Splunk App Lifecycle Management – with More Peace, Love and Rock-n-Roll! · 2017-10-08 · 3 As a developer, I want to lower my cost of Splunk app development – let me focus on

Copyright©2016Splunk Inc.

GrigoriMelnikandCeceliaCampbellSplunk

SplunkAppLifecycleManagement–withMorePeace,LoveandRock-n-Roll!

Disclaimer

2

Duringthecourseofthispresentation,wemaymakeforwardlookingstatementsregardingfutureeventsortheexpectedperformanceofthecompany.Wecautionyouthatsuchstatementsreflectourcurrentexpectationsandestimatesbasedonfactorscurrentlyknowntousandthatactualeventsorresultscoulddiffermaterially.Forimportantfactorsthatmaycauseactualresultstodifferfromthose

containedinourforward-lookingstatements,pleasereviewourfilingswiththeSEC.Theforward-lookingstatementsmadeinthethispresentationarebeingmadeasofthetimeanddateofitslivepresentation.Ifreviewedafteritslivepresentation,thispresentationmaynotcontaincurrentoraccurateinformation.Wedonotassumeanyobligationtoupdateanyforwardlookingstatementswemaymake.Inaddition,anyinformationaboutourroadmapoutlinesourgeneralproductdirectionandissubjecttochangeatanytimewithoutnotice.Itisforinformationalpurposesonlyandshallnot,beincorporatedintoanycontractorothercommitment.Splunkundertakesnoobligationeithertodevelopthefeaturesor

functionalitydescribedortoincludeanysuchfeatureorfunctionalityinafuturerelease.

3

Asadeveloper,IwanttolowermycostofSplunkappdevelopment– letmefocusonbuildingappswithoutconcerningmyselfaboutthedeploymenttopologiesandthenitty-grittyofthedeploymentprocess.

Asanadmin,Iwanttoeasily&reliablyinstallandmanageanykindofcontent(apps,addons,modules,contentpacks)acrossmyentireSplunkdeployment.

�

�

AppManageability

Copyright © 2016 Splunk Inc. Confidential.

App

Develope

r

TargetedUserFlowSplunk

Admin

Busin

ess

Expe

rt

Develop

Defineappmanifest

Packageappsource

testpackageUpgrade

PUBLISHCERTIFY

DISCOVERACQUIRE

DeployApp/Systemconfiguration

APP

APP APP

re-configure

USE


ThepoetryofappmanageabilityNewapppackaging &deployment

tools andguidancefordevelopers andadmins that

simplifyappdeployment and troubleshooting to

distributed environments,whilepreservingappbackward compatibility

withexistingtools&practices.


Themechanicsofappmanageability

• Focusondisambiguating config andpartitioning(packaging)relevantpiecesofconfig+code intodeploymentpackages– alongphysical workloadsandlogical groupsofforwarders

Thesystemknows


All-in-onetoolforbothdevelopersandadmins

1. Devsuseittodefine andpackage anapp2. Adminsuseittopartition andprepare fordeployment3. Splunkplatform(future)mechanismwilldeploy thepartitionedapp

7

ThePackagingToolkit


8

PackagingwithanAppManifest

JSONAPP

dependencies

inputGroups

tasks

platformRequirements

incompatibleApps

optional

info

auto-generated


9

PartitioningaPackagedApp

APPPackaging

Toolkit


generate-manifest – generateamanifestforanappbasedonitsconfpackage – createasourcepackagewithmanifestpartition – partitionanappintoasetoftargeteddeploymentpackagesdescribe – describeanappconfiguration&dependenciesvalidate – validateanappcontent(incl.appmanifest,packageddependencies,well-formedness)

10

PackagingToolkitCommandsCheatSheet

DevFlowExample


12

SampleApp– SplunkAppFor*Nix

APP

TA implieddependencies

task-basedscriptedinputs

possibleplatform-specific

inputsscript://ftr_lookups.py

inputs.confinput://lastlog.shinput://passwd.shinput://version.sh

inputs.conf

SA


13

GenerateaManifest$ slim generate-manifest SA_nix –o SA_nix/app.manifestslim generate-manifest: Parsing app configuration at "SA_nix"...slim generate-manifest: Generating app manifest to "SA_nix/app.manifest"...slim generate-manifest: [NOTE] App manifest saved to "SA_nix/app.manifest"

$ slim generate-manifest TA_nix –o TA_nix/app.manifest...

$ slim generate-manifest splunk_app_for_nix –o splunk_app_for_nix/app.manifest...


"info": {

"title": "...",

"id": { ... },

"author": { ... },

"releaseDate": "...",

"description": "...",

"license": { ... },

"releaseNotes": { ... }

}

14

AppManifest- info


# Define dependencies and versions to enforce

# "dependencies": {

# "<app-id>": {

# "version": "*",

# "package": "<source-package-location>"

# }

# }

#

# Define inputs that are management tasks

# "tasks": []

15

AppManifest- examples# Define custom and dependency input groups

# "inputGroups": {

# "<group-name>": {

# "requires": {

# "<app-id>": ["<input-group-name>"]

# },

# "inputs": ["<defined-inputs>"]

# }

# }


"tasks": [

"script://./bin/scripted_inputs/ftr_lookups.py",

]

16

AppManifest– SA_nix


"inputGroups": {

"User Monitoring": {

"description": "Monitor current user sessions and login history",

"inputs": ["script://./bin/who.sh", "script://./bin/lastlog.sh”]

},

”OSX Inputs": {

"description": "ES scripted inputs supported on only OSX platforms",

"inputs": ["script://./bin/sshdChecker.sh"]

},

"Linux Inputs": {

"description": "ES scripted inputs supported on Linux platforms",

"inputs": ["script://./bin/selinuxChecker.sh"]

}

}

17

AppManifest– TA_nix


"dependencies": {

"SA_nix": {

"version": "~5.2.0",

"package": "SA_nix-5.2.0.tar.gz"

},

"TA_nix": {

"version": "^5.2.0",

"package": "TA_nix-5.2.3.tar.gz"

}

}

18

AppManifest– splunk_app_for_nix


19

CreateaSourcePackage$ slim package SA_nixslim package: Packaging app at "SA_nix”...slim package: [NOTE] Source package exported to “SA_nix-5.2.0.tar.gz”

$ slim package TA_nixslim package: Packaging app at "TA_nix”...slim package: [NOTE] Source package exported to “TA_nix-5.2.3.tar.gz”

$ slim package splunk_app_for_nixslim package: Packaging app at "splunk_app_for_nix”...slim package: [NOTE] Source package exported to “splunk_app_for_nix-5.2.0.tar.gz"


$ slim describe splunk_app_for_nix-5.2.0.tar.gzslim describe: Describing "splunk_app_for_nix-5.2.0.tar.gz"...[info]|-- The Splunk App for Unix offers new ways to alert, report, and investigate data.| |-- by Splunk, Inc.| |-- defined as splunk_app_for_nix version 5.2.0[input-groups]|-- User Monitoring defines no inputs and requires [TA_nix]|-- Linux Group defines no inputs and requires [TA_nix]|-- SunOS Group defines no inputs and requires [TA_nix]|-- OSX Group defines no inputs and requires [TA_nix][dependency-graph]|-- [email protected]| |-- [email protected] (accepting ~5.2.0)| |-- [email protected] (accepting ^5.2.0)

20

DescribeanAppPackage


21

SampleApp– UpdatedAPP

TA

enforceddependencies

manifest manifesttask-basedscriptedinputs

classified

platform-specificinputsgrouped

TA_nix.tgzSA_nix.tgz

input://taskAinput://taskB

tasksinputGroups

dependencies UserMonitoring: input://lastlog.shLinuxInputs: input://sshdChecker.shOSXInputs: input://update.sh

SA

manifest


22

BenefitsforDevsPrevious Method Packaging Toolkit

AppInfo • Scatteredacrossconf • Centralized location• Automaticallygenerated

DependencyManagement • ReleaseNotesrequired• Guessing version

compatibilities

• DefinedandEnforced• SemVer compatible

InputGroups • Allcontent,everywhere • Logicallygrouped

ManagementTasks • Undefined • Treated differently


StartonboardingyourappswiththePackagingToolkitGenerateamanifestandcustomizeyourrequirements

Giveusfeedback:[email protected]

23

CalltoActionforDevs!


24

Butwait,inthefuture…


DependenciesareexplicitlydeclaredbytheDevs– Adminscanviewandreconcileappdependenciestoavoidconflicts

automatically

InputsarelogicallygroupedbytheDevs– Adminscantargetspecificlogictotheappropriateworkloads

automatically

Evenwithoutanappmanifest,thePackagingToolkitwillbeabletopartitionbasedonadefaultsetofrules!

25

BenefitsforAdmins

AdminFlowPREVIEW


27


28


29


30


31


32


33


Appmanageability(installation/uninstallation/update)– Automaticdependencyresolution(cascading)– Mappingoflogicalinputgroupstoserverclasses– Partitioningintotargeteddeploymentpackages

Chooseyourdeploymentmechanism– Now:Chef/Ansible/Puppet/…playbook/recipe/script– Future:AppManagementUI

34

KeyTakeaways


DownloadthepublicbetaofthePackagingToolkittoday:http://dev.splunk.com/goto/packaging-toolkitComevisitusattheDev Tools&GuidanceBooth!– LearnMoreandseetheDemos

Giveusfeedback:[email protected]

35

What’sNext?

THANKYOU

Documents

Splunk App Lifecycle Management – with More Peace, Love and Rock-n-Roll! · 2017-10-08 · 3 As a developer, I want to lower my cost of Splunk app development – let me focus on