Administrator
/
Splunk_Docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Splunk_Docker/New/Dockerfile

101 lines
4.6 KiB
Raw Permalink Blame History

# Create Base Image
FROM registry.access.redhat.com/ubi8/ubi-minimal
#FROM debian:buster-slim
LABEL name="splunk" \
maintainer="Brett.woodruff@kinneygroup.com" \
vendor="splunk" \
release="1" \
summary="UBI 8 Docker image of Splunk Enterprise" \
description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
ARG BUSYBOX_URL \
UID=41812 \
GID=41812 \
SPLUNK_BUILD_URL=https://download.splunk.com/products/splunk/beta/9.2.2.20240415/linux/splunkbeta-9.2.2.20240415-51a9cf8e4d88-Linux-x86_64.tgz \
SPLUNK_FILENAME=splunk-9.2.2.20240415-51a9cf8e4d88-Linux-x86_64.tgz \
SPLUNK_DEFAULTS_URL
ENV BUSYBOX_URL=${BUSYBOX_URL} \
PYTHON_VERSION=3.10.13 \
PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D \
SPLUNK_HOME=/opt/splunk \
SPLUNK_GROUP=splunk \
SPLUNK_USER=splunk \
TMPSPLUNKDIR=${SPLUNK_HOME}/tmp \
TMPETCDIR=${TMPSPLUNKDIR}/etc \
SPLUNK_ROLE=splunk_standalone \
SPLUNK_DEFAULTS_URL=${SPLUNK_DEFAULTS_URL} \
SPLUNK_ANSIBLE_HOME=/opt/ansible \
ANSIBLE_USER=ansible \
ANSIBLE_GROUP=ansible \
CONTAINER_ARTIFACT_DIR=/opt/container_artifact \
BUSYBOX_URL=${BUSYBOX_URL} \
PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
COPY install.sh /install.sh
RUN chmod +x /install.sh \
&& /install.sh
# Download Splunk and prepare for image
COPY splunk/common-files/make-minimal-exclude.py /tmp
RUN python /tmp/make-minimal-exclude.py ${SPLUNK_BUILD_URL} > /tmp/splunk-minimal-exclude.list \
&& echo "Downloading Splunk and validating the checksum at: ${SPLUNK_BUILD_URL}" \
&& wget -qO /tmp/${SPLUNK_FILENAME} ${SPLUNK_BUILD_URL} \
&& mkdir -p /minimal/splunk/var /extras/splunk/var \
&& tar -C /minimal/splunk --strip 1 --exclude-from=/tmp/splunk-minimal-exclude.list -zxf tmp/${SPLUNK_FILENAME} \
&& tar -C /extras/splunk --strip 1 --wildcards --files-from=/tmp/splunk-minimal-exclude.list -zxf tmp/${SPLUNK_FILENAME} \
&& mv /minimal/splunk/etc /minimal/splunk-etc \
&& mv /extras/splunk/etc /extras/splunk-etc \
&& mkdir -p /minimal/splunk/etc /minimal/splunk/share/splunk/search_mrsparkle/modules.new \
&& mv /minimal/splunk-etc /opt \
&& cp -R /extras/splunk-etc /opt/splunk-etc \
&& tar -C /opt/ -zxf /tmp/${SPLUNK_FILENAME} \
&& mv /opt/splunkbeta /opt/splunk \
&& rm -rf /tmp/${SPLUNK_FILENAME} \
&& rm -rf /minimal \
&& rm -rf /extras \
&& rm -rf /extras/splunk-etc
COPY splunk/common-files/apps /opt/splunk-etc/apps/
# Simple script used to populate/upgrade splunk/etc directory
COPY [ "splunk/common-files/updateetc.sh", "/sbin/" ]
RUN groupadd -r -g ${GID} ${SPLUNK_GROUP} \
&& useradd -r -m -u ${UID} -g ${GID} -s /bin/bash ${SPLUNK_USER} \
&& chmod 755 /sbin/updateetc.sh \
&& chown -R splunk:splunk /opt/splunk
USER ${SPLUNK_USER}
WORKDIR ${SPLUNK_HOME}
EXPOSE 8000 8089 8065 8088 8191 9887 9997 9514
VOLUME [ "/opt/splunk/etc", "/opt/splunk/var" ]
USER root
COPY [ "splunk/common-files/entrypoint.sh", "splunk/common-files/createdefaults.py", "splunk/common-files/checkstate.sh", "/sbin/" ]
COPY splunk-ansible ${SPLUNK_ANSIBLE_HOME}
# Set sudo rights
RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nansible ALL=(splunk)NOPASSWD:ALL/g' /etc/sudoers \
&& echo 'Create the ansible user/group' \
&& groupadd -r ${ANSIBLE_GROUP} \
&& useradd -r -m -g ${ANSIBLE_GROUP} -s /bin/bash ${ANSIBLE_USER} \
&& usermod -aG sudo ${ANSIBLE_USER} \
&& usermod -aG ${ANSIBLE_GROUP} ${SPLUNK_USER} \
&& echo 'Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".' \
&& mkdir ${CONTAINER_ARTIFACT_DIR} \
&& chown -R ${ANSIBLE_USER}:${ANSIBLE_GROUP} ${CONTAINER_ARTIFACT_DIR} \
&& chmod -R 775 ${CONTAINER_ARTIFACT_DIR} \
&& chmod -R 555 ${SPLUNK_ANSIBLE_HOME} \
&& chgrp ${ANSIBLE_GROUP} ${SPLUNK_ANSIBLE_HOME} ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
&& chmod 775 ${SPLUNK_ANSIBLE_HOME} \
&& chmod 664 ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
&& chmod 755 /sbin/entrypoint.sh /sbin/createdefaults.py /sbin/checkstate.sh
USER ${ANSIBLE_USER}
HEALTHCHECK --interval=30s --timeout=30s --start-period=3m --retries=5 CMD /sbin/checkstate.sh || exit 1
ENTRYPOINT [ "/sbin/entrypoint.sh" ]
CMD [ "start-service" ]
Reference in new issue View Git Blame Copy Permalink

Powered by BW's shoe-string budget.