From 337eb253be72a033d5a611716f354dad084a273a Mon Sep 17 00:00:00 2001 From: Visha Angelova Date: Wed, 25 Mar 2026 10:31:07 +0100 Subject: [PATCH 1/3] Add instructions for deploying Fleet Server behind load balancer --- .../fleet/add-fleet-server-on-prem.asciidoc | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc index 07240376a..ed2c9dbce 100644 --- a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc +++ b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc @@ -238,6 +238,36 @@ by going to: *Management* -> *{fleet}* -> *Settings*. From there you can: ** Specify the location from where agents should download binaries. ** Specify proxy URLs to use for {fleet-server} or {agent} outputs. +[discrete] +[[fleet-server-setup-using-a-load-balancer]] += {fleet-server} setup using a load balancer + +Follow these steps when deploying {fleet-server} behind a load balancer/reverse proxy: + +. Create a certificate that contains DNS entries for the agent-facing load balancer, +and the hostnames it routes to. For example, the load balancer `fleet.example.com` +will route to hostnames `fleet1.example.com` and `fleet2.example.com`. +. Configure the load balancer/reverse proxy. ++ +* Ensure the load balancer directs traffic to all {fleet-server} instances. +* Ensure that timeouts for the load balancer have been raised to support the +long-polling connections {agent}s create when checking in to {fleet-server}. ++ +By default, the timeout for long-poll in {fleet-server} is 5 minutes, while the +{fleet-server}'s write timeout and the {agent}'s request timeout are set to 10 +minutes. In this case, the load balancer timeout should be set to 10 minutes. ++ +* (Recommended) Configure the load balancer with TLS pass through. ++ +NOTE: Starting with {stack} version 8.19.13, you can use the {fleet-server} +`GET /api/status` API endpoint to determine instance health from the load balancer. ++ +. In *{fleet}* > *Settings*, add the load balancer (for example,`https://fleet.example.com:8220`) +as a {fleet-server} host. +. Install {fleet-server} on each backing host using the in-product instructions +which should specify the load balancer as the URL. +. Enroll other {agent} instances using the load balancer URL. + [discrete] [[add-fleet-server-on-prem-troubleshoot]] = Troubleshooting From fb9b127a86e896cf2f1984417d8d0ae04c08454d Mon Sep 17 00:00:00 2001 From: Visha Angelova <91186315+vishaangelova@users.noreply.github.com> Date: Thu, 26 Mar 2026 12:06:22 +0100 Subject: [PATCH 2/3] Apply suggestions from code review Co-authored-by: Visha Angelova <91186315+vishaangelova@users.noreply.github.com> --- .../ingest-management/fleet/add-fleet-server-on-prem.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc index ed2c9dbce..59ea86371 100644 --- a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc +++ b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc @@ -258,10 +258,10 @@ By default, the timeout for long-poll in {fleet-server} is 5 minutes, while the minutes. In this case, the load balancer timeout should be set to 10 minutes. + * (Recommended) Configure the load balancer with TLS pass through. -+ + NOTE: Starting with {stack} version 8.19.13, you can use the {fleet-server} `GET /api/status` API endpoint to determine instance health from the load balancer. -+ + . In *{fleet}* > *Settings*, add the load balancer (for example,`https://fleet.example.com:8220`) as a {fleet-server} host. . Install {fleet-server} on each backing host using the in-product instructions From 5e6e39968a515199a7c9361f389cf2acf4f20d9c Mon Sep 17 00:00:00 2001 From: Visha Angelova <91186315+vishaangelova@users.noreply.github.com> Date: Thu, 26 Mar 2026 12:45:34 +0100 Subject: [PATCH 3/3] Apply suggestion from @vishaangelova --- .../ingest-management/fleet/add-fleet-server-on-prem.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc index 59ea86371..ed2c9dbce 100644 --- a/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc +++ b/docs/en/ingest-management/fleet/add-fleet-server-on-prem.asciidoc @@ -258,10 +258,10 @@ By default, the timeout for long-poll in {fleet-server} is 5 minutes, while the minutes. In this case, the load balancer timeout should be set to 10 minutes. + * (Recommended) Configure the load balancer with TLS pass through. - ++ NOTE: Starting with {stack} version 8.19.13, you can use the {fleet-server} `GET /api/status` API endpoint to determine instance health from the load balancer. - ++ . In *{fleet}* > *Settings*, add the load balancer (for example,`https://fleet.example.com:8220`) as a {fleet-server} host. . Install {fleet-server} on each backing host using the in-product instructions