eSlider/flamingo-tech-test
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 11 Wiki Activity

Expose Fleet via port-forward on port 8585 instead of fleet.localhost
Helm Chart CI & Release / Lint Helm Chart (push) Failing after 30s
Details
Helm Chart CI & Release / Release Helm Chart (push) Has been skipped
Details

Browse Source 
- Add make port-forward target (default: https://0.0.0.0:8585)
- FLEET_PORT variable for custom port
- Update README with port-forward instructions

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Andrey
2026-02-19 19:40:02 +00:00
parent 3ff3a30838
commit 2ae7844ab2
2 changed files with 26 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Makefile
+10 -8
View File
@@ -4,8 +4,9 @@
RELEASE_NAME ?= fleetdm-stack RELEASE_NAME ?= fleetdm-stack
NAMESPACE ?= fleetdm NAMESPACE ?= fleetdm
CLUSTER_TYPE ?= kind CLUSTER_TYPE ?= kind
FLEET_PORT ?= 8585
.PHONY: cluster install uninstall deps verify clean .PHONY: cluster install uninstall deps verify clean port-forward
cluster: cluster:
@echo "Creating local Kubernetes cluster ($(CLUSTER_TYPE))..." @echo "Creating local Kubernetes cluster ($(CLUSTER_TYPE))..."
@@ -48,6 +49,11 @@ uninstall:
kubectl delete namespace $(NAMESPACE) --timeout=120s || true kubectl delete namespace $(NAMESPACE) --timeout=120s || true
@echo "Uninstall complete." @echo "Uninstall complete."
port-forward:
@echo "Forwarding Fleet UI to https://0.0.0.0:$(FLEET_PORT) ..."
@echo "Press Ctrl+C to stop."
kubectl port-forward --address 0.0.0.0 svc/fleetdm-stack-service $(FLEET_PORT):8080 -n $(NAMESPACE)
verify: verify:
@echo "Verifying FleetDM, MySQL, and Redis..." @echo "Verifying FleetDM, MySQL, and Redis..."
@echo "" @echo ""
@@ -58,15 +64,11 @@ verify:
kubectl get svc -n $(NAMESPACE) kubectl get svc -n $(NAMESPACE)
@echo "" @echo ""
@echo "=== Ingress ===" @echo "=== Ingress ==="
kubectl get ingress -n $(NAMESPACE) kubectl get ingress -n $(NAMESPACE) 2>/dev/null || echo " (no ingress)"
@echo "" @echo ""
@echo "Access Fleet UI:" @echo "Access Fleet UI:"
ifeq ($(CLUSTER_TYPE),kind) @echo " make port-forward # then open https://localhost:$(FLEET_PORT)"
@echo " Add to /etc/hosts: 127.0.0.1 fleet.localhost" @echo " (or change port: make port-forward FLEET_PORT=9090)"
@echo " Then: curl -H 'Host: fleet.localhost' http://localhost"
else
@echo " minikube tunnel (if needed) then: http://fleet.localhost (add to /etc/hosts)"
endif
clean: uninstall clean: uninstall
ifeq ($(CLUSTER_TYPE),kind) ifeq ($(CLUSTER_TYPE),kind)
README.md
+16 -19
View File
@@ -18,6 +18,9 @@ make install
# Verify deployment # Verify deployment
make verify make verify
# Access Fleet UI at https://localhost:8585
make port-forward
``` ```
## Installation ## Installation
@@ -49,23 +52,16 @@ This will:
### 3. Access Fleet UI ### 3. Access Fleet UI
**Kind:**
```bash ```bash
# Add to /etc/hosts (or equivalent) # Port-forward Fleet to https://localhost:8585
echo "127.0.0.1 fleet.localhost" | sudo tee -a /etc/hosts make port-forward
# Access via ingress (ensure ingress-nginx is ready) # Or use a custom port
curl -H "Host: fleet.localhost" http://localhost make port-forward FLEET_PORT=9090
# Or open http://localhost in a browser with Host: fleet.localhost
``` ```
**Minikube:** Open **https://localhost:8585** in your browser (accept the self-signed certificate).
Fleet setup wizard will guide you through initial configuration.
```bash
minikube tunnel
# Then add fleet.localhost to /etc/hosts pointing to minikube IP
```
## Teardown ## Teardown
@@ -87,7 +83,7 @@ Verification checklist:
| Component | Check | | Component | Check |
| ----------- | ----------------------------------------------------------------- | | ----------- | ----------------------------------------------------------------- |
| **FleetDM** | Pods running; ingress `fleet.localhost` serves Fleet UI | | **FleetDM** | Pods running; `make port-forward` → https://localhost:8585 |
| **MySQL** | `fleetdm-stack-mysql` service; Fleet connects and runs migrations | | **MySQL** | `fleetdm-stack-mysql` service; Fleet connects and runs migrations |
| **Redis** | `fleetdm-stack-redis-master` service; Fleet uses it for cache | | **Redis** | `fleetdm-stack-redis-master` service; Fleet uses it for cache |
@@ -129,17 +125,18 @@ For local development, the chart includes self-signed TLS certificates (generate
## FleetDM agent reachability ## FleetDM agent reachability
The chart exposes Fleet via ingress so: Fleet is exposed via port-forward (`make port-forward`) or ingress:
- **Fleet UI** is available at `http://fleet.localhost` - **Fleet UI** `https://localhost:8585` (via port-forward)
- **Agent endpoints** (`/api/v1/osquery/*`, `/api/fleet/orbit/*`, etc.) are reachable under the same host - **Agent endpoints** (`/api/v1/osquery/*`, `/api/fleet/orbit/*`) — same URL
- Ingress with `fleet.localhost` is also configured as a fallback
For production, configure TLS and ensure agents can reach the Fleet server hostname. For production, configure proper TLS and a stable DNS name for agents.
## Enhancements implemented ## Enhancements implemented
1. **Basic CI pipeline** — GitHub Actions releases new Helm chart versions (see [.github/workflows/release.yaml](.github/workflows/release.yaml)) 1. **Basic CI pipeline** — GitHub Actions releases new Helm chart versions (see [.github/workflows/release.yaml](.github/workflows/release.yaml))
2. **Exposed Fleet UI**Ingress with `fleet.localhost` for UI and agent enrollment 2. **Exposed Fleet UI**`make port-forward` on port 8585 (+ ingress `fleet.localhost`)
3. **`fleet prepare db`** — Handled by `autoApplySQLMigrations: true` in the Fleet Helm chart 3. **`fleet prepare db`** — Handled by `autoApplySQLMigrations: true` in the Fleet Helm chart
## Project Structure ## Project Structure