Elastic Agents in K8S ECK with ingest port for Cloudflare HTTP

Elastic Stack Elastic Agent
1

I have my stack running with ECK and healthy Agents being ran with integrations for kubernetes system elasticsearch and kibana. I have hit an issue with the Cloudflare HTTP integration which now requires a open port of 9560.
My question is how do I get a service running against the agent and get a loadbalancer IP so I can send traffic to it?
Is it supposed to go to the Agent or should it go to the Fleet Server?
I tried both. Neither expose a new service in K8s I did see in the logs on the Fleet server that it has processed the new integration.

2024-01-09T02:26:52.481603548Z {"log.level":"info","@timestamp":"2024-01-09T02:26:52.393Z","message":"Adding /cloudflare_logpush/sinkhole_http end point to server on 0.0.0.0:9560","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"http_endpoint-default","type":"http_endpoint"},"log":{"source":"http_endpoint-default"},"address":"0.0.0.0:9560","ecs.version":"1.6.0","id":"http_endpoint-cloudflare_logpush.sinkhole_http-88b38d60-ae96-11ee-bed6-cb23cdd4c924","log.logger":"input.http_endpoint","log.origin":{"file.line":131,"file.name":"http_endpoint/input.go"},"service.name":"filebeat","ecs.version":"1.6.0"}
2024-01-09T02:26:52.834544942Z {"log.level":"info","@timestamp":"2024-01-09T02:26:52.834Z","message":"applying new components data","component":{"binary":"fleet-server","dataset":"elastic_agent.fleet_server","id":"fleet-server-default","type":"fleet-server"},"log":{"source":"fleet-server-default"},"ecs.version":"1.6.0","server.address":"","http.request.id":"01HKP0PK14R7DFKD7F0CYKBCDZ","fleet.agent.id":"5d359ba3-a1a9-4720-941f-7d7f82644440","fleet.access.apikey.id":"nN4U5IwB2IyBbxQfx7tY","req.Components":[{"id":"fleet-server-default"

My fleet server deployment for eck

apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
  name: fleet-server
  namespace: koatprod
spec:
  version: 8.8.0
  kibanaRef:
    name: kibana-ops
  elasticsearchRefs:
  - name: elasticsearch-ops
  mode: fleet
  fleetServerEnabled: true
  policyID: eck-fleet-server
  deployment:
    replicas: 1
    podTemplate:
      spec:
        serviceAccountName: elastic-agent
        automountServiceAccountToken: true
        securityContext:
          runAsUser: 0
  http:
    service:
      spec:
        type: ClusterIP
    tls:
      selfSignedCertificate:
        disabled: true
2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.