Fleet server install failed on fresh ELK stack 8.2.0

Peter_Bodnar · May 11, 2022, 12:33pm

Hello, i have problem to install Fleet server on fresh ELK stack 8.2.0 (RHEL 8)
Elasticsearch and kibana working fine, but when tried to install fleet server (enroll agent as fleet server, based on provided instructions from Kibana UI and/or documentation), got response:

{"log.level":"error","@timestamp":"2022-05-11T14:15:43.732+0200","log.origin":{"file.name":"status/reporter.go","file.line":236},"message":"Elastic Agent status changed to: 'error'","ecs.version":"1.6.0"}
{"log.level":"error","@timestamp":"2022-05-11T14:15:43.732+0200","log.origin":{"file.name":"log/reporter.go","file.line":36},"message":"2022-05-11T14:15:43+02:00 - message: Application: fleet-server--8.2.0[]: State changed to FAILED: Error - Forbidden - type: 'ERROR' - sub_type: 'FAILED'","ecs.version":"1.6.0"}

firs time tried as Quick-start (self signed certificate, then used certificates signed by company internal CA, still same error

any ideas?
thank

zx8086 · May 11, 2022, 1:10pm

Welcome @Peter_Bodnar !

Just to confirm the issue, does this work with the --insecure flag ?

Also have you checked the permissions on the certs ? that they are readable ?

Peter_Bodnar · May 11, 2022, 1:22pm

yes, certs are readable
tried also with self signed certs, same error
tried with --insecure flag, same error

zx8086 · May 11, 2022, 1:26pm

What command are you running on the command line ? Is it running with sudo privileges ?

Peter_Bodnar · May 11, 2022, 1:32pm

it run as root user
command from kibana UI fleet server installation (agent installed form RPM, but it doesn't matter, same problem with agnet from tar.gz) :

 elastic-agent enroll --url=https://*IP*:8220 \
  --fleet-server-es=https://*IP*:9200 \
  --fleet-server-service-token=***token generathen within Kibana UI*** \
  --fleet-server-policy=0b8fb260-cf76-11ec-b411-0bb14ba68cb2 \
  --fleet-server-es-ca-trusted-fingerprint=6206ac54e5222f6c92dd5758c932298b837c12d3a4b6fdc0e51df9c32ffe82e5 \
  --certificate-authorities=<PATH_TO_CA> \
  --fleet-server-cert=<PATH_TO_FLEET_SERVER_CERT> \
  --fleet-server-cert-key=<PATH_TO_FLEET_SERVER_CERT_KEY>

system · June 8, 2022, 1:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to install Fleet Server Elastic Agent fleet	4	496	December 6, 2022
Clear ELK installation cant add Fleet server 8.12 Elastic Agent fleet	3	181	April 10, 2024
Fleet Server - Error - failed version compatibility check with elasticsearch: x509: certificate signed by unknown authority Elastic Agent	1	354	August 28, 2024
Unable to install Fleet Server Elasticsearch fleet	21	3571	January 2, 2023
Attempting to start Fleet Server fails Beats fleet	6	2242	October 24, 2021

Fleet server install failed on fresh ELK stack 8.2.0

Related topics