Deployment Architecture

Can a deployment client subscribe to an app?

echalex
Builder

Hi,

We are using the deployment server to distribute configuration to universal forwarders. Since we are using chef to install the forwarders, it would be very good if we could add the forwarder to a serverclass from the forwarder host itself, rather than doing this at the deployment server.

Any suggestions on doing this. Preferrably, it should be scriptable. With that I mean either a CLI command to run on the forwarder, or some way to do it through the REST API.

0 Karma
1 Solution

yannK
Splunk Employee
Splunk Employee

there is a way to achieve this.
The deploymentclient.conf on the client has a parameter clientName that can be used to replace the ip and hostname used to match the whitelist/blacklist in the server serverclass.conf

see http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Serverclassconf
and http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Deploymentclientconf

You could use define your classes with roles by example, and use chef to populate the clientName with a concatenation of the classes and hostname.

example :

[deployment-client]
clientName=myhostname-roleA-roleB

and on the serverclass

[myclassA]
whitelist=*roleA*
[myclassB]
whitelist=*roleB*

View solution in original post

yannK
Splunk Employee
Splunk Employee

there is a way to achieve this.
The deploymentclient.conf on the client has a parameter clientName that can be used to replace the ip and hostname used to match the whitelist/blacklist in the server serverclass.conf

see http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Serverclassconf
and http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Deploymentclientconf

You could use define your classes with roles by example, and use chef to populate the clientName with a concatenation of the classes and hostname.

example :

[deployment-client]
clientName=myhostname-roleA-roleB

and on the serverclass

[myclassA]
whitelist=*roleA*
[myclassB]
whitelist=*roleB*

View solution in original post

echalex
Builder

Yes, that's what I want, more or less. I guess the clientName solution is the closest thing, but it does require some preparation. OTOH, it is a sane approach which provides a kind of "menu" of distributable apps.

Do you know if there are any restrictions on length and characters contained?

0 Karma

yannK
Splunk Employee
Splunk Employee

So you want to remotely edit the serverclass.conf on the deployment-server to add a whitelist item ?
I am not sure that there is a REST API for it.

0 Karma

echalex
Builder

Thanks, but that doesn't really do what I want. (I know about clientName).

This solution requires the whitelists to be configured beforehand on the deployment server.

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!