From c671143c97e2217b3a0509d1dc966fb1a10e5f41 Mon Sep 17 00:00:00 2001 From: Katheryn Satterlee Date: Wed, 13 Sep 2023 14:21:13 -0700 Subject: [PATCH] Add docs for experimental feature (#13534) Added documentation for experimental Orbit feature to silence errors related to enrollment for #13071 # Checklist for submitter Docs-only change --------- Co-authored-by: Luke Heath Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com> Co-authored-by: Rachael Shaw --- docs/Using Fleet/fleetd.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/Using Fleet/fleetd.md b/docs/Using Fleet/fleetd.md index 8d985557f9..372f729d5e 100644 --- a/docs/Using Fleet/fleetd.md +++ b/docs/Using Fleet/fleetd.md @@ -345,9 +345,25 @@ go run github.com/fleetdm/fleet/v4/orbit/cmd/orbit \ ##### Generate installer packages from Orbit source The `fleetctl package` command generates installers by fetching the targets/executables from a [TUF](https://theupdateframework.io/) repository. -To generate an installer that contains an Orbit built from source, you need to setup a local TUF repository. +To generate an installer that contains an Orbit built from source, you need to set up a local TUF repository. The following document explains how you can generate a TUF repository and installers that use it: [tools/tuf/test](https://github.com/fleetdm/fleet/tree/main/tools/tuf/test/README.md). +##### Experimental Features + +> Any features listed here are not recommended for use in production environments + +**Using `fleetd` without enrolling Orbit** + +*Only available in fleetd v1.15.1 on Linux and macOS* + +It is possible to generate a fleetd package that does not connect to Fleet by omitting the `--fleet-url` and `--enroll-secret` flags when building a package. + +This can be useful in situations where you would like to test using `fleetd` to manage osquery updates while still managing osquery command-line flags and extensions locally +but can result in a large volume of error logs. In fleetd v1.15.1, we added an experimental feature to reduce log chatter in this scenario. + +Applying the environmental variable `"FLEETD_SILENCE_ENROLL_ERROR"=1` on a host will silence fleetd enrollment errors if a `--fleet-url` is not present. +This variable is read at launch and will require a restart of the Orbit service if it is not set before installing `fleetd` v1.15.1. + #### Troubleshooting ##### Logs @@ -359,7 +375,6 @@ These are the log destinations for each platform: - Windows: `C:\Windows\system32\config\systemprofile\AppData\Local\FleetDM\Orbit\Logs\orbit-osquery.log` (the log file is rotated). Users will need administrative permissions on the host to access these log destinations. - #### Uninstall ##### Windows