With everything going on in the world, it seems like a lifetime ago that we started talking about the Splunk Operator for Kubernetes, which enables customers to easily deploy, scale, and manage Splunk Enterprise on their choice of cloud environment. During that time, we’ve heard from an increasing number of on-premise and public cloud Bring-Your-Own-License Splunk customers that containerization and Kubernetes are an important part of their current and future deployment plans.
On our side, the teams that build and test Splunk have also been enamoured by containerization for the last several years as a more efficient way to set up Splunk deployments from simple standalones to large clusters.
The two of these trends coming together, and a lot of hard work by our Engineering team, have brought us to a place where we can announce that the Splunk Operator for Kubernetes is Generally Available as a fully supported method for running Splunk Enterprise on Kubernetes.
We’re very excited about the prospects that Kubernetes offers as a more Cloud Native method for deploying Splunk Enterprise. As the feature set of Splunk has grown over the years, we’ve always been on the lookout for methods to make the setup and administration of Splunk easier. As we’ve evolved from bare-metal to VM to container, we think there is a real opportunity to remove some of the burden from customers having to create their own automation to get Splunk running, especially at scale. Moreover, we can build our Operator to take advantage of Kubernetes capabilities that enhance the administrative experience and provide for resiliency in the Splunk deployment.
For the 1.0.0 release, we’ve added some great features beyond the already impressive set of capabilities in the Alpha/Beta. We’ve been very fortunate to have an engaged community of Splunk users sending us bugs and feedback. We also worked with a set of interested customers through the fall and winter on further validating what we’ve been working on.
Getting all of the components of a distributed Splunk deployment talking to each other is not easy. We’ve streamlined this in the Operator to take advantage of Kubernetes secrets to manage and version several items within Splunk. This ensures that as we bring up various services in our cluster, they are able to communicate and be managed in a centralized way.
The MC is an extremely useful tool for understanding what is going on in your distributed Splunk environment. But the setup and maintenance of all the Splunk instances under its eye was always a bit troublesome. Given the declarative nature of Kubernetes, we can automate much of this away hopefully improving the overall supportability of the product.
With the advent of Public Cloud Service concepts like Availability Zones, we’ve heard from several customers that this needs to be a first class citizen in the setup and configuration of Splunk on Kubernetes. We already support multisite at the application level so making the jump between this and making it work in the Operator made sense. Even better, we partnered with an intrepid customer on the implementation and ultimate testing making the fact the Splunk Operator and supporting projects are, and will continue to be Open Source, even better.
Early on in our discussions with customers, we knew that putting out additional guidance on getting connected to the Splunk deployment once built with the Splunk Operator was going to be key to success. Since this space is evolving quickly and we are dealing with Splunk specific areas, like Splunk-to-Splunk, we thought this appropriate.
Giving customers additional deployment platform options is good fun and it’s been quite a journey getting to where we are with the Operator. We hope you find the Splunk Operator for Kubernetes as useful and exciting as we do, and we can’t wait to hear your feedback!
Use this documentation and the resources below to get started today, reach out to your account representative or customer success associate to learn more, or contact our sales team for more information.
----------------------------------------------------
Thanks!
Patrick Ogdin
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.