Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
j
jimmy
05/15/2022, 7:04 PMhi, im using fleet 3.5.1 and i have 3 fleet servers, and for some reason my load balancer gives the queries only to the two first servers,
and i looked at yaml file of the fleet service that doesn't get queries and he is the same like the other fleet service that getting queries. and when I use fleetctl the third fleet works. do you have any solution?
l
Lucas Rodriguez
05/16/2022, 2:27 PMHi @jimmy! Fleet is unaware of how it get requests or if there are other Fleet instances running as part of the deployment. So, this is most likely a configuration/network issue between the load balancer and the hosts running your Fleet instances.
Here's a guide on how to deploy Fleet: https://fleetdm.com/docs/deploying/server-installation#deploying-the-load-balancer
(with a section on deploying a load balancer)
If possible, we advise users to upgrade to Fleet's latest version,
4.14.03.5.1and when I use fleetctl the third fleet works. do you have any solution?1.
fleetctlfleetctlj
jimmy
05/16/2022, 6:32 PMhi @Lucas Rodriguez the section of the load balancer is only with kubectl, and my server doesn't have kubernetes.
and its
fleetctl@Lucas Rodriguez "If you are doing (1) then I'd suggest you try with (2) to test that the request is really going through the load balancer."
how can i check this
@Lucas Rodriguez and thanks for the help 🙂
l
Lucas Rodriguez
05/16/2022, 6:35 PMhow can i check thisSo if I understood correctly, your devices will connect to Fleet through the load balancer (via some defined URL). Have
fleetctlj
jimmy
05/16/2022, 6:41 PM@Lucas Rodriguez I don't think that the fleetctl go threw the load balancer
@Lucas Rodriguez but how can i check this to be sure?
l
Lucas Rodriguez
05/16/2022, 6:49 PMfleetctl config get address$ fleetctl config get address
default.address => <https://localhost:8080>but how can i check this to be sure?A way to check this would be to run the third Fleet server in debug mode (
FLEET_LOGGING_DEBUG--logging_debug--logging_debugOh same question was asked here 🙂: https://osquery.slack.com/archives/C01DXJL16D8/p1652726641378669
j
jimmy
05/17/2022, 8:13 AM@Lucas Rodriguez thanks for the help, "fleetctl config get address" i did this command and my server gave me wrong ip of the load balancer.
@Lucas Rodriguez so what should i do now?
l
Lucas Rodriguez
05/17/2022, 11:50 AMYou can configure
fleetctlfleetctl config set --address https://$LOAD_BALANCER_IP:$LOAD_BALANCER_PORTj
jimmy
05/17/2022, 7:24 PMi did this but sadly it still doesn't get queries from the load balancer
should i maybe restart the load balancer after that?
l
Lucas Rodriguez
05/17/2022, 7:26 PMi did this but sadly it still doesn't get queries from the load balancerWhat do you mean by this?
This command is only configuringfleetctl config set --address https://$LOAD_BALANCER_IP:$LOAD_BALANCER_PORT
fleetctlj
jimmy
05/17/2022, 8:29 PM"hi, im using fleet 3.5.1 and i have 3 fleet servers, and for some reason my load balancer gives the queries only to the two first servers,
and i looked at yaml file of the fleet service that doesn't get queries and he is the same like the other fleet service that getting queries. and when I use fleetctl the third fleet works. do you have any solution?"
I mean that I still have that problem
l
Lucas Rodriguez
05/17/2022, 9:41 PMOK, we are just trying to connect via
fleetctlhttps://osquery.slack.com/archives/C01DXJL16D8/p1652729790761829?thread_ts=1652726641.378669&cid=C01DXJL16D8 this should also help troubleshooting. Basically have your load balancer use Fleet's healthz endpoint.