Splunk Enterprise
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Permissions issue in Docker container

thoyt
Engager
‎11-05-2018 12:13 PM

When splunk starts it seems to try and chown the config files (ie. web.conf) to whatever user splunk is currently running as. This causes an issue with Kubernetes deployments.

When you mount configuration files through a ConfigMap it mounts the volumes as read only owned by root. This would still allow non-root processes to read. However when splunk tries to start the chown fails, causing the container to fail as well.

Is there a flag to disable chown-ing config files on start, or is this something than can be put in a change request and removed form startup all together?

Labels (2)
Reply

jhomerlopez
Explorer
‎05-06-2021 01:34 AM

I encounter this as well when running splunkforwarder on kubernetes cluster as daemonset. This was solved by mounting the volume to /opt/splunkforwarder-etc/ instead of /opt/splunkforwarder. It seems that all the local/custom configuration should be implemented on /opt/splunkforwarder-etc/

0 Karma
Reply

codebuilder
Influencer
‎04-16-2019 08:46 AM

See my response on this thread:

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...