Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Deployment with Ansible

callemang
Explorer
‎12-22-2020 11:23 AM

Hello! I am new to Splunk and am tasked with automating the deployment (many many indexers on bare metal). I noticed that are two projects on github and was wondering if someone could clarify some questions.

  1.  https://github.com/splunk/splunk-ansible
    1. This project seems thorough, but is it just made for the splunk-docker project?
    2. The playbooks only run against localhost, meaning I can only deploy one instance at a time. This doesn't make sense to me, as one of the purposes of Ansible is to run against many hosts at once.
  2. https://github.com/splunk/ansible-role-for-splunk
    1. This project isn't as built out, but seems like I can deploy multiple instances at once on bare metal. The question is; can I still deploy everything I'll need (indexers, sh, cluster master, etc).

I know that these are broad questions. I would just like some advice on what project to go with.

Much thanks,

Chris

Labels (4)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎12-30-2020 12:44 AM

There was a presentation about using ansible to automate your splunk build at conf2020. You can view the slides and video on the splunk conf link https://conf.splunk.com/watch/conf-online.html

 

I believe the talk was https://conf.splunk.com/watch/conf-online.html?search=Tru1504c#/

 

 

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

View solution in original post

0 Karma
Reply
Solved! Jump to solution

masonmorales
Influencer
‎02-05-2021 04:15 PM

The name of the splunk-ansible project is a bit of misnomer. You are correct in that it was built solely for the purpose of deploying Splunk inside of Docker containers. ansible-role-for-splunk was built for managing non-Docker Splunk hosts. It also integrates with git for managing all of the apps, TAs, and configurations throughout your deployment and environments. 

Reply
Solved! Jump to solution

callemang
Explorer
‎02-08-2021 10:44 AM

Thanks @masonmorales, I ended up using your ansible-role-for-splunk project for our deployment and made some changes for our needs. Much thanks!

Reply
Solved! Jump to solution

callemang
Explorer
‎12-30-2020 12:23 PM

@gjanders , great resource! I watched it and learned about the ansible-role-for-splunk project. It seems that both ansible-role-for-splunk and splunk-ansible both have their features and drawbacks. I did, however find an example wrapper in splunk-ansible. I think I'm going to tailor that to work for Centos/RedHat.

Much thanks!!

0 Karma
Reply
Solved! Jump to solution

masonmorales
Influencer
‎02-05-2021 04:11 PM

Hi @callemang  I am one of the maintainers of ansible-role-for-splunk. If there is functionality that you'd like to see that is currently missing, please submit an enhancement request on our project's GitHub issue tracker

0 Karma
Reply
Solved! Jump to solution

AMCTRP
New Member
‎11-02-2021 01:21 PM

We are using AWX and looking at on-boarding the Splunk Ansible Role project code there.   Has anybody done this?  Any key insights to share?  Thanks.    

0 Karma
Reply
Solved! Jump to solution

callemang
Explorer
‎11-04-2021 05:54 AM

There are two different projects we discussed, so I am not sure which you are referring to. 

I looked into both in detail and went with ansible-role-for-splunk (https://github.com/splunk/ansible-role-for-splunk) because splunk-ansible is made for containerized deployments. We have been using that project in Tower for about a year now for new builds, version control in git, and general maintenance. We love it.

 

The project queues off of host groups a lot, so you will need to organize your inventory based off of their recommendations. It's a good structure to keep you organized, though.

0 Karma
Reply
Solved! Jump to solution

AMCTRP
New Member
‎11-04-2021 05:21 PM

Thank you for response.  

Can you tell me what versions of Python and Ansible you are using with Ansible Role for Splunk?   Thanks. 

0 Karma
Reply
Solved! Jump to solution
Solution

gjanders
SplunkTrust
SplunkTrust
‎12-30-2020 12:44 AM

There was a presentation about using ansible to automate your splunk build at conf2020. You can view the slides and video on the splunk conf link https://conf.splunk.com/watch/conf-online.html

 

I believe the talk was https://conf.splunk.com/watch/conf-online.html?search=Tru1504c#/

 

 

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...