The entrypoint has a lot of configuration features based on authenticating as admin using -auth admin:changeme
SPLUNK_ENABLE_DEPLOY_SERVER
SPLUNK_DEPLOYMENT_SERVER
SPLUNK_ENABLE_LISTEN
SPLUNK_FORWARD_SERVER
SPLUNK_FORWARD_SERVER_*
SPLUNK_ADD
SPLUNK_ADD_*
In the 7.1.0 docker image, unlike 7.0.x, the admin password is set at the begining of first time configuration (rather than via the webpage after the first time configuration is done), before these configurations steps run. So the password has already been changed from changeme and none of the splunk configurations work.
Temporary workarround
Set your command to (for example, in a docker-compose.yml file
command: |
bash -c "
if [ -e /opt/splunk/etc/str ]; then
rm -f /opt/splunk/ftr
exec /sbin/entrypoint.sh start-service
else
touch /opt/splunk/etc/str
exec /sbin/entrypoint.sh start-service --seed-passwd changeme
fi
"
At least this way, the password is changeme, and everything works. Only downside to this is the webpage no longer tells you to change the password after logging in, like it did in 7.0.x
The entrypoint has a lot of configuration features based on authenticating as admin using
-auth admin:changemeSPLUNK_ENABLE_DEPLOY_SERVERSPLUNK_DEPLOYMENT_SERVERSPLUNK_ENABLE_LISTENSPLUNK_FORWARD_SERVERSPLUNK_FORWARD_SERVER_*SPLUNK_ADDSPLUNK_ADD_*In the 7.1.0 docker image, unlike 7.0.x, the admin password is set at the begining of first time configuration (rather than via the webpage after the first time configuration is done), before these configurations steps run. So the password has already been changed from
changemeand none of the splunk configurations work.Temporary workarround
Set your command to (for example, in a
docker-compose.ymlfileAt least this way, the password is
changeme, and everything works. Only downside to this is the webpage no longer tells you to change the password after logging in, like it did in 7.0.x