Initial commit of resources

.gitignore

@@ -0,0 +1 @@
+azuredeploy.parameters.json

README.md

@@ -1,14 +1,16 @@
-# Project
+# Splunk Enterprise on Azure Kubernetes Service
 
-> This repo has been populated by an initial template to help get you started. Please
-> make sure to update the content to build a great experience for community-building.
+This repo contains automation for deploying the Splunk Enterprise Operator for Kubernetes on AKS. This includes:
+- The deployment of a virtual network for the AKS cluster
+- The deployment of a storage account and container
+- The deployment of a private DNS zone
+- The deployment of a private storage endpoint in the cluster virtual network
+- The deployment of an AKS cluster across 3 Availability Zones
+- The deployment of the Splunk Operator for Kubernetes (with multi-site Indexer cluster) via Deployment Script
+- The deployment and configuration of the open source tool min.io to enable Splunk's SmartStore feature with Azure blob storage via Deployment Script
+- The deployment of App Gateway & Ingress Controller for access to Splunk UI
 
-As the maintainer of this project, please make a few updates:
-
-- Improving this README.MD file to provide a great experience
-- Updating SUPPORT.MD with content about this project's support experience
-- Understanding the security reporting process in SECURITY.MD
-- Remove this section from the README
+> This repo is still in development, if you do find a bug or require an additional feature please do raise an issue or contribute by creating a pull request!
 
 ## Contributing
 

SUPPORT.md

@@ -1,25 +1,11 @@
-# TODO: The maintainer of this repo has not yet edited this file
-
-**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
-
-- **No CSS support:** Fill out this template with information about how to file issues and get help.
-- **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport).
-- **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide.
-
-*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
-
 # Support
 
 ## How to file issues and get help  
 
-This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
-issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
-feature request as a new Issue.
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.  For new issues, file your bug or feature request as a new Issue.
 
-For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 
-FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
-CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
+For help and questions about using this project, please start a discussion using the discussions tab.
 
 ## Microsoft Support Policy  
 
-Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
+Support for this project is limited to the resources listed above.

azuredeploy.json

@@ -0,0 +1,540 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "location": {
+      "defaultValue": "[resourceGroup().location]",
+      "type": "string",
+      "metadata": {
+        "description": "Location of all resources to be deployed"
+      }
+    },
+    "virtualNetworkAddressPrefix": {
+      "defaultValue": [ "10.0.0.0/8" ],
+      "type": "array",
+      "metadata": {
+        "description": "VNET address space."
+      }
+    },
+    "aksSubnetAddressPrefix": {
+      "defaultValue": "10.0.0.0/16",
+      "type": "string",
+      "metadata": {
+        "description": "Subnet address space."
+      }
+    },
+    "appGwSubnetAddressPrefix": {
+      "defaultValue": "10.1.0.0/24",
+      "type": "string",
+      "metadata": {
+        "description": "App GW subnet address space."
+      }
+    },
+    "minioVmSku": {
+      "type": "string",
+      "defaultValue": "Standard_D16ds_v4",
+      "metadata": {
+        "description": "VM SKU for AKS user node pool"
+      }
+    },
+    "minioNodecount": {
+      "type": "int",
+      "defaultValue": 4,
+      "metadata": {
+        "description": "Initial node count for AKS user node pool"
+      }
+    },
+    "minioMinCount": {
+      "type": "int",
+      "defaultValue": 4,
+      "metadata": {
+        "description": "Min count for AKS user node pool autoscaling"
+      }
+    },
+    "minioMaxCount": {
+      "type": "int",
+      "defaultValue": 50,
+      "metadata": {
+        "description": "Max count for AKS user node pool autoscaling"
+      }
+    },
+    "splunkVmSku": {
+      "type": "string",
+      "defaultValue": "Standard_D32ds_v4",
+      "metadata": {
+        "description": "VM SKU for AKS user node pool"
+      }
+    },
+    "splunkNodecount": {
+      "type": "int",
+      "defaultValue": 5,
+      "metadata": {
+        "description": "Initial node count for AKS user node pool"
+      }
+    },
+    "splunkMinCount": {
+      "type": "int",
+      "defaultValue": 5,
+      "metadata": {
+        "description": "Min count for AKS user node pool autoscaling"
+      }
+    },
+    "splunkMaxCount": {
+      "type": "int",
+      "defaultValue": 50,
+      "metadata": {
+        "description": "Max count for AKS user node pool autoscaling"
+      }
+    },
+    "linuxSSHKey": {
+      "type": "string",
+      "metadata": {
+        "description": "Public key for SSH authentication"
+      }
+    },
+    "adminUsername": {
+      "type": "string",
+      "metadata": {
+        "description": "Linux admin username for AKS cluster nodes"
+      }
+    },
+    "_artifactsLocation": {
+      "type": "string",
+      "metadata": {
+        "description": "The base URI where artifacts required by this template are located"
+      },
+      "defaultValue": "https://raw.githubusercontent.com/azure/splunk-enterprise-aks/main/"
+    },
+    "_artifactsLocationSasToken": {
+      "type": "securestring",
+      "metadata": {
+        "description": "The sasToken required to access artifacts"
+      },
+      "defaultValue": ""
+    },
+    "utcValue": {
+      "type": "string",
+      "defaultValue": "[utcNow()]"
+    },
+    "licenseFile": {
+      "type": "string",
+      "metadata": {
+        "description": "Splunk Enterprise license file"
+      }
+    },
+    "splunkOperatorUrl": {
+      "type": "string",
+      "defaultValue": "https://raw.githubusercontent.com/azure/splunk-enterprise-aks/main/scripts/splunk-operator-cluster.yaml",
+      "metadata": {
+        "description": "Splunk Operator install yaml"
+      }
+    }
+  },
+  "functions": [],
+  "variables": {
+    "vnetName": "splunk-vnet",
+    "clusterName": "splunk-cluster",
+    "resgpguid": "[substring(replace(guid(resourceGroup().id), '-', ''), 0, 4)]",
+    "splunkInstallScriptUri": "[uri(parameters('_artifactsLocation'), concat('scripts/splunk.sh', parameters('_artifactsLocationSasToken')))]",
+    "minioInstallScriptUri": "[uri(parameters('_artifactsLocation'), concat('scripts/minio.sh', parameters('_artifactsLocationSasToken')))]",
+    "helmValuesUri": "[uri(parameters('_artifactsLocation'), concat('scripts/values.yaml', parameters('_artifactsLocationSasToken')))]",
+    "blobStorageAccountName": "[concat('minio', variables('resgpguid'))]",
+    "blobStorageAccountPrivateEndpointName": "[concat('minio', variables('resgpguid'))]",
+    "blobStorageAccountId": "[resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName'))]",
+    "blobPublicDNSZoneForwarder": "[concat('.blob.', environment().suffixes.storage)]",
+    "blobPrivateDnsZoneName": "[concat('privatelink', variables('blobPublicDNSZoneForwarder'))]",
+    "blobPrivateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]",
+    "blobStorageAccountPrivateEndpointId": "[resourceId('Microsoft.Network/privateEndpoints', variables('blobStorageAccountPrivateEndpointName'))]",
+    "blobStorageAccountPrivateEndpointGroupName": "blob",
+    "blobPrivateDnsZoneGroup": "[concat(variables('blobStorageAccountPrivateEndpointName'),'/', variables('blobStorageAccountPrivateEndpointGroupName'), 'PrivateDnsZoneGroup')]",
+    "dsRoleAssignmentId": "[guid(resourceGroup().id, variables('dsRoleDefinitionId'), resourceId('Microsoft.ManagedIdentity/identities', variables('dsIdentityName')))]",
+    "dsRoleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]",
+    "aksRoleAssignmentId": "[guid(resourceGroup().id, variables('aksRoleDefinitionId'), resourceId('Microsoft.ManagedIdentity/identities', 'aks'))]",
+    "aksRoleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7')]",
+    "agicRoleAssignmentId": "[guid(resourceGroup().id, variables('aksRoleDefinitionId'), resourceId('Microsoft.ManagedIdentity/identities', 'agic'))]",
+    "agicRoleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7')]",
+    "dsIdentityName": "dsId",
+    "minioMaxPods": 20,
+    "splunkMaxPods": 20,
+    "splunkDeploymentYaml": "[concat(parameters('_artifactsLocation'), 'scripts/splunk.yaml')]"
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Network/virtualNetworks",
+      "name": "[variables('vnetName')]",
+      "apiVersion": "2020-05-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "addressSpace": {
+          "addressPrefixes": "[parameters('virtualNetworkAddressPrefix')]"
+        },
+        "subnets": [
+          {
+            "name": "default",
+            "properties": {
+              "addressPrefix": "[parameters('aksSubnetAddressPrefix')]",
+              "serviceEndpoints": [
+                {
+                  "service": "Microsoft.Storage"
+                }
+              ],
+              "privateEndpointNetworkPolicies": "Disabled",
+              "privateLinkServiceNetworkPolicies": "Enabled"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "name": "[variables('blobStorageAccountName')]",
+      "type": "Microsoft.Storage/storageAccounts",
+      "apiVersion": "2019-06-01",
+      "tags": {
+        "displayName": "[variables('blobStorageAccountName')]"
+      },
+      "location": "[parameters('location')]",
+      "kind": "StorageV2",
+      "sku": {
+        "name": "Standard_LRS",
+        "tier": "Standard"
+      },
+      "properties": {
+        "networkAcls": {
+          "bypass": "AzureServices",
+          "defaultAction": "Deny"
+        }
+      },
+      "resources": [
+        {
+          "type": "blobServices/containers",
+          "apiVersion": "2019-06-01",
+          "name": "default/smartstore",
+          "dependsOn": [
+            "[resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName'))]"
+          ]
+        }
+      ]
+    },
+    {
+      "type": "Microsoft.Network/privateDnsZones",
+      "apiVersion": "2018-09-01",
+      "name": "[variables('blobPrivateDnsZoneName')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/virtualNetworks/', variables('vnetName'))]"
+      ],
+      "location": "global",
+      "properties": {},
+      "resources": [
+        {
+          "name": "vnet-link",
+          "type": "virtualNetworkLinks",
+          "apiVersion": "2018-09-01",
+          "location": "global",
+          "dependsOn": [
+            "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]",
+            "[resourceId('Microsoft.Network/privateDnsZones', variables('blobPrivateDnsZoneName'))]"
+          ],
+          "properties": {
+            "virtualNetwork": {
+              "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]"
+            },
+            "registrationEnabled": false
+          }
+        }
+      ]
+    },
+    {
+      "type": "Microsoft.Network/privateEndpoints",
+      "apiVersion": "2020-04-01",
+      "name": "[variables('blobStorageAccountPrivateEndpointName')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]",
+        "[resourceId('Microsoft.Storage/storageAccounts',variables('blobStorageAccountName'))]"
+      ],
+      "properties": {
+        "privateLinkServiceConnections": [
+          {
+            "name": "[variables('blobStorageAccountPrivateEndpointName')]",
+            "properties": {
+              "privateLinkServiceId": "[variables('blobStorageAccountId')]",
+              "groupIds": [
+                "[variables('blobStorageAccountPrivateEndpointGroupName')]"
+              ]
+            }
+          }
+        ],
+        "subnet": {
+          "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), 'default')]"
+        },
+        "customDnsConfigs": [
+          {
+            "fqdn": "[concat(variables('blobStorageAccountName'), variables('blobPublicDNSZoneForwarder'))]"
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
+      "apiVersion": "2020-03-01",
+      "name": "[variables('blobPrivateDnsZoneGroup')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[variables('blobPrivateDnsZoneId')]",
+        "[variables('blobStorageAccountPrivateEndpointId')]"
+      ],
+      "properties": {
+        "privateDnsZoneConfigs": [
+          {
+            "name": "dnsConfig",
+            "properties": {
+              "privateDnsZoneId": "[variables('blobPrivateDnsZoneId')]"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.ManagedIdentity/userAssignedIdentities",
+      "name": "[variables('dsIdentityName')]",
+      "apiVersion": "2018-11-30",
+      "location": "[parameters('location')]"
+    },
+    {
+      "type": "Microsoft.Authorization/roleAssignments",
+      "apiVersion": "2018-09-01-preview",
+      "name": "[variables('dsRoleAssignmentId')]",
+      "properties": {
+        "roleDefinitionId": "[variables('dsRoleDefinitionId')]",
+        "principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('dsIdentityName')), '2018-11-30').principalId]",
+        "scope": "[resourceGroup().id]",
+        "principalType": "ServicePrincipal"
+      }
+    },
+    {
+      "type": "Microsoft.Authorization/roleAssignments",
+      "apiVersion": "2018-09-01-preview",
+      "name": "[variables('aksRoleAssignmentId')]",
+      "properties": {
+        "roleDefinitionId": "[variables('aksRoleDefinitionId')]",
+        "principalId": "[reference(resourceId('Microsoft.ContainerService/managedClusters', variables('clusterName')), '2020-11-01', 'Full').identity.principalId]",
+        "scope": "[resourceGroup().id]",
+        "principalType": "ServicePrincipal"
+      }
+    },
+    {
+      "type": "Microsoft.Authorization/roleAssignments",
+      "apiVersion": "2018-09-01-preview",
+      "name": "[variables('agicRoleAssignmentId')]",
+      "properties": {
+        "roleDefinitionId": "[variables('agicRoleDefinitionId')]",
+        "principalId": "[reference(resourceId('Microsoft.ContainerService/managedClusters', variables('clusterName')), '2020-11-01', 'Full').properties.addonProfiles.ingressApplicationGateway.identity.objectId]",
+        "scope": "[resourceGroup().id]",
+        "principalType": "ServicePrincipal"
+      }
+    },
+    {
+      "type": "Microsoft.Resources/deploymentScripts",
+      "name": "minio",
+      "apiVersion": "2019-10-01-preview",
+      "location": "[parameters('location')]",
+      "kind": "AzureCLI",
+      "dependsOn": [
+        "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('dsIdentityName'))]",
+        "[resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName'))]",
+        "[resourceId('Microsoft.ContainerService/managedClusters', variables('clusterName'))]"
+      ],
+      "identity": {
+        "type": "UserAssigned",
+        "userAssignedIdentities": {
+          "[resourceID('Microsoft.ManagedIdentity/userAssignedIdentities', 'dsId')]": {}
+        }
+      },
+      "properties": {
+        "forceUpdateTag": "[parameters('utcValue')]",
+        "AzCliVersion": "2.10.1",
+        "timeout": "PT60M",
+        "environmentVariables": [
+          {
+            "name": "RESOURCEGROUP",
+            "secureValue": "[resourceGroup().name]"
+          },
+          {
+            "name": "STORAGEACCOUNTNAME",
+            "value": "[variables('blobStorageAccountName')]"
+          },
+          {
+            "name": "STORAGEACCOUNTKEY",
+            "secureValue": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName')), '2019-06-01').keys[0].value]"
+          },
+          {
+            "name": "HELMVALUES",
+            "value": "[variables('helmValuesUri')]"
+          },
+          {
+            "name": "CLUSTERNAME",
+            "value": "[variables('clusterName')]"
+          }
+        ],
+        "primaryScriptUri": "[variables('minioInstallScriptUri')]",
+        "cleanupPreference": "OnSuccess",
+        "retentionInterval": "P1D"
+      }
+    },
+    {
+      "type": "Microsoft.Resources/deploymentScripts",
+      "name": "splunk",
+      "apiVersion": "2019-10-01-preview",
+      "location": "[parameters('location')]",
+      "kind": "AzureCLI",
+      "dependsOn": [
+        "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('dsIdentityName'))]",
+        "[resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName'))]",
+        "[resourceId('Microsoft.ContainerService/managedClusters', variables('clusterName'))]",
+        "[resourceId('Microsoft.Resources/deploymentScripts', 'minio')]"
+      ],
+      "identity": {
+        "type": "UserAssigned",
+        "userAssignedIdentities": {
+          "[resourceID('Microsoft.ManagedIdentity/userAssignedIdentities', 'dsId')]": {}
+        }
+      },
+      "properties": {
+        "forceUpdateTag": "[parameters('utcValue')]",
+        "AzCliVersion": "2.10.1",
+        "timeout": "PT60M",
+        "environmentVariables": [
+          {
+            "name": "RESOURCEGROUP",
+            "secureValue": "[resourceGroup().name]"
+          },
+          {
+            "name": "STORAGEACCOUNTNAME",
+            "value": "[variables('blobStorageAccountName')]"
+          },
+          {
+            "name": "STORAGEACCOUNTKEY",
+            "secureValue": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('blobStorageAccountName')), '2019-06-01').keys[0].value]"
+          },
+          {
+            "name": "CLUSTERNAME",
+            "value": "[variables('clusterName')]"
+          },
+          {
+            "name": "LICENSEFILE",
+            "secureValue": "[parameters('licenseFile')]"
+          },
+          {
+            "name": "SPLUNKOPERATORURL",
+            "value": "[parameters('splunkOperatorUrl')]"
+          },
+          {
+            "name": "SPLUNKDEPLOYMENTYAML",
+            "value": "[variables('splunkDeploymentYaml')]"
+          },
+          {
+            "name": "REGION",
+            "value": "[parameters('location')]"
+          }
+        ],
+        "primaryScriptUri": "[variables('splunkInstallScriptUri')]",
+        "cleanupPreference": "OnSuccess",
+        "retentionInterval": "P1D"
+      }
+    },
+    {
+      "name": "[variables('clusterName')]",
+      "type": "Microsoft.ContainerService/managedClusters",
+      "apiVersion": "2020-11-01",
+      "location": "[parameters('location')]",
+      "identity": {
+        "type": "SystemAssigned"
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]"
+      ],
+      "properties": {
+        "dnsPrefix": "[concat('minio', variables('resgpguid'))]",
+        "networkProfile": {
+          "networkPlugin": "azure",
+          "loadBalancerSku": "standard",
+          "serviceCidr": "172.16.0.0/24",
+          "dnsServiceIP": "172.16.0.10"
+        },
+        "agentPoolProfiles": [
+          {
+            "name": "system",
+            "count": 3,
+            "vmSize": "Standard_D4s_v3",
+            "osType": "Linux",
+            "osDiskSizeGB": 80,
+            "mode": "System",
+            "type": "VirtualMachineScaleSets",
+            "availabilityZones": [ "1", "2", "3" ],
+            "vnetSubnetID": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), 'default')]",
+            "nodeTaints": [
+              "CriticalAddonsOnly=true:NoSchedule"
+            ]
+          },
+          {
+            "name": "minio",
+            "count": "[parameters('minioNodecount')]",
+            "vmSize": "[parameters('minioVmSku')]",
+            "osType": "Linux",
+            "osDiskType": "Ephemeral",
+            "maxPods": "[variables('minioMaxpods')]",
+            "scaleSetPriority": "Regular",
+            "mode": "User",
+            "type": "VirtualMachineScaleSets",
+            "enableAutoScaling": true,
+            "minCount": "[parameters('minioMinCount')]",
+            "maxCount": "[parameters('minioMaxCount')]",
+            "availabilityZones": [ "1", "2", "3" ],
+            "vnetSubnetID": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), 'default')]"
+          },
+          {
+            "name": "splunk",
+            "count": "[parameters('splunkNodecount')]",
+            "vmSize": "[parameters('splunkVmSku')]",
+            "osType": "Linux",
+            "osDiskType": "Ephemeral",
+            "maxPods": "[variables('splunkMaxpods')]",
+            "scaleSetPriority": "Regular",
+            "mode": "User",
+            "type": "VirtualMachineScaleSets",
+            "enableAutoScaling": true,
+            "minCount": "[parameters('splunkMinCount')]",
+            "maxCount": "[parameters('splunkMaxCount')]",
+            "availabilityZones": [ "1", "2", "3" ],
+            "vnetSubnetID": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), 'default')]",
+            "linuxOSConfig": {
+              "transparentHugePageDefrag": "never",
+              "transparentHugePageEnabled": "never"
+            }
+          }
+        ],
+        "addonProfiles": {
+          "ingressApplicationGateway": {
+            "enabled": true,
+            "config": {
+              "applicationGatewayName": "splunk",
+              "subnetCIDR": "[parameters('appGwSubnetAddressPrefix')]"
+            }
+          }
+        },
+        "linuxProfile": {
+          "adminUsername": "[parameters('adminUsername')]",
+          "ssh": {
+            "publicKeys": [
+              {
+                "keyData": "[parameters('linuxSSHKey')]"
+              }
+            ]
+          }
+        }
+      }
+    }
+  ],
+  "outputs": {
+  }
+}

scripts/minio.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+# Download and install Helm
+wget -O helm.tgz https://get.helm.sh/helm-v3.4.1-linux-amd64.tar.gz
+tar -zxvf helm.tgz
+mv linux-amd64/helm /usr/local/bin/helm
+
+# Install kubectl
+az aks install-cli
+
+# Get minio cluster credentials
+az aks get-credentials -g $RESOURCEGROUP -n $CLUSTERNAME
+
+# Install minio helm chart
+helm repo add minio https://helm.min.io/
+wget -O values.yaml $HELMVALUES
+helm upgrade --install --wait minio minio/minio --namespace minio --create-namespace --set azuregateway.enabled=true --set accessKey=$STORAGEACCOUNTNAME --set secretKey=$STORAGEACCOUNTKEY --values values.yaml
+
+#Configure Pod Autoscaler
+kubectl autoscale deployment --namespace minio minio --cpu-percent=60 --min=3 --max=50

scripts/splunk.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+# Install kubectl
+az aks install-cli
+
+# Get minio cluster credentials
+az aks get-credentials -g $RESOURCEGROUP -n $CLUSTERNAME
+
+# Create License file
+LICENSEFILE=$(echo $LICENSEFILE | tr -d '[:blank:]\n')
+echo $LICENSEFILE | base64 -d > /tmp/Splunk.License
+
+# Install Splunk Operator
+kubectl apply -f $SPLUNKOPERATORURL
+kubectl wait --for condition="established" crd --all
+
+# Create Splunk namespace
+kubectl create namespace splunk --dry-run -o yaml | kubectl apply -f -
+
+# Add license to configmap
+kubectl create configmap --namespace splunk splunk-licenses --from-file=/tmp/Splunk.License --dry-run -o yaml | kubectl apply -f -
+
+# Add storage account auth secret
+kubectl create secret generic --namespace splunk s2keys --from-literal="s3_access_key=$STORAGEACCOUNTNAME" --from-literal="s3_secret_key=$STORAGEACCOUNTKEY"
+
+# Install Splunk
+wget -O splunk.yaml $SPLUNKDEPLOYMENTYAML
+sed -i "s/{region}/$REGION/g" splunk.yaml
+kubectl apply -f splunk.yaml

scripts/splunk.yaml

@@ -0,0 +1,234 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: splunk
+---
+apiVersion: enterprise.splunk.com/v1
+kind: ClusterMaster
+metadata:
+  name: cm
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  defaults: |-
+    splunk:
+      site: site1
+      multisite_master: localhost
+      all_sites: site1,site2,site3
+      multisite_replication_factor_origin: 1
+      multisite_replication_factor_total: 3
+      multisite_search_factor_origin: 1
+      multisite_search_factor_total: 3
+      idxc:
+        search_factor: 3
+        replication_factor: 3
+  licenseMasterRef:
+    name: lm
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+  smartstore:
+    defaults:
+      volumeName: s3
+    volumes:
+      - name: s3
+        path: smartstore/remote_volume
+        endpoint: http://minio.minio.svc.cluster.local:9000
+        secretRef: s2keys
+---
+apiVersion: enterprise.splunk.com/v1
+kind: IndexerCluster
+metadata:
+  name: indexer-site1
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  defaults: |-
+    splunk:
+      multisite_master: splunk-cm-cluster-master-service
+      site: site1
+  clusterMasterRef:
+    name: cm
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+          - key: topology.kubernetes.io/zone
+            operator: In
+            values:
+            - {region}-1
+---
+apiVersion: enterprise.splunk.com/v1
+kind: IndexerCluster
+metadata:
+  name: indexer-site2
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  defaults: |-
+    splunk:
+      multisite_master: splunk-cm-cluster-master-service
+      site: site2
+  clusterMasterRef:
+    name: cm
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+          - key: topology.kubernetes.io/zone
+            operator: In
+            values:
+            - {region}-2
+---
+apiVersion: enterprise.splunk.com/v1
+kind: IndexerCluster
+metadata:
+  name: indexer-site3
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  defaults: |-
+    splunk:
+      multisite_master: splunk-cm-cluster-master-service
+      site: site3
+  clusterMasterRef:
+    name: cm
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+          - key: topology.kubernetes.io/zone
+            operator: In
+            values:
+            - {region}-3
+---
+apiVersion: enterprise.splunk.com/v1
+kind: SearchHeadCluster
+metadata:
+  name: search
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  defaults: |-
+    splunk:
+      multisite_master: splunk-cm-cluster-master-service
+      site: site0
+  clusterMasterRef:
+    name: cm
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+---
+apiVersion: enterprise.splunk.com/v1
+kind: LicenseMaster
+metadata:
+  name: lm
+  namespace: splunk
+  finalizers:
+  - enterprise.splunk.com/delete-pvc
+spec:
+  resources:
+    requests:
+      memory: "12Gi"
+      cpu: "12"
+    limits:
+      memory: "12Gi"
+      cpu: "12"
+  clusterMasterRef:
+    name: cm
+  volumes:
+    - name: licenses
+      configMap:
+        name: splunk-licenses
+  licenseUrl: /mnt/licenses/Splunk.License
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+        - matchExpressions:
+          - key: agentpool
+            operator: In
+            values:
+            - splunk
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: monitoringconsole
+  namespace: splunk
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+spec:
+  rules:
+  - http:
+      paths:
+      - backend:
+          serviceName: splunk-splunk-monitoring-console-service
+          servicePort: 8000

scripts/values.yaml

@@ -0,0 +1,3 @@
+nodeSelector: {
+  agentpool: minio
+}