Fleet-server pod doesn't restart but the agent keeps restarting for every minute with error missing credentials for REST/ even though the credentials are validating and fetching response from elasticsearch.
Version 8.17.0
`
Here's the file which already has right info but why is it still failing. Also, the elasticsearch url is reachable within the pods
cat eck-fleet-server4.yml
apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
name: eck-fleet-server
spec:
version: 8.17.0
kibanaRef:
name: eck-kibana
namespace: default
elasticsearchRefs:
- name: eck-elasticsearch
namespace: default
serviceName: eck-elasticsearch-es-http
agentConfig:
fleet:
agent:
id: "76c127e0-cdae-4d8c-aadd-8c3421f23e2f"
outputs:
default:
type: elasticsearch
hosts: ["https://eck-elasticsearch-es-http.default.svc:9200"]
policyID: "fleet-server-policy"
http:
service:
spec:
type: ClusterIP
tls:
selfSignedCertificate:
disabled: false
deployment:
replicas: 1
podTemplate:
spec:
serviceAccountName: fleet-server
automountServiceAccountToken: true
securityContext:
runAsUser: 0
containers:
- name: fleet-server
image: docker.elastic.co/beats/elastic-agent:8.17.0
env:
- name: FLEET_SERVER_ENABLE
value: "true"
- name: FLEET_SERVER_HOST
value: "0.0.0.0"
- name: FLEET_SERVER_PORT
value: "8220"
- name: FLEET_SERVER_ELASTICSEARCH_HOST
value: "https://eck-elasticsearch-es-http.default.svc:9200"
- name: FLEET_SERVER_KIBANA_HOST
value: "https://eck-kibana-kb-http:5601"
- name: FLEET_SERVER_ES_CA
value: "/usr/local/share/ca-certificates/public-cert.crt"
- name: FLEET_SERVER_SERVICE_TOKEN
value: "JJJJJKFFFDSDFUIUYYTRRDDFGHJJJJHHTTRREWWWERIOOKJHGGGGY"
- name: FLEET_SERVER_POLICY_ID
value: "fleet-server-policy"
- name: ELASTICSEARCH_USERNAME
value: "elastic"
- name: ELASTICSEARCH_PASSWORD
value: "asfdsfweregrgsdgrertrgfdgfg"
- name: LOG_LEVEL
value: "debug"
- name: FLEET_SERVER_DEBUG
value: "true"
resources:
requests:
cpu: "500m"
memory: "1.5Gi"
limits:
cpu: "1"
memory: "2Gi"
livenessProbe:
httpGet:
path: /api/status
port: 8220
scheme: HTTPS
initialDelaySeconds: 60
periodSeconds: 20
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/status
port: 8220
scheme: HTTPS
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 3
volumeMounts:
- name: public-certs
mountPath: "/usr/local/share/ca-certificates/public-cert.crt"
subPath: "tls.crt"
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- |
update-ca-certificates &&
echo "Updated CA certificates successfully."
volumes:
- name: public-certs
secret:
secretName: "eck-elasticsearch-es-http-certs-public"
`
Was able to get rid of missing credentials using api key but elasticsearch shows localhost:9200 connection refused
Unable to edit the agent policy and the output section of it shows blank.Currently operating with basic license . Is there a way to edit it and add elasticsearch url for the fleet server to connect?