Elastic Agent falling after first enrollment on fleet server

Hello Folks,

I'm deploying Elastic Agent and Fleet Server on K8s environment:

The Fleet Server I have deployed at the same cluster as the Kibana and ES using ECK.
The Elastic Agent i need to deploy in other K8s cluster and communicate with ES and fleet by ELB>

After deploy the Elastic Agent, it can enroll normally and keep health until the next check and then it facing a error:

fleet_message: 'status code: 400, fleet-server returned an error: BadRequest, message:
  apikey auth response 2zJcx4YBKK47a1wqU5SZ: [401 Unauthorized] {"error":{"root_cause":[{"type":"security_exception","reason":"unable        
  to authenticate with provided credentials and anonymous access is not allowed for
  this request","additional_unsuccessful_credentials":"API key: api key [XYZ]
  has been invalidated","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer
  realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to
  authenticate with provided credentials and anonymous access is not allowed for this
  request","additional_unsuccessful_credentials":"API key: api key [XYZ]
  has been invalidated","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer
  realm=\"security\"","ApiKey"]}},"status":401}'

Hello @thiago8martins, did you figure out what was the issue? I am having the same issue at my installation (similar setup to yours). I would appreciate any insights.

Hello Ayd, untill now I dont know the problems reason, that my case it is intermittent. Then my workaround (at moment) was to define Unenrollment timeout as 24hs (86400 seconds). This is working for me because the Elastic Agent use to be online again after 10 or 20 minutos on unhealth status, and although become unhealth the agent keep sending data to Elasticseach. Sure, in my case!!!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.