Going Live: Splunk Operator for Kubernetes 1.0.0

With everything going on in the world, it seems like a lifetime ago that we started talking about the Splunk Operator for Kubernetes, which enables customers to easily deploy, scale, and manage Splunk Enterprise on their choice of cloud environment. During that time, we’ve heard from an increasing number of on-premise and public cloud Bring-Your-Own-License Splunk customers that containerization and Kubernetes are an important part of their current and future deployment plans.

On our side, the teams that build and test Splunk have also been enamoured by containerization for the last several years as a more efficient way to set up Splunk deployments from simple standalones to large clusters.

The two of these trends coming together, and a lot of hard work by our Engineering team, have brought us to a place where we can announce that the Splunk Operator for Kubernetes is Generally Available as a fully supported method for running Splunk Enterprise on Kubernetes.

We’re very excited about the prospects that Kubernetes offers as a more Cloud Native method for deploying Splunk Enterprise. As the feature set of Splunk has grown over the years, we’ve always been on the lookout for methods to make the setup and administration of Splunk easier. As we’ve evolved from bare-metal to VM to container, we think there is a real opportunity to remove some of the burden from customers having to create their own automation to get Splunk running, especially at scale. Moreover, we can build our Operator to take advantage of Kubernetes capabilities that enhance the administrative experience and provide for resiliency in the Splunk deployment.

For the 1.0.0 release, we’ve added some great features beyond the already impressive set of capabilities in the Alpha/Beta. We’ve been very fortunate to have an engaged community of Splunk users sending us bugs and feedback. We also worked with a set of interested customers through the fall and winter on further validating what we’ve been working on.

A Couple of the Feature Highlights:

Cluster-wide Secrets Management

Getting all of the components of a distributed Splunk deployment talking to each other is not easy. We’ve streamlined this in the Operator to take advantage of Kubernetes secrets to manage and version several items within Splunk. This ensures that as we bring up various services in our cluster, they are able to communicate and be managed in a centralized way.

Monitoring Console

The MC is an extremely useful tool for understanding what is going on in your distributed Splunk environment. But the setup and maintenance of all the Splunk instances under its eye was always a bit troublesome. Given the declarative nature of Kubernetes, we can automate much of this away hopefully improving the overall supportability of the product.

Multisite

With the advent of Public Cloud Service concepts like Availability Zones, we’ve heard from several customers that this needs to be a first class citizen in the setup and configuration of Splunk on Kubernetes. We already support multisite at the application level so making the jump between this and making it work in the Operator made sense. Even better, we partnered with an intrepid customer on the implementation and ultimate testing making the fact the Splunk Operator and supporting projects are, and will continue to be Open Source, even better.

Ingress

Early on in our discussions with customers, we knew that putting out additional guidance on getting connected to the Splunk deployment once built with the Splunk Operator was going to be key to success. Since this space is evolving quickly and we are dealing with Splunk specific areas, like Splunk-to-Splunk, we thought this appropriate.

Giving customers additional deployment platform options is good fun and it’s been quite a journey getting to where we are with the Operator. We hope you find the Splunk Operator for Kubernetes as useful and exciting as we do, and we can’t wait to hear your feedback!

Interested in Bringing Splunk Operator for Kubernetes to Your Organization?

Use this documentation and the resources below to get started today, reach out to your account representative or customer success associate to learn more, or contact our sales team for more information.

Resources:

----------------------------------------------------
Thanks!
Patrick Ogdin

/en_us/blog/fragments/digital-resilience-pays-off
Style
two-column

Related Articles

Smarter Noise Reduction in ITSI
Platform
8 Minute Read

Smarter Noise Reduction in ITSI

How can you use statistical analysis to identify whether you have an unusual number of events, and how can similar techniques be applied to non-numeric data to see if descriptions and sourcetype combinations appear unusual? Read all about it in this blog.
Announcing the General Availability of Splunk POD: Unlock the Power of Your Data with Ease
Platform
2 Minute Read

Announcing the General Availability of Splunk POD: Unlock the Power of Your Data with Ease

Splunk POD is designed to simplify your on-premises data analytics, so you can focus on what really matters: making smarter, faster decisions that drive your business forward.
Introducing Edge Processor: Next Gen Data Transformation
Platform
3 Minute Read

Introducing Edge Processor: Next Gen Data Transformation

Splunk Edge Processor, a service offering within Splunk Cloud Platform, is designed to help customers achieve greater efficiencies in data transformation close to the data source, and improved visibility into data in motion.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer