Comments (8)
This seems reasonable but we need to document that the list of hosts passed in here are not able to be edited from the fleet UI afterwards, or do the extra work to fix that as part of this as well. Having this limitation was more reasonable when it was just a single bootstrap host that was affected.
from elastic-agent.
Is it worth optimizing for an event that happens only once (during the bootstrapping) during the life cycle of the Fleet Server?
The use case I can think of for providing a list at enrollment time is if someone is dynamically provisioning fleet servers (think horizontal auto scaling) and their single ES url is not a load balancer. A user doing this would not want an autoscaling deployment to fail because a single ES host was unreachable. This seems like a valid reason to want this, but I am not sure how common this is. Certainly this is less common and impactful than fleet server only being able to use the ES URL it was bootstrapped with after enrollment succeeds, which is the problem we have fixed.
What is the chance or possible rules, to get it in a 8.14? 😄 🙏
It took us several attempts to get this right without negative impact in our prerelease ESS clusters, it will first be available in 8.15.0 and won't be available in 8.14.x until it has gone through the soak testing of a minor release cycle. Arguably this could be considered a bug fix, but it isn't getting backported until 8.15.0 is out at minimum to make sure we haven't missed anything else before release.
from elastic-agent.
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)
from elastic-agent.
#4643 and elastic/fleet-server#3506 allow fleet-server to use multiple hosts retrieved from the policy; this issue is to allow multiple hosts on enrolment (and used in the internal bootstrap
attribute)
from elastic-agent.
This seems reasonable but we need to document that the list of hosts passed in here are not able to be edited from the fleet UI afterwards, or do the extra work to fix that as part of this as well. Having this limitation was more reasonable when it was just a single bootstrap host that was affected.
I honestly don't think we can live with this restriction. So the UI piece needs to work also.
After reading the original issue that prompted this ask, I am still not certain why we need to allow multiple host during the bootstrapping.
We just need the Fleet Server to connect to one of those ES hosts, once bootstrapped, the config is downloaded and we then have an array of ES hosts to use (if configured in the UI). The main use case is redundancy. Redundancy is mainly a concern during the life-time of the fleet server not the initial bootstrapping, which is a one-time effort.
Is it worth optimizing for an event that happens only once (during the bootstrapping) during the life cycle of the Fleet Server?
from elastic-agent.
What is the chance or possible rules, to get it in a 8.14? 😄 🙏
from elastic-agent.
thanks @cmacknz - then I would say we do need to ensure the UI will work properly, as in users pass in the list as a flag to bootstrap the fleet server, but should have the opportunity to also change the list via UI. We can't expect them to re-install the fleet server when/if that host list changes. Reinstall of Fleet Server is disruptive.
from elastic-agent.
then I would say we do need to ensure the UI will work properly
The UI does work but can't delete the stored bootstrap host, it can duplicate+edit it. To clarify how we solved this, we created a separation between the a bootstrap host and the policy hosts.
Let's imagine a user bootstraps fleet server with a single ES URL, called elasticsearch_A. In their policy they define three hosts: elasticsearch_A, elasticsearch_B, and elasticsearch_C.
Then when fleet server bootstraps it contacts elasticsearch_A, gets the full list of hosts A, B, and C and from that point forward always has those hosts available because the policy is persisted in the agent on disk.
Let's then imagine that the user edits elasticsearch_A, elasticsearch_B, and elasticsearch_C in the Fleet UI to have a proxy. We'll call the updated hosts elasticsearch_A_proxy, elasticsearch_B_proxy, and elasticsearch_C_proxy.
Then the set of hosts available to fleet server locally are:
- bootstrap: elasticsearch_A
- elasticsearch_A_proxy
- elasticsearch_B_proxy
- elasticsearch_C_proxy
The caveat with the current implementation is that the original elasticsearch_A is preserved on disk indefinitely with no way to edit the original bootstrap host, but Fleet Server always has the up to date set of hosts from the policy in addition to this.
The other limitation today is there can only be one bootstrap host, this issue is about allowing for a list of bootstrap hosts.
The problem of Fleet Server only being able to use a single host is resolved with the limitation that you can still only use a single host to get the agent policy the very first time. From that point onward you have the list of hosts defined in the Fleet UI available at all times.
from elastic-agent.
Related Issues (20)
- [Flaky Test]: TestActionDispatcher/Dispatch_multiples_events_returns_one_error – Expected error HOT 5
- QA test: State Store migrations HOT 4
- Make `elasticinframetricsprocessor` available in `otel` mode HOT 1
- [windows] move service startup to beginning of run function HOT 1
- Elastic Agent on Windows cannot be stopped or removed if --delay-enroll is retrying HOT 6
- Handle new action for switching Agent from privileged to unprivileged mode HOT 6
- [Fleet]: Multiple logs: `[elastic_agent][info] got checkin with pid 0` are generated for installed agent. HOT 5
- [Windows] Service startup failing on CI with otel dependencies linked HOT 4
- [Windows] - `system.diskio` datastream missing on Kibana for unprivileged mode. HOT 6
- Kubernetes e2e tests HOT 10
- Installing elastic agent on AWS EKS HOT 5
- Development agent gets unhealthy on adding Elastic Defend. when not added to the primary agent. HOT 9
- Retry artifact downloads in the integration test framework (artifact fetcher) HOT 2
- Support hints based autodiscover for Fleet managed Agents HOT 1
- [E2E test] Ingesting data with OTel-based shipper pipeline
- `panic: The system cannot find the file specified` when installing Elastic Agent on AWS EC2 Windows Server HOT 1
- Elastic Agent should accept CA fingerprint containing semi-columns HOT 2
- High memory and CPU consumption when fleet-server fails to start during enroll HOT 2
- Clarify cli flags for TLS config for fleet-server, ES and the gent itself HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elastic-agent.