I have a question regarding deployment of the Agent on Kubernetes environment.
I want to use the following Integrations for monitoring our clusters:
Elastic Defend for Cloud Workloads
Kubernetes Security Posture Management
The Elastic Agent is deployed as DaemonSet and both Kubernetes Integrations work fine. However, the Elastic Defend integration doesn't seem to work when deployed as DaemonSet.
I assume that Elastic Defend requires the Agent to be deployed natively on the Cluster nodes (although I wasn't able to find any documentation stating this limitation).
Now I could install the Elastic Agent natively on the Kubernetes Nodes. But the defaults of the Kubernetes integrations use environment variables only available within containers. So apparently those are meant to run from within a container.
So whats the strategy to run both normal Kubernetes Integrations and Defend? Have Agents running within containers AND natively on the host? Seems wasteful to me.