What is the correct way to deploy `Elastic Agent` 8 via Docker?

Elastic Stack Beats
, ,
1
  • I am trying to configure Elastic Stack using docker-compose.yml as follows, where Kibana gets the API key via bin/elasticsearch-create-enrollment-token -s kibana.
version: "3.8"

services:
  elasticsearch-node01:
    image: elasticsearch:8.1.2
    environment:
      bootstrap.memory_lock: true
      ELASTIC_PASSWORD: "1234AF57-35CA-B2E0-BE8B-12345D5C123E"
      ES_JAVA_OPTS: "-Xms4g -Xmx4g"
    volumes:
      - elasticsearch-data01:/usr/share/elasticsearch/data
      - elasticsearch-config01:/usr/share/elasticsearch/config:rw
    ports:
      - "9200:9200"
      - "9300:9300"
    ulimits:
      memlock:
        soft: -1
        hard: -1
  kibana-node01:
    image: kibana:8.1.2
    environment:
      XPACK_SECURITY_ENCRYPTIONKEY: fc12345ea223eb1234dac7b1234ac62e
      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 1bb85c4e9ed1c36ae4a8ead1234567f1
      XPACK_REPORTING_ENCRYPTIONKEY: af5cbdd2e2f4da20a72f60f1e123456f
    ports:
      - "5601:5601"
    volumes:
      - kibana-data01:/usr/share/kibana/data
      - kibana-config01:/usr/share/kibana/config

volumes:
  elasticsearch-data01:
    driver: local
  elasticsearch-config01:
    driver: local
  kibana-data01:
    driver: local
  kibana-config01:
    driver: local

  • After the normal startup, I entered the integration page of Fleet, clicked Create policy to create Fleet Server policy 1, and added Fleet Server host as http://elastic-agent-node01:8220 (mentioned later ). At this time by Generate a service token generates a service token, AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDkyMDgzNzg0MzI6dGdxV0kzRWJSSk9RY3ppRVo3R3hwQQ.

  • image
    image1920×890 89.6 KB

  • Then get Enrollment tokens at http://localhost:5601/app/fleet/enrollment-tokens as Ymh4M19IOEJFRUlyYW43dUpRRzI6N0pDeVNkaFpTRFdoNU1HTWFGaEZHZw==.

  • image
    image1920×841 59.8 KB

  • According to Run Elastic Agent in a container | Fleet and Elastic Agent Guide [8.1] | Elastic , I updated docker-compose.yml as follows, and then executed docker compose pull and docker compose up -d to start Elastic Agent.

version: "3.8"

services:
  elasticsearch-node01:
    image: elasticsearch:8.1.2
    environment:
      bootstrap.memory_lock: true
      cluster.name: "sg8000-elasticsearch"
      ELASTIC_PASSWORD: "1234AF57-35CA-B2E0-BE8B-12345D5C123E"
      ES_JAVA_OPTS: "-Xms4g -Xmx4g"
    volumes:
      - elasticsearch-data01:/usr/share/elasticsearch/data
      - elasticsearch-config01:/usr/share/elasticsearch/config:rw
    ports:
      - "9200:9200"
      - "9300:9300"
    ulimits:
      memlock:
        soft: -1
        hard: -1
  kibana-node01:
    image: kibana:8.1.2
    environment:
      XPACK_SECURITY_ENCRYPTIONKEY: fc12345ea223eb1234dac7b1234ac62e
      XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: 1bb85c4e9ed1c36ae4a8ead1234567f1
      XPACK_REPORTING_ENCRYPTIONKEY: af5cbdd2e2f4da20a72f60f1e123456f
    ports:
      - "5601:5601"
    volumes:
      - kibana-data01:/usr/share/kibana/data
      - kibana-config01:/usr/share/kibana/config
  elastic-agent-node01:
    image: elastic/elastic-agent:8.1.2
    restart: always
    user: root
    environment:
      FLEET_ENROLLMENT_TOKEN: "Ymh4M19IOEJFRUlyYW43dUpRRzI6N0pDeVNkaFpTRFdoNU1HTWFGaEZHZw=="
      FLEET_ENROLL: 1
      FLEET_URL: http://elastic-agent-node01:8220
      FLEET_SERVER_ENABLE: true
      FLEET_SERVER_ELASTICSEARCH_HOST: http://elasticsearch-node01:9200
      FLEET_SERVER_SERVICE_TOKEN: "AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2NDkyMDgzNzg0MzI6dGdxV0kzRWJSSk9RY3ppRVo3R3hwQQ"

volumes:
  elasticsearch-data01:
    driver: local
  elasticsearch-config01:
    driver: local
  kibana-data01:
    driver: local
  kibana-config01:
    driver: local

  • Then I got a series of ERRORs starting up in the logs of the Elastic Agent in Docker Desktop. At the same time Kibana did not get Fleet's registration information.

  • image
    image1920×908 65.5 KB

  • image
    image1920×887 98.3 KB

  • I'm confused how to configure Elastic Agent, hope some friends can help.

2

I realize the key point of the issue, this disscus I will mark as resolved, and the documentation issue can be tracked at Add introduction to the `FLEET_SERVER_ELASTICSEARCH_CA_TRUSTED_FINGERPRINT` environment variable in documentation · Issue #311 · elastic/elastic-agent · GitHub and Add instructions to what need to volumes in the documentation for containerized deployments · Issue #313 · elastic/elastic-agent (github.com).

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.