Install the ITSI Module for Continuous Delivery
This topic describes how to install the ITSI Module for Continuous Delivery on a single instance or a distributed environment.
Step 1: Install supported technologies onto your ITSI Continuous Delivery deployment
Install the ITSI supported technologies that apply to your deployment. Supported technologies for different instances are listed in the table below:
Technology Name | Add-on Version | Link to installation | Search Heads | Indexers | Forwarders |
---|---|---|---|---|---|
Splunk Add-on for JIRA | 2.2.0 and above | Installation guide | x | x | |
Splunk Add-on for Bamboo | 1.0.0 and above | Installation guide | x | x | |
Splunk App for Jenkins | 1.0.3 and above | Installation guide | x | ||
Splunk Plugin for Jenkins | 1.4.2 and above | Installation guide (Install on Jenkins server) |
Verify Data Collection
Verify that the add-ons in your deployment are installed and configured correctly by checking the add-on's indices, sources or source types.
Supported technology | Data verification search |
---|---|
Splunk Add-on for JIRA | tag=continuous_delivery OR sourcetype=*
|
Splunk Add-on for Bamboo | tag=continuous_delivery OR sourcetype=*
|
Splunk App for Jenkins | tag=continuous_delivery OR sourcetype=*
|
See About installing Splunk add-ons to learn how to install a Splunk add-on in the following deployment scenarios.
Step 2: Install the Splunk ITSI Module for Continuous Delivery onto your ITSI deployment
Install the Splunk ITSI Module for Continuous Delivery on every Splunk platform instance that has ITSI installed.
Install on a single instance
You can install the ITSI Module for Continuous Delivery on a single Splunk platform instance. In a single-instance deployment, a single Splunk platform instance serves as both search head and indexer.
- Download the ITSI Module for Continuous Delivery installation package from Splunkbase.
- Stop
splunk
.cd $SPLUNK_HOME/bin ./splunk stop
- Extract the package into
$SPLUNK_HOME/etc/apps
.tar -xvf splunk-itsi-module-for-continuous-delivery_<number>.tgz -C $SPLUNK_HOME/etc/apps
- Start
splunkd
.cd $SPLUNK_HOME/bin ./splunk start
Install the ITSI Module for Continuous Delivery in a distributed environment
You can install the ITSI Module for Continuous Delivery in any distributed Splunk platform environment. For more information about distributed Splunk platform environments, see Where to install IT Service Intelligence in a distributed environment in the Install and Upgrade Splunk IT Service Intelligence manual.
Install on search heads
- Copy the ITSI install package to all search heads.
scp splunk-itsi-module-for-continuous-delivery_<number>.tgz username@remotehost.com:$SPLUNK_HOME/etc/apps
- Untar the install package.
tar -xvf splunk-itsi-module-for-continuous-delivery_<number>.tgz
- Restart
splunkd
.cd $SPLUNK_HOME/bin ./splunk restart
Install the Continuous Delivery Module on a search head cluster
ITSI versions 2.1.0 and later support search head clusters.
When deploying ITSI to a search head cluster in a production environment, note the following:
- LDAP is the only supported way to centrally manage users and groups.
- The deployer distributes all apps and permissions to search head cluster members. The deployer is a Splunk platform instance that stands outside the cluster. The deployer cannot run on the same instance as another cluster member. See Parts of a search head cluster in the Distributed Search manual.
Prerequisites
Before you deploy ITSI to a search head cluster, make sure your Splunk platform deployment includes:
- An existing search head cluster, including a minimum of three search heads, any number of search peers (indexers), and a deployer server. See Deploy a search head cluster in the Distributed Search manual.
- An LDAP server. For information on setting up your LDAP server in Splunk Enterprise, see Configure LDAP with Splunk Web in Securing Splunk Enterprise.
Install the Continuous Delivery Module on the deployer
Install the Continuous Delivery Module on the deployer in the shcluster/apps
directory.
- Create a temporary directory for unzipping the data.
- Move the
splunk-itsi-module-for-continuous-delivery_<number>.tgz
file to this directory. - Extract the installation file.
- Copy all files included in the installation package from the temp location to
$SPLUNK_HOME/etc/shcluster/apps/
. For example:mkdir /tmp/itsi mv splunk-itsi-module-for-continuous-delivery_<number>.tgz /tmp/itsi cd /tmp/itsi tar -xvf splunk-itsi-module-for-continuous-delivery_<number>.tgz cp -R * $SPLUNK_HOME/etc/shcluster/apps/
Deploy the configuration bundle to the cluster
The next step is to push the configuration bundle from the deployer to search head cluster members.
Caution: Do not deploy a bundle from any instance other than the deployer. Running the apply shcluster-bundle
command on a non-deployer instance, such as a cluster member, will delete all existing apps and user generated content on all search head cluster members!
- On the deployer, under
$SPLUNK_HOME/etc/shcluster/apps
, create a subdirectoryauth_itsi/local
.cd $SPLUNK_HOME/etc/shcluster/apps mkdir auth_itsi/local
- Copy the
authentication.conf
file from$SPLUNK_HOME/etc/system/local/
to$SPLUNK_HOME/etc/shcluster/apps/auth_itsi/local
.cd $SPLUNK_HOME/etc/system/local/ cp authentication.conf $SPLUNK_HOME/etc/shcluster/apps/auth_itsi/local
- Run the
splunk apply shcluster-bundle
command on the deployer.splunk apply shcluster-bundle -target <URI>:<management_port> -auth <username>:<password>
The-target
parameter (required) specifies the URI and management port for any member of the cluster. For example:https://10.0.1.14:8089
. Though you specify a single cluster member only, the deployer pushes the URI and management port to all members.
The-auth
parameter specifies credentials for the deployer instance. This pushes everything contained in theshcluster/
directory (including the ITSI app, all SAs, and the LDAP configuration) from the deployer to each search head cluster member.
For user access controls to work properly across the search head cluster, the same user with the same roles or capabilities must exist on all search heads. To do this, you can use authentication.conf
to push the LDAP configuration to each cluster member (as described in the previous section), or manually copy the LDAP configuration to each search head cluster member.
For more information, see Deploy a configuration bundle in the Distributed Search manual.
Configure search head cluster members to forward data
It is considered a best practice to forward data from search heads to the indexer layer. For instructions on how to configure search head cluster members to forward data, see Forward data from search head cluster members in the Distributed Search manual.
Propagate modular inputs for CSV import to a cluster
If you save a modular input for CSV import on a search head, the modular input applies to that search head only. To propagate the modular input to other search heads in the cluster, you must use the deployer. For more information, see Create a modular input for CSV import in this manual.
About the Splunk ITSI Module for Continuous Delivery | Configure the ITSI Module for Continuous Delivery |
This documentation applies to the following versions of Splunk® ITSI Module for Continuous Delivery: 1.0.0
Feedback submitted, thanks!