You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
101 lines
4.6 KiB
101 lines
4.6 KiB
# Create Base Image
|
|
FROM registry.access.redhat.com/ubi8/ubi-minimal
|
|
#FROM debian:buster-slim
|
|
|
|
LABEL name="splunk" \
|
|
maintainer="Brett.woodruff@kinneygroup.com" \
|
|
vendor="splunk" \
|
|
release="1" \
|
|
summary="UBI 8 Docker image of Splunk Enterprise" \
|
|
description="Splunk Enterprise is a platform for operational intelligence. Our software lets you collect, analyze, and act upon the untapped value of big data that your technology infrastructure, security systems, and business applications generate. It gives you insights to drive operational performance and business results."
|
|
|
|
ARG BUSYBOX_URL \
|
|
UID=41812 \
|
|
GID=41812 \
|
|
SPLUNK_BUILD_URL=https://download.splunk.com/products/splunk/beta/9.2.2.20240415/linux/splunkbeta-9.2.2.20240415-51a9cf8e4d88-Linux-x86_64.tgz \
|
|
SPLUNK_FILENAME=splunk-9.2.2.20240415-51a9cf8e4d88-Linux-x86_64.tgz \
|
|
SPLUNK_DEFAULTS_URL
|
|
|
|
ENV BUSYBOX_URL=${BUSYBOX_URL} \
|
|
PYTHON_VERSION=3.10.13 \
|
|
PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D \
|
|
SPLUNK_HOME=/opt/splunk \
|
|
SPLUNK_GROUP=splunk \
|
|
SPLUNK_USER=splunk \
|
|
TMPSPLUNKDIR=${SPLUNK_HOME}/tmp \
|
|
TMPETCDIR=${TMPSPLUNKDIR}/etc \
|
|
SPLUNK_ROLE=splunk_standalone \
|
|
SPLUNK_DEFAULTS_URL=${SPLUNK_DEFAULTS_URL} \
|
|
SPLUNK_ANSIBLE_HOME=/opt/ansible \
|
|
ANSIBLE_USER=ansible \
|
|
ANSIBLE_GROUP=ansible \
|
|
CONTAINER_ARTIFACT_DIR=/opt/container_artifact \
|
|
BUSYBOX_URL=${BUSYBOX_URL} \
|
|
PYTHON_GPG_KEY_ID=0D96DF4D4110E5C43FBFB17F2D347EA6AA65421D
|
|
|
|
COPY install.sh /install.sh
|
|
|
|
RUN chmod +x /install.sh \
|
|
&& /install.sh
|
|
|
|
# Download Splunk and prepare for image
|
|
COPY splunk/common-files/make-minimal-exclude.py /tmp
|
|
RUN python /tmp/make-minimal-exclude.py ${SPLUNK_BUILD_URL} > /tmp/splunk-minimal-exclude.list \
|
|
&& echo "Downloading Splunk and validating the checksum at: ${SPLUNK_BUILD_URL}" \
|
|
&& wget -qO /tmp/${SPLUNK_FILENAME} ${SPLUNK_BUILD_URL} \
|
|
&& mkdir -p /minimal/splunk/var /extras/splunk/var \
|
|
&& tar -C /minimal/splunk --strip 1 --exclude-from=/tmp/splunk-minimal-exclude.list -zxf tmp/${SPLUNK_FILENAME} \
|
|
&& tar -C /extras/splunk --strip 1 --wildcards --files-from=/tmp/splunk-minimal-exclude.list -zxf tmp/${SPLUNK_FILENAME} \
|
|
&& mv /minimal/splunk/etc /minimal/splunk-etc \
|
|
&& mv /extras/splunk/etc /extras/splunk-etc \
|
|
&& mkdir -p /minimal/splunk/etc /minimal/splunk/share/splunk/search_mrsparkle/modules.new \
|
|
&& mv /minimal/splunk-etc /opt \
|
|
&& cp -R /extras/splunk-etc /opt/splunk-etc \
|
|
&& tar -C /opt/ -zxf /tmp/${SPLUNK_FILENAME} \
|
|
&& mv /opt/splunkbeta /opt/splunk \
|
|
&& rm -rf /tmp/${SPLUNK_FILENAME} \
|
|
&& rm -rf /minimal \
|
|
&& rm -rf /extras \
|
|
&& rm -rf /extras/splunk-etc
|
|
|
|
COPY splunk/common-files/apps /opt/splunk-etc/apps/
|
|
|
|
# Simple script used to populate/upgrade splunk/etc directory
|
|
COPY [ "splunk/common-files/updateetc.sh", "/sbin/" ]
|
|
|
|
RUN groupadd -r -g ${GID} ${SPLUNK_GROUP} \
|
|
&& useradd -r -m -u ${UID} -g ${GID} -s /bin/bash ${SPLUNK_USER} \
|
|
&& chmod 755 /sbin/updateetc.sh \
|
|
&& chown -R splunk:splunk /opt/splunk
|
|
|
|
USER ${SPLUNK_USER}
|
|
WORKDIR ${SPLUNK_HOME}
|
|
EXPOSE 8000 8089 8065 8088 8191 9887 9997 9514
|
|
VOLUME [ "/opt/splunk/etc", "/opt/splunk/var" ]
|
|
|
|
USER root
|
|
COPY [ "splunk/common-files/entrypoint.sh", "splunk/common-files/createdefaults.py", "splunk/common-files/checkstate.sh", "/sbin/" ]
|
|
COPY splunk-ansible ${SPLUNK_ANSIBLE_HOME}
|
|
|
|
# Set sudo rights
|
|
RUN sed -i -e 's/%sudo\s\+ALL=(ALL\(:ALL\)\?)\s\+ALL/%sudo ALL=NOPASSWD:ALL\nansible ALL=(splunk)NOPASSWD:ALL/g' /etc/sudoers \
|
|
&& echo 'Create the ansible user/group' \
|
|
&& groupadd -r ${ANSIBLE_GROUP} \
|
|
&& useradd -r -m -g ${ANSIBLE_GROUP} -s /bin/bash ${ANSIBLE_USER} \
|
|
&& usermod -aG sudo ${ANSIBLE_USER} \
|
|
&& usermod -aG ${ANSIBLE_GROUP} ${SPLUNK_USER} \
|
|
&& echo 'Container Artifact Directory is a place for all artifacts and logs that are generated by the provisioning process. The directory is owned by the user "ansible".' \
|
|
&& mkdir ${CONTAINER_ARTIFACT_DIR} \
|
|
&& chown -R ${ANSIBLE_USER}:${ANSIBLE_GROUP} ${CONTAINER_ARTIFACT_DIR} \
|
|
&& chmod -R 775 ${CONTAINER_ARTIFACT_DIR} \
|
|
&& chmod -R 555 ${SPLUNK_ANSIBLE_HOME} \
|
|
&& chgrp ${ANSIBLE_GROUP} ${SPLUNK_ANSIBLE_HOME} ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
|
|
&& chmod 775 ${SPLUNK_ANSIBLE_HOME} \
|
|
&& chmod 664 ${SPLUNK_ANSIBLE_HOME}/ansible.cfg \
|
|
&& chmod 755 /sbin/entrypoint.sh /sbin/createdefaults.py /sbin/checkstate.sh
|
|
|
|
USER ${ANSIBLE_USER}
|
|
HEALTHCHECK --interval=30s --timeout=30s --start-period=3m --retries=5 CMD /sbin/checkstate.sh || exit 1
|
|
ENTRYPOINT [ "/sbin/entrypoint.sh" ]
|
|
CMD [ "start-service" ]
|