Hello,
we want to deploy the elastic agent (or rather the EDOT collector) in otel mode in our cluster but with a read-only root filesystem. It seems that this is currently not possible. We get the following error:
failed to start extensions: error creating listener: listen unix /usr/share/elastic-agent/edot-diagnostics-extension.sock: bind: read-only file system
Even when the STATE_PATH variable is set, the program tries to write to /usr/share (docs)
(But if I remember my testing correctly, it was honored when the elastic agent was not run in otel mode)
This is the code to replicate the behaviour (copied from my comment on GitHub):
docker run --read-only --rm -e STATE_PATH=/state --mount type=tmpfs,destination=/state --entrypoint otelcol docker.elastic.co/elastic-agent/elastic-agent:9.4.0-SNAPSHOT
There was a similar bug before: The elasticdiagnostics extension is not compatible with read only file systems · Issue #11572 · elastic/elastic-agent · GitHub
Can you confirm that this is a bug so that I can open an issue on GitHub?