-
Notifications
You must be signed in to change notification settings - Fork 148
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fleet Server listens on loopback when TLS is disabled in v8.6.0 #2197
Comments
I suspect this is a consequence of #1867 |
+1 on this. Both host and port configured by the policy is not respected. |
Yes, it looks like this issue is somewhere in the elastic-agent setup. If I start in stand alone mode with no real config it binds to
|
I think the issue is caused in the bootstrapping segment here: elastic-agent/internal/pkg/agent/cmd/enroll_cmd.go Lines 397 to 405 in da1db71
|
The fleet-server's behaviour in elastic-agent/internal/pkg/agent/cmd/enroll_cmd.go Lines 397 to 405 in da1db71
is intentional. If the server is started with The |
Closing because working as intended (see discussions in the linked PR #2198). Note: in container mode, the host can also be configured using environment variables ( |
Although the host is set to
0.0.0.0
in the config, fleet-server forcibly listens on127.0.0.1:8220
since v8.6.0 when configured without TLS.The only possibly relevant log entries I could find are:
When TLS is enabled, the "server listening" log entry shows a binding to
0.0.0.0:8200
as expected:Until v8.5 (included), the
host
input was respected, even if TLS wasn't enabled.The text was updated successfully, but these errors were encountered: