Splunk Enterprise Security

How to setup custom admin password for Splunk on Kubernetes

New Member

I am currently trying to deploy a splunk cluster on kubernetes.
While I can successfully deploy the standard yaml from:
https://github.com/splunk/docker-splunk/tree/develop/test_scenarios/kubernetes/3idx1sh1cm-pvc

I am trying to setup the cluster with a custom admin password. I have tried changing the SPLUNK_PASSWORD but the ansible playbook fails with the following error message:

TASK [splunk_cluster_master : Set indexer discovery] ***************************
fatal: [localhost]: FAILED! => {"changed": false, "content": "", "elapsed": 0, "msg": "Status code was -1 and not [201, 409]: Connection failure: [Errno 104] Connection reset by peer", "redirected": false, "status": -1, "url": "http://127.0.0.1:8089/servicesNS/nobody/system/configs/conf-server"}

Is there any way to set up custom admin creds (I also intend to modify some keys to make them custom) through the yaml?

Thanks

0 Karma

Splunk Employee
Splunk Employee

This looks like issues with the default.yaml and the passwords being distributed.

I'd recommend you check out the Operator instead, or hit me up on Slack and we can look closer.

https://github.com/splunk/splunk-operator/tree/master/docs

0 Karma