Deployment Architecture

Is it possible to disable splunkd SSL in Search Head Clustering with "enableSplunkdSSL=false"?

Splunk Employee
Splunk Employee

Hello experts,

Can Search Head Clustering work with enableSplunkdSSL = false option?
I tried the following:

on deployer instance.
- "enableSplunkdSSL = false"

on each SHC member instance.
- "enableSplunkdSSL = false"
- conf_deploy_fetch_url : changed https to http
- mgmt_uri : changed https to http

Tried to restart all instances and also repeated init/bootstrap steps of SHC, but failed.

Each search head can start up well and run distributed searches, but when I run the bootstrap shcluster-captain command, I find following entry from the splunkd.log.

   ERROR SHPRaftConsensus - Failed to bootstrap this node as a captain.

And when I set category.SHPRaftConsensus=DEBUG, I can find the following log entries repeatedly in the splunkd.log of all search head instances.

   DEBUG SHPRaftConsensus - Will become candidate in 110661 ms

Any comments would be very appreciated.

Thank you.

0 Karma

Splunk Employee
Splunk Employee

In addition to the changes to server.conf, you also have to delete $SPLUNK_HOME/splunk/var/run/splunk/_raft on each of your search heads. You can then restart and run "bootstrap shcluster-captain" again.

0 Karma

Splunk Employee
Splunk Employee
0 Karma

Splunk Employee
Splunk Employee

Hello Apfender, Thank you for replying.
I think, it looks different problem.

0 Karma