Install the EKS add-on with secure token handling

Deploy the Splunk Distribution of the OpenTelemetry Collector Amazon EKS add-on onto an Amazon EKS cluster.

  1. Subscribe to the add-on in AWS Marketplace.

    In your AWS Marketplace, ensure that:

    • You have sufficient permissions in your AWS account to enable this add-on.

    • Complete the subscription process in the AWS console. Go to the AWS Marketplace Page to add the Splunk Distribution of the OpenTelemetry Collector Amazon EKS add-on to your AWS account.

  2. Meet the following prerequisites:
    Credentials
    Make sure you have credentials for Splunk Observability Cloud or Splunk Platform.
    Destination requirements

    Splunk Observability Cloud

    Splunk Platform (Splunk Enterprise or Splunk Cloud):

  3. Add the add-on to your EKS clusters.

    You can use eksctl, the AWS Management Console, or the AWS CLI. Follow the steps in the Amazon EKS user guide.

  4. Configure the add-on with improved security.

    Create a YAML file tailored to your Splunk set-up. You can use the YAML samples below, replacing placeholder values with your specific configuration details.

    CAUTION: For security reasons, avoid including tokens or any sensitive data in the configuration file, as EKS add-on configurations are exposed within the EKS web console.
    Note: For more specific configuration information, see Install the Collector for Kubernetes using Helm.
    Splunk Observability Cloud
    YAML
    splunkObservability:
        realm: your-splunk-realm
    clusterName: your-eks-cluster-name
    cloudProvider: aws
    distribution: eks
    
    secret:
        create: false
        name: splunk-otel-collector
        validateSecret: false
    Splunk Platform

    For Splunk Platform, create a splunkObservability section but set splunkObservability.accessToken and splunkObservability.realm to empty strings as in the example below.

    YAML
    splunkPlatform:
      endpoint: http://localhost:8088/services/collector
      token: your-hec-token
    clusterName: your-eks-cluster-name
    cloudProvider: aws
    distribution: eks
    
    splunkObservability:
      accessToken: ""
      realm: ""
  5. Add your secret and deploy.

    Deploy the secret into the Splunk monitoring namespace by applying a YAML file, or by using the kubectl command.

    YAML

    To deploy the secret, use a distinct Kubernetes secret YAML file with sensitive tokens, separate from the add-on configuration YAML.

    Use the command:

    DEFAULT
    kubectl apply -f splunk-otel-collector-secret.yaml

    Here's a template for the secret YAML file:

    YAML
    apiVersion: v1
    kind: Secret
    metadata:
        name: splunk-otel-collector
        namespace: splunk-monitoring
    type: Opaque
    data:
        splunk_observability_access_token: your-splunk-access-token 
        splunk_platform_hec_token: your-hec-token  # Add this line only if using with splunkPlatform
    kubectl

    Create a secret using a kubectl command:

    For splunkObservability:

    YAML
    kubectl create secret generic splunk-otel-collector \
        --from-literal=splunk_observability_access_token=your-splunk-access-token \
        -n splunk-monitoring

    Replace your-splunk-access-token with your actual Splunk Observability Cloud access token.

    For splunkPlatform:

    YAML
    kubectl create secret generic splunk-otel-collector \
        --from-literal=splunk_platform_hec_token=your-hec-token \
        -n splunk-monitoring

    Replace your-hec-token with your actual Splunk Platform HEC token.

  6. Wait for the Collector to detect your secret and start running successfully.