topic Re: SSO or Load Balancing for the 8089 Management Port in Security

SSO or Load Balancing for the 8089 Management Port

mikaelbje — Fri, 14 Aug 2015 06:22:08 GMT

Hi,

I have a Splunk Search Head Cluster set up with a F5 LTM load balancer in front. This is set up for the Splunk web interface, but would it make sense to do the same for the management port? I don't do any authentication on the F5 LTM.

I'm thinking it shouldn't be a problem as long a we're using sticky sessions and no authentication on the LTM since the 8089 Management Port doesn't honour the X-Remote-User header anyway so we'd have to log in never the less, but what would you suggest?

Use Load Balancing from the LTM to the 3 search heads' Management Ports
Direct requests to one of the search heads?

Re: SSO or Load Balancing for the 8089 Management Port

esix_splunk — Fri, 14 Aug 2015 06:31:34 GMT

This would make sense if you're doing a lot of API (REST) calls against the SHC. You can load balance that in the same manner you are doing web (8000 or 443.)

Re: SSO or Load Balancing for the 8089 Management Port

mikaelbje — Fri, 14 Aug 2015 07:02:12 GMT

So no pitfalls to be aware of? Nothing in small print stating that this shouldn't be done?