Fix issue where --insecure didn't propogate to Fleet Server ES connection #27969
Conversation
blakerouse
added
Team:Elastic-Agent
botelastic
bot
added
needs_team
|
Pinging @elastic/agent (Team:Agent) |
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
…S connection (elastic#27969)" This reverts commit cbbe8c2.
* upstream/master: (658 commits) Add complete k8s metadata through composable provider (elastic#27691) Revert "Fix issue where --insecure didn't propogate to Fleet Server ES connection (elastic#27969)" (elastic#27997) Remove deprecated kafka fields (elastic#27938) [Filebeat] Add Base64 encoded HMAC & UUID template functions to httpjson input (elastic#27873) Improve httpjson template function join (elastic#27996) Remove kubernetes.container.image alias (elastic#27898) [Elastic Agent] Golden files for program tests (elastic#27862) [Elastic Agent] Disable modules.d in metricbeat (elastic#27860) libbeat/common/seccomp: provide default policy for linux arm64 (elastic#27955) Fix logger statement in aws-s3 input (elastic#27982) Fix wrong merge (elastic#27976) Fix issue where --insecure didn't propogate to Fleet Server ES connection (elastic#27969) Forward-port 7.14.2 changelog to master (elastic#27975) [Filebeat] Removing duplicate modules (aliases) Observability (elastic#27919) Fix path in vagrant windows script (elastic#27966) [Filebeat] Removing duplicate modules (aliases) and Cyberark (elastic#27915) No changelog for 8.0.0-alpha2 (elastic#27961) Add write access to 'url.value' from 'request.transforms'. (elastic#27937) Docker: remove deprecated fields (elastic#27933) Filebeat: Make all filesets disabled in default configuration (elastic#27762) ...
…tion (elastic#27969) * Fix issue where --insecure didn't propogate to Fleet Server ES connection. * Add changelog.
…S connection (elastic#27969)" (elastic#27997) This reverts commit cbbe8c2.
|
Hi Eric We have regressed this issue on 7.16 BC3 on Stack Environment in lieu of #27956 under merged PR at #27969. Following is our observation: Pre-conditions:
Steps followed:
Observations: Agent installed successfully. After waiting for few mins and resetting the time to current zone, we navigated back to Kibana and Observed agent was available with Last activity value as " in 2 years". Further, No logs were available on UI side. Please find further details in below screenshots:
Build details: Logs attached for reference: Kindly let us know if we are missing anything. Thanks |
|
I spoke with Diksha and Michal and we are synced up on the best way to test this, the above isn't quite right. We'll post back and expect (and hope) the issue remains fixed as intended, and we can document steps to validate it moving forwards. |
…tion (elastic#27969) (elastic#27978) * Fix issue where --insecure didn't propogate to Fleet Server ES connection. * Add changelog. (cherry picked from commit 576be96) Co-authored-by: Blake Rouse <blake.rouse@elastic.co>
…S connection (elastic#27969)" (elastic#27997) (elastic#28003) This reverts commit 576be96. (cherry picked from commit b5ffc57) Co-authored-by: Michal Pristas <michal.pristas@gmail.com>
What does this PR do?
Propogates the
--insecureflag to the Fleet Server process, so it can communicate with elasticsearch insecurely.Why is it important?
Previously it was not possible to instruct Fleet Server to communicate insecurely with elasticsearch. Now if you are bootstrapping a Fleet Server and using
--insecureit will also make communication with elasticsearch insecure.Checklist
[ ] I have made corresponding changes to the documentation[ ] I have made corresponding change to the default configuration files[ ] I have added tests that prove my fix is effective or that my feature worksCHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Related issues