My ex-team member followed the below link recommendation about using Kubernetes to deploy Kolide Fleet web server:https://github.com/kolide/fleet/blob/master/docs/infrastructure/fleet-on-kubernetes.mdHe used these 3 below files, to successfully deployed Kolide Fleet web server on AWS and the Osquery result output on server side is 'file system' (file location: /tmp/osquery_result):https://github.com/kolide/fleet/blob/master/examples/kubernetes/fleet-migrations.yml,https://github.com/kolide/fleet/blob/master/examples/kubernetes/fleet-deployment.yml,https://github.com/kolide/fleet/blob/master/examples/kubernetes/fleet-service.yml.
However, this ex-team member already left my company. Now, I am ready to change the Osquery result output from file system to others (kinesis, firehose, redis, pubsub, etc.) on the server side, and make redeployment about Kolide fleet server. However, when I just run the original 'fleet-deployment.yml' file, with the command 'kubectl apply -f fleet-deployment.yaml -n fleet', then the kolide fleet server will crash with status '500' error. When I retrieve the log history from the Kolide fleet server pod, then the error message is something like below:
"2020/12/09 18:42:43 http: TLS handshake error from 10.0.2.54:62379: EOF
2020/12/09 18:42:43 http: TLS handshake error from 10.0.15.33:64346: EOF
2020/12/09 18:42:43 http: TLS handshake error from 10.0.15.33:17935: EOF
ts=2020-12-09T18:42:44.173127649Z component="gRPC Launcher" method=RequestQueries err="internal error: missing host from request context" took=1.042259ms
2020/12/09 18:42:44 http: TLS handshake error from 10.0.0.164:10314: EOF
2020/12/09 18:42:44 http: TLS handshake error from 10.0.0.164:61047: EOF
2020/12/09 18:42:45 http: TLS handshake error from 10.0.2.54:1248: EOF"
This issue seems to come from GRPC server. I searched google, but could not find an exact solution. Please see the below error image: Therefore, could anyone help me to diagnose those error messages and fix this issue? Thank you.