SlideShare a Scribd company logo

Running Splunk on AWS

Alan Williams
Alan Williams

Learn why and how Autodesk runs Splunk Enterprise in AWS with the goals of increasing automation, scalability and responsiveness. Including sample architecture, AWS CloudFormation templates and Ansible playbook (links to Github provided).

Software
1 of 42
Splunk .conf 2014 Running Splunk on Amazon Web Services Alan Williams Principal Engineer alanwill on Twitter & GitHub © 2014 Autodesk
Splunk Disclaimer During the course of this presentation, we may make forward looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or © 2014 Autodesk to include any such feature or functionality in a future release.
Who Am I?  Engineer @ Autodesk  Technology Generalist  Background in Infrastructure  AWS for ~4 years  Splunk for ~1 year  Motorcyclist  Soft spot for pit bulls © 2014 Autodesk
Who is Autodesk?  Leader in 3D design, engineering and entertainment software  Introduced AutoCAD in 1982  Empowering the Maker movement  Help our customers imagine, design and create a better world © 2014 Autodesk
Why …did we choose to run Splunk in AWS? © 2014 Autodesk
Make this better!  Splunk 4.3  5 year old hardware  Performance issues  Global  Now © 2014 Autodesk
Decisions…decisions Where we are Where we wanted to be Splunk 4.3 Latest Splunk version (6.x) EOL hardware Hardware refresh Fragile environment Resiliency © 2014 Autodesk Not rocket science…can we do this NOW?
Where to begin  Take inventory of existing hardware  Use the AWS Calculator © 2014 Autodesk  http://calculator.s3.amazonaws.com/index.html  Cost/compute analysis
Cost Analysis – Account for Everything © 2014 Autodesk Hardware & Maintenance Power & Cooling Rack space Storage (FC + SATA) Servers Load Balancers Network Data Transfer
What we noticed… © 2014 Autodesk Total cost of server hardware vs Total cost of AWS instances = 35% lower for AWS Total cost of all on-premise infra vs Total cost of all AWS infra = 50% lower for AWS
Outcome  We can’t compete on price © 2014 Autodesk  Economies of scale  We can’t compete on speed  Time to provision  Time to deliver new features
© 2014 Autodesk How …do we run Splunk in AWS?
Splunk Infrastructure Goals  Automated and Dynamic  Scalable  Responsive © 2014 Autodesk
Architecture © 2014 Autodesk
Automated and Dynamic © 2014 Autodesk
Automated and Dynamic  AWS CloudFormation Template © 2014 Autodesk  Infrastructure provisioning  Ansible Playbook  Software install and configuration
What is CloudFormation?  An AWS service © 2014 Autodesk  JSON based template framework  Describe almost all AWS resources  Enables infrastructure as code  Version control infrastructure  Infrastructure portability
What is Ansible?  Configuration Automation tool © 2014 Autodesk  Configure, deploy and orchestrate tasks  Agentless  YAML based  Fairly simple to get up and running quickly
CloudFormation Template (splunk-app.json)  Search Heads  Peer Nodes  Cluster Master  License Master  Deployment Server  NFS Instance © 2014 Autodesk  Elastic Load Balancer  Security Groups  IAM Roles  EBS Volumes  Auto Scaling Groups ~10 minutes to complete https://github.com/alanwill/cfn-splunk
Ansible Playbook (ansible-splunk)  Update latest OS packages  Update hostname  Download & install Splunk  Configure inputs.conf  Deploy custom certs  Change default password  Install sysstat © 2014 Autodesk  Install & configure:  License Master  Cluster Master  Peer Nodes  Search Heads  Deployment Server https://github.com/alanwill/ansible-splunk ~15-30 minutes to complete depending on instance type
Scalable © 2014 Autodesk
Scalable  Easy to add/remove nodes © 2014 Autodesk  Cloudformation + Ansible  Dynamic  Auto Scaling Groups for everything  …even single instanced nodes (1/1/1)  Splunk Search Head Pooling (NFS)
Auto Scaling Groups  Can be applied to all Splunk components  Bootstrap Ansible playbook  Could pre-bake but haven’t tried © 2014 Autodesk  Consider dynamic portions
Auto Scaling Groups  Search Heads © 2014 Autodesk  CPU based policy  Peer Nodes  Manual scaling, no policies  Cluster/License Master, Deployment instance  1/1/1 ASG (Single instance)  Use EBS for persistent data
Search Head Provisioning Code Example © 2014 Autodesk
Search Head Provisioning Code Example  Create EC2 instance with CloudFormation  Run Ansible Playbook © 2014 Autodesk  Install and configure Splunk  Mount Search Head Pooling NFS volume
Add new Search Head – Create EC2 instance "SearchHeadInstance5" : { "Type" : "AWS::EC2::Instance", "Properties" : { "InstanceType" : { "Ref" : "SearchHeadInstanceType" }, "KeyName" : { "Ref" : "AppKeyName" }, "SubnetId" : { "Ref" : "PresentationSubnetAZ1" }, "ImageId" : ... "SecurityGroupIds" : ... "IamInstanceProfile": { "Ref": "SplunkInternalComponentsInstanceProfile" }, "BlockDeviceMappings" : [ { "DeviceName" : "/dev/xvda", "Ebs" : { "VolumeSize" : "10", "VolumeType":"gp2" } }, { "DeviceName" : "/dev/sdb", "VirtualName" : "ephemeral0" }, { "DeviceName" : "/dev/sdc", "VirtualName" : "ephemeral1" } ] , "Tags" : [ { "Key" : "purpose", "Value" : "Search Head" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Search Head" } ] } } © 2014 Autodesk
Add new Search Head – Ansible Splunk build - name: Dynamically change hostname shell: "hostname `curl http://169.254.169.254/latest/meta-data/instance-id`.{{ splunk_host_domain }}" - name: Download Splunk server binary get_url: dest=/home/ec2-user url={{ splunk_binary_url }} sha256sum={{ splunk_binary_sha256sum }} when: splunk_installed_result|failed - name: Install Splunk server binary yum: pkg=/home/ec2-user/{{ splunk_binary_file }} state=installed when: splunk_installer_present.stat.exists == true - name: Execute config_splunk_inputs.sh script shell: /home/ec2-user/config_splunk_inputs.sh when: splunk_running|failed - name: Start Splunk for the first time command: /bin/su --shell=/bin/bash --session-command="/opt/splunk/bin/splunk start --accept-license" splunk when: splunk_running|failed © 2014 Autodesk
Peer Node Provisioning Code Example © 2014 Autodesk
Peer Node Provisioning Code Example  CloudFormation © 2014 Autodesk  Crete EC2 instance  *Create EBS volumes and attach to instance  *Mount EBS volumes  Run Ansible Playbook  Install and configure Splunk  Mount Search Head Pooling NFS volume
Add new Peer Node – Create EC2 instance "PeerNodeInstance8" : { "Type" : "AWS::EC2::Instance", "Properties" : { "InstanceType" : { "Ref" : "PeerNodeInstanceType" }, "KeyName" : { "Ref" : "AppKeyName" }, "SubnetId" : { "Ref" : "ApplicationSubnetAZ1" }, "ImageId" : ... , "SecurityGroupIds" : ..., "IamInstanceProfile": { "Ref": "SplunkInternalComponentsInstanceProfile" }, "EbsOptimized" : true, "BlockDeviceMappings" : [ { "DeviceName" : "/dev/xvda", "Ebs" : { "VolumeSize" : "10", "VolumeType":"gp2" } }, { "DeviceName" : "/dev/sdb", "VirtualName" : "ephemeral0" }, { "DeviceName" : "/dev/sdc", "VirtualName" : "ephemeral1" } ], "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Peer Node" } ] } }, © 2014 Autodesk
Add new Peer Node – Create EBS volumes "PeerNodeInstance8Volume1" : { "Type" : "AWS::EC2::Volume", "Properties" : { "Size" : { "Ref" : "PeerNodeVolumeSize" }, "VolumeType" : "gp2", "AvailabilityZone" : { "Fn::GetAtt" : [ "PeerNodeInstance1", "AvailabilityZone" ] }, "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node Instance 1 storage" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Data" } ] }, "DeletionPolicy" : "Snapshot" }, "PeerNodeInstance8Volume2" : { "Type" : "AWS::EC2::Volume", "Properties" : { "Size" : { "Ref" : "PeerNodeVolumeSize" }, "VolumeType" : "gp2", "AvailabilityZone" : { "Fn::GetAtt" : [ "PeerNodeInstance1", "AvailabilityZone" ] }, "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node Instance 1 storage" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Data" } ] }, "DeletionPolicy" : "Snapshot" }, © 2014 Autodesk
Add new Peer Node – Mount EBS volumes "PeerNodeInstance8Mount1" : { "Type" : "AWS::EC2::VolumeAttachment", "Properties" : { "InstanceId" : { "Ref" : "PeerNodeInstance1" }, "VolumeId" : { "Ref" : "PeerNodeInstance1Volume1" }, "Device" : "/dev/sdf" } }, "PeerNodeInstance8Mount2" : { "Type" : "AWS::EC2::VolumeAttachment", "Properties" : { "InstanceId" : { "Ref" : "PeerNodeInstance1" }, "VolumeId" : { "Ref" : "PeerNodeInstance1Volume2" }, "Device" : "/dev/sdg" } }, © 2014 Autodesk
Add new Peer Node – Ansible add to Cluster - name: Enable Peer Nodes command: runuser -l splunk -c "splunk edit cluster-config -mode slave -master_uri https://{{ splunk_cluster_master_ip }}:8089 -replication_port 9887 -secret {{ replication_key }}" when: peer_nodes_clustering_enabled|failed register: peer_nodes_cluster_configure - name: Prewarm EBS volume1 command: dd if=/dev/zero of=/dev/sdf bs=1M when: splunk_volume_exists|failed ignore_errors: True - name: Create RAID 0 device command: mdadm --create --verbose /dev/md0 --level=stripe --raid-devices=2 /dev/sdf /dev/sdg when: splunk_volume_exists|failed - name: Create filesystem filesystem: fstype=ext4 dev=/dev/md0 when: splunk_volume_exists|failed - name: Mount volume mount: name=/opt/splunk/data src=/dev/md0 fstype=ext4 state=mounted when: splunk_volume_exists|failed © 2014 Autodesk
Responsive © 2014 Autodesk
Responsive  Search Heads – CPU bound © 2014 Autodesk  C3 instances  Peer Nodes/Indexers – IO bound  *C3 instances + EBS  I2 instances  HS1 instances
Responsive  Maximize IOPs with RAID 0  Pre-warm volumes with dd for improved initial access times  Not needed for i2 ephemeral SSD  I2 instances – Terabytes of SSD © 2014 Autodesk  35K+ read and write IOPs
What did we learn  Project took ~4 weeks  Took longer to co-ordinate cutover  Time to delivery = biggest win  Repeatable builds enables new use cases  Very happy with results © 2014 Autodesk
Future  Increase the “idempotency” of Ansible playbook  Make CFN more dynamic for varied sized clusters  Auto Scaling Groups Lifecycle actions © 2014 Autodesk  Termination hooks for clean removal from cluster  Test on Google Compute Engine
In Summary  Why we chose AWS to run Splunk © 2014 Autodesk  Cost analysis process  How we did it  Infrastructure Goals  Code examples  What we learned  Still to come
Contribute, PRs encouraged…  CloudFormation Splunk Cluster Template © 2014 Autodesk  https://github.com/alanwill/cfn-splunk  Ansible Splunk Playbook  https://github.com/alanwill/ansible-splunk  Follow Me: @alanwill  Email: alan.williams@autodesk.com
Autodesk is a registered trademark of Autodesk, Inc., and/or its subsidiaries and/or affiliates in the USA and/or other countries. All other brand names, product names, or trademarks belong to their respective holders. Autodesk reserves the right to alter product and services offerings, and specifications and pricing at any time without notice, and is not responsible for typographical or graphical errors that may appear in this document. © 2014 Autodesk. All rights reserved.

Recommended

What's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesWhat's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesAlan Williams
 
AD Authenticate All The Things
AD Authenticate All The ThingsAD Authenticate All The Things
AD Authenticate All The ThingsAlan Williams
 
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...Amazon Web Services
 
(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as CodeAmazon Web Services
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWSAmazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAmazon Web Services
 
Shipping logs to splunk from a container in aws howto
Shipping logs to splunk from a container in aws howtoShipping logs to splunk from a container in aws howto
Shipping logs to splunk from a container in aws howtoЕкатерина Задорожная
 

Recommended

What's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesWhat's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesAlan Williams
 
AD Authenticate All The Things
AD Authenticate All The ThingsAD Authenticate All The Things
AD Authenticate All The ThingsAlan Williams
 
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...
AWS Partner Webcast - Use Your AWS CloudTrail Data and Splunk Software To Imp...Amazon Web Services
 
(ARC307) Infrastructure as Code
(ARC307) Infrastructure as Code(ARC307) Infrastructure as Code
(ARC307) Infrastructure as CodeAmazon Web Services
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
Containers on AWS
Containers on AWSContainers on AWS
Containers on AWSAmazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAmazon Web Services
 
Shipping logs to splunk from a container in aws howto
Shipping logs to splunk from a container in aws howtoShipping logs to splunk from a container in aws howto
Shipping logs to splunk from a container in aws howtoЕкатерина Задорожная
 
Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSAmazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...Edureka!
 
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Philipp Müns
 
Continuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar SeriesContinuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar SeriesAmazon Web Services
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloudЕкатерина Задорожная
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...Amazon Web Services
 
Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교재현 신
 
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019Gerd König
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)Amazon Web Services Korea
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Yan Cui
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...Amazon Web Services
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
 
Development Workflows on AWS
Development Workflows on AWSDevelopment Workflows on AWS
Development Workflows on AWSAmazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
 
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...Amazon Web Services
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
 
AWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSAWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSSplunk
 
Strengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrailStrengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrailAlan Williams
 

More Related Content

What's hot

Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSAmazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...Edureka!
 
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Philipp Müns
 
Continuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar SeriesContinuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar SeriesAmazon Web Services
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...Amazon Web Services
 
Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교재현 신
 
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019Gerd König
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)Amazon Web Services Korea
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Yan Cui
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...Amazon Web Services
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
 
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...Amazon Web Services
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
 

What's hot (20)

Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWS
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
 
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
Using the Event Gateway To Build Multi-Cloud Serverless Applications - JeffCo...
 
Continuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar SeriesContinuous Delivery to Amazon ECS - AWS August Webinar Series
Continuous Delivery to Amazon ECS - AWS August Webinar Series
 
Aws landing zone. journey to the cloud
Aws landing zone. journey to the cloudAws landing zone. journey to the cloud
Aws landing zone. journey to the cloud
 
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...NEW LAUNCH! Additional transparency and control for your AWS environment thro...
NEW LAUNCH! Additional transparency and control for your AWS environment thro...
 
Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교Serverless with IAC - terraform과 cloudformation 비교
Serverless with IAC - terraform과 cloudformation 비교
 
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
Kubernetes on AWS => EKS || CNCF Meetup Zurich, Feb 2019
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
 
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
 
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
Configuration Management with AWS OpsWorks  by Amir Golan, Senior Product Man...
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
 
Development Workflows on AWS
Development Workflows on AWSDevelopment Workflows on AWS
Development Workflows on AWS
 
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...
 
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
Releasing Software Quickly and Reliably With AWS CodePipeline by Mark Mansour...
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdf
 

Viewers also liked

AWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSAWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSSplunk
 
Strengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrailStrengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrailAlan Williams
 
Data Models Breakout Session
Data Models Breakout SessionData Models Breakout Session
Data Models Breakout SessionSplunk
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016Chris Gates
 
AWS Storage Tiering for Enterprise Workloads
AWS Storage Tiering for Enterprise WorkloadsAWS Storage Tiering for Enterprise Workloads
AWS Storage Tiering for Enterprise WorkloadsTom Laszewski
 
Splunk Ninja: New Features, Pivot and Search Dojo
Splunk Ninja: New Features, Pivot and Search Dojo Splunk Ninja: New Features, Pivot and Search Dojo
Splunk Ninja: New Features, Pivot and Search DojoSplunk
 
How Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWSHow Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWSAlan Williams
 
Splunk: How to Design, Build and Map IT Services
Splunk: How to Design, Build and Map IT ServicesSplunk: How to Design, Build and Map IT Services
Splunk: How to Design, Build and Map IT ServicesSplunk
 
SplunkLive! Data Models 101
SplunkLive! Data Models 101SplunkLive! Data Models 101
SplunkLive! Data Models 101Splunk
 
What's New in Splunk Cloud and Enterprise 6.5
What's New in Splunk Cloud and Enterprise 6.5What's New in Splunk Cloud and Enterprise 6.5
What's New in Splunk Cloud and Enterprise 6.5Splunk
 
Enrich a 360-degree Customer View with Splunk and Apache Hadoop
Enrich a 360-degree Customer View with Splunk and Apache HadoopEnrich a 360-degree Customer View with Splunk and Apache Hadoop
Enrich a 360-degree Customer View with Splunk and Apache HadoopHortonworks
 
Making Pretty Charts in Splunk
Making Pretty Charts in SplunkMaking Pretty Charts in Splunk
Making Pretty Charts in SplunkSplunk
 
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...Monitoring Performance of Enterprise Applications on AWS: Understanding the D...
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...Amazon Web Services
 
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 IntroAmazon Web Services Korea
 
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 AdvancedAmazon Web Services Korea
 
Splunk for Security-Hands On
Splunk for Security-Hands OnSplunk for Security-Hands On
Splunk for Security-Hands OnSplunk
 
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...Amazon Web Services Korea
 
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016Amazon Web Services Korea
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk M sharifi
 

Viewers also liked (20)

AWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWSAWS on Splunk, Splunk on AWS
AWS on Splunk, Splunk on AWS
 
Strengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrailStrengthening Operations with Splunk and AWS CloudTrail
Strengthening Operations with Splunk and AWS CloudTrail
 
Data Models Breakout Session
Data Models Breakout SessionData Models Breakout Session
Data Models Breakout Session
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
 
AWS Storage Tiering for Enterprise Workloads
AWS Storage Tiering for Enterprise WorkloadsAWS Storage Tiering for Enterprise Workloads
AWS Storage Tiering for Enterprise Workloads
 
Splunk Ninja: New Features, Pivot and Search Dojo
Splunk Ninja: New Features, Pivot and Search Dojo Splunk Ninja: New Features, Pivot and Search Dojo
Splunk Ninja: New Features, Pivot and Search Dojo
 
How Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWSHow Autodesk Leverages Splunk as an Assurance Platform on AWS
How Autodesk Leverages Splunk as an Assurance Platform on AWS
 
Splunk: How to Design, Build and Map IT Services
Splunk: How to Design, Build and Map IT ServicesSplunk: How to Design, Build and Map IT Services
Splunk: How to Design, Build and Map IT Services
 
SplunkLive! Data Models 101
SplunkLive! Data Models 101SplunkLive! Data Models 101
SplunkLive! Data Models 101
 
What's New in Splunk Cloud and Enterprise 6.5
What's New in Splunk Cloud and Enterprise 6.5What's New in Splunk Cloud and Enterprise 6.5
What's New in Splunk Cloud and Enterprise 6.5
 
Enrich a 360-degree Customer View with Splunk and Apache Hadoop
Enrich a 360-degree Customer View with Splunk and Apache HadoopEnrich a 360-degree Customer View with Splunk and Apache Hadoop
Enrich a 360-degree Customer View with Splunk and Apache Hadoop
 
Making Pretty Charts in Splunk
Making Pretty Charts in SplunkMaking Pretty Charts in Splunk
Making Pretty Charts in Splunk
 
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...Monitoring Performance of Enterprise Applications on AWS: Understanding the D...
Monitoring Performance of Enterprise Applications on AWS: Understanding the D...
 
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro
빅 데이터 분석을 위한 AWS 활용 사례 - 최정욱 솔루션즈 아키텍트:: AWS Cloud Track 1 Intro
 
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
클라우드 기반 실시간 데이터 분석 및 예측 - 윤석찬 테크 에반젤리스트:: AWS Cloud Track 2 Advanced
 
Splunk for Security-Hands On
Splunk for Security-Hands OnSplunk for Security-Hands On
Splunk for Security-Hands On
 
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...
Amazon kinesis와 elasticsearch service로 만드는 실시간 데이터 분석 플랫폼 :: 박철수 :: AWS Summi...
 
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016
빅데이터를 위한 AWS 모범사례와 아키텍처 구축 패턴 :: 양승도 :: AWS Summit Seoul 2016
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 

Similar to Running Splunk on AWS

Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventJohn Schneider
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Amazon Web Services
 
DevOps for the Enterprise: Virtual Office Hours
DevOps for the Enterprise: Virtual Office HoursDevOps for the Enterprise: Virtual Office Hours
DevOps for the Enterprise: Virtual Office HoursAmazon Web Services
 
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013Amazon Web Services
 
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...Erwin de Kreuk
 
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoDevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoAmazon Web Services
 
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...Amazon Web Services
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAmazon Web Services
 
SpringBoot and Spring Cloud Service for MSA
SpringBoot and Spring Cloud Service for MSASpringBoot and Spring Cloud Service for MSA
SpringBoot and Spring Cloud Service for MSAOracle Korea
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpresoke4qqq
 
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon DrangeHåkon Eriksen Drange
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAmazon Web Services
 
Microservices with kubernetes @190316
Microservices with kubernetes @190316Microservices with kubernetes @190316
Microservices with kubernetes @190316Jupil Hwang
 
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...mfrancis
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAnton Babenko
 
What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes Service What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes ServiceAMELIAOLIVIA2
 
Development in the could: How do we do it(Cloud computing. Microservices. Faas)
Development in the could: How do we do it(Cloud computing. Microservices. Faas)Development in the could: How do we do it(Cloud computing. Microservices. Faas)
Development in the could: How do we do it(Cloud computing. Microservices. Faas)Preply.com
 
DCEU 18: Docker Containers in a Serverless World
DCEU 18: Docker Containers in a Serverless WorldDCEU 18: Docker Containers in a Serverless World
DCEU 18: Docker Containers in a Serverless WorldDocker, Inc.
 
Build your operator with the right tool
Build your operator with the right toolBuild your operator with the right tool
Build your operator with the right toolRafał Leszko
 

Similar to Running Splunk on AWS (20)

Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:Invent
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
 
DevOps for the Enterprise: Virtual Office Hours
DevOps for the Enterprise: Virtual Office HoursDevOps for the Enterprise: Virtual Office Hours
DevOps for the Enterprise: Virtual Office Hours
 
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013
Zero to Sixty: AWS CloudFormation (DMG201) | AWS re:Invent 2013
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
 
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...
Azure Key Vault, Azure Dev Ops and Azure Synapse - how these services work pe...
 
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - TorontoDevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
DevOps on AWS: Deep Dive on Infrastructure as Code - Toronto
 
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 
SpringBoot and Spring Cloud Service for MSA
SpringBoot and Spring Cloud Service for MSASpringBoot and Spring Cloud Service for MSA
SpringBoot and Spring Cloud Service for MSA
 
Puppetpreso
PuppetpresoPuppetpreso
Puppetpreso
 
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange
2016-02-09 - Breakfast Seminar - Redpill Linpro - Chef at Aptoma - Håkon Drange
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 
Microservices with kubernetes @190316
Microservices with kubernetes @190316Microservices with kubernetes @190316
Microservices with kubernetes @190316
 
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...
Creating an all-purpose REST API for Cloud services using OSGi and Sling - C ...
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic intro
 
What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes Service What Is AWS Elastic Kubernetes Service
What Is AWS Elastic Kubernetes Service
 
Development in the could: How do we do it(Cloud computing. Microservices. Faas)
Development in the could: How do we do it(Cloud computing. Microservices. Faas)Development in the could: How do we do it(Cloud computing. Microservices. Faas)
Development in the could: How do we do it(Cloud computing. Microservices. Faas)
 
DCEU 18: Docker Containers in a Serverless World
DCEU 18: Docker Containers in a Serverless WorldDCEU 18: Docker Containers in a Serverless World
DCEU 18: Docker Containers in a Serverless World
 
Build your operator with the right tool
Build your operator with the right toolBuild your operator with the right tool
Build your operator with the right tool
 

Recently uploaded

5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningVitsRangannavar
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsMehedi Hasan Shohan
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 

Recently uploaded (20)

5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
cybersecurity notes for mca students for learning
cybersecurity notes for mca students for learningcybersecurity notes for mca students for learning
cybersecurity notes for mca students for learning
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
XpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software SolutionsXpertSolvers: Your Partner in Building Innovative Software Solutions
XpertSolvers: Your Partner in Building Innovative Software Solutions
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Naraina Delhi 💯Call Us 🔝8264348440🔝
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 

Running Splunk on AWS

  • 1. Splunk .conf 2014 Running Splunk on Amazon Web Services Alan Williams Principal Engineer alanwill on Twitter & GitHub © 2014 Autodesk
  • 2. Splunk Disclaimer During the course of this presentation, we may make forward looking statements regarding future events or the expected performance of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results could differ materially. For important factors that may cause actual results to differ from those contained in our forward-looking statements, please review our filings with the SEC. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, this presentation may not contain current or accurate information. We do not assume any obligation to update any forward looking statements we may make. In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only and shall not, be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionality described or © 2014 Autodesk to include any such feature or functionality in a future release.
  • 3. Who Am I?  Engineer @ Autodesk  Technology Generalist  Background in Infrastructure  AWS for ~4 years  Splunk for ~1 year  Motorcyclist  Soft spot for pit bulls © 2014 Autodesk
  • 4. Who is Autodesk?  Leader in 3D design, engineering and entertainment software  Introduced AutoCAD in 1982  Empowering the Maker movement  Help our customers imagine, design and create a better world © 2014 Autodesk
  • 5. Why …did we choose to run Splunk in AWS? © 2014 Autodesk
  • 6. Make this better!  Splunk 4.3  5 year old hardware  Performance issues  Global  Now © 2014 Autodesk
  • 7. Decisions…decisions Where we are Where we wanted to be Splunk 4.3 Latest Splunk version (6.x) EOL hardware Hardware refresh Fragile environment Resiliency © 2014 Autodesk Not rocket science…can we do this NOW?
  • 8. Where to begin  Take inventory of existing hardware  Use the AWS Calculator © 2014 Autodesk  http://calculator.s3.amazonaws.com/index.html  Cost/compute analysis
  • 9. Cost Analysis – Account for Everything © 2014 Autodesk Hardware & Maintenance Power & Cooling Rack space Storage (FC + SATA) Servers Load Balancers Network Data Transfer
  • 10. What we noticed… © 2014 Autodesk Total cost of server hardware vs Total cost of AWS instances = 35% lower for AWS Total cost of all on-premise infra vs Total cost of all AWS infra = 50% lower for AWS
  • 11. Outcome  We can’t compete on price © 2014 Autodesk  Economies of scale  We can’t compete on speed  Time to provision  Time to deliver new features
  • 12. © 2014 Autodesk How …do we run Splunk in AWS?
  • 13. Splunk Infrastructure Goals  Automated and Dynamic  Scalable  Responsive © 2014 Autodesk
  • 15. Automated and Dynamic © 2014 Autodesk
  • 16. Automated and Dynamic  AWS CloudFormation Template © 2014 Autodesk  Infrastructure provisioning  Ansible Playbook  Software install and configuration
  • 17. What is CloudFormation?  An AWS service © 2014 Autodesk  JSON based template framework  Describe almost all AWS resources  Enables infrastructure as code  Version control infrastructure  Infrastructure portability
  • 18. What is Ansible?  Configuration Automation tool © 2014 Autodesk  Configure, deploy and orchestrate tasks  Agentless  YAML based  Fairly simple to get up and running quickly
  • 19. CloudFormation Template (splunk-app.json)  Search Heads  Peer Nodes  Cluster Master  License Master  Deployment Server  NFS Instance © 2014 Autodesk  Elastic Load Balancer  Security Groups  IAM Roles  EBS Volumes  Auto Scaling Groups ~10 minutes to complete https://github.com/alanwill/cfn-splunk
  • 20. Ansible Playbook (ansible-splunk)  Update latest OS packages  Update hostname  Download & install Splunk  Configure inputs.conf  Deploy custom certs  Change default password  Install sysstat © 2014 Autodesk  Install & configure:  License Master  Cluster Master  Peer Nodes  Search Heads  Deployment Server https://github.com/alanwill/ansible-splunk ~15-30 minutes to complete depending on instance type
  • 21. Scalable © 2014 Autodesk
  • 22. Scalable  Easy to add/remove nodes © 2014 Autodesk  Cloudformation + Ansible  Dynamic  Auto Scaling Groups for everything  …even single instanced nodes (1/1/1)  Splunk Search Head Pooling (NFS)
  • 23. Auto Scaling Groups  Can be applied to all Splunk components  Bootstrap Ansible playbook  Could pre-bake but haven’t tried © 2014 Autodesk  Consider dynamic portions
  • 24. Auto Scaling Groups  Search Heads © 2014 Autodesk  CPU based policy  Peer Nodes  Manual scaling, no policies  Cluster/License Master, Deployment instance  1/1/1 ASG (Single instance)  Use EBS for persistent data
  • 25. Search Head Provisioning Code Example © 2014 Autodesk
  • 26. Search Head Provisioning Code Example  Create EC2 instance with CloudFormation  Run Ansible Playbook © 2014 Autodesk  Install and configure Splunk  Mount Search Head Pooling NFS volume
  • 27. Add new Search Head – Create EC2 instance "SearchHeadInstance5" : { "Type" : "AWS::EC2::Instance", "Properties" : { "InstanceType" : { "Ref" : "SearchHeadInstanceType" }, "KeyName" : { "Ref" : "AppKeyName" }, "SubnetId" : { "Ref" : "PresentationSubnetAZ1" }, "ImageId" : ... "SecurityGroupIds" : ... "IamInstanceProfile": { "Ref": "SplunkInternalComponentsInstanceProfile" }, "BlockDeviceMappings" : [ { "DeviceName" : "/dev/xvda", "Ebs" : { "VolumeSize" : "10", "VolumeType":"gp2" } }, { "DeviceName" : "/dev/sdb", "VirtualName" : "ephemeral0" }, { "DeviceName" : "/dev/sdc", "VirtualName" : "ephemeral1" } ] , "Tags" : [ { "Key" : "purpose", "Value" : "Search Head" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Search Head" } ] } } © 2014 Autodesk
  • 28. Add new Search Head – Ansible Splunk build - name: Dynamically change hostname shell: "hostname `curl http://169.254.169.254/latest/meta-data/instance-id`.{{ splunk_host_domain }}" - name: Download Splunk server binary get_url: dest=/home/ec2-user url={{ splunk_binary_url }} sha256sum={{ splunk_binary_sha256sum }} when: splunk_installed_result|failed - name: Install Splunk server binary yum: pkg=/home/ec2-user/{{ splunk_binary_file }} state=installed when: splunk_installer_present.stat.exists == true - name: Execute config_splunk_inputs.sh script shell: /home/ec2-user/config_splunk_inputs.sh when: splunk_running|failed - name: Start Splunk for the first time command: /bin/su --shell=/bin/bash --session-command="/opt/splunk/bin/splunk start --accept-license" splunk when: splunk_running|failed © 2014 Autodesk
  • 29. Peer Node Provisioning Code Example © 2014 Autodesk
  • 30. Peer Node Provisioning Code Example  CloudFormation © 2014 Autodesk  Crete EC2 instance  *Create EBS volumes and attach to instance  *Mount EBS volumes  Run Ansible Playbook  Install and configure Splunk  Mount Search Head Pooling NFS volume
  • 31. Add new Peer Node – Create EC2 instance "PeerNodeInstance8" : { "Type" : "AWS::EC2::Instance", "Properties" : { "InstanceType" : { "Ref" : "PeerNodeInstanceType" }, "KeyName" : { "Ref" : "AppKeyName" }, "SubnetId" : { "Ref" : "ApplicationSubnetAZ1" }, "ImageId" : ... , "SecurityGroupIds" : ..., "IamInstanceProfile": { "Ref": "SplunkInternalComponentsInstanceProfile" }, "EbsOptimized" : true, "BlockDeviceMappings" : [ { "DeviceName" : "/dev/xvda", "Ebs" : { "VolumeSize" : "10", "VolumeType":"gp2" } }, { "DeviceName" : "/dev/sdb", "VirtualName" : "ephemeral0" }, { "DeviceName" : "/dev/sdc", "VirtualName" : "ephemeral1" } ], "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Peer Node" } ] } }, © 2014 Autodesk
  • 32. Add new Peer Node – Create EBS volumes "PeerNodeInstance8Volume1" : { "Type" : "AWS::EC2::Volume", "Properties" : { "Size" : { "Ref" : "PeerNodeVolumeSize" }, "VolumeType" : "gp2", "AvailabilityZone" : { "Fn::GetAtt" : [ "PeerNodeInstance1", "AvailabilityZone" ] }, "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node Instance 1 storage" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Data" } ] }, "DeletionPolicy" : "Snapshot" }, "PeerNodeInstance8Volume2" : { "Type" : "AWS::EC2::Volume", "Properties" : { "Size" : { "Ref" : "PeerNodeVolumeSize" }, "VolumeType" : "gp2", "AvailabilityZone" : { "Fn::GetAtt" : [ "PeerNodeInstance1", "AvailabilityZone" ] }, "Tags" : [ { "Key" : "purpose", "Value" : "Peer Node Instance 1 storage" }, { "Key" : "stack", "Value" : { "Ref" : "EnvironmentName" } }, { "Key" : "app", "Value" : { "Ref" : "AppName" } }, { "Key" : "Name", "Value" : "Splunk Data" } ] }, "DeletionPolicy" : "Snapshot" }, © 2014 Autodesk
  • 33. Add new Peer Node – Mount EBS volumes "PeerNodeInstance8Mount1" : { "Type" : "AWS::EC2::VolumeAttachment", "Properties" : { "InstanceId" : { "Ref" : "PeerNodeInstance1" }, "VolumeId" : { "Ref" : "PeerNodeInstance1Volume1" }, "Device" : "/dev/sdf" } }, "PeerNodeInstance8Mount2" : { "Type" : "AWS::EC2::VolumeAttachment", "Properties" : { "InstanceId" : { "Ref" : "PeerNodeInstance1" }, "VolumeId" : { "Ref" : "PeerNodeInstance1Volume2" }, "Device" : "/dev/sdg" } }, © 2014 Autodesk
  • 34. Add new Peer Node – Ansible add to Cluster - name: Enable Peer Nodes command: runuser -l splunk -c "splunk edit cluster-config -mode slave -master_uri https://{{ splunk_cluster_master_ip }}:8089 -replication_port 9887 -secret {{ replication_key }}" when: peer_nodes_clustering_enabled|failed register: peer_nodes_cluster_configure - name: Prewarm EBS volume1 command: dd if=/dev/zero of=/dev/sdf bs=1M when: splunk_volume_exists|failed ignore_errors: True - name: Create RAID 0 device command: mdadm --create --verbose /dev/md0 --level=stripe --raid-devices=2 /dev/sdf /dev/sdg when: splunk_volume_exists|failed - name: Create filesystem filesystem: fstype=ext4 dev=/dev/md0 when: splunk_volume_exists|failed - name: Mount volume mount: name=/opt/splunk/data src=/dev/md0 fstype=ext4 state=mounted when: splunk_volume_exists|failed © 2014 Autodesk
  • 35. Responsive © 2014 Autodesk
  • 36. Responsive  Search Heads – CPU bound © 2014 Autodesk  C3 instances  Peer Nodes/Indexers – IO bound  *C3 instances + EBS  I2 instances  HS1 instances
  • 37. Responsive  Maximize IOPs with RAID 0  Pre-warm volumes with dd for improved initial access times  Not needed for i2 ephemeral SSD  I2 instances – Terabytes of SSD © 2014 Autodesk  35K+ read and write IOPs
  • 38. What did we learn  Project took ~4 weeks  Took longer to co-ordinate cutover  Time to delivery = biggest win  Repeatable builds enables new use cases  Very happy with results © 2014 Autodesk
  • 39. Future  Increase the “idempotency” of Ansible playbook  Make CFN more dynamic for varied sized clusters  Auto Scaling Groups Lifecycle actions © 2014 Autodesk  Termination hooks for clean removal from cluster  Test on Google Compute Engine
  • 40. In Summary  Why we chose AWS to run Splunk © 2014 Autodesk  Cost analysis process  How we did it  Infrastructure Goals  Code examples  What we learned  Still to come
  • 41. Contribute, PRs encouraged…  CloudFormation Splunk Cluster Template © 2014 Autodesk  https://github.com/alanwill/cfn-splunk  Ansible Splunk Playbook  https://github.com/alanwill/ansible-splunk  Follow Me: @alanwill  Email: alan.williams@autodesk.com
  • 42. Autodesk is a registered trademark of Autodesk, Inc., and/or its subsidiaries and/or affiliates in the USA and/or other countries. All other brand names, product names, or trademarks belong to their respective holders. Autodesk reserves the right to alter product and services offerings, and specifications and pricing at any time without notice, and is not responsible for typographical or graphical errors that may appear in this document. © 2014 Autodesk. All rights reserved.