Hello everybody! I am just looking for a confirmation here: we have reinstalled our Fleet server on an existing infrastructure so, apart from reconfiguring admin user, email, etc., we also got a new enroll key. However we would like to migrate the hosts that were previously enrolled with the old enroll key since the number is considerable and making a new onboarding will take quite some effort. How do you recommend me to approach this? 1. Adding the old enroll secret and use that as a

multiple

enroll secret keeping the new one 2. Trying to rotate the new enroll secret for the old enroll secret (if this is even making sense https://fleetdm.com/docs/deploying/faq#how-can-enroll-secrets-be-rotated) 3. Replace the new enroll key with the old enroll key (I have tried to find an equivalent of

kubectl replace

or piping the file content to

kubectl apply -f -

, but I did not find a command to replace an

entire

config) Any other advice on how to make it happen without changing the config at host level?

Hey @Alessandro! If you've got a config file with your enroll secrets, you can apply that to your new fleet server using `fleetctl apply`: https://fleetdm.com/docs/using-fleet/configuration-files#enroll-secrets Your still need to point your hosts to the new Fleet instance though.

Hey @Kathy Satterlee. Thanks for the feedback. It looks like the issue is a bit bigger than just the enroll secret, but this is definitely what I have done! Thanks a lot again for the answer!