Deployment Architecture

how to user serverclass with aws servers that names and ip's change each time they get rebuilt

bobmccoy
Explorer

we have a few small applications in aws

I would like to use my on prem deployment server to services these servers.
The servers get rebuilt each time they get to deployed to and each time the server names and ips are different
We have different subnets for each AZ as well as different subnets for each security tier. So each environment your looking at 15-20 different subnet ranges

So is it possible to use deployment server in this scenario or would it be better to update the input and output file when the server gets built as part of the build process

0 Karma

acharlieh
Influencer

A few options here, one is if your AWS deployment methodologies set hostnames that can be keyed off of for your server classes then you could build server classes from there. Alternatively, in deploymentclient.conf you could set clientName differently for different kinds of images and build your server classes based on matching those names. (This latter option is one that i'm thinking about pursuing while rolling out deployment servers. (hence this previous question).

That said, I would challenge @deepashri_123's assertion, Deployment Server is not necessarily always a best practice, and is very environment specific as to if it should be used. it is often the case where it is a better option, but existing considerations of network boundaries, security, and existing patterns could lead to other configuration management techniques Being in an environment where your control of the network is secondary to a cloud service provider, I would highly recommend that forwarders are configured to assert the identity of the deployment server's SSL certificate, lest a malicious actor tricks forwarders into installing their code. but maybe pre-baking is an ok option if redeploy is an acceptable time requirement for changes.

0 Karma

deepashri_123
Motivator

@acharlieh Agreed 🙂

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...