I have configured a Fleet server on my EC2. All setup is working fine, but currently, I am facing a TLS handshake error in the Fleet server elastic agent logs.
{"log.level":"error","service.name":"fleet-server","service.name":"fleet-server","message":"http: TLS handshake error from 10.197.25.15:8680: EOF\n","@timestamp":"2024-03-28T12:57:42.983Z"}
{"log.level":"error","service.name":"fleet-server","service.name":"fleet-server","message":"http: TLS handshake error from 10.197.26.34:14108: EOF\n","@timestamp":"2024-03-28T12:57:45.105Z"}
{"log.level":"error","service.name":"fleet-server","service.name":"fleet-server","message":"http: TLS handshake error from 10.197.24.59:53776: EOF\n","@timestamp":"2024-03-28T12:57:52.643Z"}
{"log.level":"error","service.name":"fleet-server","service.name":"fleet-server","message":"http: TLS handshake error from 10.197.25.15:5539: EOF\n","@timestamp":"2024-03-28T12:57:52.982Z"}
{"log.level":"error","service.name":"fleet-server","service.name":"fleet-server","message":"http: TLS handshake error from 10.197.26.34:27452: EOF\n","@timestamp":"2024-03-28T12:57:55.105Z"}
In these logs, the IPs 10.197.25.15, 10.197.26.34, 10.197.24.59 are AWS ALB private IPs. Could you please help me understand how to fix this issue? I believe this may be causing my APM service to not show the latest data.
Can you share the config of your fleet-server/agent? What is the config of your agent policy, and Fleet server host, certificates?
Do you have APM integration installed?
After investigation, these logs occurs when there is a healtheck from the loadbalancer, in reality from the target group because we use AWS. Is it the same for you ?
I understood that the error means that a call in HTTP is made instead of HTTPS. Thus, I changed the healthcheck to use HTTPS protocol (instead of TCP before) and now there is no more errors
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.