diff --git a/extensions/fleet/Dockerfile b/extensions/fleet/Dockerfile
index 43fa698..0b5a691 100644
--- a/extensions/fleet/Dockerfile
+++ b/extensions/fleet/Dockerfile
@@ -1,3 +1,8 @@
 ARG ELASTIC_VERSION
 
 FROM docker.elastic.co/beats/elastic-agent:${ELASTIC_VERSION}
+
+# Ensure the 'state' directory exists and is owned by the 'elastic-agent' user,
+# otherwise mounting a named volume in that location creates a directory owned
+# by root:root which the 'elastic-agent' user isn't allowed to write to.
+RUN mkdir state
diff --git a/extensions/fleet/README.md b/extensions/fleet/README.md
index c74e7e0..8deedcc 100644
--- a/extensions/fleet/README.md
+++ b/extensions/fleet/README.md
@@ -33,7 +33,6 @@ management UI: [Fleet UI Settings][fleet-cfg].
 
 ## Known Issues
 
-- Every re-creation of the `fleet-server` container creates a duplicate agent in Fleet's central management.
 - Logs and metrics are only collected within the Fleet Server's container. Ultimately, we want to emulate the behaviour
   of the existing Metricsbeat and Filebeat extensions, and collect logs and metrics from all ELK containers
   out-of-the-box. Unfortunately, this kind of use-case isn't (yet) well supported by Fleet, and most advanced
diff --git a/extensions/fleet/fleet-compose.yml b/extensions/fleet/fleet-compose.yml
index 0c7b06e..588a1a6 100644
--- a/extensions/fleet/fleet-compose.yml
+++ b/extensions/fleet/fleet-compose.yml
@@ -6,6 +6,8 @@ services:
       context: extensions/fleet/
       args:
         ELASTIC_VERSION: ${ELASTIC_VERSION}
+    volumes:
+      - fleet-server:/usr/share/elastic-agent/state:z
     environment:
       FLEET_SERVER_ENABLE: '1'
       FLEET_SERVER_INSECURE_HTTP: 'true'
@@ -28,3 +30,6 @@ services:
     depends_on:
       - elasticsearch
       - kibana
+
+volumes:
+  fleet-server: