[Elastic Agent] Add skeleton for client/server for agent control protocol #20163
Conversation
|
Pinging @elastic/ingest-management (Team:Ingest Management) |
botelastic
bot
added
needs_team
💚 Build Succeeded
Expand to view the summary
Build stats
|
blakerouse
force-pushed
the
agent-control-version
branch
from
3d82df4
to
2f34799
Compare
|
Rebased with master after #20146 has been merged, this is ready for a review. |
| // Address returns the address to connect to Elastic Agent daemon. | ||
| func Address() string { | ||
| data = paths.Data() | ||
| return fmt.Sprintf(`\\.\pipe\elastic-agent-%s`, sha256.Sum256(data)) |
There was a problem hiding this comment.
careful with the length here, i think it should be fine with 64b for sha256 but maybe a comment/reminder in case somebody wants to change format would be handy
| s := &AgentStatus{ | ||
| Status: res.Status, | ||
| Message: res.Message, | ||
| Applications: make([]*ApplicationStatus, 0), |
There was a problem hiding this comment.
small nit, we know the length of res.Applications we can set the capacity right
| if err != nil { | ||
| return nil, err | ||
| } | ||
| sd, err := npipe.DefaultSD(u.Username) |
There was a problem hiding this comment.
is Default secure enough? we dont want to allow anybody trigger restart/stop/upgrade procedures, need to think about that for future releases
There was a problem hiding this comment.
The DefaultSD creates the pipe so only that specific user can access it. So we get the same level of permissions we have on the configuration files.
|
@michalpristas @blakerouse Not sure we need auth, I think OS' ACL would take care of that? |
|
@ph correct the OS ACL's is going to take care of it |
💚 Build Succeeded
Expand to view the summary
Build stats
|
…ne-2.0 * upstream/master: [Elastic Agent] Add skeleton for client/server for agent control protocol (elastic#20163) Auditbeat: Allow multiple instances by grouping kprobes by PID (elastic#20325) [Filebeat][Fortinet] Remove pre populated event.timezone (elastic#20273)
…allation
* upstream/master:
Check expand_event_list_from_field when json in map[string]interface{} format (elastic#20370)
[docs] Remove deprecated security roles (elastic#20162)
Modify doc in app_insights metricset (elastic#20185)
[Elastic Agent] Add skeleton for client/server for agent control protocol (elastic#20163)
Auditbeat: Allow multiple instances by grouping kprobes by PID (elastic#20325)
[Filebeat][Fortinet] Remove pre populated event.timezone (elastic#20273)
Add an explicit system test for processes on unix systems (elastic#20320)
…ocol (elastic#20163) * Add protocl to control Elastic Agent. * Fix CI with protoc. * Remove CI changes. * Start on the control server code. * More client/server work. * More work. * Add test. * Fix vet issues. * Fix permissions on unix socket. Add comment to Windows npipe. (cherry picked from commit 77a8472)
…ocol (#20163) (#20401) * Add protocl to control Elastic Agent. * Fix CI with protoc. * Remove CI changes. * Start on the control server code. * More client/server work. * More work. * Add test. * Fix vet issues. * Fix permissions on unix socket. Add comment to Windows npipe. (cherry picked from commit 77a8472)
…ocol (elastic#20163) * Add protocl to control Elastic Agent. * Fix CI with protoc. * Remove CI changes. * Start on the control server code. * More client/server work. * More work. * Add test. * Fix vet issues. * Fix permissions on unix socket. Add comment to Windows npipe.
What does this PR do?
Adds the required skeleton code to allow Elastic Agent to connect and receive information from a running Elastic Agent daemon. Includes the implementation for
Versionalong with a test to ensure that client/server communication works.Why is it important?
So
elastic-agent {subcommands}can talk to the running daemon.Checklist
[ ] I have made corresponding changes to the documentation[ ] I have made corresponding change to the default configuration files[ ] I have added an entry inCHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Related issues