elasticmachine
commented
1 week ago Pinging @elastic/fleet (Team:Fleet)
Open leandrojmp opened 1 week ago
elasticmachine
commented
1 week ago Pinging @elastic/fleet (Team:Fleet)
Describe the feature:
This enhancement request would add an option to migrate the agents from being managed by a fleet server in one cluster to being managed by a different fleet server in another cluster without having to run the re-enroll command in each agent.
The idea is that the user would request an agent (or multiple agents) to be migrated, which could be from the UI or using the API, would select the agent, provide the target fleet server endpoint and the enrollment token for the target policy in the new fleet server.
When the agent checks in with the fleet server after the migrate request was made, it would then receive the migration instructions and could do the following:
After that, the agent is now managed by the new fleet server and appears as unenrolled on the old fleet server.
This could be a 3 step process as ilustrated by the following images.
Describe a specific use case for the feature:
Currently to migrate agents between different clusters (each one with its own fleet server) you need to run the re-enroll command on each agent, which is basically reinstalling the agent without having to download it again.
When you have a large deployment with thousands of hosts and a complex infrastructure organization with multiple teams, multiple kinds of hosts and some restrictions on how and when run commands on hosts (manually or automated), it can take a really long time to migrate all your agents because you cannot do that from the Fleet UI/API.
On a multi-dc and multi-cloud environment you may need to move your Elastic/Fleet cluster from one dc to another, or from some cloud provider to another or even from on-premises to a SaaS Elastic offering, and being able to remotely tell the Elastic Agent hosts to re-enroll into a new fleet cluster would speed up the process and avoid having to run two different clusters for a long time.
To resume, once installed and enrolled on a Fleet Server, the user should be able to migrate to another Fleet Server on a different cluster without having to run the re-enroll command on the agent, the agent should be able to self-enroll itself into a new Fleet Server.