adityapinglesf
commented
9 months ago @tmaltaverne
updated a patch to the path:
docker pull splunk/splunk:b985591d12fd-patch
docker run --mount type=bind,source="PATH_TO_CUSTOM_CONFIG/my_conf.yml",target=/tmp/defaults/default.yml -p 8000:8000 -p 8080:8080 -e "SPLUNK_PASSWORD=trypass@" -e "SPLUNK_START_ARGS=--accept-license" --name so1 -it splunk/splunk:b985591d12fd-patchcontents of config file
hide_password: true
splunk:
conf:
- key: authentication
value:
directory: /opt/splunk/etc/apps/ldap-password/local
content:
iissplunkldap:
bindDN: CN=app-trial,OU=Applications,OU=Special,OU=Users,OU=Sites,OU=Global,DC=iis,DC=customer,DC=net
bindDNpassword: DO_NOT_SHOW_MY_PASS
iissplunkldapsvc:
bindDN: CN=app-trial,OU=Applications,OU=Special,OU=Users,OU=Sites,OU=Global,DC=iis,DC=customer,DC=net
bindDNpassword: DO_NOT_SHOW_MY_PASS
- key: authentication
value:
directory: /opt/splunk/etc/master-apps/ldap-password/local
content:
iissplunkldap:
bindDN: CN=app-trial,OU=Applications,OU=Special,OU=Users,OU=Sites,OU=Global,DC=iis,DC=customer,DC=net
bindDNpassword: DO_NOT_SHOW_MY_PASS
iissplunkldapsvc:
bindDN: CN=app-trial,OU=Applications,OU=Special,OU=Users,OU=Sites,OU=Global,DC=iis,DC=customer,DC=net
bindDNpassword: DO_NOT_SHOW_MY_PASSthe changes included in the patch image are from this MR: https://github.com/splunk/splunk-ansible/pull/772
At each run, the task "Setup SHC - Multisite" for search heads and monitoring console, is always showing a fatal error in the logs:
This is not causing any issue in the rest of the install process, but it is generating noise in the logs by displaying a fatal error, and shows the admin password and secret. We observe this (at least) in versions 9.0.0 to 9.0.4.1.
Quickly looking at the code it seems to come from here: the fail condition is always true when rc!=0, because there can't be both "cluster-master" and "cluster-manager" at the same time in the stderr. I guess the OR condition should be made an AND. Issue seems to be at different places.