Installation
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Distributed deployment using ansible-role-for-splunk?

mickey
Loves-to-Learn
‎03-06-2023 03:59 AM

I successfully installed splunk using the ansible-role-for-splunk one a single machine. It worked as expected. I am trying now to deploy a distributed splunk system (7 VMs in total). I prepared the inventory based on https://github.com/splunk/ansible-role-for-splunk/blob/master/environments/production/inventory.yml. when i ran the playbook, the bahviour is 7 individual installations of splunk instead of a distributed installation with indexer cluster, search head etc. My understanding was that based on the group name in the inventory, ansible role will install only the required components. Is it not true?

I am posting my playbook and inventory file (as first 2 replies). thanks

mickey_0-1678109947656.png

 

Labels (1)
Labels
0 Karma
Reply

mickey
Loves-to-Learn
‎03-13-2023 06:14 AM

my understand is that the above ansible role will install splunk on al the nodes and based on the configurationf passed to the node, the node can play a different role (indexer, cluster manager etc.)

0 Karma
Reply

mickey
Loves-to-Learn
‎03-06-2023 04:00 AM

Here is the inventory file:

all:
  children:
    full:
      children:
        clustermanager:
          hosts:
            lab-splunk-util:

        licensemaster:
          hosts:
            lab-splunk-util:

        # Distributed Management Console
        dmc:
          hosts:
            lab-splunk-util:

        deploymentserver:
          hosts:
            lab-splunk-depl:

        #Search head
        search:
          children:
            searchhead:
              hosts:
                lab-splunk-sh:

        heavyforwarder:
          hosts:
            lab-splunk-hf:

        indexer:
          hosts:
            lab-splunk-idx0:
            lab-splunk-idx1:
            lab-splunk-idx2:
0 Karma
Reply

mickey
Loves-to-Learn
‎03-06-2023 04:01 AM

Here is the playbook. Note that I installed the role ansible-role-for-splunk.

---
- hosts: all
  become: true
  tasks:
    - name: Install or Upgrade Splunk
      include_role:
        name: ansible-role-for-splunk
0 Karma
Reply
Get Updates on the Splunk Community!

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...