Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Deployment Architecture
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Splunk Administration
- :
- Deployment Architecture
- :
- What is the recommended procedure to move an app f...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the recommended procedure to move an app from one Search Head Cluster to another SHC?
twinspop
Influencer
11-03-2016
11:23 AM
I need to move a few apps from SHC1 to SHC2. My plan is below. Critique please!
(SHC1 uses deployer Dply1, SHC2 Dply2)
- Stop all SHC members on SHC1
- Copy target-app entirely from SHC1 to all members of SHC2. Move originals outside of $splunk
- Copy target-app/default, target-app/metadata/default.meta and target-app/bin from SHC1 to Dply2 shcluster/apps. Move originals outside of $splunk.
- Copy all users/target-app in their dir from SHC1 to Dply2 shcluster/users. Move originals outside of $splunk
- Remove target-app from Dply1 shcluster/apps
- Restart all SHC1 members
- Apply shcluster bundle both deployers, Dply1 and Dply2
- sacrifice goat or other farm animal
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
horsefez
Motivator
11-03-2016
11:49 AM
Hi twinspop,
I can give you my steps how I do it with my apps.
- Copy the whole directory of the specific app onto a local pc
- Manually integrating changes from /local/ into the /default/ files.
- Manually integrating changes from /metadata/ local.meta into /metadata/ default.meta
- Note: Don't forget to check every SH that every change from /local/ or /metadata is now in their corresponding default file
- Copying of the app onto the deployer (SHC2) app directory
- Deploying onto the SHC2
- Optional: Delete the app in the app directory of deployer for SHC1
- Optional: Deploy apps on deployer for SHC1
- Now the apps should be successfull on SHC2 and deleted on SHC1
- Say "hail satan" 3 times and smear the number "666" on a wall using the blood of a virgin. (Works way better than the animal thing)
Regards,
pyro_wood
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
twinspop
Influencer
11-03-2016
11:58 AM
Thanks for the input! But there is a problem with this approach. From the docs:
After you deploy an app to the
members, you cannot subsequently
delete the app's baseline knowledge
objects through Splunk Web, the CLI,
or the REST API. You also cannot move,
share, or unshare those knowledge
objects.
That's really, really not what I want. Hence the care to keep local and default separate in my steps above. I'm just wondering if I should copy the entire app into place before deploying. Or deploy first, then copy the non-default bits in.
Get Updates on the Splunk Community!
.conf24 | Registration Open!
Hello, hello! I come bearing good news: Registration for .conf24 is now open!
conf is Splunk’s rad annual ...
ICYMI - Check out the latest releases of Splunk Edge Processor
Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.
HEC Receiver authorization ...
Introducing the 2024 SplunkTrust!
Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!
The ...
