Monitoring Splunk

Adding Multiple Licenses from temp using Ansible and k8s

terpdog
Explorer

We are trying to setup a Splunk License Manager and have it "automatically" pull in the licenses from within the container.

The following is the yaml file we have.

We can put all out files into /tmp/splunk-license using a configMap but have not been able to copy them into the /opt/splunk/etc/licenses/enterprise using a "command" and have also not been able to have just an ENV variable work to pull in the 2 licenses.

Any ideas?

Process: Create a k8s yaml file
apiVersion: apps/v1
kind: Deployment
metadata:
name: splunk-license-manager
namespace: splunk
labels:
app: splunk-license-manager
spec:
replicas: 1
selector:
matchLabels:
app: splunk-license-manager
template:
metadata:
labels:
app: splunk-license-manager
spec:
containers:
- name: splunk-license-manager
image: splunk/splunk:8.0.2.1
env:
- name: SPLUNK_HOME
value: /opt/splunk
- name: SPLUNK_ROLE
value: splunk_license_master
- name: SPLUNK_PASSWORD
value: theGreatPassword
- name: SPLUNK_LICENSE_URI
value: /tmp/splunk-licenses/enterprise.lic,/tmp/splunk-licenses/itsi.lic
- name: SPLUNK_LICENSE_INSTALL_PATH
value: /tmp/splunk-licenses
- name: SPLUNK_START_ARGS
value: "--accept-license"
- name: SPLUNK_INDEXER_URL
value: indexer1,indexer2,indexer3,indexer4,indexer5,indexer6,indexer7,indexer8,indexer9
- name: SPLUNK_SEARCH_HEAD_URL
value: search1,search2,search3
- name: DEBUG
value: "true"

0 Karma
Get Updates on the Splunk Community!

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...