[Fleet] Support for remote ES output

[juliaElastic]

Summary

Resolves #104986

Opening up for review, the feature flag is off for now, and the TODO items can come in follow up prs.

TODO:

• make service_token a secret field in output - depends on [Fleet] Output secrets storage #157458
• should link to remote elasticsearch docs in UI - depends on Document sending monitoring data to a remote Elasticsearch cluster ingest-docs#530
• remote es connection check and report on UI - depends on fleet-server to report unhealthy status if can't access the remote ES cluster
• enable feature flag when feature is ready

Added Remote ES output type, support to generate service token for fleet-server-remote account, support to create and edit remote es output.
Added validation to disallow making remote ES output as default for integration data.

How to test locally?

Enable feature flag by adding this to kibana.dev.yml:

xpack.fleet.enableExperimental: ['remoteESOutput']

See e2e test instructions here: elastic/fleet-server#3051

Generate service token

Create remote service token API:

POST kbn:/api/fleet/service_tokens
{
  "remote": true
}

// kibana logs out
[2023-10-19T16:22:05.776+02:00][DEBUG][plugins.fleet] Creating service token for account elastic/fleet-server-remote

Add/Edit output flyout:

Add output flyout:

Edd output flyout:

Remote ES output not allowed to be set as integrations data output in agent policies, only as monitoring output:

Example API call to create/update output:

POST kbn:/api/fleet/outputs
{"name":"remote1","type":"remote-elasticsearch","hosts":["http://localhost:9200"],"is_default":false,"is_default_monitoring":false,"config_yaml":"","service_token":"token1","proxy_id":null}

PUT kbn:/api/fleet/outputs/39168010-6db8-11ee-9bf3-ed5492034535
{"name":"remote2","type":"remote-elasticsearch","hosts":["http://localhost:9200"],"is_default":false,"is_default_monitoring":false,"config_yaml":"","service_token":"token2","proxy_id":null}

Checklist

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Unit or functional tests were updated or added to match the most common scenarios

[apmmachine]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
• /oblt-deploy-serverless : Deploy a serverless Kibana instance using the Observability test environments.
• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

[juliaElastic]

moved out and renamed this component to GenerateServiceTokenComponent to reuse in generating remote token

[juliaElastic]

At the end I haven't used this component somewhere else, but I think the refactor can be left in.

[juliaElastic]

moved this to its own hook, useCheckPermissions

[juliaElastic]

hiding the proxy for remote ES output

[juliaElastic]

remote ES can't be used as integrations data output:

4. Do not allow remote elasticsearch output to be selected as integrations data output (should not be shown in dropdown)

[juliaElastic]

I found output_permissions are needed for remote-elasticsearch output, though it was not mentioned in the definition.

[elasticmachine]

Pinging @elastic/fleet (Team:Fleet)

[pgayvallet]

LGTM

[nchaulet]

nit: I personally found the query parameter for POST request confusing and not consistent with our other endpoints, should we move this to a body parameter?

[juliaElastic]

done, also replaced the callout

[nchaulet]

Thanks for your changes, I just tested the UI locally and works as expected 🚀

[nchaulet]

@juliaElastic looks like it break normal service tokens creation probably should be wrapped in a maybe

{
    "error": "Bad Request",
    "message": "[request body]: expected a plain object value, but found [null] instead.",
    "statusCode": 400
}

[juliaElastic]

Unfortunately maybe didn't work, I tried a few more combinations (nullable, oneOf, literal) but no luck. At the end I could solve it with a custom validator function.

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: fcaa3e8

Failed CI Steps

• FTR Configs #68
• Defend Workflows Cypress Tests on Serverless #6

Test Failures

• [job] [logs] FTR Configs #68 / core plugins application using ScopedHistory.block "before each" hook for "allows navigation if user click confirm on the confirmation dialog"

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
fleet	941	944	+3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
fleet	1.2MB	1.2MB	+3.4KB

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id	before	after	diff
fleet	44	45	+1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
fleet	148.3KB	149.3KB	+1.0KB

History

• 💔 Build #171929 failed 813846d
• 💔 Build #171890 failed 54c3900
• 💛 Build #171137 was flaky d9257fb
• 💔 Build #171093 failed 43c864c
• 💛 Build #170799 was flaky bc2e10b

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @juliaElastic