Merge pull request #381 from splunk/develop

alishamayor · web-flow · commit 4230b223dbf6 · 2020-06-10T18:23:29.000-07:00
Release/8.0.4.1 and 7.3.6
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -11,3 +11,6 @@
 
 # Docs-only pull requests:
 /docs/  @alishamayor @nwang92 @bb03
+
+# Release changelog
+docs/CHANGELOG.md  @nwang92 @alishamayor @arctan5x @lephino @jrigassio-splunk @jmeixensperger @hendolim @jonathan-vega-splunk @bb03
diff --git a/Makefile b/Makefile
@@ -7,8 +7,8 @@ SPLUNK_ANSIBLE_BRANCH ?= develop
 SPLUNK_COMPOSE ?= cluster_absolute_unit.yaml
 # Set Splunk version/build parameters here to define downstream URLs and file names
 SPLUNK_PRODUCT := splunk
-SPLUNK_VERSION := 8.0.4
-SPLUNK_BUILD := 767223ac207f
+SPLUNK_VERSION := 8.0.4.1
+SPLUNK_BUILD := ab7a85abaa98
 ifeq ($(shell arch), s390x)
 	SPLUNK_ARCH = s390x
 else
diff --git a/base/redhat-8/Dockerfile b/base/redhat-8/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright 2018 Splunk
+# Copyright 2018-2020 Splunk
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,7 +16,7 @@
 # the container catalog moved from registry.access.redhat.com to registry.redhat.io
 # So at some point before they deprecate the old registry we have to make sure that
 # we have access to the new registry and change where we pull the ubi image from.
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.1-409
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.2-267
 LABEL name="splunk" \
       maintainer="support@splunk.com" \
       vendor="splunk" \
diff --git a/base/redhat-8/install.sh b/base/redhat-8/install.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2018 Splunk
+# Copyright 2018-2020 Splunk
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -32,10 +32,17 @@ microdnf -y --nodocs install wget sudo shadow-utils procps tar tzdata
 #install busybox direct from the multiarch since epel isn't availible yet for redhat8
 wget -O /bin/busybox https://busybox.net/downloads/binaries/1.28.1-defconfig-multiarch/busybox-`arch`
 chmod +x /bin/busybox
+microdnf -y --nodocs update gnutls kernel-headers
 microdnf -y --nodocs install python2-pip python2-devel redhat-rpm-config gcc libffi-devel openssl-devel
 pip2 --no-cache-dir install requests ansible
-microdnf -y remove gcc libffi-devel openssl-devel redhat-rpm-config python2-devel device-mapper-libs device-mapper cryptsetup-libs systemd systemd-pam dbus dbus-common dbus-daemon dbus-tools dbus-libs go-srpm-macros iptables-libs ocaml-srpm-macros openblas-srpm-macros qt5-srpm-macros perl-srpm-macros rust-srpm-macros ghc-srpm-macros platform-python python3-rpm-generators platform-python-setuptools python3-libs platform-python-pip python3-rpm-generators python3-rpm-macros elfutils-libs efi-srpm-macros zip unzip xkeyboard-config libxkbcommon redhat-rpm-config util-linux dwz file file-libs findutils iptables-libs diffutils annobin python-rpm-macros python-srpm-macros python2-devel python2-rpm-macros kmod-libs libfdisk libffi-devel libpcap libseccomp libutempter
-
+microdnf -y remove gcc openssl-devel redhat-rpm-config python2-devel device-mapper-libs device-mapper trousers systemd systemd-pam \
+                   dwz dbus dbus-common dbus-daemon dbus-tools dbus-libs go-srpm-macros iptables-libs annobin cryptsetup-libs \
+                   ocaml-srpm-macros openblas-srpm-macros qt5-srpm-macros perl-srpm-macros rust-srpm-macros ghc-srpm-macros \
+                   efi-srpm-macros python-srpm-macros python-rpm-macros python3-rpm-macros python2-rpm-macros python3-rpm-generators \
+                   zip unzip xkeyboard-config file file-libs findutils diffutils kmod-libs util-linux libxkbcommon libffi-devel \
+                   elfutils-libs elfutils-debuginfod-client elfutils-default-yama-scope pcre2-devel pcre2-utf16 pcre2-utf32 \
+                   libfdisk libpcap libseccomp libselinux-devel libutempter binutils libxcrypt-devel cpp glibc-devel glibc-headers \
+                   krb5-devel libkadm5 platform-python-pip
 
 cd /bin
 ln -s python2 python || true
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
diff --git a/docs/EXAMPLES.md b/docs/EXAMPLES.md
@@ -15,14 +15,14 @@ Note that for more complex scenarios, we will opt to use a [Docker compose file]
     * [...with a SplunkBase app](#create-standalone-with-splunkbase-app)
     * [...with SSL enabled](#create-standalone-with-ssl-enabled)
     * [...with a Splunk Free license](#create-standalone-with-splunk-free-license)
+* [Create sidecar forwarder running as root](#create-sidecar-root-forwarder)
 * [Create standalone and universal forwarder](#create-standalone-and-universal-forwarder)
 * [Create heavy forwarder](#create-heavy-forwarder)
 * [Create heavy forwarder and deployment server](#create-heavy-forwarder-and-deployment-server)
 * [Create indexer cluster](#create-indexer-cluster)
 * [Create search head cluster](#create-search-head-cluster)
 * [Create indexer cluster and search head cluster](#create-indexer-cluster-and-search-head-cluster)
 * [Enable root endpoint on SplunkWeb](#enable-root-endpoint-on-splunkweb)
-* [Create sidecar forwarder](#create-sidecar-forwarder)
 * [More](#more)
 
 ## Create standalone from CLI
@@ -221,6 +221,61 @@ $ docker run --name so1 --hostname so1 -p 8000:8000 \
               -it splunk/splunk:latest
 ```
 
+## Create sidecar root forwarder
+
+<details><summary markdown='span'><code>k8s-sidecar.yml</code></summary><p></p>
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: example
+spec:
+  securityContext:
+    runAsUser: 0
+    runAsGroup: 0
+  containers:
+  - name: splunk-uf
+    image: splunk/universalforwarder:latest
+    env:
+    - name: SPLUNK_START_ARGS
+      value: --accept-license
+    - name: SPLUNK_USER
+      value: root
+    - name: SPLUNK_GROUP
+      value: root
+    - name: SPLUNK_PASSWORD
+      value: helloworld
+    - name: SPLUNK_CMD
+      value: add monitor /var/log/
+    - name: SPLUNK_STANDALONE_URL
+      value: splunk.company.internal
+    volumeMounts:
+    - name: shared-data
+      mountPath: /var/log
+  - name: my-app
+    image: my-app
+    volumeMounts:
+    - name: shared-data
+      mountPath: /app/logs/
+  volumes:
+  - name: shared-data
+    emptyDir: {}
+```
+</details><p></p>
+
+Execute the following to bring up your deployment:
+```
+$ kubectl apply -f k8s-sidecar.yml
+```
+
+Alternatively, if you're not using Kubernetes you can use the Docker CLI to bring up the Universal Forwarder under the `root` user with the following:
+```
+$ docker run -d -P --user root -e SPLUNK_START_ARGS=--accept-license -e SPLUNK_PASSWORD=helloworld -e SPLUNK_USER=root -e SPLUNK_GROUP=root splunk/universalforwarder:latest
+```
+
+After your pod is ready, the universal forwarder will be reading the logs generated by your app via the shared volume mount. In the ideal case, your app is generating the logs while the forwarder is reading them and streaming the output to a separate Splunk instance located at splunk.company.internal.
+
 ## Create standalone and universal forwarder
 You can also enable distributed deployments. In this case, we can create a Splunk universal forwarder running in a container to stream logs to a Splunk standalone, also running in a container.
 
@@ -855,48 +910,5 @@ $ SPLUNK_PASSWORD=<password> docker-compose up -d
 
 Then, visit SplunkWeb on your browser with the root endpoint in the URL, such as `http://localhost:8000/splunkweb`.
 
-## Create sidecar forwarder
-
-<details><summary markdown='span'><code>k8s-sidecar.yml</code></summary><p></p>
-
-```yaml
-apiVersion: v1
-kind: Pod
-metadata:
-  name: example
-spec:
-  containers:
-  - name: splunk-uf
-    image: splunk/universalforwarder:latest
-    env:
-    - name: SPLUNK_START_ARGS
-      value: --accept-license
-    - name: SPLUNK_PASSWORD
-      value: helloworld
-    - name: SPLUNK_CMD
-      value: add monitor /var/log/
-    - name: SPLUNK_STANDALONE_URL
-      value: splunk.company.internal
-    volumeMounts:
-    - name: shared-data
-      mountPath: /var/log
-  - name: my-app
-    image: my-app
-    volumeMounts:
-    - name: shared-data
-      mountPath: /app/logs/
-  volumes:
-  - name: shared-data
-    emptyDir: {}
-```
-</details><p></p>
-
-Execute the following to bring up your deployment:
-```
-$ kubectl apply -f k8s-sidecar.yml
-```
-
-After your pod is ready, the universal forwarder will be reading the logs generated by your app via the shared volume mount. In the ideal case, your app is generating the logs while the forwarder is reading them and streaming the output to a separate Splunk instance located at splunk.company.internal.
-
 ## More
 There are a variety of Docker compose scenarios in the `docker-splunk` repo [here](https://github.com/splunk/docker-splunk/tree/develop/test_scenarios). Feel free to use any of those for reference in deploying different topologies!
diff --git a/tests/pytest.ini b/tests/pytest.ini
@@ -1,3 +1,5 @@
 [pytest]
 filterwarnings =
     ignore::urllib3.exceptions.InsecureRequestWarning
+markers = 
+	large
diff --git a/tests/test_docker_splunk.py b/tests/test_docker_splunk.py
