-
-
Save marcusschiesser/1002ae9c90be16afb1e216df593c8392 to your computer and use it in GitHub Desktop.
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: splunk-configurator | |
spec: | |
selector: | |
matchLabels: | |
app.kubernetes.io/name: splunk-configurator | |
replicas: 1 | |
template: | |
metadata: | |
labels: | |
app.kubernetes.io/name: splunk-configurator | |
spec: | |
containers: | |
- name: splunk-configurator | |
image: splunk/splunk:8.2.8 | |
command: ["sudo", "-E", "/bin/sh", "-c"] | |
env: | |
- name: URI | |
value: "https://splunk-my-server-standalone-service:8089" | |
args: | |
- SPLUNK_START_ARGS=--accept-license SPLUNK_PASSWORD=changeme /sbin/entrypoint.sh start-and-exit; | |
while true; | |
do CRED=admin:$(cat /mnt/splunk-secrets/password); | |
/opt/splunk/bin/splunk add user rest -password test -role rest -auth ${CRED} -uri ${URI}; | |
sleep 60; | |
done; | |
volumeMounts: | |
- mountPath: /mnt/splunk-secrets | |
name: mnt-splunk-secrets | |
volumes: | |
- name: mnt-splunk-secrets | |
secret: | |
secretName: splunk-default-secret |
I am looking at adding users to my SHC. How does this container help me target it to containers running as SHC and not to a CM or LM or Indexers.
@raghukumarc hope that helps:
- It's running in a loop as a) that way you don't have to wait for the instance to be up and b) re-adding the same user is a no-op
- Yes the configurator is connecting to a remote Splunk instance, here
https://splunk-my-server-standalone-service:8089
- The example is using a standalone instance, but should work for any Splunk instance, you just might need to adjust the credentials (here
CRED=admin:$(cat /mnt/splunk-secrets/password)
)
Thank you, much appreciated. Please correct me if I am wrong. So, to add a new user to any of the Splunk instances; you run the kubectl exec
command and connect to the splunk-configurator
container and run the below command:
`/opt/splunk/bin/splunk add user -password -role -auth ${CRED} -uri ;
The can be any Splunk instance like SH, CM, MC etc.
@raghukumarc yes, you could also connect and run commands manually, but the idea is that you don't have to do this. Your configuration (here your add user
commands) should be in this splunk-configurator.yaml
- then the splunk-configurator
container will run your configuration commands periodically to ensure the configuration. The advantage is that by doing it this way you can keep your configuration in your Git repo. If you need help with that, you can contact my company (https://schiesser-it.com/)
Now I understand. I will get in touch with you in case we need any professional help. Thank you, @marcusschiesser.
@marcusschiesser can you explain why is it in a continuous loop. Is it to keep the container running?
And then to add users, you remotely connect to this container and execute the command for specific users; is this how it works?