Greetings
I'm trying to set up fleet. All along the doc I see:
elastic-agent install -f
but the -f flag is not documented anywhere (and make the elastic-agent choke in the docker version). What is it for? My goal is to use the Docker version, but I don't know what to specify in the compose file to have the agent set up itself...
I guess it has something to do with the server being accessible on https by IP. I don't know how to disable cert check (communications are already encrypted):
2021-10-15T08:53:54.133Z ERROR log/reporter.go:36 2021-10-15T08:53:54Z - message: Application: fleet-server--7.15.0[]: State changed to FAILED: Error - x509: cannot validate certificate for 172.20.0.2 because it doesn't contain any IP SANs - type: 'ERROR' - sub_type: 'FAILED'
2021-10-15T08:53:54.785Z INFO cmd/enroll_cmd.go:724 Fleet Server - Error - x509: cannot validate certificate for 172.20.0.2 because it doesn't contain any IP SANs
2021-10-15T08:54:00.792Z INFO cmd/enroll_cmd.go:729 Fleet Server - Error - x509: cannot validate certificate for 172.20.0.2 because it doesn't contain any IP SANs
2021-10-15T08:59:23.817Z ERROR log/reporter.go:36 2021-10-15T08:59:23Z - message: Application: fleet-server--7.15.0[]: State changed to FAILED: Error - x509: certificate is not valid for any names, but wanted to match elasticsearch03 - type: 'ERROR' - sub_type: 'FAILED'
2021-10-15T08:59:23.932Z INFO cmd/enroll_cmd.go:724 Fleet Server - Error - x509: certificate is not valid for any names, but wanted to match elasticsearch03
set it to false or remove it so it is set to the default vale.
If you don't specify your own certificates, fleet will generates it owns which is why it runs over the https protocol. Either it uses its own or you provide them.
It will work with the default setup, using the self-signed certificates, so you don't have to know anything about the certificates.
To ensure that communication with Fleet Server is encrypted, Fleet Server requires Elastic Agents to present a signed certificate. In a self-managed cluster, if you don’t specify certificates when you set up Fleet Server, self-signed certificates are generated automatically.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.