Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fleet agent never associates with kibana if Nodeport is provided in kibana manifest #8043

Open
sagargulabani opened this issue Sep 9, 2024 · 2 comments
Open

Fleet agent never associates with kibana if Nodeport is provided in kibana manifest #8043

sagargulabani opened this issue Sep 9, 2024 · 2 comments
Labels
triage

Comments

@sagargulabani
Copy link

sagargulabani commented Sep 9, 2024
edited
Loading

If we set the service and nodeport configuration for kibana, the fleet server 'Agent' custom resource never associates with kibana

    # service:
    #   spec:
    #     type: NodePort
    #     ports:
    #       - port: 5601
    #         nodePort: 32000

Fleet server manifest

apiVersion: agent.k8s.elastic.co/v1alpha1
kind: Agent
metadata:
  name: fleet-server
  namespace: elastic-system
spec:
  version: 8.13.4
  kibanaRef:
    name: log-kibana
  elasticsearchRefs:
  - name: log-cluster
  mode: fleet
  fleetServerEnabled: true
  deployment:
    replicas: 1
    podTemplate:
      spec:
        serviceAccountName: elastic-agent
        automountServiceAccountToken: true
        securityContext:
          runAsUser: 0
        containers:
          - name: agent
            resources:
              requests:
                memory: 1Gi
                cpu: 400m
              limits:
                memory: 1Gi
                cpu: 400m

Kibana manifest

apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
  name: log-kibana
  namespace: elastic-system
spec:
  version: 8.13.4
  count: 1
  elasticsearchRef:
    name: log-cluster
  podTemplate:
    metadata:
      namespace: elastic-system
    spec:
      containers:
        - name: kibana
          resources:
            requests:
              memory: 3Gi
              cpu: 1.5
            limits:
              memory: 4Gi
              cpu: 2
          readinessProbe:
            failureThreshold: 3
            initialDelaySeconds: 10
            periodSeconds: 10
            successThreshold: 1
            exec:
              command:
                - /bin/bash
                - -c
                - curl  http://127.0.0.1:5601/login -k -s
  http:
    tls:
      selfSignedCertificate:
        disabled: true
    service:
      spec:
        type: NodePort
        ports:
          - port: 5601
            nodePort: 32000
  config:
    xpack.fleet.agents.elasticsearch.hosts: ["http://log-cluster-es-http.elastic-system.svc:9200"]
    xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-agent-http.elastic-system.svc:8220"]
    xpack.fleet.packages:
      - name: system
        version: latest
      - name: elastic_agent
        version: latest
      - name: fleet_server
        version: latest
      - name: apm
        version: latest
      - name: log
        version: latest
      - name: kubernetes
        version: latest
    xpack.fleet.agentPolicies:
      - name: Fleet Server on ECK policy
        id: eck-fleet-server
        is_default_fleet_server: true
        namespace: default
        monitoring_enabled:
          - logs
          - metrics
        package_policies:
        - name: fleet_server-1
          id: fleet_server-1
          package:
            name: fleet_server
      - name: Elastic Agent policy Three
        id: eck-agent-three
        namespace: default
        monitoring_enabled:
          - logs
          - metrics
        unenroll_timeout: 900
        is_default: true
        package_policies:
          - name: system-1
            id: system-1
            package:
              name: system
          - name: kubernetes-2
            id: kubernetes-2
            package:
              name: kubernetes
            inputs:
            - type: filestream
              enabled: true
              streams:
              - enabled: true
                data_stream:
                  type: logs
                  dataset: kubernetes.container_logs


Events:
  Type     Reason                   Age                From                                 Message
  ----     ------                   ----               ----                                 -------
  Warning  AssociationError         20s (x5 over 20s)  agent-controller                     Association backend for elasticsearch is not configured
  Warning  AssociationError         20s (x8 over 20s)  agent-controller                     Association backend for kibana is not configured
  Normal   AssociationStatusChange  20s                agent-kibana-association-controller  Association status changed from [] to [Pending]
  Normal   AssociationStatusChange  20s                agent-es-association-controller      Association status changed from [] to [elastic-system/log-cluster: Established]

It gets stuck in this state.

Image
@botelastic botelastic bot added the triage label Sep 9, 2024
@pyaillet
Copy link

I had the same problem.

I was able to solve it by looking at the logs. They were showing an error related to the unavailability of a port named https on the service.

So the following modification should do the trick (at least, it did for me):

    # service:
    #   spec:
    #     type: NodePort
    #     ports:
    #       - name: https
    #         port: 5601
    #         nodePort: 32000

@lloydmcl
Copy link

lloydmcl commented Oct 26, 2024
edited
Loading

Also having same issue running on an rke2 cluster (eck version 8.15.3) but am having issues with elasticsearch too which is running on ClusterIP and unfortunately setting the name for the service ports did not work for me.

Status:
  Elasticsearch Associations Status:
    elastic-system/elastic-cluster-es-http:  Pending
  Kibana Association Status:                 Pending
  Observed Generation:                       1
Events:
  Type     Reason                   Age                From                                 Message
  ----     ------                   ----               ----                                 -------
  Warning  AssociationError         30s (x5 over 30s)  agent-controller                     Association backend for elasticsearch is not configured
  Warning  AssociationError         30s (x5 over 30s)  agent-controller                     Association backend for kibana is not configured
  Normal   AssociationStatusChange  30s                agent-es-association-controller      Association status changed from [] to [elastic-system/elastic-cluster-es-http: Pending]
  Normal   AssociationStatusChange  30s                agent-kibana-association-controller  Association status changed from [] to [Pending]

Update
I previously had my kibanaRef set to kibana-kb-http and my elasticsearchRefs set to elastic-cluster-es-http. When I changed these to point to my clusters instead of the services, this fixed my association issues but I now have a problem where am getting

Events:
  Type     Reason                   Age                 From                                 Message
  ----     ------                   ----                ----                                 -------
  Warning  AssociationError         18m (x5 over 18m)   agent-controller                     Association backend for elasticsearch is not configured
  Warning  AssociationError         18m (x10 over 18m)  agent-controller                     Association backend for kibana is not configured
  Normal   AssociationStatusChange  18m                 agent-es-association-controller      Association status changed from [] to [elastic-system/elastic-cluster: Established]
  Normal   AssociationStatusChange  18m                 agent-kibana-association-controller  Association status changed from [] to [Established]
  Warning  ReconciliationError      18m (x10 over 18m)  agent-controller                     Reconciliation error: failed to request https://kibana-kb-http.elastic-system.svc:5601/api/fleet/setup, status is 401)

When I look through the fleet server logs, am seeing logs:

Error dialing lookup elasticsearch on <core-dns-ip>:53: no such host
Failed to connect to backoff(elasticsearch(http://elasticsearch:9200)): Get \"http://elasticsearch:9200\": lookup elasticsearch on <core-dns-ip>:53: no such host

strange that it's now trying to connect via http and not using the environment variable set FLEET_SERVER_ELASTICSEARCH_HOST = "https://elastic-cluster-es-http.elastic-system.svc:9200"

but at least I now have a fleet server pod executing.

I suspect the dns is irrelevant and the real issue I should be focusing on is:
"Warning ReconciliationError 18m (x10 over 18m) agent-controller Reconciliation error: failed to request https://kibana-kb-http.elastic-system.svc:5601/api/fleet/setup, status is 401)"

as it seems the agent is trying to authenticate and get it's settings from Kibana but can't. I've tried a number of things but cannot seem to get anywhere.

Hoping your issue is similar and we can find a way forward.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sagargulabani @pyaillet @lloydmcl