https://github.com/osquery/osquery logo
Powered by
#fleet
Title
# fleet
s

SK

04/29/2021, 11:29 AM
Hello all, digging into Orbit and trying to understand how does orbit update Osquery, how does the 
stable
and 
edge
channel get triggered to update Osquery when running on-prem Fleet? And how does the update process itself work?
n

Noah Talerman

04/29/2021, 6:27 PM
Hi @SK. By default, Orbit checks in with the public Fleet update repository. Using this update repository, FleetDM determines the osquery version that belongs on the 
stable
and 
edge
channels. At check in time, if the version defined for the 
stable
update channel has changed, Orbit will update osquery on its respective endpoint to the new version.
s

SK

04/29/2021, 6:49 PM
Hey @Noah Talerman thanks for your response. Nice way of checking the version. How does Orbit handle situations where there is a proxy, does it grab the update from the onprem fleet server or always straight to the repo?
n

Noah Talerman

04/30/2021, 1:31 PM
How does Orbit handle situations where there is a proxy, does it grab the update from the onprem fleet server or always straight to the repo?
Hey @SK, I don’t immediately know the answer to this. I’m going to phone in @zwass for help on this Orbit question.
z

zwass

04/30/2021, 5:37 PM
Orbit uses a configurable update server. We expect that many folks will just use the update server we manage (similar to what Kolide does with Launcher's update server). We are also offering tooling for self-managing an update server as part of Fleet Basic (the subscription offering) https://github.com/fleetdm/fleet/blob/master/docs/2-Deployment/4-fleetctl-agent-updates.md.
Depending on what you mean by proxy, you could potentially also just copy the metadata from our update server and serve it from anywhere you like.
s

SK

04/30/2021, 5:40 PM
Hey @zwass thanks for the response. I was more wondering how does Orbit handle situations where the agent is behind a proxy to get to your update server? Can you configure the proxy in the orbit config?
z

zwass

04/30/2021, 5:41 PM
What kind of configuration would need to be provided for the proxy? We can look into adding support for that.
s

SK

04/30/2021, 5:42 PM
So talking about a situation where the system where Osquery/orbit is installed on resides behind a corporate internet proxy, so can only get to the internet through the proxy.
Probably the same way you can can configure the proxy in Osquery 
--proxy_hostname
z

zwass

04/30/2021, 7:54 PM
You could set the 
HTTP_PROXY
environment variable which the HTTP client in Orbit should respect. We can make finer grained control over that if necessary.
s

SK

05/03/2021, 3:59 PM
I'll test drive Orbit for a bit and let you know.
ty 1
2 Views
Powered by