Hi. I'm trying to launch elastic-agent in a docker-compose way:
elastic-agent:
platform: linux/arm64
image: docker.elastic.co/beats/elastic-agent:8.2.3
container_name: elastic-agent
restart: always
user: root # note, synthetic browser monitors require this set to `elastic-agent`
environment:
- FLEET_ENROLLMENT_TOKEN={{ enrollment_token }}
- FLEET_ENROLL=1
- FLEET_URL={{ elk_url }}
- FLEET_INSECURE=1
- CERTIFICATE_AUTHORITIES={{ cert_path }}/http_ca.crt
volumes:
- ./elastic-agent/certs:{{ cert_path }}
- /var/run/docker.sock:/var/run/docker.sock
When I do docker-compose up I'm getting this:
elastic-agent | Error: fail to enroll: fail to execute request to fleet-server: x509: certificate signed by unknown authority
However I was able to:
- exec into container and do
elastic-agent enroll -f --url=$FLEET_URL --enrollment-token=$FLEET_ENROLLMENT_TOKEN --certificate-authorities=$CERTIFICATE_AUTHORITIES
{"log.level":"info","@timestamp":"2022-08-26T14:15:37.265Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":461},"message":"Starting enrollment to URL: {{ elk_url }} ","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2022-08-26T14:15:50.454Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":259},"message":"Elastic Agent might not be running; unable to trigger restart","ecs.version":"1.6.0"}
Successfully enrolled the Elastic Agent.
- setup agent of same version right on a host (without docker)
elastic-agent install -f --url={{ elk_url }} --enrollment-token={{ enrollment_token }} --certificate-authorities={{ cert_path }}
How do I set up docker-compose elastic-agent to successfully enroll in fleet?