Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Distributed deployment using ansible-role-for-splunk?

mickey
Loves-to-Learn
‎03-06-2023 03:59 AM

I successfully installed splunk using the ansible-role-for-splunk one a single machine. It worked as expected. I am trying now to deploy a distributed splunk system (7 VMs in total). I prepared the inventory based on https://github.com/splunk/ansible-role-for-splunk/blob/master/environments/production/inventory.yml. when i ran the playbook, the bahviour is 7 individual installations of splunk instead of a distributed installation with indexer cluster, search head etc. My understanding was that based on the group name in the inventory, ansible role will install only the required components. Is it not true?

I am posting my playbook and inventory file (as first 2 replies). thanks

mickey_0-1678109947656.png

 

Labels (1)
Labels
0 Karma
Reply

mickey
Loves-to-Learn
‎03-13-2023 06:14 AM

my understand is that the above ansible role will install splunk on al the nodes and based on the configurationf passed to the node, the node can play a different role (indexer, cluster manager etc.)

0 Karma
Reply

mickey
Loves-to-Learn
‎03-06-2023 04:00 AM

Here is the inventory file:

all:
  children:
    full:
      children:
        clustermanager:
          hosts:
            lab-splunk-util:

        licensemaster:
          hosts:
            lab-splunk-util:

        # Distributed Management Console
        dmc:
          hosts:
            lab-splunk-util:

        deploymentserver:
          hosts:
            lab-splunk-depl:

        #Search head
        search:
          children:
            searchhead:
              hosts:
                lab-splunk-sh:

        heavyforwarder:
          hosts:
            lab-splunk-hf:

        indexer:
          hosts:
            lab-splunk-idx0:
            lab-splunk-idx1:
            lab-splunk-idx2:
0 Karma
Reply

mickey
Loves-to-Learn
‎03-06-2023 04:01 AM

Here is the playbook. Note that I installed the role ansible-role-for-splunk.

---
- hosts: all
  become: true
  tasks:
    - name: Install or Upgrade Splunk
      include_role:
        name: ansible-role-for-splunk
0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...