Installation

How do I install the Distributed Management Console to a different path within the same server?

tkwaller
Builder

Hello

I am scripting the install of Splunk Enterprise in my virtual env and it works great. What I would like to do now is script the install of the DMC (Distributed Management Console) to a different path, something other than /opt/splunk/, maybe something like /opt/splunkdmc/.

I know this can be done but no idea how to achieve it

Any help would be appreciated
Thanks
Todd Waller

Labels (1)
0 Karma
1 Solution

daniel333
Builder

tkwaller,

Consider using the TGZ version of Splunk rather than your platform's native package manager (e.g. RPM's on Redhat/CentOS).

Example procesure would be something like -

1) Create the directory you want, like /opt/mydirectory
2) mv splunk_package_name.tgz /opt/mydirectory
3) tar xvzf splunk_package_name.tgz
4) splunk start --accept-license

Don't forget to set ownership of the files to user "Splunk" or what ever you're planning on running Splunk as.

View solution in original post

0 Karma

bheemireddi
Communicator

Since the MC comes with core Splunk, it just gets installed (if you are installing splunk in /opt/splunk, then MC will appear in /opt/splunk/etc/apps.), you just enable/configure under UI->settings->Monitoring Console.
Follow the below link to configure MC and understand the right instance to configure it.
https://docs.splunk.com/Documentation/Splunk/6.6.1/DMC/Configureindistributedmode

0 Karma

daniel333
Builder

tkwaller,

Consider using the TGZ version of Splunk rather than your platform's native package manager (e.g. RPM's on Redhat/CentOS).

Example procesure would be something like -

1) Create the directory you want, like /opt/mydirectory
2) mv splunk_package_name.tgz /opt/mydirectory
3) tar xvzf splunk_package_name.tgz
4) splunk start --accept-license

Don't forget to set ownership of the files to user "Splunk" or what ever you're planning on running Splunk as.

0 Karma

woodcock
Esteemed Legend

You are misunderstanding completely. The MC is a capability (app) of any Search Head. It does not require a separate install of Splunk; it just needs to be enabled by configuring it. Why are you overloading your ES? Just spin up another box and install it as a search head and point it at your indexer tier. Leave the MC as a non-clustered Search Head all on it's own and only let admins login. The only thing that I would share on the MC is the License Manager.

0 Karma

tkwaller
Builder

So I do understand that any search head has this app and I also know that its just enabled and configged on what you want to be the master, did it in our MASSIVE production env.

What I am WANTING to do is have it not installed at /opt/splunk/ but a different path

The license master will also be on this host as well as it being the deployment server as well, which is why I ask about paths

0 Karma

woodcock
Esteemed Legend

But why? Why would you EVER want to run a 2nd instance of splunk on the same server just to run ONE app that is already on the server? It makes no sense and will chew up a TON of duplicated resources for no reason that you have indicated or that I can guess.

0 Karma

tkwaller
Builder

"Dedicated Deployment Server and license Master - If your install grows beyond just a single Splunk instance (talking indexers & search heads here, not forwarders), set up a separate server to be a license manager & Deployment server. A VM is fine for these purposes, and can actually be a benefit to be on a VM. You can even use the tarball install to put these multiple instances on the same box/VM. Say one in /opt/splunk, one in /opt/deploymentserver, and one in /opt/licenseserver. Run them on different ports of course."

0 Karma

jonasmeier
Explorer

Again, to avoid confusion of future readers and stress woodcook's point:

One instance of Splunk can fulfill multiple roles!

So to have one Splunk instance act i.e. as license master, cluster master and DMC you do not have to install 3 instances! Instead you configure the necessary stuff for the 3 roles on the same instance.

There's some role Splunk tells you not to combine them (i.e. Cluster Master and Deplyoment). But generally this works like a charm while installing 3 instances on the same server is definitively a mess and 3 VMs would be unnecessary and lot of overhead (ressource- and managment-wise).

Tags (1)
0 Karma
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...