running-on-kubernetes-managed-by-fleet.asciidoc

Run {agent} on Kubernetes managed by {fleet}

What you need

• kubectl installed.

• {es} for storing and searching your data, and {kib} for visualizing and managing it.

  {observability-docs-root}/docs/en/shared/spin-up-the-stack/widget.asciidoc

• kube-state-metrics.

  run-container-common/deploy-kube-state-metrics.asciidoc

Step 1: Download the {agent} manifest

run-container-common/download-elastic-agent.asciidoc

Step 2: Configure {agent} policy

The {agent} needs to be assigned to a policy to enable the proper inputs. To achieve Kubernetes observability, the policy needs to include the Kubernetes integration. Refer to [create-a-policy] and [add-integration] to learn how to configure the Kubernetes integration.

Step 3: Enroll {agent} to the policy

Enrollment of an {agent} is defined as the action to register a specific agent to a running {fleet-server}.

{agent} is enrolled to a running {fleet-server} by using FLEET_URL parameter. Additionally, the FLEET_ENROLLMENT_TOKEN parameter is used to connect {agent} to a specific {agent} policy.

A new FLEET_ENROLLMENT_TOKEN will be created upon new policy creation and will be inserted inside the Elastic Agent Manifest during the Guided installation.

Find more information for Enrollment Tokens.

To specify different destination/credentials, change the following parameters in the manifest file:

- name: FLEET_URL
  value: "https://fleet-server_url:port" (1)
- name: FLEET_ENROLLMENT_TOKEN
  value: "token" (2)
- name: FLEET_SERVER_POLICY_ID
  value: "fleet-server-policy" (3)
- name: KIBANA_HOST
  value: "" (4)
- name: KIBANA_FLEET_USERNAME
  value: "" (5)
- name: KIBANA_FLEET_PASSWORD
  value: "" (6)

1. URL to enroll the {fleet-server} into. You can find it in {kib}. Select Management → {fleet} → Fleet Settings, and copy the {fleet-server} host URL.

2. The token to use for enrollment. Close the flyout panel and select Enrollment tokens. Find the Agent policy you created before to enroll {agent} into, and display and copy the secret token.

3. The policy ID for {fleet-server} to use on itself.

4. The {kib} host.

5. The basic authentication username used to connect to {kib} and retrieve a service_token to enable {fleet}.

6. The basic authentication password used to connect to {kib} and retrieve a service_token to enable {fleet}.

If you need to run {fleet-server} as well, adjust the docker run command above by adding these environment variables:

- name: FLEET_SERVER_ENABLE
  value: "true" (1)
- name: FLEET_SERVER_ELASTICSEARCH_HOST
  value: "<elasticsearch-host>" (2)
- name: FLEET_SERVER_SERVICE_TOKEN
  value: "<service-token>" (3)

1. Set to true to bootstrap {fleet-server} on this {agent}. This automatically forces {fleet} enrollment as well.

2. The Elasticsearch host for Fleet Server to communicate with, for example http://elasticsearch:9200.

3. Service token to use for communication with {es} and {kib}.

Refer to [agent-environment-variables] for all available options.

Step 4: Configure tolerations

run-container-common/agent-tolerations.asciidoc

Step 5: Deploy the {agent}

run-container-common/deploy-elastic-agent.asciidoc

Step 6: View your data in {kib}

run-container-common/kibana-fleet-data.asciidoc