Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Does target-broker:deploymentServer in deploymentclient.conf require the port to be specified?

chris94089
Path Finder
‎09-17-2020 01:15 PM

If so, can this be turned off somewhere?  I'm using ingress for kubernetes and all it wants is a FQDN, no need to specify the port.  But if I use https://mydomain.com, the client never phones home.  Meanwhile, in K8s, if I try to use https://mydoman.com:8089, it just won't work.

I'll go ahead and copy/paste the stanza from splunk docs here:

 

[target-broker:deploymentServer]

targetUri= <uri>
* URI of the deployment server.
* An example of <uri>: <scheme>://<deploymentServer>:<mgmtPort>
 # I don't need mgmtPort

connect_timeout = <positive integer>
* See 'connect_timeout' in the "[deployment-client]" stanza for
  information on this setting.

send_timeout = <positive integer>
* See 'send_timeout' in the "[deployment-client]" stanza for
  information on this setting.

recv_timeout = <positive integer>
* See 'recv_timeout' in the "[deployment-client]" stanza for
  information on this setting.

 

Labels (1)
Labels
0 Karma
Reply

bdiego_splunk
Splunk Employee
Splunk Employee
‎09-17-2020 04:53 PM

Hi chris94089,

The port is required, otherwise the Splunk service on that host doesn't understand how to initiate communication to the Deployment Server (DS) to retrieve any configuration files it needs.  You will see a warning in splunkd.log on that machine similar to:

DC:DeploymentClient - Could not find targetUri in config. DeploymentClient will not connect to DeploymentServer.

On the assumption that you have a DS sitting in K8s, if I look at this page:

https://kubernetes.io/docs/concepts/services-networking/ingress/

It seems that one must define a port as part of a minimal ingress resource (and that the resource must be associated with an ingress controller).

Does that help?

Regards,

-bd-

0 Karma
Reply

chris94089
Path Finder
‎09-17-2020 05:19 PM

Yes, you do define a port when you set up an ingress.  It's the Ingress name that presents the conflict, as far as I understand it:

Splunk requires an explicit port number to work, and K8s ingress requires NO port in the FQDN definition.  I even tried "mydoman.com:8089" and K8s complained about the ":"

from the doc Kubernetes doc...

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: tls-example-ingress
spec:
  tls:
  - hosts:
      - https://example.foo.com
    secretName: testsecret-tls
  rules:
  - host: https-example.foo.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: service1
            port:
              number: 80

 

For this  example, if you tried "https://example.foo.com:8089" you would get a formatting error.  But you can't just use https://example.foo.com in the deploymentclient.conf file either.

I want to blame Kubernetes, since using :8089 is common and if anything should be an optional modifier, it shouldn't break just because other programs still use it.

0 Karma
Reply
Get Updates on the Splunk Community!

Streamline Data Ingestion With Deployment Server Essentials

REGISTER NOW!Every day the list of sources Admins are responsible for gets bigger and bigger, often making the ...

Remediate Threats Faster and Simplify Investigations With Splunk Enterprise Security ...

REGISTER NOW!Join us for a Tech Talk around our latest release of Splunk Enterprise Security 7.2! We’ll walk ...

Introduction to Splunk AI

WATCH NOWHow are you using AI in Splunk? Whether you see AI as a threat or opportunity, AI is here to stay. ...