Fleet server goes down when elastic search node used to enroll the fleet server goes down

shi · October 21, 2022, 3:59am

We have 3 elasticsearch nodes and a client node.
node 1, node 2, node 3

We added all the elasticsearch nodes as output in fleet settings so that even when one elasticsearch node goes down, the fleet will sent the data to other nodes.

We enrolled fleet server with the elasticsearch IP of node 1. We added elastic agent on our clients and started ingesting our logs.

Now

When the node 1 of elasticsearch goes down,

The fleet server and the agents are shown as offline in Kibana. As a result we can't push any new policies.

The data from the agents are still being ingested because we gave the fleet server output as node1, node2 and node3 (i.e., no issue with data ingestion)

There is no issue with fleet server when node2 or node 3 goes down.

How can we use the fleet server to push the policies even when node 1 (elasticsearch node used to enroll the fleet server) goes down?

MichelLaterman · October 26, 2022, 6:23pm

Hi,

Can you please provide the config from the agent running fleet-server? The diagnostics collect command (Elastic Agent command reference | Fleet and Elastic Agent Guide [8.4] | Elastic) can be used to gather this as well as the config provided through kibana?

system · December 21, 2022, 1:44pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to take the fleet server backup Kibana fleet	14	517	August 25, 2023
Fleet server lose agents at restart Elastic Agent fleet	6	1840	March 15, 2023
Shutting down Elastic Agent and sending last events Elastic Agent fleet	3	421	September 29, 2022
Elastic agent fail to connect fleet server Elasticsearch fleet	1	680	February 3, 2022
Fleet server is Unhealthy Elastic Agent fleet	8	813	July 31, 2023

Fleet server goes down when elastic search node used to enroll the fleet server goes down

Related topics