instead upgrade recreate the instance via ansible

karakutu · ‎05-19-2021

We setup the Splunk cluster on cloud via Ansible scripts. ( cluster is also configured via Ansible)

I have two questions.

1) in case we want to upgrade the Splunk to a new version. Instead, upgrading the existing system, we would like to create new cluster via Ansible scripts from scratch and deploy the old Splunk app into new system. What kind of problems may we encounter in such an update scenario?

2)in case we do it. Which configuration files are needed to be updated from old setup?

Thanks

isoutamo · ‎05-24-2021

Hi

If you create the new cluster instead of update old, you must also migrate the data from old to new unless you don't need it.

In our experience is that it's easier to use those ansible scripts to also update cluster nodes than recreate the whole cluster again.

Depending on size of you cluster you can even do actual update manually by downloading correct version and then update it. After you have updated all nodes then just update version information on your ansible configurations. Of course better way is to add that update part to ansible also especially if you have lager clusters and/or lot of those.

If you still want to do it again from scratch you must copy all apps which you have in CM and it's master-apps. I hope and propose that all your cluster configurations should be a separate app(s) which you can easily apply to the new environment(s).

Of course you must add this new cluster to your SH layer nodes as well your MC etc.

r. Ismo

instead upgrade recreate the instance via ansible

administration

configuration

troubleshooting

upgrade

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms