diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 554253af..109cbf88 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -2,9 +2,11 @@ ## Navigation +* [8.1.1](#811) * [8.1.0.1](#8101) * [8.1.0](#810) * [8.0.7](#807) +* [8.0.6.1](#8061) * [8.0.6](#806) * [8.0.5.1](#8051) * [8.0.5](#805) @@ -41,6 +43,14 @@ --- +## 8.1.1 + +#### Changes +* Fetches peer node data for DMC +* Bugfixes and documentation updates + +--- + ## 8.1.0.1 #### Changes @@ -72,6 +82,16 @@ Syncing with latest codebase - currently up to sync with 8.1.0. --- +## 8.0.6.1 + +#### What's New? +Syncing with latest codebase - currently up to sync with 8.1.1. + +#### Changes +* See [8.1.1](#811) changes above. + +--- + ## 8.0.6 #### What's New? diff --git a/docs/advanced/default.yml.spec.md b/docs/advanced/default.yml.spec.md index b7b25d68..a6f88a0b 100644 --- a/docs/advanced/default.yml.spec.md +++ b/docs/advanced/default.yml.spec.md @@ -433,6 +433,10 @@ splunk: * Determine the secret used to enable indexer discovery (for any forwarding clients connecting to the cluster master). This is pass4SymmKey in the `[indexer_discovery]` stanza of server.conf. * Default: null + multisite_master: + * Specify the location of the multisite cluster + * Default: null + multisite_master_port: * Specify the management port of the multisite cluster master * Default: 8089 @@ -453,6 +457,14 @@ splunk: * Determine site-level search replication factor when in a multisite environment * Default: 3 + site: + * Define the site of this particular Splunk Enterprise instance when in a multisite environment + * Default: null + + all_sites: + * Define all sites of the topology when in a multisite environment + * Default: null + set_search_peers: * Feature-flag to disable the automatic peering from the search tier to the indexer tier (cluster master or indexers directly). It is discouraged to change this to false, but it is exposed for the purposes of testing and isolating the groups. * Default: true diff --git a/inventory/environ.py b/inventory/environ.py index f6e7d707..03266afe 100755 --- a/inventory/environ.py +++ b/inventory/environ.py @@ -121,6 +121,7 @@ def getDefaultVars(): # in order to rectify multisite replication and search factors getMultisite(defaultVars) getSplunkWebSSL(defaultVars) + getSplunkdSSL(defaultVars) getDistributedTopology(defaultVars) getLicenses(defaultVars) defaultVars["splunk"]["role"] = os.environ.get('SPLUNK_ROLE', 'splunk_standalone') @@ -273,6 +274,8 @@ def getSplunkdSSL(vars_scope): enable = os.environ.get("SPLUNKD_SSL_ENABLE", "") if enable.lower() == "false": ssl_vars["enable"] = False + vars_scope["cert_prefix"] = "http" + def getDistributedTopology(vars_scope): """ diff --git a/roles/splunk_common/tasks/main.yml b/roles/splunk_common/tasks/main.yml index 8fdabd3c..25185c28 100644 --- a/roles/splunk_common/tasks/main.yml +++ b/roles/splunk_common/tasks/main.yml @@ -42,12 +42,12 @@ when: - java_version is defined and java_version +# This needs to be done before any encrypted passkeys are generated, and before first call to splunk status +- include_tasks: set_splunk_secret.yml + - include_tasks: set_general_symmkey_password.yml when: "'pass4SymmKey' in splunk and splunk.pass4SymmKey" -# This needs to be done before any encrypted passkeys are generated -- include_tasks: set_splunk_secret.yml - - include_tasks: enable_admin_auth.yml - include_tasks: set_launch_conf.yml diff --git a/roles/splunk_common/tasks/set_as_hec_receiver.yml b/roles/splunk_common/tasks/set_as_hec_receiver.yml index d7a28583..a4f7b0ea 100644 --- a/roles/splunk_common/tasks/set_as_hec_receiver.yml +++ b/roles/splunk_common/tasks/set_as_hec_receiver.yml @@ -48,7 +48,7 @@ register: delete_hec_token changed_when: delete_hec_token.status == 200 when: - - hec_token.status == 200 + - hec_token is defined and hec_token.status == 200 - ('hec' in splunk and 'token' in splunk.hec and hec_token.json['entry'][0]['content']['token'] != splunk.hec.token) or ('hec_token' in splunk and hec_token.json['entry'][0]['content']['token'] != splunk.hec_token) no_log: "{{ hide_password }}" diff --git a/roles/splunk_monitor/tasks/main.yml b/roles/splunk_monitor/tasks/main.yml index cb0e3147..af171be0 100644 --- a/roles/splunk_monitor/tasks/main.yml +++ b/roles/splunk_monitor/tasks/main.yml @@ -18,6 +18,53 @@ register: server_info no_log: "{{ hide_password }}" +- name: Initialize lists + set_fact: + cluster_master_peers: [] + +- name: Fetch clusterMaster peers + uri: + url: "{{ cert_prefix }}://{{ splunk.cluster_master_url }}:{{ splunk.svc_port }}/services/cluster/master/peers?output_mode=json" + method: GET + user: "{{ splunk.admin_user }}" + password: "{{ splunk.password }}" + validate_certs: false + status_code: 200 + timeout: 10 + return_content: yes + use_proxy: no + register: clusterMaster_peers_info + no_log: "{{ hide_password }}" + when: splunk_indexer_cluster or splunk.multisite_master is defined + retries: "{{ retry_num }}" + delay: "{{ retry_delay }}" + +- name: Create list of clusterMaster peers + set_fact: + cluster_master_peers: "{{ cluster_master_peers }} + [ '{{ item }}' ]" + with_items: "{{ clusterMaster_peers_info['json']['entry'] | selectattr('content.host_port_pair','defined') | map(attribute='content.host_port_pair') }}" + when: splunk_indexer_cluster or splunk.multisite_master is defined + +- name: Fetch distributed peers when cm is defined + uri: + url: "{{ cert_prefix }}://127.0.0.1:{{ splunk.svc_port }}/services/search/distributed/peers?output_mode=json" + method: GET + user: "{{ splunk.admin_user }}" + password: "{{ splunk.password }}" + validate_certs: false + status_code: 200 + timeout: 10 + return_content: yes + use_proxy: no + register: distributed_info + no_log: "{{ hide_password }}" + when: + - splunk_indexer_cluster or splunk.multisite_master is defined + - cluster_master_peers is defined and (cluster_master_peers | length > 0) + until: distributed_info['json']['entry'] | selectattr('content.status','defined') | selectattr('content.status', 'search', 'Down') | map(attribute='name') | list | length == 0 and (cluster_master_peers[0] in (distributed_info['json']['entry'] | map(attribute='name') | list)) + retries: "{{ retry_num }}" + delay: "{{ retry_delay }}" + - name: Fetch distributed peers uri: url: "{{ cert_prefix }}://127.0.0.1:{{ splunk.svc_port }}/services/search/distributed/peers?output_mode=json" @@ -31,6 +78,7 @@ use_proxy: no register: distributed_info no_log: "{{ hide_password }}" + when: splunk_indexer_cluster or splunk.multisite_master is not defined until: distributed_info['json']['entry'] | selectattr('content.status','defined') | selectattr('content.status', 'search', 'Down') | map(attribute='name') | list | length == 0 retries: "{{ retry_num }}" delay: "{{ retry_delay }}"