Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Deployment Architecture
- :
- Does target-broker:deploymentServer in deploymentc...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does target-broker:deploymentServer in deploymentclient.conf require the port to be specified?
If so, can this be turned off somewhere? I'm using ingress for kubernetes and all it wants is a FQDN, no need to specify the port. But if I use https://mydomain.com, the client never phones home. Meanwhile, in K8s, if I try to use https://mydoman.com:8089, it just won't work.
I'll go ahead and copy/paste the stanza from splunk docs here:
[target-broker:deploymentServer]
targetUri= <uri> * URI of the deployment server. * An example of <uri>: <scheme>://<deploymentServer>:<mgmtPort>
# I don't need mgmtPort connect_timeout = <positive integer> * See 'connect_timeout' in the "[deployment-client]" stanza for information on this setting. send_timeout = <positive integer> * See 'send_timeout' in the "[deployment-client]" stanza for information on this setting. recv_timeout = <positive integer> * See 'recv_timeout' in the "[deployment-client]" stanza for information on this setting.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi chris94089,
The port is required, otherwise the Splunk service on that host doesn't understand how to initiate communication to the Deployment Server (DS) to retrieve any configuration files it needs. You will see a warning in splunkd.log on that machine similar to:
DC:DeploymentClient - Could not find targetUri in config. DeploymentClient will not connect to DeploymentServer.On the assumption that you have a DS sitting in K8s, if I look at this page:
https://kubernetes.io/docs/concepts/services-networking/ingress/
It seems that one must define a port as part of a minimal ingress resource (and that the resource must be associated with an ingress controller).
Does that help?
Regards,
-bd-
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, you do define a port when you set up an ingress. It's the Ingress name that presents the conflict, as far as I understand it:
Splunk requires an explicit port number to work, and K8s ingress requires NO port in the FQDN definition. I even tried "mydoman.com:8089" and K8s complained about the ":"
from the doc Kubernetes doc...
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: tls-example-ingress spec: tls: - hosts: - https://example.foo.com secretName: testsecret-tls rules: - host: https-example.foo.com http: paths: - path: / pathType: Prefix backend: service: name: service1 port: number: 80
For this example, if you tried "https://example.foo.com:8089" you would get a formatting error. But you can't just use https://example.foo.com in the deploymentclient.conf file either.
I want to blame Kubernetes, since using :8089 is common and if anything should be an optional modifier, it shouldn't break just because other programs still use it.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
