enabled: false
  reporting:
    encryptionKey: <value>
  security:
    authc:
      providers:
        basic:
          basic1:
            order: 1

manpreet · May 25, 2022, 2:21pm

To reproduce the problem:

2 Kubernetes clusters
ES/Kibana/Fleet/Agent on Cluster 1
Expose Fleet/Kibana on cluster 1 using loadbalancer
Setup Agents only on cluster 2 to use fleet server on Cluster 1.

system · June 22, 2022, 2:21pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Curl to ES from outside of the K8s cluster using the certificate I can't find Elastic Observability	0	262	December 26, 2022
How to install elastic search fleet server on Kubernetes Elastic Agent fleet	1	374	March 30, 2023
Configuring Fleet-managed Elastic Agent on ECK with external Fleet Elastic Cloud on Kubernetes (ECK) fleet	2	84	October 2, 2024
ECK Selfhosted k8's fleet -server wont connect Kibana Elastic Cloud on Kubernetes (ECK) elastic-stack-security	1	77	July 29, 2024
How to configure kibana url for fleet managed ECK stack Elastic Cloud on Kubernetes (ECK)	1	396	September 29, 2022

Connecting to remote fleet server

Related Topics