All Apps and Add-ons

config-map kubernetes mount

mastoras
Explorer

Hello team,
I am running splunk in our kubernetes cluster and until now I was configuring only via the api and it works great.

I currently would like to change the email settings and not to do it via the api but by mounting a config-map and creating alert_actions.conf under /opt/splunk/etc/system/local

But the pod will keep crashing:
chown: changing ownership of ‘/opt/splunk/etc/system/local/’: Read-only file system

Any ideas about it please?

mattymo
Splunk Employee
Splunk Employee

i suggest you check out our docker images (which use ansible for orchestration playbooks) and kubernetes operator! They contain app logic to allow you to upload splunk config via apps, rather than configmaps, which can get sketchy with permissions.

https://github.com/splunk/splunk-operator/blob/master/docs/Examples.md#installing-splunk-apps

https://github.com/splunk/docker-splunk/blob/develop/docs/advanced/APP_INSTALL.md

- MattyMo
0 Karma
Get Updates on the Splunk Community!

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...

Explore the Latest Educational Offerings from Splunk [January 2025 Updates]

At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...