Hello team
I am facing issue in setting up cloud like architecture using docker-splunk
I am following this page: https://github.com/splunk/docker-splunk/blob/develop/docs/advanced/DISTRIBUTED_TOPOLOGY.md
And I am getting error in starting SH and CM containers
getting below error on sh1
fatal: [localhost]: FAILED! => {
"attempts": 60,
"changed": false,
"cmd": [
"/opt/splunk/bin/splunk",
"init",
"shcluster-config",
"-auth",
"admin:Abc@1234",
"-mgmt_uri",
"https://sh1:8089",
"-replication_port",
"9887",
"-replication_factor",
"2",
"-conf_deploy_fetch_url",
"https://dep1:8089",
"-secret",
"",
"-shcluster_label",
"shc_label"
],
"delta": "0:00:00.593771",
"end": "2023-12-06 07:05:46.787788",
"rc": 22,
"start": "2023-12-06 07:05:46.194017"
}
STDERR:
WARNING: Server Certificate Hostname Validation is disabled. Please see server.conf/[sslConfig]/cliVerifyServerName for details.
Required parameter secret does not have a value.
And error on starting cm1 container
fatal: [localhost]: FAILED! => {
2023-12-07 11:02:09 "attempts": 5,
2023-12-07 11:02:09 "changed": false,
2023-12-07 11:02:09 "cmd": [
2023-12-07 10:59:48 core/2.11/user_guide/become.html#risks-of-becoming-an-unprivileged-user
2023-12-07 10:59:49 [WARNING]: Using world-readable permissions for temporary files Ansible needs
2023-12-07 10:59:49 to create when becoming an unprivileged user. This may be insecure. For
2023-12-07 10:59:49 information on securing this, see https://docs.ansible.com/ansible-
2023-12-07 10:59:49 core/2.11/user_guide/become.html#risks-of-becoming-an-unprivileged-user
2023-12-07 10:59:49 [WARNING]: Using world-readable permissions for temporary files Ansible needs
2023-12-07 10:59:49 to create when becoming an unprivileged user. This may be insecure. For
2023-12-07 10:59:49 information on securing this, see https://docs.ansible.com/ansible-
2023-12-07 10:59:49 core/2.11/user_guide/become.html#risks-of-becoming-an-unprivileged-user
2023-12-07 10:59:49 [WARNING]: Using world-readable permissions for temporary files Ansible needs
2023-12-07 10:59:49 to create when becoming an unprivileged user. This may be insecure. For
2023-12-07 10:59:49 information on securing this, see https://docs.ansible.com/ansible-
2023-12-07 10:59:49 core/2.11/user_guide/become.html#risks-of-becoming-an-unprivileged-user
2023-12-07 11:02:09 "/opt/splunk/bin/splunk",
2023-12-07 11:02:09 "start",
2023-12-07 11:02:09 "--accept-license",
2023-12-07 11:02:09 "--answer-yes",
2023-12-07 11:02:09 "--no-prompt"
2023-12-07 11:02:09 ],
2023-12-07 11:02:09 "delta": "0:00:15.870844",
2023-12-07 11:02:09 "end": "2023-12-07 05:32:09.015177",
2023-12-07 11:02:09 "rc": 1,
2023-12-07 11:02:09 "start": "2023-12-07 05:31:53.144333"
2023-12-07 11:02:09 }
2023-12-07 11:02:09
2023-12-07 11:02:09 STDOUT:
2023-12-07 11:02:09
2023-12-07 11:02:09
2023-12-07 11:02:09 Splunk> Take the sh out of IT.
2023-12-07 11:02:09
2023-12-07 11:02:09 Checking prerequisites...
2023-12-07 11:02:09 Checking http port [8000]: open
2023-12-07 11:02:09 Checking mgmt port [8089]: open
2023-12-07 11:02:09 Checking appserver port [127.0.0.1:8065]: open
2023-12-07 11:02:09 Checking kvstore port [8191]: open
2023-12-07 11:02:09 Checking configuration... Done.
2023-12-07 11:02:09 Checking critical directories... Done
2023-12-07 11:02:09 Checking indexes...
2023-12-07 11:02:09 Validated: _audit _configtracker _internal _introspection _metrics _metrics_rollup _telemetry _thefishbucket history main summary
2023-12-07 11:02:09 Done
2023-12-07 11:02:09 Checking filesystem compatibility... Done
2023-12-07 11:02:09 Checking conf files for problems...
2023-12-07 11:02:09 Done
2023-12-07 11:02:09 Checking default conf files for edits...
2023-12-07 11:02:09 Validating installed files against hashes from '/opt/splunk/splunk-9.1.2-b6b9c8185839-linux-2.6-x86_64-manifest'
2023-12-07 11:02:09 All installed files intact.
2023-12-07 11:02:09 Done
2023-12-07 11:02:09 All preliminary checks passed.
2023-12-07 11:02:09
2023-12-07 11:02:09 Starting splunk server daemon (splunkd)...
2023-12-07 11:02:09 Done
2023-12-07 11:02:09
2023-12-07 11:02:09
2023-12-07 11:02:09 Waiting for web server at http://127.0.0.1:8000 to be available............
2023-12-07 11:02:09
2023-12-07 11:02:09 WARNING: web interface does not seem to be available!
2023-12-07 11:02:09
2023-12-07 11:02:09
2023-12-07 11:02:09 STDERR:
2023-12-07 11:02:09
2023-12-07 11:02:09 PYTHONHTTPSVERIFY is set to 0 in splunk-launch.conf disabling certificate validation for the httplib and urllib libraries shipped with the embedded Python interpreter; must be set to "1" for increased security
2023-12-07 11:02:09
2023-12-07 11:02:09
2023-12-07 11:02:09 MSG:
2023-12-07 11:02:09
2023-12-07 11:02:09 non-zero return code
2023-12-07 11:02:09
2023-12-07 11:02:09 PLAY RECAP *********************************************************************
2023-12-07 11:02:09 localhost : ok=60 changed=2 unreachable=0 failed=1 skipped=48 rescued=0 ignored=0
2023-12-07 11:02:09
I am using this yaml file
version: "3.6"
networks:
splunknet:
driver: bridge
attachable: true
services:
sh1:
networks:
splunknet:
aliases:
- sh1
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: sh1
container_name: sh1
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_search_head_captain
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI=/tmp/defaults/splunk_license_expire_on_January_02_2024.License
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
sh2:
networks:
splunknet:
aliases:
- sh2
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: sh2
container_name: sh2
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_search_head
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI=/tmp/defaults/splunk_license_expire_on_January_02_2024.License
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
sh3:
networks:
splunknet:
aliases:
- sh3
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: sh3
container_name: sh3
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_search_head
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI=/tmp/defaults/splunk_license_expire_on_January_02_2024.License
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
dep1:
networks:
splunknet:
aliases:
- dep1
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: dep1
container_name: dep1
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_deployer
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
cm1:
networks:
splunknet:
aliases:
- cm1
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: cm1
container_name: cm1
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_cluster_master
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
idx1:
networks:
splunknet:
aliases:
- idx1
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: idx1
container_name: idx1
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_indexer
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
idx2:
networks:
splunknet:
aliases:
- idx2
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: idx2
container_name: idx2
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_indexer
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
idx3:
networks:
splunknet:
aliases:
- idx3
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: idx3
container_name: idx3
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_indexer
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
idx4:
networks:
splunknet:
aliases:
- idx4
image: ${SPLUNK_IMAGE:-splunk/splunk:latest}
hostname: idx4
container_name: idx4
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_INDEXER_URL=idx1,idx2,idx3,idx4
- SPLUNK_SEARCH_HEAD_URL=sh2,sh3
- SPLUNK_SEARCH_HEAD_CAPTAIN_URL=sh1
- SPLUNK_CLUSTER_MASTER_URL=cm1
- SPLUNK_ROLE=splunk_indexer
- SPLUNK_DEPLOYER_URL=dep1
- SPLUNK_PASSWORD=Abc@1234
- SPLUNK_LICENSE_URI
- SPLUNK_APPS_URL
- DEBUG=true
ports:
- 8000
- 8089
volumes:
- ./defaults:/tmp/defaults
Can someone help me resolve this?