Deployment Architecture

Splunk Operator - Splunk apps deployment failed

mufthmu1
New Member

Hi,

This is my first time setting up Splunk in Kubernetes by using Splunk Operator.

I have set up the cluster just fine. One challenge I'm having now is to deploy my Splunk Apps to our search head cluster. Here is the docs that I followed: https://splunk.github.io/splunk-operator/AppFramework.html

The issues are:

1. My deployer keeps getting undeployed everytime I make changes to the SHC CRD. idk why?

2. The app is simply not getting deployed. The app's .tgz file is already in my S3 bucket. Here's the spec of my SHC

 

...
spec:
  appRepo:
    appSources:
    - location: searchHeadApps/
      name: assettrackerapp.tgz
    appsRepoPollIntervalSeconds: 30
    defaults:
      scope: cluster
      volumeName: volume_app_repo_us
    volumes:
    - endpoint: https://dev-splunk-operator.s3.amazonaws.com
      name: volume_app_repo_us
      path: dev-splunk-operator
      provider: aws
      secretRef: s3-secret
      storageType: s3
...

 

Here are some of the splunk-operator logs:

 

{"level":"info","ts":1634593053.3164997,"logger":"splunk.enterprise.ValidateAppFrameworkSpec","msg":"App framework configuration is valid"}
{"level":"info","ts":1634593053.3165247,"logger":"splunk.enterprise.initAndCheckAppInfoStatus","msg":"Checking status of apps on remote storage...","name":"sh","namespace":"splunk"}
{"level":"info","ts":1634593053.3165333,"logger":"splunk.enterprise.GetAppListFromS3Bucket","msg":"Getting the list of apps from remote storage...","name":"sh","namespace":"splunk"}
{"level":"info","ts":1634593053.3198195,"logger":"splunk.enterprise.GetRemoteStorageClient","msg":"Creating the client","name":"sh","namespace":"splunk","volume":"volume_app_repo_us","bucket":"dev-splunk-operator","bucket path":"searchHeadApps/"}
{"level":"info","ts":1634593053.3199255,"logger":"splunk.client.InitAWSClientSession","msg":"AWS Client Session initialization successful.","region":"","TLS Version":"TLS 1.2"}
{"level":"info","ts":1634593053.319938,"logger":"splunk.client.GetAppsList","msg":"Getting Apps list","AWS S3 Bucket":"dev-splunk-operator"}
{"level":"error","ts":1634593053.3199534,"logger":"splunk.client.GetAppsList","msg":"Unable to list items in bucket","AWS S3 Bucket":"dev-splunk-operator","error":"MissingRegion: could not find region configuration"

 

Please advise, thank you.

Labels (2)
Tags (2)
0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

New Release of Federated Search: Bringing Splunk Analytics to More of Your Data

Organizations today are generating more data than ever and storing it across cloud object stores, data lakes, ...

Inside Event Intelligence: How ITSI Turns Network Alerts into Actionable Incidents

Tech Talk Inside Event Intelligence: How ITSI Turns Network Alerts into Actionable Incidents   Correlating ...

Observability Simplified: Combining User Experience, Application Performance & ...

  Tech Talk Network to App: Observability Unlocked   Today’s digital environments span applications, ...