Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Cluster Master unable to send bundles to slave-apps directory on cluster peers

katelynengel
Explorer
‎08-20-2013 01:16 PM

The cluster master and cluster peers are fully set up and were successfully communicating. After upgrading all instances to 5.0.4, the cluster master is no longer able to successfully move configuration in cluster-apps on the cluster master to slave-apps on the cluster peers.

Receive the following errors in splunkd.log:

08-20-2013 13:35:43.529 -0400 ERROR CMSlave - Failed to move bundle to slave-apps
host=splunk-indexer6 Options| sourcetype=splunkd Options| source=/opt/splunk/var/log/splunk/splunkd.log

08-20-2013 13:35:43.528 -0400 ERROR CMSlave - Could not move /opt/splunk/var/run/splunk/cluster/remote-bundle/72329e457bf34d9351eb50a4dec40a85-1377020099/apps/_cluster to /opt/splunk/etc/slave-apps/_cluster

Tags (2)
0 Karma
Reply

icssupport
New Member
‎10-18-2013 05:09 AM

We already checked the permissions settings. We have another problem. But we are in contact with splunk support ...

0 Karma
Reply

icssupport
New Member
‎08-04-2014 12:32 AM

In our case:
Our directory $SPLUNK_HOME/var was located on another partition than $SPLUNK_HOME/etc and was referenced by a symlink.
Splunk was not able to move the bundle directory from one partition to another (/opt/splunk/var/run/splunk/cluster/remote-bundle/72329e457bf34d9351eb50a4dec40a85-1377020099/apps/_cluster to /opt/splunk/etc/slave-apps/_cluster).
Splunk considered this behaviour as a bug in 5.0.4 and planned to fix it.

0 Karma
Reply

davidpaper
Contributor
‎08-02-2014 07:21 PM

What was the solution?

0 Karma
Reply

mahamed_splunk
Splunk Employee
Splunk Employee
‎10-17-2013 01:03 PM

ICSSupport, Are you getting the same error message? It means that the directory _cluster has restricted permission. Could you check the permission settings of that directory?

0 Karma
Reply

icssupport
New Member
‎10-17-2013 05:44 AM

May I ask if this has already been solved and if yes, what was the solution?

0 Karma
Reply

mahamed_splunk
Splunk Employee
Splunk Employee
‎09-17-2013 04:57 PM

Could you check the permission on the _cluster directory?

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...