Skip to content

[Fleet] Fix monitoring.enabled for agentless #241508

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nchaulet wants to merge 4 commits into from
Closed

[Fleet] Fix monitoring.enabled for agentless #241508

nchaulet wants to merge 4 commits into from

Conversation

@nchaulet
Copy link
Member

@nchaulet nchaulet commented Oct 31, 2025

Summary

Disabling monitoring for agentless had the unwanted side effect of disabling the http monitoring server.

We had the similar issue with could policies and it was mitigated by adding the keep_monitoring_alive flag.

That PR enable that flag for all the agentless flag

@nchaulet nchaulet added release_note:skip Skip the PR/issue when compiling release notes backport:skip This PR does not require backporting Team:Fleet Team label for Observability Data Collection Fleet team labels Oct 31, 2025
@nchaulet nchaulet marked this pull request as ready for review October 31, 2025 18:50
@nchaulet nchaulet requested review from a team as code owners October 31, 2025 18:50
@elasticmachine
Copy link
Contributor

elasticmachine commented Oct 31, 2025

Pinging @elastic/fleet (Team:Fleet)

@elastic-vault-github-plugin-prod elastic-vault-github-plugin-prod bot requested a review from a team as a code owner October 31, 2025 19:07
@jen-huang
Copy link
Contributor

jen-huang commented Oct 31, 2025

Disabling monitoring for agentless had the unwanted side effect of disabling the http monitoring server.

Do we need monitoring.http.enabled to start the server or is the top-level monitoring.enabled: true enough? keep_monitoring_alive only seems to enable the latter, so I'm wondering if it is enough:

kibana/x-pack/platform/plugins/shared/fleet/server/services/agent_policies/full_agent_policy.ts

Line 765 in afbe65e

if (agentPolicy.monitoring_http?.enabled) {

@nchaulet
Copy link
Member Author

nchaulet commented Oct 31, 2025
edited
Loading

Do we need monitoring.http.enabled to start the server or is the top-level monitoring.enabled: true enough? keep_monitoring_alive only seems to enable the latter, so I'm wondering if it is enough:

That a good point agentless has monitoring.http.enabled on the local config file but not sure it's enough, I will test it

Edit: @jen-huang it seems it will keep the value from the file as they are not overided by the fleet config (it's what it's happening in cloud)

@jen-huang
Copy link
Contributor

jen-huang commented Oct 31, 2025
edited
Loading

I pulled locally and I see this in the agent yml with default agentless policy settings which looks expected based on the changes here:

agent:
  monitoring:
    enabled: true
    logs: false
    metrics: false
    traces: false

I updated the monitoring settings for the policy to explicitly enable the http endpoint:
image
(not sure we should allow these to be editable for agentless policies, but that's a different issue 😅)

the saved object becomes:

        "monitoring_enabled": [],
        "keep_monitoring_alive": true,
        "monitoring_http": {
            "host": "localhost",
            "port": 6791,
            "enabled": true
        },

and the agent yml becomes:

agent:
  monitoring:
    enabled: true
    logs: false
    metrics: false
    traces: false
    http:
      enabled: true
      host: localhost
      port: 6791

@nchaulet So you're saying that agent.monitoring.enabled means that agent.monitoring.http.enabled is also enabled without it being set explicitly? Just want to triple check my understanding.

Also spotted this when I tried to look at the agent yml (with http turned on), but download yml works fine, and it happens for regular agent policies too so it's probably not related to the changes here - I'll take a look at this separately:
image

@nchaulet
Copy link
Member Author

nchaulet commented Oct 31, 2025

(not sure we should allow these to be editable for agentless policies, but that's a different issue 😅)

Yes that another reason to have a dedicated API for agentless policies and do not allow to edit their agent policies #240879

@nchaulet So you're saying that agent.monitoring.enabled means that agent.monitoring.http.enabled is also enabled

Not really the agent.monitoring.enabled work in combination with agent.monitoring.http.enabled being explicitly set in the agent config file locally.

@nchaulet
Copy link
Member Author

nchaulet commented Nov 2, 2025

@elasticmachine merge upstream

@elasticmachine
Copy link
Contributor

elasticmachine commented Nov 3, 2025

⏳ Build in-progress, with failures

Failed CI Steps

Test Failures

  • [job] [logs] Jest Integration Tests #8 / daily rollups integration test deletes documents older that 3 days from the saved objects repository
  • [job] [logs] Jest Integration Tests #8 / daily rollups integration test deletes documents older that 3 days from the saved objects repository
  • [job] [logs] Scout Test Run Builder / serverless-security - EUI testing wrapper: EuiDataGrid - data grid, run

History

@nchaulet
Copy link
Member Author

nchaulet commented Nov 3, 2025

@elasticmachine merge upstream

@nchaulet nchaulet closed this Nov 3, 2025
@nchaulet
Copy link
Member Author

nchaulet commented Nov 3, 2025

we decided the fix will be in agentless agent where, the agent will honor the config on disk, so no need to modify Kibana, it will be more future proof as we could easily fix any config issue for agentless controller instead of relying on a Kibana release

@jen-huang jen-huang deleted the feature-keep-monitoring-alive-for-agentless branch November 3, 2025 19:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

backport:skip This PR does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@nchaulet @elasticmachine @jen-huang @kibanamachine