Fleet-server: dial tcp x.x.x.x:8220: connect: connection refused

Guys, how are you? Good afternoon!! I'm having a little problem here setting for TLS stack, Elastic-Agent, Fleet and Elasticsearch, I can't close the connection with the fleet, I also see that the port is not listed in kibana.

The way below works, but I want to pass it with the tls parameters:

sudo ./elastic-agent install \
--fleet-server-es=https://192.168.30.20:9200 \
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NTc3MzY4NDE4Mjc6SzJYa193WXVSMXUyemZmTkFQb3hrdw \
--fleet-server-policy=48b18e60-02b7-11ed-83b8-3308383f28fd

If anyone helps, I'll be grateful!

Hi,

Is 192.168.30.40 the local address for fleet.*.com.br? Is there a firewall denying local connections? Do the logs from the fleet-server instance show any attempted connection?

Hi

I configured the fleet.x.com.br domain within my /etc/hosts, the IP 192.168.30.40 is the fleet.x.com.br domain.

There is no connection coming from IP 192.168.30.40, there is no firewall between the machines, but port 8220 is not listed.

OK, let's back up a little.

The commands you are running indicate that you are attempting to install the fleet-server running under the agent on a new host.
You've stated that it can successfully install when you do not pass any parameters associated with TLS, but you get a connection failed error when you do.

The machine you are attempting to install fleet-server on is unable to connect to 192.168.30.40 (fleet.X.com.br). I'm assuming this is an already running a separate fleet-server instance, is that correct?
8220 is the default port for fleet-server.

Does the fleet-server cert/key you want to pass match the URL you are passing (fleet.X.com.br)?

What do you see in kibana? What hosts are listed under settings?

I will answer you according to the questions to facilitate understanding.

The commands you are running indicate that you are trying to install the fleet server running on the agent on a new host.

Answer: Agent installation is on another server

You've stated that it can install successfully when you don't pass any parameters associated with TLS, but you get a connection failure error when you do.

Answer: Exactly

The machine on which you are trying to install the fleet-server cannot connect to 192.168.30.40 (fleet.X.com.br). I'm assuming this one is already running a separate fleet server instance, is that correct?
8220 is the default port for the fleet server.

Answer: I configured the fleet in the kibana panel (Plugin, port 8220, Ip: 0.0.0.0 I linked to the policy group. (That's all)

Does the fleet server certificate/key you want to pass match the URL you are passing (fleet.X.com.br)?

Answer: I took advantage of the elastic CA - http_ca.crt and created the fleet.x.com.br certificates

What do you see in kibana? What hosts are listed in the settings?

Answer: Kibana creates the policy, I linked the fleet server plugin in the policy, enabled on port 8220 and listens 0.0.0.0, output to elastic and host on the fleet server https://192.168.30.40

That agent is running an instance of fleet-server?

On the instance you are running the install command, are you attempting to run another fleet-server or not?

I think that this is an issue, the fleet server hosts setting in Kibana is passed to agents that enroll so they can find the fleet-server. In this case I would expect the setting to be fleet.X.com.br and all instances running the agent should be able to resolve the DNS entry.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.