Deploy on Elastic Cloud
editDeploy on Elastic Cloud
editTo use Fleet for central management, a Fleet Server must be running and accessible to your hosts.
Fleet Server can be provisioned and hosted on Elastic Cloud. When the Cloud deployment is created, a highly available set of Fleet Servers is provisioned automatically.
This approach might be right for you if you want to reduce on-prem compute resources and you’d like Elastic to take care of provisioning and life cycle management of your deployment.
With this approach, multiple Fleet Servers are automatically provisioned to satisfy the chosen instance size (instance sizes are modified to satisfy the scale requirement). You can also choose the resources allocated to each Fleet Server and whether you want each Fleet Server to be deployed in multiple availability zones. If you choose multiple availability zones to address your fault-tolerance requirements, those instances are also utilized to balance the load.
This approach might not be right for you if you have restrictions on connectivity to the internet.
Compatibility and prerequisites
editFleet Server is compatible with the following Elastic products:
-
Elastic Stack 7.13 or later.
- For version compatibility, Elasticsearch must be at the same or a later version than Fleet Server, and Fleet Server needs to be at the same or a later version than Elastic Agent (not including patch releases).
- Kibana should be on the same minor version as Elasticsearch.
-
Elastic Cloud Enterprise 2.10 or later
-
Requires additional wildcard domains and certificates (which normally only
cover
*.cname
, not*.*.cname
). This enables us to provide the URL for Fleet Server ofhttps://.fleet.
. - The deployment template must contain an Integrations Server node.
For more information about hosting Fleet Server on Elastic Cloud Enterprise, refer to Manage your Integrations Server.
-
Requires additional wildcard domains and certificates (which normally only
cover
The TLS certificates used to secure connections between Elastic Agent and Fleet Server are managed by Elastic Cloud. You do not need to create a private key or generate certificates.
When Elasticsearch or Fleet Server are deployed, components communicate over well-defined, pre-allocated ports. You may need to allow access to these ports. See the following table for default port assignments:
Component communication | Default port |
---|---|
Elastic Agent → Fleet Server |
443 |
Elastic Agent → Elasticsearch |
443 |
Elastic Agent → Logstash |
5044 |
Elastic Agent → Kibana (Fleet) |
443 |
Fleet Server → Kibana (Fleet) |
443 |
Fleet Server → Elasticsearch |
443 |
If you do not specify the port for Elasticsearch as 443, the Elastic Agent defaults to 9200.
Setup
editTo confirm that an Integrations Server is available in your deployment:
- Open Fleet.
- On the Agent policies tab, look for the Elastic Cloud agent policy. This policy is managed by Elastic Cloud, and contains a Fleet Server integration and an Elastic APM integration. You cannot modify the policy. Confirm that the agent status is Healthy.
Don’t see the agent? Make sure your deployment includes an Integrations Server instance. This instance is required to use Fleet.
Next steps
editNow you’re ready to add Elastic Agents to your host systems. To learn how, see Install Fleet-managed Elastic Agents.