[Spacetime][Fleet] Introduce airgapped config for bundled packages#202435
[Spacetime][Fleet] Introduce airgapped config for bundled packages#202435criamico merged 17 commits intoelastic:mainfrom
Conversation
|
Pinging @elastic/fleet (Team:Fleet) |
|
@elasticmachine merge upstream |
|
Tested the scenario in the description and it seems to work. |
@juliaElastic I think you're right, I was also thinking something like that. I didn't have much time to work on this issue last week so I opened the PR with what I had working. As a follow up we could even show the |
I think we could do this in the |
@kpollich @juliaElastic EDIT: I need to fix some linting errors and do some more testing, so I'm putting this back to draft |
|
@elasticmachine merge upstream |
|
@kpollich @juliaElastic |
I think the condition should be something like const hasRegistryUrl = registryUrl || registryProxyURl
const shouldSkipRegistryRequests = isAirgapped && !hasRegistryUrl |
@kpollich |
I think we want errors to surface in this case because it's a configuration issue that the user needs to resolve. So this seems acceptable to me. |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
| if (res) { | ||
| return res?.body; | ||
| } | ||
| throw new RegistryResponseError('isAirGapped config enabled, registry not reacheable'); |
There was a problem hiding this comment.
is this line for testing?
|
|
||
| const shouldSkipRegistryRequests = isAirGapped && !hasRegistryUrls; | ||
|
|
||
| return { hasRegistryUrls, isAirGapped, shouldSkipRegistryRequests }; |
There was a problem hiding this comment.
we should probably create a documentation request to clarify what combination of configs prevents requests to EPR
There was a problem hiding this comment.
I think we should skip requests when isAirGapped:true is set, regardless of whether registryUrl is set. Currently if I set both, the requests are still made.
Tested without registryUrl and isAirGapped:true, it looks good, I'm seeing the integrations load quickly and the installed integrations are also showing up.
For some reason I don't see all bundled packages, e.g. endpoint which is not installed.
There was a problem hiding this comment.
I think we should skip requests when isAirGapped:true is set, regardless of whether registryUrl is set. Currently if I set both, the requests are still made.
This was my first idea too but having an airgapped environment with a local registry is a legit use case that we are already supporting (see the docs).
If I just block the requests when isAirGapped is set to true, I'm going to break this use case for many users, that's why @kpollich proposed to check both conditions.
For some reason I don't see all bundled packages, e.g. endpoint which is not installed.
I noticed it too, I'm not sure why. I can open a follow up ticket to check what's going on.
|
@elasticmachine merge upstream |
💚 Build Succeeded
Metrics [docs]
History
cc @criamico |
…lastic#202435) Closes elastic#136617 Closes elastic#167195 ## Summary [Spacetime] Improving Integrations experience on airgapped envs using the existing `xpack.fleet.isAirGapped` configuration key: - Loading integrations is now much faster and doesn't attempt to contact the registry at all - Installing an uninstalled bundled packages should now be possible NOTE: Setting the `isAirGapped` skips the calls to registry altogether ### Testing - In `kibana.dev.yml`: - Make sure that APM and other bundled packages are not present in preconfiguration - Configure `xpack.fleet.registryUrl` to an unreacheable host, i.e. `xpack.fleet.registryUrl: http://notworking` - Configure `xpack.fleet.isAirGapped: true` - Copy the zip files from the EPR for some common bundled packages to them in `them in kibana/x-pack/plugins/fleet/target/bundled_packages` - Navigate to Integrations and verify that the page loads faster than in the past (it would take long because of retries) - Navigate to apm page or to`app/integrations/detail/apm-8.4.2/overview` - Try to install it it should succeed correctly ### Checklist - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
|
Just to add some context here - All of my customers are Air-gapped and every single one of them hosts a local EPR container. However, in testing and other situations, it would be nice that it didn't take the page forever to load if they don't have a Registry URL configured. This makes perfect sense to me: If they have a Registry URL configured and it's not working then I agree that is a configuration/environment issue that needs to be investigated. |
…uilt rules OOM tests in 8.19 (#245087) **Partially addresses:** #188090 ## Summary Fleet doesn't have #202435 backported to 8.19. It blocks package removal for packages installed by direct upload. With #228777 we have a We have a mock prebuilt rules package installed via upload at the global hook. This PR fixes the issue by skipping mock prebuilt rules package installation.
Closes #136617
Closes #167195
Summary
[Spacetime] Improving Integrations experience on airgapped envs using the existing
xpack.fleet.isAirGappedconfiguration key:NOTE: Setting the
isAirGappedskips the calls to registry altogetherTesting
kibana.dev.yml:xpack.fleet.isAirGapped: truethem in kibana/x-pack/plugins/fleet/target/bundled_packagesapp/integrations/detail/apm-8.4.2/overviewChecklist