Fleet is part of the Elastic Stack, and allows you to manage all your Elastic Agents. Installing it in a fully automated manner is difficult because it requires configuration in Kibana. Here’s how to do it.<\/p>\n\n\n\n\n\n\n\n
Kibana’s REST API can be used to set up all the necessary configuration options for the Fleet server.<\/p>\n\n\n\n
A note about SSL: This tutorial includes SSL configuration and supports using certificates signed by your own Certificate Authority (CA), as recommended by the Elasticsearch installation guide. If you are not using SSL then you can remove the First, we’ll set up some variables. Modify these values to suit your environment:<\/p>\n\n\n\n The Service Account Token is used by Fleet to authorize itself with Elasticsearch. We will create a token with a random name so that it does not collide with any existing tokens.<\/p>\n\n\n\n This will store the token in the variable The Agent Policy configures which integrations (plugins) are associated with the agent. This will create an empty policy, to which we will later add the Fleet Server integration.<\/p>\n\n\n\n The Agent Policy needs the “Fleet Server” integration added to it:<\/p>\n\n\n\n The Fleet Server Host setting tells the Elastic Agents the hostname and port on which they can contact the Fleet server. Make sure to update the URL to match your environment. The default port for a Fleet server is 8220.<\/p>\n\n\n\n--cacert<\/code> options and change https<\/code> to http<\/code>.<\/p>\n\n\n\n# The location of the Certificate Authority file.\n# This is generated by Elasticsearch in the setup container and mounted into the container.\nCA=\/certs\/ca\/ca.crt\n\n# The host and port of the Elasticsearch server.\nELASTIC_HOST=es01:9200\n\n# The username this script uses to connect to Elasticsearch.\nELASTIC_USER=elastic\n\n# The password this script uses to connect to Elasticsearch.\nELASTIC_PASS=elastic\n\n# The URL to the Kibana server, without a trailing slash.\nKIBANA_URL=http:\/\/kibana:5601\n<\/code><\/pre>\n\n\n\nService Account Token<\/h3>\n\n\n\n
createServiceAccountToken()\n{\n echo -n 'Creating service account token... '\n\n # Create a random name for the token so it does not collied with any existing tokens.\n tokenName=`cat \/proc\/sys\/kernel\/random\/uuid`\n\n # Create the token.\n response=`curl \\\n -u $ELASTIC_USER:$ELASTIC_PASS \\\n --silent \\\n --cacert $CA \\\n -X POST "https:\/\/$ELASTIC_HOST\/_security\/service\/elastic\/fleet-server\/credential\/token\/$tokenName?pretty"`\n\n # Check that the response was successful.\n if ! echo "$response" | grep --silent '"created" : true'; then\n echo 'failed'\n echo "$response"\n exit 1\n fi\n\n # Parse the token out of the response.\n token=`echo "$response" | awk '\/value\/ { print $3 }' | sed 's\/"\/\/g'`\n\n echo "success: $token"\n}<\/code><\/pre>\n\n\n\n$token<\/code> for use later.<\/p>\n\n\n\nAgent Policy<\/h3>\n\n\n\n
createAgentPolicy()\n{\n echo -n 'Creating Fleet server policy... '\n\n response=`curl \\\n -u $ELASTIC_USER:$ELASTIC_PASS \\\n --silent \\\n --request POST \\\n --url $KIBANA_URL\/api\/fleet\/agent_policies?sys_monitoring=true \\\n --header 'content-type: application\/json' \\\n --header 'kbn-xsrf: true' \\\n --data '{"id": "docker-fleet-server-policy","name":"Docker Fleet Server Policy","namespace":"default","monitoring_enabled":["logs","metrics"],"is_default_fleet_server": true}'`\n\n if echo "$response" | grep --silent 'document already exists'; then\n green 'already exists'\n return 0\n fi\n\n green 'success'\n}<\/code><\/pre>\n\n\n\nServer Integration<\/h3>\n\n\n\n
addServerIntegration()\n{\n echo -n 'Adding Fleet server integration to policy... '\n\n response=`curl \\\n -u $ELASTIC_USER:$ELASTIC_PASS \\\n --silent \\\n --request POST \\\n --url $KIBANA_URL\/api\/fleet\/package_policies \\\n --header 'content-type: application\/json' \\\n --header 'kbn-xsrf: true' \\\n --data '\n {\n "policy_id": "fleet-server-policy",\n "package": {\n "name": "fleet_server",\n "version": "1.2.0"\n },\n "name": "fleet_server",\n "description": "",\n "namespace": "default",\n "inputs": {\n "fleet_server-fleet-server": {\n "enabled": true,\n "vars": {\n "host": "fleet",\n "port": [\n 8220\n ],\n "custom": ""\n },\n "streams": {}\n }\n }\n }'`\n\n if echo $response | grep --silent 'already exists'; then\n echo 'already exists';\n return 0\n fi\n\n if echo $response | grep --silent 'error'; then\n echo 'failed'\n echo "$response"\n exit 1\n fi\n\n echo 'success'\n}<\/code><\/pre>\n\n\n\nServer Host<\/h3>\n\n\n\n