Hello,
I am attempting to start a Splunk docker container (search head) and add it as a search peer to an existing environment all in one bash script but running in an issue. I am able to run each of the two steps separately without a problem but am running into an issue when I attempt to combine them into one script.
I am able to build my Dockerfile and start the container successfully. I am running the below command to start a container with the name splunk_sh.
docker run -d --rm -it -p 8000:8000 --name splunk_sh dockersplunk:latest
After the container is up, I am also able to successfully add it as a search peer using the following command and script. (A copy of the search_peer.sh script is being copied to my container via Dockerfile.)
# search peer command
docker exec -it splunk_sh sh /opt/splunk/bin/search_peer.sh
search_peer.sh
#!/bin/bash
sudo /opt/splunk/bin/splunk add search-server https://<indexer_ip>:8089 -auth <user>:<password> -remoteUsername <user> -remotePassword <password>
Running the two above steps separately allows me to start my Splunk container and have it become a search peer. I begin to run into an issue when I try to run a script (docker_search_peer.sh) that includes both steps, starting the splunk_sh container and the search peer command.
docker_search_peer.sh
#!/bin/bash
docker run -d --rm -it -p 8000:8000 --name splunk_sh dockersplunk:latest
docker exec -it splunk_sh sh /opt/splunk/bin/search_peer.sh
When I run my docker_search_peer.sh script, the container is able to start but is not able to become a search peer. I get the below error:
ERROR: Couldn't determine $SPLUNK_HOME or $SPLUNK_ETC; perhaps one should be set in environment
I've disabled selinux (this was mentioned in a few different posts) but am still running into this issue. I'm not sure how I'm able to run commands/execute scripts separately but not together in one script. Any help or guidance would be much appreciated.
... View more