Updating for version 7.1.1

CONTRIBUTING.md

@@ -14,7 +14,7 @@ If you experience problems or see unexpected behavior with this project, create
 
 0. Version of this project you're using (ex: 1.5.0)
 0. Platform version (ex: Windows Server 2012 R2)
-0. Splunk version (ex: 6.6.1)
+0. Splunk version (ex: 7.1.1)
 0. Other relevant information (ex: local/remote environment, Splunk network configuration)
 
 Alternatively, if you have a Splunk question please ask on [Splunk Answers][answers].

enterprise/Dockerfile

@@ -1,10 +1,11 @@
 FROM debian:jessie
 
 ENV SPLUNK_PRODUCT splunk
-ENV SPLUNK_VERSION 6.6.1
-ENV SPLUNK_BUILD aeae3fe0c5af
+ENV SPLUNK_VERSION 7.1.1
+ENV SPLUNK_BUILD 8f0ead9ec3db
 ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 
+
 ENV SPLUNK_HOME /opt/splunk
 ENV SPLUNK_GROUP splunk
 ENV SPLUNK_USER splunk
@@ -16,16 +17,16 @@ RUN groupadd -r ${SPLUNK_GROUP} \
     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
 
 # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
-RUN apt-get update && apt-get install -y locales \
-    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+RUN apt-get update  && apt-get install -y --no-install-recommends apt-utils && apt-get install -y locales && rm -rf /var/lib/apt/lists/* \
+	&& localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
 # pdfgen dependency
-RUN apt-get install -y libgssapi-krb5-2
+RUN apt-get update && apt-get install -y libgssapi-krb5-2 && rm -rf /var/lib/apt/lists/*
 
 # Download official Splunk release, verify checksum and unzip in /opt/splunk
 # Also backup etc folder, so it will be later copied to the linked volume
-RUN apt-get install -y wget sudo \
+RUN apt-get update && apt-get install -y wget sudo \
     && mkdir -p ${SPLUNK_HOME} \
     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
@@ -56,4 +57,4 @@ WORKDIR /opt/splunk
 VOLUME [ "/opt/splunk/etc", "/opt/splunk/var" ]
 
 ENTRYPOINT ["/sbin/entrypoint.sh"]
-CMD ["start-service"]
+CMD ["start-service"]

enterprise/README.md

@@ -1,6 +1,6 @@
 # Supported tags
 
-* `6.6.1`,`latest`- Splunk Enterprise base image [Dockerfile](https://github.com/splunk/docker-splunk/blob/master/enterprise/Dockerfile)
+* `7.1.1`,`latest`- Splunk Enterprise base image [Dockerfile](https://github.com/splunk/docker-splunk/blob/master/enterprise/Dockerfile)
 * `6.5.3-monitor` - Splunk Enterprise with Docker Monitoring [Dockerfile](https://github.com/splunk/docker-itmonitoring/blob/master/enterprise/Dockerfile)
 
 # What is Splunk Enterprise?
@@ -16,16 +16,17 @@ If you have not used Docker before, see the [Getting started tutorial](https://d
 0. (Optional) Sign up for a Docker ID at [Docker Hub](https://hub.docker.com).
 0. Download and install Docker on your system.
 0. Open a shell prompt or Terminal window.
-0. Enter the following command to pull the Splunk Enterprise version 6.6.1 image.<br>
+0. Enter the following command to pull the Splunk Enterprise version 7.1.1 image.<br>
 
    ```bash
    docker pull splunk/splunk
    ```
 0. Run the Docker image.
 
    ```bash
-   docker run -d -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_USER=root" -p "8000:8000" splunk/splunk
+   docker run -d -e "SPLUNK_START_ARGS=--accept-license --gen-and-print-passwd" -e "SPLUNK_USER=root" -p "8000:8000" splunk/splunk
    ```
+0. Find randomly generated admin password in docker logs for this container.
 0. Access the Splunk instance with a browser by using the Docker machine IP address and Splunk Web port. For example, ``http://localhost:8000`
 
 See [How to use the Splunk Enterprise Docker image](#How-to-use-the-Splunk-Enterprise-Docker-image) for additional example commands.
@@ -35,10 +36,10 @@ See [How to use the Splunk Enterprise Docker image](#How-to-use-the-Splunk-Enter
 The following commands can be run from a shell prompt or Docker QuickStart Terminal (on Mac OS X).
 
 
-### Pull an image for version 6.6.1 of Splunk Enterprise from this repository
+### Pull an image for version 7.1.1 of Splunk Enterprise from this repository
 
 ```bash
-docker pull splunk/splunk:6.6.1
+docker pull splunk/splunk:7.1.1
 ```
 
 ### Pull an image that uses the latest version of Splunk Enterprise from this repository
@@ -52,13 +53,13 @@ docker pull splunk/splunk:latest
 This command starts a Splunk Enterprise instance from the Docker container in this repository, accepts the license agreement, and opens TCP port 8000 so that you can access the Splunk instance from your local machine.
 
 ```bash
-docker run --name splunk --hostname splunk -p 8000:8000 -d -e "SPLUNK_START_ARGS=--accept-license" splunk/splunk:6.6.1
+docker run --name splunk --hostname splunk -p 8000:8000 -d -e "SPLUNK_START_ARGS=--accept-license --gen-and-print-passwd" splunk/splunk:7.1.1
 ```
 ### Start a Splunk Enterprise container and mount the necessary container volumes
 
 ```bash
 docker run --name vsplunk -v /opt/splunk/etc -v /opt/splunk/var busybox
-docker run --hostname splunk --name splunk --volumes-from=vsplunk -p 8000:8000 -d -e "SPLUNK_START_ARGS=--accept-license" splunk/splunk:6.6.1
+docker run --hostname splunk --name splunk --volumes-from=vsplunk -p 8000:8000 -d -e "SPLUNK_START_ARGS=--accept-license --gen-and-print-passwd" splunk/splunk:7.1.1
 ```
 
 > Note:
@@ -70,7 +71,7 @@ docker run --hostname splunk --name splunk --volumes-from=vsplunk -p 8000:8000 -
 ### Start a Splunk Enterprise container and mount volumes from host
 
 ```bash
-docker run --name splunk --hostname splunk -p 8000:8000  -e "SPLUNK_START_ARGS=--accept-license" -v /opt/splunk/etc:/opt/splunk/etc -v /opt/splunk/var:/opt/splunk/var  splunk/splunk:6.6.1
+docker run --name splunk --hostname splunk -p 8000:8000  -e "SPLUNK_START_ARGS=--accept-license --gen-and-print-passwd" -v /opt/splunk/etc:/opt/splunk/etc -v /opt/splunk/var:/opt/splunk/var  splunk/splunk:7.1.1
 ```
 
 ### Use entrypoint.sh to execute Splunk commands
@@ -91,32 +92,30 @@ You can also use entrypoint.sh to configure Splunk services with environment var
 2. Open `docker-compose.yml` for editing.
 3. Insert the following block of text into the file.
 
-   ```
-   version: '2'
-   services:
-    vsplunk:
-        image: busybox
-        volumes:
-         - /opt/splunk/etc
-         - /opt/splunk/var
-        splunk:
-         image: splunk/splunk:6.5.3-monitor
-         hostname: splunkenterprise
-         environment:
-          SPLUNK_START_ARGS: --accept-license --answer-yes
-          SPLUNK_ENABLE_LISTEN: 9997
-          SPLUNK_ADD: tcp 1514
-          SPLUNK_USER: root
-         volumes_from:
-          - vsplunk
-         volumes:
-          - /var/lib/docker/containers:/host/containers:ro
-          - /var/run/docker.sock:/var/run/docker.sock:ro
-         ports:
-          - "8000:8000"
-          - "9997:9997"
-          - "8088:8088"
-          - "1514:1514"
+```
+version: '3'
+
+volumes:
+  opt-splunk-etc:
+  opt-splunk-var:
+
+services:
+  splunkenterprise:
+
+    hostname: splunkenterprise
+    image: splunk/splunk:7.1.1
+    environment:
+      SPLUNK_START_ARGS: --accept-license --gen-and-print-passwd
+      SPLUNK_ENABLE_LISTEN: 9997
+      SPLUNK_ADD: tcp 1514
+    volumes:
+      - opt-splunk-etc:/opt/splunk/etc
+      - opt-splunk-var:/opt/splunk/var
+    ports:
+      - "8000:8000"
+      - "9997:9997"
+      - "8088:8088"
+      - "1514:1514"
    ```
 4. Save the file and close it.
 5. Run the `docker-compose` utility in the same directory.
@@ -131,7 +130,7 @@ You can also use entrypoint.sh to configure Splunk services with environment var
 
 The `splunk/splunk` image comes in several variants:
 
-`splunk/splunk:6.6.1`
+`splunk/splunk:7.1.1`
 This is the default Splunk Enterprise image.
 
 `splunk/splunk:6.5.3-monitor`

enterprise/build.sh

@@ -3,7 +3,7 @@ if [ -z $CURRENT ]; then
 	CURRENT=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
 fi
 
-docker build --no-cache=true -t splunk/splunk:6.6.1 .
-docker tag splunk/splunk:6.6.1 splunk/splunk:latest 
-docker tag splunk/splunk:6.6.1 registry.splunk.com/splunk/splunk:latest 
-docker tag splunk/splunk:6.6.1 registry.splunk.com/splunk/splunk:6.6.1 
+docker build --no-cache=true -t splunk/splunk:7.1.1 .
+docker tag splunk/splunk:7.1.1 splunk/splunk:latest 
+docker tag splunk/splunk:7.1.1 registry.splunk.com/splunk/splunk:latest 
+docker tag splunk/splunk:7.1.1 registry.splunk.com/splunk/splunk:7.1.1 

enterprise/docker-compose.yml

@@ -1,30 +1,31 @@
 # must accept EULA the first time that the image is started
-# docker run splunk/enterprise:6.6.1
+# docker run splunk/enterprise:7.1.1
 # Options on how to review the EULA and accept it: 
-# 1. docker run -it splunk/enterprisetrial:6.6.1
+# 1. docker run -it splunk/enterprisetrial:7.1.1
 # 2. Add the following environment variable: SPLUNK_START_ARGS=--accept-license
 # e.g., docker run -e "SPLUNK_START_ARGS=--accept-license" splunk/enterprisetrial 
 
-# Support for Docker Compose v2, https://docs.docker.com/compose/overview/
-version: '2'
+# Support for Docker Compose v3, https://docs.docker.com/compose/overview/
+version: '3'
+
+volumes:
+  opt-splunk-etc:
+  opt-splunk-var:
+
 services:
-  vsplunk:
-    image: busybox
-    volumes:
-      - /opt/splunk/etc
-      - /opt/splunk/var
   splunkenterprise:
     #build: .
     hostname: splunkenterprise
-    image: splunk/splunk:6.6.1
+    image: splunk/splunk:7.1.1
     environment:
       SPLUNK_START_ARGS: --accept-license
       SPLUNK_ENABLE_LISTEN: 9997
       SPLUNK_ADD: tcp 1514
-    volumes_from:
-      - vsplunk
+    volumes:
+      - opt-splunk-etc:/opt/splunk/etc
+      - opt-splunk-var:/opt/splunk/var
     ports:
       - "8000:8000"
       - "9997:9997"
       - "8088:8088"
-      - "1514:1514"
+      - "1514:1514"

enterprise/entrypoint.sh

@@ -51,8 +51,8 @@ Splunk Enterprise
 
   Usage:
 
-    docker run -it splunk/enterprise:6.6.1
-    docker run --env SPLUNK_START_ARGS="--accept-license" splunk/enterprise:6.6.1
+    docker run -it splunk/enterprise:7.1.1
+    docker run --env SPLUNK_START_ARGS="--accept-license" splunk/enterprise:7.1.1
 
 EOF
     exit 1

enterprise/publishImage.sh

@@ -1,7 +1,7 @@
 
-docker push splunk/splunk:6.6.1
+docker push splunk/splunk:7.1.1
 docker push splunk/splunk:latest
-docker push registry.splunk.com/splunk/splunk:6.6.1
+docker push registry.splunk.com/splunk/splunk:7.1.1
 docker push registry.splunk.com/splunk/splunk:latest
 
 

universalforwarder/Dockerfile

@@ -1,8 +1,8 @@
 FROM debian:jessie
 
 ENV SPLUNK_PRODUCT universalforwarder
-ENV SPLUNK_VERSION 6.6.1
-ENV SPLUNK_BUILD aeae3fe0c5af
+ENV SPLUNK_VERSION 7.1.1
+ENV SPLUNK_BUILD 8f0ead9ec3db
 ENV SPLUNK_FILENAME splunkforwarder-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 
 ENV SPLUNK_HOME /opt/splunk
@@ -16,13 +16,17 @@ RUN groupadd -r ${SPLUNK_GROUP} \
     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
 
 # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
-RUN apt-get update && apt-get install -y locales \
-    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+#RUN apt-get update && apt-get install -y locales \
+#    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+#ENV LANG en_US.utf8
+
+RUN apt-get update && apt-get install -y locales && rm -rf /var/lib/apt/lists/* \
+	&& localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
 # Download official Splunk release, verify checksum and unzip in /opt/splunk
 # Also backup etc folder, so it will be later copied to the linked volume
-RUN apt-get install -y wget sudo \
+RUN apt-get update && apt-get install -y wget sudo \
     && mkdir -p ${SPLUNK_HOME} \
     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \

universalforwarder/README.md

@@ -1,6 +1,6 @@
 # Supported tags
 
-* `6.6.1`, `latest` - Splunk universal forwarder base image [Dockerfile](https://github.com/splunk/docker-splunk/blob/master/enterprise/Dockerfile)
+* `7.1.0`, `latest` - Splunk universal forwarder base image [Dockerfile](https://github.com/splunk/docker-splunk/blob/master/enterprise/Dockerfile)
 * `6.5.3-monitor` - Splunk universal forwarder with Docker Monitoring [Dockerfile](https://github.com/splunk/docker-itmonitoring/blob/master/universalforwarder/Dockerfile)
 
 # What is the Splunk Universal Forwarder?
@@ -18,7 +18,7 @@ If you have not used Docker before, see the [Getting started tutorial](https://d
 0. (Optional) Sign up for a Docker ID at [Docker Hub](https://hub.docker.com).
 0. Download and install Docker on your system.
 0. Open a shell prompt or Terminal window.
-0. Enter the following command to pull the Splunk Enterprise version 6.6.1 image.<br>
+0. Enter the following command to pull the Splunk Enterprise version 7.1.0 image.<br>
 
 
    ```bash
@@ -49,14 +49,14 @@ The universal forwarder docker image can collect data from a host and send data
 The following commands are examples of how to pull and run the universal forwarder Docker image. They can be run from a shell prompt or Docker QuickStart Terminal (on Mac OS X).
 
 ### Pull an image from this repository for the universal fowarder with the Docker data collection inputs
-The `6.6.1-monitor` tag ensures that the universal forwarder has the data inputs you need to get stats from a Docker container.
+The `7.1.0-monitor` tag ensures that the universal forwarder has the data inputs you need to get stats from a Docker container.
 
 ```bash
-docker pull splunk/universalforwarder:6.6.1-monitor
+docker pull splunk/universalforwarder:7.1.0-monitor
 ```
 
 ### Pull the latest version of the image from this repository
-The `6.6.1` and `latest` versions only have the forwarder and do not have any of the data inputs.
+The `7.1.0` and `latest` versions only have the forwarder and do not have any of the data inputs.
 =======
 The `6.5.3-monitor` tag ensures that the universal forwarder has the data inputs you need to get stats from a Docker container.
 
@@ -101,28 +101,27 @@ You can also use entrypoint.sh to configure Splunk services with environment var
 0. Open `docker-compose.yml` for editing.
 0. Insert the following block of text into the file.
 
-   ```
-   version: '2'
-   services:
-    vsplunk_uf:
-     image: busybox
-     volumes:
-       - /opt/splunk/etc
-       - /opt/splunk/var
-
-    splunkuniversalforwarder:
-     image: splunk/splunkuniversalforwarder:6.5.3-monitor
-     hostname: splunkuniversalforwarder
-     environment:
-        SPLUNK_START_ARGS: --accept-license --answer-yes
-        SPLUNK_FORWARD_SERVER: splunkenterprise:9997
-        SPLUNK_USER: root
-     restart: always
-     volumes_from:
-       - vsplunk_uf
-     volumes:
-       - /var/lib/docker/containers:/host/containers:ro
-       - /var/run/docker.sock:/var/run/docker.sock:ro
+```
+version: '3'
+
+volumes:
+  opt-splunk-etc:
+  opt-splunk-var:
+
+services:
+  splunkuniversalforwarder:
+
+    hostname: splunkuniversalforwarder
+    image: splunk/universalforwarder:7.1.0
+    environment: SPLUNK_START_ARGS: --accept-license
+    volumes:
+      - opt-splunk-etc:/opt/splunk/etc
+      - opt-splunk-var:/opt/splunk/var
+    ports:
+      - "8000:8000"
+      - "9997:9997"
+      - "8088:8088"
+      - "1514:1514"
    ```
 0. Save the file and close it.
 0. Run the `docker-compose` utility.
@@ -136,7 +135,7 @@ You can also use entrypoint.sh to configure Splunk services with environment var
 
 The `splunk/universalforwarder` image comes in the following variants:
 
-`splunk/universalforwarder:6.6.1` and `splunk/universalforwarder:latest`
+`splunk/universalforwarder:7.1.0` and `splunk/universalforwarder:latest`
 This is the default universal forwarder image.
 
 `splunk/universalforwarder:6.5.3-monitor`