Docs » Get started with the Splunk Distribution of the OpenTelemetry Collector » Get started with the Collector for Kubernetes » Splunk Distribution of the OpenTelemetry Collector as an AWS EKS Add-on

Splunk Distribution of the OpenTelemetry Collector as an AWS EKS Add-on πŸ”—

Amazon Elastic Kubernetes Service (EKS) is a managed container service to run and scale Kubernetes applications in the Amazon Web services (AWS) cloud. Splunk Observability Cloud provides an EKS Add-on available in the AWS marketplace that allows you to seamlessly deploy the Splunk Distribution of the OpenTelemetry Collector to Amazon EKS clusters to track EKS performance by namespace, cluster, pod or organizational concepts such as team or application.

For more information, read the official AWS documentation at Amazon EKS add-ons .

Note

This Add-on is different from the Add-ons for the Splunk Platform. Refer to Splunk Supported Add-ons for more information.

Benefits πŸ”—

The Splunk Distribution of the OpenTelemetry Collector Amazon EKS Add-on:

  • Provides simplified installation, configuration and management of Amazon EKS clusters.

  • Includes the latest security patches, bug fixes, and are validated by AWS to work with Amazon EKS.

Limitations πŸ”—

While the Add-on deployment approach offers numerous advantages, be aware of these limitations:

  • The EKS Add-on integration doesn’t support Helm hooks and Helm subcharts. Consequently, certain features that rely on these capabilities are unavailable, such as:

    • The Collector Secret Validation feature is unavailable as it uses a Helm hook.

    • Operator-based Auto-Instrumentation is unsupported since it relies on subcharts for deploying necessary components.

  • With the EKS Add-on, you can only deploy one instance of the Splunk Distribution of the OTel Collector per EKS cluster. Take into account this limitation when planning for scale and redundancy.

Install the EKS Add-on with secure token handling πŸ”—

To install the EKS Add-on Splunk Distribution of the OpenTelemetry Collector follow these steps:

Step 1: Subscribe to the EKS Add-on in the AWS Marketplace πŸ”—

In your AWS Marketplace, ensure that:

  • You have sufficient permissions in your AWS account to enable this Add-on.

  • Complete the subscription process in the AWS console. Go to the AWS Marketplace Page to add the EKS Add-on Splunk Distribution of the OpenTelemetry Collector to your AWS account.

Step 2: Prerequisites πŸ”—

Make sure you comply with the following requisites:

Credentials πŸ”—

Make sure you have credentials for Splunk Observability Cloud or Splunk Platform.

Destination requirements πŸ”—

For splunkObservability:

For splunkPlatform (Splunk Enterprise or Splunk Cloud):

Step 3: Add the Add-on to your EKS clusters πŸ”—

Follow the steps outlined in the Amazon EKS User Guide to add an Add-on using eksctl, the AWS Management Console, or the AWS CLI.

Find the Amazon EKS User Guide at Managing Amazon EKS add-ons .

Step 4: Configure the Add-on with improved security πŸ”—

To configure the Splunk Distribution of the OpenTelemetry Collector EKS Add-on, prepare a YAML file tailored to your Splunk set-up, replacing placeholder values with your specific configuration details.

Caution

For security reasons, avoid including tokens or any sensitive data in the configuration file, as EKS Add-on configurations are exposed within the EKS web console.

For splunkObservability:

splunkObservability:
    realm: <REALM>
clusterName: <EKS_CLUSTER_NAME>
cloudProvider: aws
distribution: eks

secret:
    create: false
    name: splunk-otel-collector
    validateSecret: false

For splunkPlatform:

splunkPlatform:
    endpoint: http://localhost:8088/services/collector
clusterName: <EKS_CLUSTER_NAME>
cloudProvider: aws
distribution: eks

secret:
    create: false
    name: splunk-otel-collector
    validateSecret: false

Note

For more specific configuration information, see Install the Collector for Kubernetes using Helm.

Step 5: Add your secret and deploy πŸ”—

Deploy the secret into the Splunk monitoring namespace by applying a YAML file, or by using the kubectl command.

YAML file πŸ”—

To deploy the secret, use a distinct Kubernetes secret YAML file with sensitive tokens, separate from the Add-on configuration YAML.

Use the command:

kubectl apply -f splunk-otel-collector-secret.yaml

Here’s a template for the secret YAML file:

apiVersion: v1
kind: Secret
metadata:
    name: splunk-otel-collector
    namespace: splunk-monitoring
type: Opaque
data:
    splunk_observability_access_token: <YOUR_ACCESS_TOKEN> # Replace with your actual access token
    splunk_platform_hec_token: <YOUR_HEC_TOKEN>  # Add this line only if using with splunkPlatform

kubectl command πŸ”—

To create secrets, use kubectl command:

For splunkObservability:

kubectl create secret generic splunk-otel-collector \
    --from-literal=splunk_observability_access_token=<YOUR_ACCESS_TOKEN> \
    -n splunk-monitoring

Replace <YOUR_ACCESS_TOKEN> with your actual Splunk Observability Cloud access token.

For splunkPlatform:

kubectl create secret generic splunk-otel-collector \
    --from-literal=splunk_platform_hec_token=<YOUR_HEC_TOKEN> \
    -n splunk-monitoring

Replace <YOUR_HEC_TOKEN> with your actual Splunk Platform HEC token.

Step 6: Wait for the Collector πŸ”—

After adding the secret, allow some time for the Collector to detect your secret and start running successfully.

Install the EKS Add-on without secure token handling πŸ”—

Alternatively, you can install the EKS Add-on with lower levels of security, without deploying a secret.

Caution

For security reasons, avoid including tokens or any sensitive data in the configuration file, as EKS Add-on configurations are exposed within the EKS web console.

Prepare a YAML file tailored to your Splunk set-up as follows.

For splunkObservability:

splunkObservability:
    accessToken: <YOUR_ACCESS_TOKEN>
    realm: <REALM>
clusterName: <EKS_CLUSTER_NAME>
cloudProvider: aws
distribution: eks

Replace <YOUR_ACCESS_TOKEN> and <REALM> with your actual Splunk Observability Cloud access token within the corresponding realm, and replace <EKS_CLUSTER_NAME> with your actual EKS cluster’s name.

For splunkPlatform:

splunkPlatform:
    endpoint: http://localhost:8088/services/collector
    token: <YOUR_HEC_TOKEN>
clusterName: <EKS_CLUSTER_NAME>
cloudProvider: aws
distribution: eks

Replace <YOUR_HEC_TOKEN> with your actual Splunk Platform HEC token, and replace <EKS_CLUSTER_NAME> with your actual EKS cluster’s name.

Note

For more specific configuration information, see Install the Collector for Kubernetes using Helm.

This page was last updated on Feb 12, 2024.