Deployment Architecture

Deployment with Ansible

callemang
Explorer

Hello! I am new to Splunk and am tasked with automating the deployment (many many indexers on bare metal). I noticed that are two projects on github and was wondering if someone could clarify some questions.

  1.  https://github.com/splunk/splunk-ansible
    1. This project seems thorough, but is it just made for the splunk-docker project?
    2. The playbooks only run against localhost, meaning I can only deploy one instance at a time. This doesn't make sense to me, as one of the purposes of Ansible is to run against many hosts at once.
  2. https://github.com/splunk/ansible-role-for-splunk
    1. This project isn't as built out, but seems like I can deploy multiple instances at once on bare metal. The question is; can I still deploy everything I'll need (indexers, sh, cluster master, etc).

I know that these are broad questions. I would just like some advice on what project to go with.

Much thanks,

Chris

Labels (4)
0 Karma
1 Solution

gjanders
SplunkTrust
SplunkTrust

There was a presentation about using ansible to automate your splunk build at conf2020. You can view the slides and video on the splunk conf link https://conf.splunk.com/watch/conf-online.html

 

I believe the talk was https://conf.splunk.com/watch/conf-online.html?search=Tru1504c#/

 

 

View solution in original post

0 Karma

masonmorales
Influencer

The name of the splunk-ansible project is a bit of misnomer. You are correct in that it was built solely for the purpose of deploying Splunk inside of Docker containers. ansible-role-for-splunk was built for managing non-Docker Splunk hosts. It also integrates with git for managing all of the apps, TAs, and configurations throughout your deployment and environments. 

callemang
Explorer

Thanks @masonmorales, I ended up using your ansible-role-for-splunk project for our deployment and made some changes for our needs. Much thanks!

callemang
Explorer

@gjanders , great resource! I watched it and learned about the ansible-role-for-splunk project. It seems that both ansible-role-for-splunk and splunk-ansible both have their features and drawbacks. I did, however find an example wrapper in splunk-ansible. I think I'm going to tailor that to work for Centos/RedHat.

Much thanks!!

0 Karma

masonmorales
Influencer

Hi @callemang  I am one of the maintainers of ansible-role-for-splunk. If there is functionality that you'd like to see that is currently missing, please submit an enhancement request on our project's GitHub issue tracker

0 Karma

AMCTRP
New Member

We are using AWX and looking at on-boarding the Splunk Ansible Role project code there.   Has anybody done this?  Any key insights to share?  Thanks.    

0 Karma

callemang
Explorer

There are two different projects we discussed, so I am not sure which you are referring to. 

I looked into both in detail and went with ansible-role-for-splunk (https://github.com/splunk/ansible-role-for-splunk) because splunk-ansible is made for containerized deployments. We have been using that project in Tower for about a year now for new builds, version control in git, and general maintenance. We love it.

 

The project queues off of host groups a lot, so you will need to organize your inventory based off of their recommendations. It's a good structure to keep you organized, though.

0 Karma

AMCTRP
New Member

Thank you for response.  

Can you tell me what versions of Python and Ansible you are using with Ansible Role for Splunk?   Thanks. 

0 Karma

gjanders
SplunkTrust
SplunkTrust

There was a presentation about using ansible to automate your splunk build at conf2020. You can view the slides and video on the splunk conf link https://conf.splunk.com/watch/conf-online.html

 

I believe the talk was https://conf.splunk.com/watch/conf-online.html?search=Tru1504c#/

 

 

0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...