Fleet and Elastic Agent 8.0.0
editFleet and Elastic Agent 8.0.0
editReview important information about the Fleet and Elastic Agent 8.0.0 releases.
Breaking changes
editBreaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.
Fleet Server can no longer use username and password to authenticate with Elasticsearch
Details
Starting in 8.0, Elasticsearch has removed write access to system indices by the
superuser. Therefore, Fleet Server can no longer use a username and password
to authenticate with Elasticsearch. For more information, refer to
#29458.
Impact
If you run a self-managed Fleet Server that authenticates with Elasticsearch through a
username and password, you must update the configuration to use a Fleet Server
service token instead. For more information, see Add a Fleet Server.
IncludeCreatorMetadata removed from Kubernetes metadata config options
Details
The deprecated and undocumented IncludeCreatorMetadata setting has been
removed from the Kubernetes metadata config options. For more information, refer
to #28006.
Impact
This change is unlikely to impact existing users because the setting was never
documented. However, if your config uses this setting, you must remove it now.
Splits package policy upgrade endpoint for Fleet
Details
For package policy upgrades, the packagePolicy upgrade endpoint format
supports a mutative upgrade operation (when dryRun: false) and a read-only dry
run operation (when dryRun: true):
POST /package_policies/upgrade
{
packagePolicyIds: [...],
dryRun: false
}
For more information, refer to #118854.
Impact
The endpoint is now split into two separate endpoints:
POST /package_policies/upgrade
{
packagePolicyIds: [...]
}
POST /package_policies/upgrade/dry_run
{
packagePolicyIds: [...]
}
Deprecations
editDeprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates after you complete the upgrade.
- Fleet
Updates Fleet API to improve consistency
Details
The Fleet API has been updated to improve consistency:
- Hyphens are changed to underscores in some names.
-
The
pkgkeypath parameter in the packages endpoint is split. -
The
responseandlistproperties are renamed toitemsoritemin some responses.
For more information, refer to #119494.
Impact
When you upgrade to 8.0.0, use the following API changes:
-
Use
enrollment_api_keysinstead ofenrollment-api-keys. -
Use
agent_statusinstead ofagent-status. -
Use
service_tokensinstead ofservice-tokens. -
Use
/epm/packages/{packageName}/{version}instead of/epm/packages/{pkgkey}. -
Use
items[]instead ofresponse[]in:
For more information, refer to Fleet APIs.
New features
editThe 8.0.0 release adds the following new and notable features.
- Fleet
-
- Automatic configuration for trusting self-signed certificates generated by Elasticsearch 8.0+ for self-managed clusters. For more information, see Start the Elastic Stack with security enabled. #120549
- Elastic Agent
-
-
Add
--pprofflag toelastic-agent diagnosticscommand. Also add anelastic-agent pprofcommand to allow operators to gather pprof data from the Elastic Agent and the Beats running under it. #28798 -
Add
--fleet-server-es-ca-trusted-fingerprintflag to allow Elastic Agent and Fleet Server to work with Elasticsearch clusters using self-signed certs. #29128 -
Set
agent.idto the Fleet Agent ID in events published from inputs backed by Beats. #21121 #26394 #26548
-
Add