部署 Splunk Docker 镜像登录失败
Deploying Splunk Docker image fails to login
我正在使用 splunk/splunk docker 图像和以下命令来构建和 运行,正如我从 repository README:
中了解到的
docker build --network=$DOCKER_NETWORK -t my-splunk .
docker run \
--name=my-splunk \
--network=$DOCKER_NETWORK \
-p 8000:8000 \
-e SPLUNK_START_ARGS="--accept-license" \
-e SPLUNK_PASSWORD="1234" \
--restart unless-stopped \
-d my-splunk
当我在 localhost:8000 上打开浏览器时,我会按预期进入 Splunk 登录页面,但是当我输入 admin 和 1234 时,我会收到错误 401:
No users exist. Please set up a user.
从容器内部查看 /opt/splunk/etc/system/local/user-seed.conf,内容看起来不错:
[user_info]
USERNAME = admin
PASSWORD = 1234
完整 docker 日志:
PLAY [localhost] ***************************************************************
TASK [Gathering Facts] *********************************************************
Sunday 07 October 2018 17:39:17 +0300 (0:00:00.091) 0:00:00.091 ********
ok: [localhost]
TASK [include_role : splunk_upgrade] *******************************************
Sunday 07 October 2018 17:39:18 +0300 (0:00:01.821) 0:00:01.913 ********
TASK [include_role : {{ splunk.role }}] ****************************************
Sunday 07 October 2018 17:39:19 +0300 (0:00:00.031) 0:00:01.945 ********
TASK [splunk_common : Install Splunk] ******************************************
Sunday 07 October 2018 17:39:19 +0300 (0:00:00.075) 0:00:02.021 ********
changed: [localhost]
TASK [splunk_common : Install Splunk (Windows)] ********************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:28.257) 0:00:30.278 ********
TASK [splunk_common : Generate user-seed.conf] *********************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.041) 0:00:30.320 ********
changed: [localhost] => (item=USERNAME)
changed: [localhost] => (item=PASSWORD)
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.377) 0:00:30.697 ********
included: /opt/ansible/roles/splunk_common/tasks/enable_s2s_port.yml for localhost
TASK [splunk_common : Enable the Splunk-to-Splunk port] ************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.062) 0:00:30.759 ********
changed: [localhost]
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:50 +0300 (0:00:02.733) 0:00:33.492 ********
included: /opt/ansible/roles/splunk_common/tasks/start_splunk.yml for localhost
TASK [splunk_common : Start Splunk] ********************************************
Sunday 07 October 2018 17:39:50 +0300 (0:00:00.054) 0:00:33.547 ********
changed: [localhost]
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:07.214) 0:00:40.761 ********
included: /opt/ansible/roles/splunk_common/tasks/add_splunk_license.yml for localhost
TASK [splunk_common : Download Splunk license] *********************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.056) 0:00:40.818 ********
TASK [splunk_common : Set downloaded license location] *************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.037) 0:00:40.855 ********
TASK [splunk_common : Set local license location] ******************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.034) 0:00:40.889 ********
ok: [localhost]
TASK [splunk_common : Apply Splunk license] ************************************
Sunday 07 October 2018 17:39:58 +0300 (0:00:00.043) 0:00:40.933 ********
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["/opt/splunk/bin/splunk", "add", "licenses", "-auth", "admin:1234"], "delta": "0:00:01.050830", "end": "2018-10-07 17:39:59.189296", "msg": "non-zero return code", "rc": 4, "start": "2018-10-07 17:39:58.138466", "stderr": "", "stderr_lines": [], "stdout": "missing PATH-TO-LICENSE-FILE argument: ./splunk add license [PATH-TO-FILE] ", "stdout_lines": ["missing PATH-TO-LICENSE-FILE argument: ./splunk add license [PATH-TO-FILE] "]}
...ignoring
TASK [splunk_common : Set as license slave] ************************************
Sunday 07 October 2018 17:39:59 +0300 (0:00:01.213) 0:00:42.146 ********
TASK [include_role : splunk_search_head] ***************************************
Sunday 07 October 2018 17:39:59 +0300 (0:00:00.031) 0:00:42.178 ********
PLAY RECAP *********************************************************************
localhost : ok=10 changed=5 unreachable=0 failed=0
Sunday 07 October 2018 17:39:59 +0300 (0:00:00.048) 0:00:42.226 ********
===============================================================================
splunk_common : Install Splunk ----------------------------------------- 28.26s
splunk_common : Start Splunk -------------------------------------------- 7.21s
splunk_common : Enable the Splunk-to-Splunk port ------------------------ 2.73s
Gathering Facts --------------------------------------------------------- 1.82s
splunk_common : Apply Splunk license ------------------------------------ 1.21s
splunk_common : Generate user-seed.conf --------------------------------- 0.38s
include_role : {{ splunk.role }} ---------------------------------------- 0.08s
splunk_common : include_tasks ------------------------------------------- 0.06s
splunk_common : include_tasks ------------------------------------------- 0.06s
splunk_common : include_tasks ------------------------------------------- 0.05s
include_role : splunk_search_head --------------------------------------- 0.05s
splunk_common : Set local license location ------------------------------ 0.04s
splunk_common : Install Splunk (Windows) -------------------------------- 0.04s
splunk_common : Download Splunk license --------------------------------- 0.04s
splunk_common : Set downloaded license location ------------------------- 0.03s
include_role : splunk_upgrade ------------------------------------------- 0.03s
splunk_common : Set as license slave ------------------------------------ 0.03s
===============================================================================
Ansible playbook complete, will begin streaming var/log/splunk/splunkd_stderr.log
嗯,显然密码必须符合一些默认要求,从 https://hub.docker.com/r/splunk/splunk/:
For a basic standalone Splunk environment, run the following command:
$ docker run -d -p 8000:8000 -e 'SPLUNK_START_ARGS=--accept-license'
-e 'SPLUNK_PASSWORD=' splunk/splunk:latest Note: The password supplied must conform to the default Splunk Enterprise
password requirements*
将密码从“1234”更改为“12345678910”后,登录正常(唯一重要的默认要求是密码长度应至少为 8 个字符)。
由于此创建用户失败的消息已被屏蔽,并且由于这仅在 dockerhub 中有记录而没有在 github 中记录,因此我将打开一个案例来通知他们。
我正在使用 splunk/splunk docker 图像和以下命令来构建和 运行,正如我从 repository README:
docker build --network=$DOCKER_NETWORK -t my-splunk .
docker run \
--name=my-splunk \
--network=$DOCKER_NETWORK \
-p 8000:8000 \
-e SPLUNK_START_ARGS="--accept-license" \
-e SPLUNK_PASSWORD="1234" \
--restart unless-stopped \
-d my-splunk
当我在 localhost:8000 上打开浏览器时,我会按预期进入 Splunk 登录页面,但是当我输入 admin 和 1234 时,我会收到错误 401:
No users exist. Please set up a user.
从容器内部查看 /opt/splunk/etc/system/local/user-seed.conf,内容看起来不错:
[user_info]
USERNAME = admin
PASSWORD = 1234
完整 docker 日志:
PLAY [localhost] ***************************************************************
TASK [Gathering Facts] *********************************************************
Sunday 07 October 2018 17:39:17 +0300 (0:00:00.091) 0:00:00.091 ********
ok: [localhost]
TASK [include_role : splunk_upgrade] *******************************************
Sunday 07 October 2018 17:39:18 +0300 (0:00:01.821) 0:00:01.913 ********
TASK [include_role : {{ splunk.role }}] ****************************************
Sunday 07 October 2018 17:39:19 +0300 (0:00:00.031) 0:00:01.945 ********
TASK [splunk_common : Install Splunk] ******************************************
Sunday 07 October 2018 17:39:19 +0300 (0:00:00.075) 0:00:02.021 ********
changed: [localhost]
TASK [splunk_common : Install Splunk (Windows)] ********************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:28.257) 0:00:30.278 ********
TASK [splunk_common : Generate user-seed.conf] *********************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.041) 0:00:30.320 ********
changed: [localhost] => (item=USERNAME)
changed: [localhost] => (item=PASSWORD)
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.377) 0:00:30.697 ********
included: /opt/ansible/roles/splunk_common/tasks/enable_s2s_port.yml for localhost
TASK [splunk_common : Enable the Splunk-to-Splunk port] ************************
Sunday 07 October 2018 17:39:47 +0300 (0:00:00.062) 0:00:30.759 ********
changed: [localhost]
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:50 +0300 (0:00:02.733) 0:00:33.492 ********
included: /opt/ansible/roles/splunk_common/tasks/start_splunk.yml for localhost
TASK [splunk_common : Start Splunk] ********************************************
Sunday 07 October 2018 17:39:50 +0300 (0:00:00.054) 0:00:33.547 ********
changed: [localhost]
TASK [splunk_common : include_tasks] *******************************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:07.214) 0:00:40.761 ********
included: /opt/ansible/roles/splunk_common/tasks/add_splunk_license.yml for localhost
TASK [splunk_common : Download Splunk license] *********************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.056) 0:00:40.818 ********
TASK [splunk_common : Set downloaded license location] *************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.037) 0:00:40.855 ********
TASK [splunk_common : Set local license location] ******************************
Sunday 07 October 2018 17:39:57 +0300 (0:00:00.034) 0:00:40.889 ********
ok: [localhost]
TASK [splunk_common : Apply Splunk license] ************************************
Sunday 07 October 2018 17:39:58 +0300 (0:00:00.043) 0:00:40.933 ********
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["/opt/splunk/bin/splunk", "add", "licenses", "-auth", "admin:1234"], "delta": "0:00:01.050830", "end": "2018-10-07 17:39:59.189296", "msg": "non-zero return code", "rc": 4, "start": "2018-10-07 17:39:58.138466", "stderr": "", "stderr_lines": [], "stdout": "missing PATH-TO-LICENSE-FILE argument: ./splunk add license [PATH-TO-FILE] ", "stdout_lines": ["missing PATH-TO-LICENSE-FILE argument: ./splunk add license [PATH-TO-FILE] "]}
...ignoring
TASK [splunk_common : Set as license slave] ************************************
Sunday 07 October 2018 17:39:59 +0300 (0:00:01.213) 0:00:42.146 ********
TASK [include_role : splunk_search_head] ***************************************
Sunday 07 October 2018 17:39:59 +0300 (0:00:00.031) 0:00:42.178 ********
PLAY RECAP *********************************************************************
localhost : ok=10 changed=5 unreachable=0 failed=0
Sunday 07 October 2018 17:39:59 +0300 (0:00:00.048) 0:00:42.226 ********
===============================================================================
splunk_common : Install Splunk ----------------------------------------- 28.26s
splunk_common : Start Splunk -------------------------------------------- 7.21s
splunk_common : Enable the Splunk-to-Splunk port ------------------------ 2.73s
Gathering Facts --------------------------------------------------------- 1.82s
splunk_common : Apply Splunk license ------------------------------------ 1.21s
splunk_common : Generate user-seed.conf --------------------------------- 0.38s
include_role : {{ splunk.role }} ---------------------------------------- 0.08s
splunk_common : include_tasks ------------------------------------------- 0.06s
splunk_common : include_tasks ------------------------------------------- 0.06s
splunk_common : include_tasks ------------------------------------------- 0.05s
include_role : splunk_search_head --------------------------------------- 0.05s
splunk_common : Set local license location ------------------------------ 0.04s
splunk_common : Install Splunk (Windows) -------------------------------- 0.04s
splunk_common : Download Splunk license --------------------------------- 0.04s
splunk_common : Set downloaded license location ------------------------- 0.03s
include_role : splunk_upgrade ------------------------------------------- 0.03s
splunk_common : Set as license slave ------------------------------------ 0.03s
===============================================================================
Ansible playbook complete, will begin streaming var/log/splunk/splunkd_stderr.log
嗯,显然密码必须符合一些默认要求,从 https://hub.docker.com/r/splunk/splunk/:
For a basic standalone Splunk environment, run the following command:
$ docker run -d -p 8000:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=' splunk/splunk:latest Note: The password supplied must conform to the default Splunk Enterprise password requirements*
将密码从“1234”更改为“12345678910”后,登录正常(唯一重要的默认要求是密码长度应至少为 8 个字符)。
由于此创建用户失败的消息已被屏蔽,并且由于这仅在 dockerhub 中有记录而没有在 github 中记录,因此我将打开一个案例来通知他们。