The Splunk Operator for Kubernetes enables organizations to easily deploy, scale, and manage Splunk Enterprise on your choice of cloud environment. With containers and Kubernetes becoming part of many modernization initiatives - teams can build and test Splunk effeciently at scale.
The initial release of verion 1.0 was in 2021 and version 2.0 dropped in 2022, with the evolution of the Splunk Operator App Framework.
What is a Kubernetes Operator?
Operators are software extensions to Kubernetes that make use of a custom resource to manage applications and their components. Operators follow Kubernetes principles, notably the control loop.
The exciting part about the Splunk Operator for Kubernetes is that it presents a real opportunity for customers to create their own automation to get Splunk running, especially at scale.
Splunk Operator for Kubernetes
With the Operater pattern in mind, the Splunk Kubernetes Operator takes the steps that a Splunk Administrator would take to create Splunk instances in a uniform and best practice way and automates it. Think of having the ability to simply enter a single command and have a clustered Splunk environment created based on the Splunk Validated Architecture. I know, this is exciting!
Pre-reqs
To get started, I would suggest installing a couple of items for local development.
Minikube
Installing Minikube on you local machine enbables you to do local development and testing of Kubernetes on you laptop or desktop.
Kubectl
Is a client that connects to your Kubernetes cluster and makes it easy to send commands via command-line vs calling the Kubernetes API directly.