https://github.com/osquery/osquery logo
Powered by
#fleet
Title
a

arod

04/07/2021, 1:55 PM
Hey folks. I am doing the docker install using a 
docker-compose.yml
file Here is the fleet section. I have mysql and redis as well. Could really use some help in our current setup. THREADING so I don't clog up the channel
This is my docker-compose. mysql and redis are here as well.
Copy code
fleet:
    image: fleetdm/fleet:3.9.0
    hostname: fleet
    container_name: fleet
    restart: always
    command: sh -c "echo '\n' | /usr/bin/fleet prepare db --config=/etc/kolide.yml && /usr/bin/fleet serve --config=/etc/kolide.yml"
    depends_on:
      - mysql
      - redis
    volumes:
      - ./production_cluster/fleet-configs/kolide.yml:/etc/kolide.yml
      - ./production_cluster/fleet-configs/cert.pem:/certs/cert.pem
      - ./production_cluster/fleet-configs/key.pem:/certs/key.pem
    expose:
      - "8412"
    ports:
      - "${FLEET_PORT}:8080"
    networks:
      - fleet-net
I am using a kolide.yml file with data already My issue is this:
Once I run the initial:
Copy code
./fleetctl config set --address "<https://localhost>:$FLEET_PORT" --tls-skip-verify --config "production_cluster/fleet-configs/kolide.yml"
  echo "running fleetctl setup"
It replaces the 
kolide.yml
completely.
This is the template I am giving to the container:
Copy code
mysql:
  address: mysql:3306
  database: fleet
  username: fleet
  password: MYSQL_FLEET_PASSWORD
redis:
  address: redis:6379
server:
  address: 0.0.0.0:8080
  tls: true
  cert: /certs/cert.pem
  key: /certs/key.pem
auth:
  jwt_key: FLEET_JWT_KEY
filesystem:
  status_log_file: /var/log/osquery/status.log
  result_log_file: /var/log/osquery/result.log
  enable_log_rotation: true
logging:
  json: true
This is what my kolide.yml after the config set command
Copy code
contexts:
  default:
    address: <https://localhost:8999>
    email: sea@sea.test
    rootca: ""
    tls-skip-verify: true
    token: <TOKEN HERE>
    url-prefix: ""
Is this expected? I don't want to blast my config away. Once it does and I restart the containers, fleet doesn't come up because of the following (output from `docker logs fleet`:
Copy code
Using config file:  /etc/kolide.yml
Error creating db connection: dial tcp 127.0.0.1:3306: connect: connection refused
Using config file:  /etc/kolide.yml
Which makes sense because the DB config piece is gone. I'm curious on why? Is this expected?
@Noah Talerman Would love some help with this so I can sleep! 😞 Thanks folks!
I guess I need to understand these commands better? Can't find in the docs 
command: sh -c "echo '\n' | /usr/bin/fleet prepare db --config=/tmp/kolide.yml && /usr/bin/fleet serve --config=/tmp/kolide.yml"
z

zwass

04/07/2021, 3:19 PM
The config for 
fleetctl
and for the Fleet server are separate. Looks like you are overriding the server config with the one from 
fleetctl
.
a

arod

04/07/2021, 3:47 PM
mind blown 🤯 @zwass Omg.
Thanks a lot! So I basically need to use a different config file for 
fleetctl
entirely. Doesn't even need to be on the container.
z

zwass

04/07/2021, 3:53 PM
Correct. Think of 
fleetctl
as another client for the Fleet server. Like the web UI but it's a CLI.
1
a

arod

04/07/2021, 6:56 PM
Thanks so much! Fixed everything. @zwass
z

zwass

04/07/2021, 6:56 PM
Nice! Enjoy 🙂
15 Views
Powered by