OpenShift4 Fleet Agent Operator failing to create deployment script

istmead · November 8, 2023, 6:17pm

Trying to deploy Fleet Agent Operator. But the deployment script fails to generate. The operator get hung up on this event "Post "https://kibana-kb-http.elastic-monitoring.svc:5601/api/fleet/setup": x509: certificate signed by unknown authority"

apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: kibana
spec:
  version: 8.10.4
  count: 1
  http:
    service:
      metadata:
        annotations:
          # request ECK to create the Kibana service with the following annotation
          service.beta.openshift.io/serving-cert-secret-name: "kibana-openshift-tls"
    tls:
      certificate:
        # use the previously created Secret to on the Kibana endpoint
        secretName: kibana-openshift-tls
  elasticsearchRef:
    name: elasticsearch
  config:
    xpack.fleet.agents.elasticsearch.hosts: ["https://elasticsearch-es-http.elastic-monitoring.svc.cluster.local:9200"]
    xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-agent-http.elastic-monitoring.svc.cluster.local:8220"]
    xpack.fleet.packages:
    - name: system
      version: latest
    - name: elastic_agent
      version: latest
    - name: fleet_server
      version: latest
    - name: kubernetes
      version: latest
    xpack.fleet.agentPolicies:
    - name: Fleet Server on ECK policy
      id: eck-fleet-server
      namespace: default
      monitoring_enabled:
      - logs
      - metrics
      unenroll_timeout: 900
      package_policies:
      - name: fleet_server-1
        id: fleet_server-1
        package:
          name: fleet_server
    - name: Elastic Agent on ECK policy
      id: eck-agent
      namespace: default
      monitoring_enabled:
      - logs
      - metrics
      unenroll_timeout: 900
      package_policies:
      - package:
          name: system
        name: system-1
      - package:
          name: kubernetes
        name: kubernetes-1
---
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
  name: elasticsearch
spec:
  version: 8.10.4
  nodeSets:
  - name: data
    count: 3
    config:
      node.store.allow_mmap: false
---
apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
  name: fleet-server
spec:
  version: 8.10.4
  kibanaRef:
    name: kibana
  elasticsearchRefs:
  - name: elasticsearch
  mode: fleet
  fleetServerEnabled: true
  policyID: eck-fleet-server
  deployment:
    replicas: 1
    podTemplate:
      spec:
        serviceAccountName: fleet-server
        automountServiceAccountToken: true
        securityContext:
          runAsUser: 0

system · December 6, 2023, 6:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.