All of them worked so I think the connection is working as it should.
Now the when adding just an agent with fleet server on elastic cloud I use the installation for linux 64.
Kibana acknowledged that there is a new agent. But the Agent did not get the policy yet.
I added the Proxy settings to the systemd file.
Then I restarted the agent and got:
* requester 0/1 to host https://<hash>.fleet.eu-west-1.aws.found.io:443/ errored: Get "https://<hash>.fleet.eu-west-1.aws.found.io:443/api/status?": x509: certificate signed by unknown authority
I have 2 questions for this:
why it uses the "<hash>" in the url instead of my previous url with "<my-cloud-server>"
And why does the cert from the fleet server is signed by an unknown authority?
Maybe someone can explain this to me, I would appreciate it.
That is just the deployment id that resolved to your deployment.
In actuality behind the scene your <my-cloud-server> gets resolved to that deployment id, the use friendly is just really an alias.
I am a little unclear on your architecture but did you read this
There are specific instructions for using a proxy... include CLI parameters etc
I think I found the problem. Since I exported the proxy urls and tested all connections via curl, I thought it would work.
It looks like when installing the elastic-agent as fleet you need to add --proxy-url because the command line wont use the exported settings.
After that the fleet server is installed correctly.
May I ask another question or should I open a new thread?
Question: Does the agent need a direct connection to the elastic-cloud when using a logstash as output?
Context: We dont want to open the proxy/firewall that every client has a connection to elastic-cloud. All should be send via a "relais-server" as a single point in the internal network. And then the logstashes will send the whole data to the elastic cloud.
The Data Path (Many Agents -> Output / Logstash -> Elasticsearch )
The Control Path (Many Agents -> Proxy -> Fleet) I think you are asking can this communication path can be via a proxy I think the answer is yes,
I have not personally set that up with the proxy.
Not sure if that is what you are asking...
I have set up the Many Agents -> Output / Logstash -> Elasticsearch Architecture that works just fine you just need to follow the instructions very very closely especially all the self signed certs and setting up logstash SSL pipelines etc
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.