Deployment Architecture

Does target-broker:deploymentServer in deploymentclient.conf require the port to be specified?

chris94089
Path Finder

If so, can this be turned off somewhere?  I'm using ingress for kubernetes and all it wants is a FQDN, no need to specify the port.  But if I use https://mydomain.com, the client never phones home.  Meanwhile, in K8s, if I try to use https://mydoman.com:8089, it just won't work.

I'll go ahead and copy/paste the stanza from splunk docs here:

 

[target-broker:deploymentServer]

targetUri= <uri> * URI of the deployment server. * An example of <uri>: <scheme>://<deploymentServer>:<mgmtPort>
# I don't need mgmtPort connect_timeout = <positive integer> * See 'connect_timeout' in the "[deployment-client]" stanza for information on this setting. send_timeout = <positive integer> * See 'send_timeout' in the "[deployment-client]" stanza for information on this setting. recv_timeout = <positive integer> * See 'recv_timeout' in the "[deployment-client]" stanza for information on this setting.

 

Labels (1)
0 Karma

bdiego_splunk
Splunk Employee
Splunk Employee

Hi chris94089,

The port is required, otherwise the Splunk service on that host doesn't understand how to initiate communication to the Deployment Server (DS) to retrieve any configuration files it needs.  You will see a warning in splunkd.log on that machine similar to:

DC:DeploymentClient - Could not find targetUri in config. DeploymentClient will not connect to DeploymentServer.

On the assumption that you have a DS sitting in K8s, if I look at this page:

https://kubernetes.io/docs/concepts/services-networking/ingress/

It seems that one must define a port as part of a minimal ingress resource (and that the resource must be associated with an ingress controller).

Does that help?

Regards,

-bd-

0 Karma

chris94089
Path Finder

Yes, you do define a port when you set up an ingress.  It's the Ingress name that presents the conflict, as far as I understand it:

Splunk requires an explicit port number to work, and K8s ingress requires NO port in the FQDN definition.  I even tried "mydoman.com:8089" and K8s complained about the ":"

from the doc Kubernetes doc...

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: tls-example-ingress
spec:
  tls:
  - hosts:
      - https://example.foo.com
    secretName: testsecret-tls
  rules:
  - host: https-example.foo.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: service1
            port:
              number: 80

 

For this  example, if you tried "https://example.foo.com:8089" you would get a formatting error.  But you can't just use https://example.foo.com in the deploymentclient.conf file either.

I want to blame Kubernetes, since using :8089 is common and if anything should be an optional modifier, it shouldn't break just because other programs still use it.

0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!