eck-ready-for-production
eck-ready-for-production copied to clipboard
framsouza
A Fleet Server is required before enrolling agents with Fleet.
After applying the manifest to my cluster, changing the namespace to an specific one (not default) for elasticsearch, kibana, fleet and heartbeat, I go into the kibana dashboard and click under Management --> Fleet, I get the following message: A Fleet Server is required before enrolling agents with Fleet.. This is not the same behavour as yours in the video of this repository.
Are there any configurations required besides applying the manifests?
My kubernetes version is 1.21, ECK installed via helm and stack installed via kubectl apply -f <>.yaml -n non-default-namespace,
This is what it is shown in the Fleet management view.
if you change the namespace, you need to make sure you also adjust the namespace name/connection between kibana and fleet server, see https://github.com/framsouza/eck-ready-for-production/blob/178054576aae16a2c4a267668f91bcee113f6876/kibana.yaml#L17-L18
if you are not using the default namespace anymore, you have to adjust the connection between the components with your new namespace name
I have done this change already, I also made sure the namespace is added in the fleet, kibana and elasticsearch, and still nothing is comming up. For reference, I'm using the manifests: Kibana.yaml
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
name: kibana
namespace: develop
spec:
version: 8.3.1
count: 1
elasticsearchRef:
name: elasticsearch
config:
xpack.fleet.agents.elasticsearch.hosts: ["https://elasticsearch-es-http.develop.svc:9200"]
xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-agent-http.develop.svc:8220"]
xpack.fleet.packages:
- name: system
version: latest
- name: elastic_agent
version: latest
- name: fleet_server
version: latest
- name: kubernetes
version: latest
- name: log
version: latest
xpack.fleet.agentPolicies:
- name: Fleet Server on ECK policy
id: eck-fleet-server
namespace: develop
monitoring_enabled:
- logs
- metrics
unenroll_timeout: 900
is_default_fleet_server: true
package_policies:
- name: fleet_server-1
id: fleet_server-1
package:
name: fleet_server
- name: Elastic Agent on ECK policy
id: eck-agent
namespace: develop
monitoring_enabled:
- logs
- metrics
unenroll_timeout: 900
is_default: true
package_policies:
- name: kuberentes-1
id: kuberentes-1
package:
name: kubernetes
- name: system-1
id: system-1
package:
name: system
- package:
name: log
name: log-1
inputs:
- type: logfile
enabled: true
streams:
- data_stream:
dataset: log.log
enabled: true
vars:
- name: paths
value:
- '/var/log/containers/*${kubernetes.container.id}.log'
- name: custom
value: |
symlinks: true
condition: ${kubernetes.namespace} == 'develop'
fleet.yaml
---
apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
name: fleet-server
namespace: develop
spec:
version: 8.3.1
kibanaRef:
name: kibana
elasticsearchRefs:
- name: elasticsearch
mode: fleet
fleetServerEnabled: true
deployment:
replicas: 1
podTemplate:
spec:
serviceAccountName: fleet-server
automountServiceAccountToken: true
securityContext:
runAsUser: 0
---
apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
name: elastic-agent
namespace: develop
spec:
version: 8.3.1
kibanaRef:
name: kibana
fleetServerRef:
name: fleet-server
mode: fleet
daemonSet:
podTemplate:
spec:
serviceAccountName: elastic-agent
automountServiceAccountToken: true
securityContext:
runAsUser: 0
containers:
- name: agent
volumeMounts:
- mountPath: /var/lib/docker/containers
name: varlibdockercontainers
- mountPath: /var/log/containers
name: varlogcontainers
- mountPath: /var/log/pods
name: varlogpods
volumes:
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
- name: varlogcontainers
hostPath:
path: /var/log/containers
- name: varlogpods
hostPath:
path: /var/log/pods
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: fleet-server
rules:
- apiGroups: [""]
resources:
- pods
- namespaces
- nodes
verbs:
- get
- watch
- list
- apiGroups: ["coordination.k8s.io"]
resources:
- leases
verbs:
- get
- create
- update
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: fleet-server
namespace: develop
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: fleet-server
subjects:
- kind: ServiceAccount
name: fleet-server
namespace: develop
roleRef:
kind: ClusterRole
name: fleet-server
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: elastic-agent
rules:
- apiGroups: [""]
resources:
- pods
- nodes
- namespaces
- events
- services
- configmaps
verbs:
- get
- watch
- list
- apiGroups: ["coordination.k8s.io"]
resources:
- leases
verbs:
- get
- create
- update
- nonResourceURLs:
- "/metrics"
verbs:
- get
- apiGroups: ["extensions"]
resources:
- replicasets
verbs:
- "get"
- "list"
- "watch"
- apiGroups:
- "apps"
resources:
- statefulsets
- deployments
- replicasets
verbs:
- "get"
- "list"
- "watch"
- apiGroups:
- ""
resources:
- nodes/stats
verbs:
- get
- apiGroups:
- "batch"
resources:
- jobs
verbs:
- "get"
- "list"
- "watch"
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: elastic-agent
namespace: develop
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: elastic-agent
subjects:
- kind: ServiceAccount
name: elastic-agent
namespace: develop
roleRef:
kind: ClusterRole
name: elastic-agent
apiGroup: rbac.authorization.k8s.io