- Version:
7.14.0
- Operating System: MacOS 11.5.2
- Steps to Reproduce:
Attempting to install Fleet Server using relative certificate file paths results in the install failing, with no clear logging as to why:
sudo ./elastic-agent install --url=https://127.0.0.1:8220 \
-f \
--fleet-server-es=https://127.0.0.1:9200 \
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2MjkyMjE2MjU1NzU6UG81UVp6MFFTVTZFa1JtYk4tbWYxUQ \
--fleet-server-policy=2ab0ceb0-ff7c-11eb-8a64-5f3c299c93d0 \
--certificate-authorities=certs/ca.crt \
--fleet-server-es-ca=certs/ca.crt \
--fleet-server-cert=certs/fleet-server.crt \
--fleet-server-cert-key=certs/fleet-server.key
2021-08-25T13:13:14.989-0400 INFO cmd/enroll_cmd.go:651 Waiting for Elastic Agent to start
2021-08-25T13:13:15.994-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Starting
2021-08-25T13:13:16.995-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Restarting
2021-08-25T13:13:17.997-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Starting
2021-08-25T13:13:24.017-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:13:30.031-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:13:36.052-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:13:42.072-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:13:48.096-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:13:54.112-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:14:00.135-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:14:06.154-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:14:12.173-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:14:18.190-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T13:14:21.197-0400 INFO cmd/enroll_cmd.go:682 Fleet Server - Missed last check-in
2021-08-25T13:14:21.520-0400 INFO cmd/enroll_cmd.go:414 Starting enrollment to URL: https://127.0.0.1:8220/
Error: fail to enroll: fail to execute request to fleet-server: 1 error occurred:
* missing enrollment api key
Error: enroll command failed with exit code: 1
The /Library/Elastic/Agent directory gets removed after this failure so we're unable to review the logs to see what might have gone wrong.
By adding an --enrollment-token to the install command, the install still fails, but the agent stays up allowing us to investigate the log directory:
sudo ./elastic-agent install --url=https://127.0.0.1:8220 \
-f \
--fleet-server-es=https://127.0.0.1:9200 \
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2MjkyMjE2MjU1NzU6UG81UVp6MFFTVTZFa1JtYk4tbWYxUQ \
--fleet-server-policy=2ab0ceb0-ff7c-11eb-8a64-5f3c299c93d0 \
--certificate-authorities=certs/ca.crt \
--fleet-server-es-ca=certs/ca.crt \
--fleet-server-cert=certs/fleet-server.crt \
--fleet-server-cert-key=certs/fleet-server.key \
+ --enrollment-token=c1lrTFZYc0I3LUR3eWpNdnVfV0o6ay1yNDdKWjNTRTZKbi1sZkw3VF9Rdw==
2021-08-25T14:08:25.057-0400 INFO cmd/enroll_cmd.go:668 Waiting for Elastic Agent to start Fleet Server
2021-08-25T14:08:27.064-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Starting
2021-08-25T14:08:28.066-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Restarting
2021-08-25T14:08:29.070-0400 INFO cmd/enroll_cmd.go:701 Fleet Server - Starting
2021-08-25T14:08:35.089-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:08:41.101-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:08:47.110-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:08:53.126-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:08:59.141-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:05.167-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:11.186-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:17.199-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:23.218-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:29.237-0400 INFO cmd/enroll_cmd.go:706 Fleet Server - Starting
2021-08-25T14:09:31.242-0400 INFO cmd/enroll_cmd.go:682 Fleet Server - Missed last check-in
2021-08-25T14:09:31.354-0400 INFO cmd/enroll_cmd.go:414 Starting enrollment to URL: https://127.0.0.1:8220/
2021-08-25T14:09:31.461-0400 WARN cmd/enroll_cmd.go:425 Remote server is not ready to accept connections, will retry in a moment.
cat /Library/Elastic/Agent/data/elastic-agent-e127fc/logs/default/fleet-server-json.log
{"log.level":"info","service.name":"fleet-server","version":"7.14.0","commit":"82d6804","pid":17409,"ppid":17403,"exe":"/Library/Elastic/Agent/data/elastic-agent-e127fc/install/fleet-server-7.14.0-darwin-x86_64/fleet-server","args":["--agent-mode","-E","logging.level=info","-E","http.enabled=true","-E","http.host=unix:///Library/Elastic/Agent/data/tmp/default/fleet-server/fleet-server.sock","-E","logging.json=true","-E","logging.ecs=true","-E","logging.files.path=/Library/Elastic/Agent/data/elastic-agent-e127fc/logs/default","-E","logging.files.name=fleet-server-json.log","-E","logging.files.keepfiles=7","-E","logging.files.permission=0640","-E","logging.files.interval=1h","-E","path.data=/Library/Elastic/Agent/data/elastic-agent-e127fc/run/default/fleet-server--7.14.0"],"@timestamp":"2021-08-25T18:08:27.659Z","message":"boot"}
{"log.level":"info","service.name":"fleet-server","@timestamp":"2021-08-25T18:08:27.661Z","message":"starting communication connection back to Elastic Agent"}
{"log.level":"info","service.name":"fleet-server","@timestamp":"2021-08-25T18:08:27.661Z","message":"waiting for Elastic Agent to send initial configuration"}
{"log.level":"error","service.name":"fleet-server","error.message":"1 error: open certs/ca.crt: no such file or directory reading <nil> accessing 'output.elasticsearch'","@timestamp":"2021-08-25T18:08:28.245Z","message":"Exiting"}
7.14.0Attempting to install Fleet Server using relative certificate file paths results in the install failing, with no clear logging as to why:
The
/Library/Elastic/Agentdirectory gets removed after this failure so we're unable to review the logs to see what might have gone wrong.By adding an
--enrollment-tokento the install command, the install still fails, but the agent stays up allowing us to investigate the log directory:sudo ./elastic-agent install --url=https://127.0.0.1:8220 \ -f \ --fleet-server-es=https://127.0.0.1:9200 \ --fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE2MjkyMjE2MjU1NzU6UG81UVp6MFFTVTZFa1JtYk4tbWYxUQ \ --fleet-server-policy=2ab0ceb0-ff7c-11eb-8a64-5f3c299c93d0 \ --certificate-authorities=certs/ca.crt \ --fleet-server-es-ca=certs/ca.crt \ --fleet-server-cert=certs/fleet-server.crt \ --fleet-server-cert-key=certs/fleet-server.key \ + --enrollment-token=c1lrTFZYc0I3LUR3eWpNdnVfV0o6ay1yNDdKWjNTRTZKbi1sZkw3VF9Rdw=={"log.level":"info","service.name":"fleet-server","version":"7.14.0","commit":"82d6804","pid":17409,"ppid":17403,"exe":"/Library/Elastic/Agent/data/elastic-agent-e127fc/install/fleet-server-7.14.0-darwin-x86_64/fleet-server","args":["--agent-mode","-E","logging.level=info","-E","http.enabled=true","-E","http.host=unix:///Library/Elastic/Agent/data/tmp/default/fleet-server/fleet-server.sock","-E","logging.json=true","-E","logging.ecs=true","-E","logging.files.path=/Library/Elastic/Agent/data/elastic-agent-e127fc/logs/default","-E","logging.files.name=fleet-server-json.log","-E","logging.files.keepfiles=7","-E","logging.files.permission=0640","-E","logging.files.interval=1h","-E","path.data=/Library/Elastic/Agent/data/elastic-agent-e127fc/run/default/fleet-server--7.14.0"],"@timestamp":"2021-08-25T18:08:27.659Z","message":"boot"} {"log.level":"info","service.name":"fleet-server","@timestamp":"2021-08-25T18:08:27.661Z","message":"starting communication connection back to Elastic Agent"} {"log.level":"info","service.name":"fleet-server","@timestamp":"2021-08-25T18:08:27.661Z","message":"waiting for Elastic Agent to send initial configuration"} {"log.level":"error","service.name":"fleet-server","error.message":"1 error: open certs/ca.crt: no such file or directory reading <nil> accessing 'output.elasticsearch'","@timestamp":"2021-08-25T18:08:28.245Z","message":"Exiting"}