Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] Use 9243 as default port for cloud URLs #98670

Closed

Conversation

nchaulet
Copy link
Member

@nchaulet nchaulet commented Apr 28, 2021

Summary

Resolve #98356

In Fleet we are populating the ES hosts and Fleet server hosts used by the agent to communicate with ES or Fleet Server from the cloud ID.
If there is no default port in the cloud ID we were defaulting to 443 but after some discussions looks like the default port both for ECE and ESS is 9243. That PR makes the change.

@nchaulet nchaulet added bug Fixes for quality problems that affect the customer experience v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.14.0 v7.13.0 auto-backport Deprecated - use backport:version if exact versions are needed labels Apr 28, 2021
@nchaulet nchaulet self-assigned this Apr 28, 2021
@nchaulet nchaulet requested a review from a team as a code owner April 28, 2021 18:50
@botelastic botelastic bot added the Team:Fleet Team label for Observability Data Collection Fleet team label Apr 28, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

Copy link
Contributor

@jen-huang jen-huang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the quick turnaround!

@@ -5,6 +5,8 @@
* 2.0.
*/

const CLOUD_DEFAULT_PORT = '9243';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

out of scope for this PR, but this kind of information seems like it should be exported from cloud plugin

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes actually the whole decode_cloud_id service should probably exported by the cloud plugin.

Copy link

@AlexP-Elastic AlexP-Elastic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (will just mention that when it was discussed yesterday in a similar context, @simitt was in favor of hiding the port if it was ==443)

@nchaulet
Copy link
Member Author

LGTM (will just mention that when it was discussed yesterday in a similar context, @simitt was in favor of hiding the port if it was ==443)

Yes we hide it.

@nchaulet nchaulet enabled auto-merge (squash) April 28, 2021 19:27
@AlexP-Elastic
Copy link

AlexP-Elastic commented Apr 28, 2021

Ugh so I did some digging and the old beats code treats the default port as 443 :/ https://github.com/elastic/beats/blob/23e4403ae093fcc8f7905345cad2c7ad256976d8/libbeat/cloudid/cloudid.go#L34

@nchaulet did you say you had seen a case where the port wasn't present and it should have been 9243? (eg an ECE instance)

I'm digging up an ECE instance now to check

@nchaulet nchaulet disabled auto-merge April 28, 2021 19:32
@nchaulet
Copy link
Member Author

Looks like there is one case here #98356 not sure what the cloud ID was

@jfsiii
Copy link
Contributor

jfsiii commented Apr 28, 2021

I am headed out the door, but wanted to add some background. The original PR #65366 said

Adds decodeCloudId function based on code & tests in libbeat

Which seems to use 443 (but I'm not able to really process & be sure right now)

Happy to see this ship if it's what we want now. Just linking for more context

@AlexP-Elastic
Copy link

AlexP-Elastic commented Apr 28, 2021

I found this in an internal knowledgebase:

Initially the cloud id was available from ECE version 1.2.0 in this initial release the format did not support (nor did beats/logstash) a dedicated port number and so it defaulted to 443. This was fine for ESS but many ECE installations only support the default 9243 port and so clients configured with the ECE cloud id would fail to connect.

In ECE release 2.2 the format was extended to allow a port to be configured and for new ECE 2.2 installations this port would default to 9243. However because we couldn't be certain of customers network configurations and which ones may already be dependent on using a 443 configuration we decided not to implement an upgrade to explicitly introduce this configuration setting.

@AlexP-Elastic
Copy link

I found a better specification of what is going on:

  * Generates a cloud id from the given elasticsearch/kibana cluster ids and display name, it will attempt to retrieve the
  * cname and port from zookeeper, if the port is not available it will default to `9243`, if the port equals 443 it will
  * be only use the cname.

So there are two different "defaults" here:

  • For a given ECE region, the port will default to 9243 unless overridden
  • Within the cloud Id, if the port is not specified then it should be assumed to be 443

Therefore I believe the code as it was before this PR is correct. 1000 apologies for the confusion

@nchaulet
Copy link
Member Author

Probably no need for that

@nchaulet nchaulet closed this Apr 28, 2021
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
fleet 346.8KB 346.8KB +2.0B

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nchaulet

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-backport Deprecated - use backport:version if exact versions are needed bug Fixes for quality problems that affect the customer experience release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v7.13.0 v7.14.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Fleet] Global Output ES/Kibana default port are wrong for some environments
6 participants