Fleet and Elastic Agent 8.0.0
editFleet and Elastic Agent 8.0.0
editReview important information about the Fleet and Elastic Agent 8.0.0 releases.
Breaking changes
editBreaking changes can prevent your application from optimal operation and performance. Before you upgrade, review the breaking changes, then mitigate the impact to your application.
Fleet Server can no longer use username and password to authenticate with Elasticsearch
Details
Starting in 8.0, Elasticsearch has removed write access to system indices by the
superuser. Therefore, Fleet Server can no longer use a username and password
to authenticate with Elasticsearch. For more information, refer to
#29458.
Impact
If you run a self-managed Fleet Server that authenticates with Elasticsearch through a
username and password, you must update the configuration to use a Fleet Server
service token instead. For more information, see Add a Fleet Server.
IncludeCreatorMetadata
removed from Kubernetes metadata config options
Details
The deprecated and undocumented IncludeCreatorMetadata
setting has been
removed from the Kubernetes metadata config options. For more information, refer
to #28006.
Impact
This change is unlikely to impact existing users because the setting was never
documented. However, if your config uses this setting, you must remove it now.
Splits package policy upgrade
endpoint for Fleet
Details
For package policy upgrades, the packagePolicy upgrade
endpoint format
supports a mutative upgrade operation (when dryRun: false
) and a read-only dry
run operation (when dryRun: true
):
POST /package_policies/upgrade { packagePolicyIds: [...], dryRun: false }
For more information, refer to #118854.
Impact
The endpoint is now split into two separate endpoints:
POST /package_policies/upgrade { packagePolicyIds: [...] } POST /package_policies/upgrade/dry_run { packagePolicyIds: [...] }
Deprecations
editDeprecated functionality does not have an immediate impact on your application, but we strongly recommend you make the necessary updates after you complete the upgrade.
- Fleet
Updates Fleet API to improve consistency
Details
The Fleet API has been updated to improve consistency:
- Hyphens are changed to underscores in some names.
-
The
pkgkey
path parameter in the packages endpoint is split. -
The
response
andlist
properties are renamed toitems
oritem
in some responses.
For more information, refer to #119494.
Impact
When you upgrade to 8.0.0, use the following API changes:
-
Use
enrollment_api_keys
instead ofenrollment-api-keys
. -
Use
agent_status
instead ofagent-status
. -
Use
service_tokens
instead ofservice-tokens
. -
Use
/epm/packages/{packageName}/{version}
instead of/epm/packages/{pkgkey}
. -
Use
items[]
instead ofresponse[]
in:
For more information, refer to Fleet APIs.
New features
editThe 8.0.0 release adds the following new and notable features.
- Fleet
-
- Automatic configuration for trusting self-signed certificates generated by Elasticsearch 8.0+ for self-managed clusters. For more information, see Start the Elastic Stack with security enabled. #120549
- Elastic Agent
-
-
Add
--pprof
flag toelastic-agent diagnostics
command. Also add anelastic-agent pprof
command to allow operators to gather pprof data from the Elastic Agent and the Beats running under it. #28798 -
Add
--fleet-server-es-ca-trusted-fingerprint
flag to allow Elastic Agent and Fleet Server to work with Elasticsearch clusters using self-signed certs. #29128 -
Set
agent.id
to the Fleet Agent ID in events published from inputs backed by Beats. #21121 #26394 #26548
-
Add