Skip to content

CSPL-4002 Update Ansible role to ingestor (from standalone) for IngestorCluster#1606

Open
kasiakoziol wants to merge 4 commits intoCSPL-3551-ingestion-crfrom
feature/cspl-4002-update-role-to-ingestor
Open

CSPL-4002 Update Ansible role to ingestor (from standalone) for IngestorCluster#1606
kasiakoziol wants to merge 4 commits intoCSPL-3551-ingestion-crfrom
feature/cspl-4002-update-role-to-ingestor

Conversation

@kasiakoziol
Copy link
Collaborator

@kasiakoziol kasiakoziol commented Oct 31, 2025
edited
Loading

Description

It updates Ansible role to ingestor (from standalone) for IngestorCluster.

Key Changes

  • Update Ansible role to ingestor (from standalone) for IngestorCluster

Testing and Verification

Automated tests.

Related Issues

Jira: https://splunk.atlassian.net/browse/CSPL-4002

PR Checklist

  • Code changes adhere to the project's coding standards.
  • Relevant unit and integration tests are included.
  • Documentation has been updated accordingly.
  • All tests pass locally.
  • The PR description follows the project's guidelines.

@kasiakoziol kasiakoziol changed the base branch from develop to CSPL-3551-ingestion-cr October 31, 2025 09:52
@coveralls
Copy link
Collaborator

coveralls commented Oct 31, 2025
edited
Loading

Pull Request Test Coverage Report for Build 19887163397

Details

  • 1 of 1 (100.0%) changed or added relevant line in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.008%) to 85.38%
Totals Coverage Status
Change from base Build 19886830069: 0.008%
Covered Lines: 11271
Relevant Lines: 13201
💛 - Coveralls

@kasiakoziol kasiakoziol mentioned this pull request Nov 3, 2025
Open
5 tasks
@kasiakoziol kasiakoziol marked this pull request as ready for review December 3, 2025 07:41
rlieberman-splunk
rlieberman-splunk reviewed Dec 3, 2025
View reviewed changes
pkg/splunk/enterprise/types.go
role = "splunk_monitor"
case SplunkIngestor:
role = "splunk_standalone" // TODO: change this to a new role when we have one (splunk_ingestor)
role = "splunk_ingestor"
Copy link
Collaborator

@rlieberman-splunk rlieberman-splunk Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this only work with a specific docker splunk version? Maybe we need to document that.

Copy link
Collaborator Author

@kasiakoziol kasiakoziol Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ingestors are only supported from Splunk 10.x. I think I documented it already, but will check it out in the main PR for these changes.

Copy link
Collaborator

@qingw-splunk qingw-splunk Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question for my own curiosity - do we have corresponding "kubettl" test that validating IngestorCluster with splunk_ingestor role, or it is not necessary? It seems that we only verify this in uni test level, but I could be mistaken.

qingw-splunk
qingw-splunk reviewed Dec 3, 2025
View reviewed changes
pkg/splunk/enterprise/ingestorcluster_test.go
// Define additional service port in CR and verify the statefulset has the new port
cr.Spec.ServiceTemplate.Spec.Ports = []corev1.ServicePort{{Name: "user-defined", Port: 32000, Protocol: "UDP"}}
test(`{"kind":"StatefulSet","apiVersion":"apps/v1","metadata":{"name":"splunk-test-ingestor","namespace":"test","creationTimestamp":null,"labels":{"app.kubernetes.io/component":"ingestor","app.kubernetes.io/instance":"splunk-test-ingestor","app.kubernetes.io/managed-by":"splunk-operator","app.kubernetes.io/name":"ingestor","app.kubernetes.io/part-of":"splunk-test-ingestor"},"ownerReferences":[{"apiVersion":"","kind":"IngestorCluster","name":"test","uid":"","controller":true}]},"spec":{"replicas":3,"selector":{"matchLabels":{"app.kubernetes.io/component":"ingestor","app.kubernetes.io/instance":"splunk-test-ingestor","app.kubernetes.io/managed-by":"splunk-operator","app.kubernetes.io/name":"ingestor","app.kubernetes.io/part-of":"splunk-test-ingestor"}},"template":{"metadata":{"creationTimestamp":null,"labels":{"app.kubernetes.io/component":"ingestor","app.kubernetes.io/instance":"splunk-test-ingestor","app.kubernetes.io/managed-by":"splunk-operator","app.kubernetes.io/name":"ingestor","app.kubernetes.io/part-of":"splunk-test-ingestor"},"annotations":{"traffic.sidecar.istio.io/excludeOutboundPorts":"8089,8191,9997","traffic.sidecar.istio.io/includeInboundPorts":"8000,8088"}},"spec":{"volumes":[{"name":"splunk-test-probe-configmap","configMap":{"name":"splunk-test-probe-configmap","defaultMode":365}},{"name":"mnt-splunk-secrets","secret":{"secretName":"splunk-test-ingestor-secret-v1","defaultMode":420}}],"containers":[{"name":"splunk","image":"splunk/splunk","ports":[{"name":"http-splunkweb","containerPort":8000,"protocol":"TCP"},{"name":"http-hec","containerPort":8088,"protocol":"TCP"},{"name":"https-splunkd","containerPort":8089,"protocol":"TCP"},{"name":"tcp-s2s","containerPort":9997,"protocol":"TCP"},{"name":"user-defined","containerPort":32000,"protocol":"UDP"}],"env":[{"name":"SPLUNK_HOME","value":"/opt/splunk"},{"name":"SPLUNK_START_ARGS","value":"--accept-license"},{"name":"SPLUNK_DEFAULTS_URL","value":"/mnt/splunk-secrets/default.yml"},{"name":"SPLUNK_HOME_OWNERSHIP_ENFORCEMENT","value":"false"},{"name":"SPLUNK_ROLE","value":"splunk_standalone"},{"name":"SPLUNK_DECLARATIVE_ADMIN_PASSWORD","value":"true"},{"name":"SPLUNK_OPERATOR_K8_LIVENESS_DRIVER_FILE_PATH","value":"/tmp/splunk_operator_k8s/probes/k8_liveness_driver.sh"},{"name":"SPLUNK_GENERAL_TERMS","value":"--accept-sgt-current-at-splunk-com"},{"name":"SPLUNK_SKIP_CLUSTER_BUNDLE_PUSH","value":"true"}],"resources":{"limits":{"cpu":"4","memory":"8Gi"},"requests":{"cpu":"100m","memory":"512Mi"}},"volumeMounts":[{"name":"pvc-etc","mountPath":"/opt/splunk/etc"},{"name":"pvc-var","mountPath":"/opt/splunk/var"},{"name":"splunk-test-probe-configmap","mountPath":"/mnt/probes"},{"name":"mnt-splunk-secrets","mountPath":"/mnt/splunk-secrets"}],"livenessProbe":{"exec":{"command":["/mnt/probes/livenessProbe.sh"]},"initialDelaySeconds":30,"timeoutSeconds":30,"periodSeconds":30,"failureThreshold":3},"readinessProbe":{"exec":{"command":["/mnt/probes/readinessProbe.sh"]},"initialDelaySeconds":10,"timeoutSeconds":5,"periodSeconds":5,"failureThreshold":3},"startupProbe":{"exec":{"command":["/mnt/probes/startupProbe.sh"]},"initialDelaySeconds":40,"timeoutSeconds":30,"periodSeconds":30,"failureThreshold":12},"imagePullPolicy":"IfNotPresent","securityContext":{"capabilities":{"add":["NET_BIND_SERVICE"],"drop":["ALL"]},"privileged":false,"runAsUser":41812,"runAsNonRoot":true,"allowPrivilegeEscalation":false,"seccompProfile":{"type":"RuntimeDefault"}}}],"securityContext":{"runAsUser":41812,"runAsNonRoot":true,"fsGroup":41812,"fsGroupChangePolicy":"OnRootMismatch"},"affinity":{"podAntiAffinity":{"preferredDuringSchedulingIgnoredDuringExecution":[{"weight":100,"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app.kubernetes.io/instance","operator":"In","values":["splunk-test-ingestor"]}]},"topologyKey":"kubernetes.io/hostname"}}]}},"schedulerName":"default-scheduler"}},"volumeClaimTemplates":[{"metadata":{"name":"pvc-etc","namespace":"test","creationTimestamp":null,"labels":{"app.kubernetes.io/component":"ingestor","app.kubernetes.io/instance":"splunk-test-ingestor","app.kubernetes.io/managed-by":"splunk-operator","app.kubernetes.io/name":"ingestor","app.kubernetes.io/part-of":"splunk-test-ingestor"}},"spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"10Gi"}}},"status":{}},{"metadata":{"name":"pvc-var","namespace":"test","creationTimestamp":null,"labels":{"app.kubernetes.io/component":"ingestor","app.kubernetes.io/instance":"splunk-test-ingestor","app.kubernetes.io/managed-by":"splunk-operator","app.kubernetes.io/name":"ingestor","app.kubernetes.io/part-of":"splunk-test-ingestor"}},"spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"100Gi"}}},"status":{}}],"serviceName":"splunk-test-ingestor-headless","podManagementPolicy":"Parallel","updateStrategy":{"type":"OnDelete"}},"status":{"replicas":0,"availableReplicas":0}}`)
test(loadFixture(t, "statefulset_stack1_ingestor_base_1.json"))
Copy link
Collaborator

@qingw-splunk qingw-splunk Dec 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit (non-blocking): perhaps we could consider renaming the fixtures for clarity? The current base_1/2/3/4 naming requires reading the test code to understand what each test is.

"statefulset_stack1_ingestor_base_1.json" -> "statefulset_ingestor.json" 
"statefulset_stack1_ingestor_base_2.json" -> "statefulset_ingestor_with_serviceaccount.json"
"statefulset_stack1_ingestor_base_3.json" -> "statefulset_ingestor_with_extraenv.json"
"statefulset_stack1_ingestor_base_4.json" -> "statefulset_ingestor_with_labels.json "

@kasiakoziol kasiakoziol removed the request for review from gabrielm-splunk December 23, 2025 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rlieberman-splunk rlieberman-splunk rlieberman-splunk left review comments

@qingw-splunk qingw-splunk qingw-splunk left review comments

@kubabuczak kubabuczak Awaiting requested review from kubabuczak

@vivekr-splunk vivekr-splunk Awaiting requested review from vivekr-splunk

@patrykw-splunk patrykw-splunk Awaiting requested review from patrykw-splunk

@Igor-splunk Igor-splunk Awaiting requested review from Igor-splunk

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kasiakoziol @coveralls @rlieberman-splunk @qingw-splunk