-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
App Framework: Add option to use path style s3 URLs #1291
Comments
i guess this is related: #1030 (comment) |
Hello @yaroslav-nakonechnikov @paheath we will work on this change and get back to you |
Hello @paheath , we are exploring possible solutions to the path style S3 URLs. Meanwhile, can you please provide an example of the working(with the modified Splunk operator image) appFramework configurations for the path style URLs? Also, path style URLs will be discontinued per AWS documentation.
|
This is an excerpt from my helm chart, and the underlying operator image is modified as indicated in the original bug description. I don't think any of the value substitutions necessarily impact the functionality. I've defined it in the yaml as documented here https://splunk.github.io/splunk-operator/AppFramework.html
|
Hi @paheath , thanks for the example above. To further test our solution, are you able to let us know the storage provider being used to test |
I'm testing against an on-prem s3-compatible NAS. I think testing against any s3-compatible storage might be sufficient, as long as you can confirm the outbound request is hitting the path-style endpoint when configured to do so. Maybe even locally block outbound traffic to the virtual endpoint. Testing might be similar to how the smartstore path-style config is tested. |
@paheath Please let us know if this solution works so we can merge it. |
Unfortunately I can't get this change to work. I'm seeing my clustermanager instance reporting Ready, but all the apps in the description report this:
and the associated indexer cluster never reconciles. I don't see the apps appear in the pod under /opt/splunk/etc/apps or /opt/splunk/etc/manager-apps |
Hey @paheath , can you share any Splunk Operator pod logs indicating any errors? The CR status code |
Appears to be running through this periodically for the nodes using app framework:
|
This is the cluster manager app framework spec I'm using. Same as before with
|
Hey @paheath , whilst we are debugging further were you able to successfully install the new CRDs on the new cluster before deploying the clusterManager CR? Please let us know. |
Yes, I updated the CRDs beforehand. And the cluster manager accepted the s3PathUrl setting. |
Well, maybe it did not take. In the cluster manager spec s3PathUrl is set to true. But when I describe the cluster manager, I see status.Smartstore.Volumes.s3PathUrl is false. Was s3PathUrl added for smartstore also? |
Disregard, I see status.AppContext.AppRepo.AppSources.Volumes.s3PathUrl is set to true as expected. I didn't catch that the false setting was in the smartstore status section. |
Thank you @paheath . I believe we are setting the pathStyleUrl in the AWS S3 client. It is an update of the S3 client(vs during creation in your successful example here) before creating the downloader. Some posts online don't recommend updating the client once created. I will try and cater the changes to update this option during creation. |
@paheath Are you able to try it out with the latest changes? |
@paheath Please let us know if the latest changes are working. |
Forgive me, my bandwidth is limited at the moment. I will do my best to get to this today. |
With the latest patch I'm seeing the same "unable to download item" error logs as before. The general behavior is also the same, blocking indexer cluster creation. |
Hi @paheath , thank you for testing. Are you able to provide us Splunk operator pod logs similar to this:
The changes in the MR are made are keeping in mind this issue's description and changes were made here. |
I see similar logs for all nodes using the app framework (standalone, licensemanager, clustermanager)
|
I've been able to test this a little more thoroughly today. I only had to add that one line to make this work previously, but I was testing on top of 2.4.0. I was able to reproduce this successfully on top of 2.4.0 today, but cherrypicking the one-line change on top of 2.5.2 did not work. Can you think of anything that has changed between 2.4.0 and 2.5.2 that would affect the behavior of the aws s3 client? I compared the two releases, but I couldn't see anything obvious. I assume whatever is breaking this in 2.5.2 is also breaking your PR. |
Hi @paheath , after the comparison between 2.4.0 and 2.5.2 I couldn't see any major differences that would cause the aws sdk client to behave differently. We just released 2.6.0. The MR has been rebased. Could you please try with the new version? |
Hey @paheath , did you get a chance to try with 2.6.0? If it's not working can you please open a Splunk support case with these details? |
Closing the issue for now. Please re-open a Splunk support ticket if the issue persists. |
Please select the type of request
Enhancement
Tell us more
Describe the request
I am deploying the operator in an on-prem environment with a storage solution that only supports path style s3 URLs. As far as I can tell, the operator defaults to using virtual host style s3 URLs to download apps. I propose making the current behavior remain the default, and provide an option in the AppFramework spec to explicitly set the s3 URLs to path style. I rebuilt the operator with
S3ForcePathStyle: aws.Bool(true)
added here and the app framework worked as expected.Smartstore offers a similar option to specify the url version, and defaults to path style. See
remote.s3.url_version
here.Expected behavior
Force the s3 client to use path style URLs when downloading apps, when set as such in the AppFramework spec.
Splunk setup on K8S
SearchHeadCluster, IndexerCluster, ClusterManager, LicenseManager, MonitoringConsole, and Standalone heavy forwarder.
Reproduction/Testing steps
Enable path style s3 URLs via the AppFramework spec. Verify that apps are correctly downloaded and installed.
K8s environment
On-prem k8s cluster with on-prem s3-compatible NAS.
The text was updated successfully, but these errors were encountered: