-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
36 lines (26 loc) · 1.68 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
### Dockerfile for Splunk
FROM debian:jessie
RUN apt-get update -q && apt-get install -y \
wget
MAINTAINER Nick Perry <[email protected]>
# Download the Splunk installer, install Splunk, then remove the installer.
RUN wget -O splunk-6.3.2-aaff59bb082c-linux-2.6-amd64.deb 'http://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=x86_64&platform=linux&version=6.3.2&product=splunk&filename=splunk-6.3.2-aaff59bb082c-linux-2.6-amd64.deb&wget=true' && \
dpkg -i /splunk-6.3.2-aaff59bb082c-linux-2.6-amd64.deb && \
rm /splunk-6.3.2-aaff59bb082c-linux-2.6-amd64.deb
# Configure Splunk to run as splunk user.
RUN sed -i 's/# SPLUNK_OS_USER/SPLUNK_OS_USER=splunk/' /opt/splunk/etc/splunk-launch.conf && mkdir -p /opt/splunk/var /data /license && chown -R splunk:splunk /opt/splunk /data /license
# Create a basic local/web.conf to enable HTTPS for the Splunk web interface.
RUN echo '[settings]\nenableSplunkWebSSL = true\nprivKeyPath = etc/auth/splunkweb/privkey.pem\ncaCertPath = etc/auth/splunkweb/cert.pem' >> /opt/splunk/etc/system/local/web.conf && \
chown splunk:splunk /opt/splunk/etc/system/local/web.conf
# Add a script for Splunk process lifecycle management in Docker.
RUN echo '#!/bin/bash\nset -e\n/opt/splunk/bin/splunk start --accept-license --no-prompt --answer-yes\ntrap "echo SIGTERM && /opt/splunk/bin/splunk stop && exit" SIGTERM\ntail -f /dev/null &\nwait $!' > /bin/splunk.sh && chmod 755 /bin/splunk.sh
CMD ["/bin/splunk.sh"]
ENV SPLUNK_HOME /opt/splunk
EXPOSE 8000 8088 8089 9997 5514
VOLUME ["/data"]
VOLUME ["/license"]
VOLUME ["/opt/splunk/var"]
### END
### For persistence, map /opt/splunk/var to a directory on the host or separate
### data container.
###