[Fleet] Refactor setup to load default packages/policies with preconfiguration#97328
[Fleet] Refactor setup to load default packages/policies with preconfiguration#97328Zacqary merged 27 commits intoelastic:masterfrom
Conversation
1232e32 to
70d002e
Compare
|
Pinging @elastic/fleet (Feature:Fleet) |
|
Tried to run this locally and got the following error when accessing the Fleet page:
The above is without any changes in the config file. |
afgomez
left a comment
There was a problem hiding this comment.
I did a first pass downloading the code and clicking around. I noticed the following things
- Default packages
I have this in my kibana.dev.yml
xpack.fleet.packages:
- name: system
version: latest
- name: endpoint
version: latest
- name: elastic_agent
version: latest
- name: fleet_server
version: 0.1.9
- name: apache
version: latestPackages with latest version get installed, but fleet server is not.
- Alternative default agent policies
I restarted everything with this on my kibana.dev.yml
xpack.fleet.agentPolicies:
- name: Alternative Default Agent Policy
id: 1
namespace: test
is_default: true
package_policies:
- package:
name: system
name: System Integration
- name: Alternative Default Fleet Server Agent Policy
id: 1
namespace: test
is_default_fleet_server: true
package_policies:
- package:
name: fleet_server
name: Fleet Server IntegrationNo agent policies were added
- Agent policy with no default
Same happens as in point 2 :(
|
I am seeing the same as what @afgomez reported. |
…fig-policy # Conflicts: # x-pack/plugins/fleet/server/services/epm/packages/install.ts # x-pack/plugins/fleet/server/services/setup.ts
| export interface SetupStatus { | ||
| isInitialized: boolean; | ||
| preconfigurationError: { name: string; message: string } | undefined; | ||
| nonFatalPackageUpgradeErrors: DefaultPackagesInstallationError[]; |
There was a problem hiding this comment.
Not intentional, I just wasn't immediately sure how to deal with the merge conflict. I'll get this back in.
There was a problem hiding this comment.
I think this actually mostly duplicates the functionality of preconfigurationError. I'll reconcile the differences and streamline.
There was a problem hiding this comment.
As of the latest commit, running the test scenario from #97404 results in a preconfigurationError of:
I can tweak this functionality as needed.
There was a problem hiding this comment.
I'm not sure about getting rid of nonFatalPackageUpgradeErrors and DefaultPackagesInstallationError. I like the explicitness of that interface wrt to package installation and various install types/ops: install/upgrade/rollback. package install handling is a sensitive area that we will want to keep iterating and improving on so I would like to keep the error granularity here.
in contrast, preconfigurationError can be related to package and agent policy errors.
my suggestion, what do you think?:
// export generic `nonFatalErrors` property
export interface SetupStatus {
isInitialized: boolean;
nonFatalErrors?: Array<PreconfigurationError | DefaultPackagesInstallationError>;
}
// add back `DefaultPackagesInstallationError` and return it where appropriate
export interface DefaultPackagesInstallationError {
installType: InstallType;
error: Error;
}
// define `PreconfigurationError`
export interface PreconfigurationError {
package?: { name: string; version: string; };
agentPolicy?: { name: string; }
error: Error;
}There was a problem hiding this comment.
Implemented this as best I could. Currently all properties besides error go unused on both error types, but the data is there at least.
@afgomez Try setting |
|
@afgomez As of latest commit, the original test scenario should result in:
Changing the version to |
|
@spalger we want this to land in 7.13 so I restored the label. LMK if there's some reason we shouldn't use that label to backport to 7.13 |
Nope, just wanted people to make that decision intentionally and ensure that we didn't have any more people auto-backport to 7.13 without backporting to 7.x. |
|
@elasticmachine merge upstream |
|
^^^ I think the CI failures are unrelated to this PR. Merging master to trigger another build before @Zacqary comes back online |
| }) | ||
| }), | ||
| { | ||
| defaultValue: [DEFAULT_AGENT_POLICY, DEFAULT_FLEET_SERVER_AGENT_POLICY], |
There was a problem hiding this comment.
what happens if the user has only specified either a default or a default fleet server policy in their preconfiguration? will we still ensure that whichever default one is missing, is added? what if their preconfiguration doesn't specify any default policies?
i think we might want to do the same sort of merging downstream like what you did for default packages
There was a problem hiding this comment.
I was under the impression from discussion on the issue (#97016) that we explicitly did not want to do downstream merging for agent policies, and that the config file should be the source of truth for what the "default policies" are.
nchaulet
left a comment
There was a problem hiding this comment.
Tested the default and a few scenarios, it is working well 👍
Also tested the upgrade from 7.12 to this change and looks good.
|
@jen-huang @nchaulet I'm gonna merge this because it meets the acceptance criteria of the initial issue and I really don't want to wait for the entire CI to run again and then potentially fail. Can we open a new issue to discuss whether default |
…iguration (elastic#97328) Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
…iguration (elastic#97328) Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
|
@Zacqary 👍🏻 , I'm comfortable with that, thanks for the revisions on this PR over the past week. I'll continue poking and prodding on main branch and raise any issues that come up from there. |
…iguration (#97328) (#98053) Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
…iguration (#97328) (#98052) Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
💚 Build SucceededMetrics [docs]Public APIs missing comments
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: cc @Zacqary |
Summary
Closes #97016
This removes the bespoke functions for installing default packages and configuring the default agent policies, and instead sets these as the default Kibana Config values for the preconfiguration API.
Testing
Default setup
xpack.fleetfrom yourkibana.dev.ymlOverriding the defaults
yarn es snapshotto clear your cluster, then set yourkibana.dev.ymlto:Ensure that all five of these integrations are installed, and that Fleet Server is installed with an outdated version.
yarn es snapshotagain, then set yourkibana.dev.ymlto:Ensure that the default policies are created with these alternative names and that agent monitoring is disabled for the default policy, but enabled for the default fleet server policy. Try to delete them, and ensure that they fail to be deleted.
yarn es snapshotagain, then change yourkibana.dev.ymlto:Ensure that Fleet starts with only this one policy, and that it can be deleted.
Checklist