splunk · omrozowicz-splunk · Oct 15, 2025 · Oct 1, 2025
@@ -2,6 +2,11 @@
 
 ## Unreleased
 
+### Changed
+
+### Fixes
+- fix problem with service rendering when `traps.service.usemetallb` is set to false
+
 ## [1.14.1]
 - update mongodb volumePermission image repository to `bitnamileagcy`
 

@@ -94,7 +94,7 @@ Create the name of the service account to use
 Whether enable traps
 */}}
 {{- define "splunk-connect-for-snmp.traps.enable" -}}
-{{- if or (and (eq .Values.traps.service.type "LoadBalancer") .Values.traps.loadBalancerIP ) (and (eq .Values.traps.service.type "NodePort") .Values.traps.service.nodePort) }}
+{{- if or (and (eq .Values.traps.service.type "LoadBalancer") .Values.traps.loadBalancerIP ) (and (eq .Values.traps.service.type "NodePort") .Values.traps.service.nodePort ) ( not .Values.traps.service.usemetallb) }}
 {{- printf "true" }}
 {{- else }}
 {{- printf "false" }}

@@ -104,23 +104,27 @@ microk8s kubectl rollout restart deployment snmp-splunk-connect-for-snmp-trap -n
 
 ### Define external gateway for traps
 
-If you use SC4SNMP on a single machine, configure `loadBalancerIP`.
-`loadBalancerIP` is the IP address in the metallb pool. 
+#### Using MetalLB LoadBalancer
+
+If you use SC4SNMP on a multinode setup, configure `loadBalancerIP`.
+`loadBalancerIP` should be an IP assigned from your MetalLB address pool in the same subnet as your cluster nodes can reach.
 See the following example:
 
 ```yaml
 traps:
   loadBalancerIP: 10.202.4.202
 ```
-If you have enabled the Ipv6 you need to pass IP addresses for both IPv4 and IPv6.
+If you have enabled IPv6 dual‑stack, provide both IPv4 and IPv6 addresses as a comma‑separated list:
 See the following example:
 
 ```yaml
 traps:
   loadBalancerIP: 10.202.4.202,2001:0DB8:AC10:FE01:0000:0000:0000:0001
 ```
 
-If you want to use the SC4SNMP trap receiver in K8S cluster, configure `NodePort` instead. Use the following configuration:
+#### Using NodePort
+
+For single‑node clusters or simple setups without a load balancer, you can expose the traps receiver on a fixed port across all node IPs with `NodePort`:
 
 ```yaml
 traps:
@@ -130,15 +134,28 @@ traps:
     nodePort: 30000
 ```
 
-Using this method, the SNMP trap will always be forwarded to one of the trap receiver pods listening on port 30000 (like in the
-example above, you can configure to any other port). So, it does not matter that IP address of which node you use. 
-Adding nodePort will make it end up in the correct place everytime. 
+This way the trap receiver will be available on all node IPs on port 30000.
+
+#### Using Cloud Load Balancer
+
+You can also deploy the traps receiver without MetalLB or NodePort, using Kubernetes Service annotations supported by your cloud platform.
+For example, on AWS EKS you can enable an AWS Network Load Balancer with annotations:
+
+```yaml
+traps:
+  service:
+    usemetallb: false
+    annotations:
+      service.beta.kubernetes.io/aws-load-balancer-type: external
+      service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
+      service.beta.kubernetes.io/aws-load-balancer-scheme: internal
+```
 
-A good practice is to create an IP floating address/Anycast pointing to the healthy nodes, so the traffic is forwarded in case of the
-failover. To do this, create an external LoadBalancer that balances the traffic between nodes.
 
 ### Define number of traps server replica
+
 `replicaCount` defines that the number of replicas per trap container should be 2 times the number of nodes.
+
 ```yaml
 traps:
   #For production deployments the value should be at least 2x the number of nodes

@@ -0,0 +1,21 @@
+---
+# Source: splunk-connect-for-snmp/templates/common/scheduler-config.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: splunk-connect-for-snmp-config
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-scheduler
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+data:
+  config.yaml: |-
+      communities:
+        public:
+          communityIndex:
+          contextEngineId:
+          contextName:
+          tag:
+          securityName:
@@ -0,0 +1,9 @@
+---
+# Source: splunk-connect-for-snmp/templates/common/splunk-secret.yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: splunk-connect-for-snmp-splunk
+type: Opaque
+data:
+  hec_token: "MDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw"
@@ -0,0 +1,18 @@
+---
+# Source: splunk-connect-for-snmp/templates/common/traps-config.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: splunk-connect-for-snmp-traps
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-scheduler
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+data:
+  config.yaml: |-
+      communities:
+        2c:
+        - public
+        - homelab
@@ -0,0 +1,10 @@
+---
+# Source: splunk-connect-for-snmp/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: release-name-splunk-connect-for-snmp-user
+  labels:
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
@@ -0,0 +1,18 @@
+---
+# Source: splunk-connect-for-snmp/templates/sim/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: release-name-splunk-connect-for-snmp-sim
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-sim
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+spec:
+  minAvailable: 80%
+  selector:
+    matchLabels:
+        app.kubernetes.io/name: splunk-connect-for-snmp-sim
+        app.kubernetes.io/instance: release-name
@@ -0,0 +1,35 @@
+---
+# Source: splunk-connect-for-snmp/templates/tests/test-connection.yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "release-name-splunk-connect-for-snmp-trap-test-connection"
+  labels:
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+    "helm.sh/hook": test
+    "kube-score/ignore": "pod-probes,pod-networkpolicy"
+spec:
+  containers:
+    - name: wget
+      image: busybox:1.34.1
+      imagePullPolicy: Always
+      command: ['wget']
+      args: ['release-name-splunk-connect-for-snmp-trap:162']
+      securityContext:
+        capabilities:
+          drop:
+          - ALL
+        readOnlyRootFilesystem: true
+        runAsNonRoot: true
+        runAsUser: 10001
+        runAsGroup: 10001
+      resources:
+        limits:
+          memory: 128Mi
+        requests:
+          cpu: 100m
+          memory: 128Mi            
+  restartPolicy: Never
@@ -0,0 +1,122 @@
+---
+# Source: splunk-connect-for-snmp/templates/traps/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: release-name-splunk-connect-for-snmp-trap
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-trap
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: splunk-connect-for-snmp-trap
+      app.kubernetes.io/instance: release-name
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: splunk-connect-for-snmp-trap
+        app.kubernetes.io/instance: release-name
+    spec:
+      serviceAccountName: release-name-splunk-connect-for-snmp-user
+      securityContext:
+        fsGroup: 10001
+      containers:
+        - name: splunk-connect-for-snmp-traps
+          securityContext:
+            capabilities:
+              drop:
+                - ALL
+            readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 10001
+            runAsGroup: 10001
+          image: "ghcr.io/splunk/splunk-connect-for-snmp/container:CURRENT-VERSION"
+          imagePullPolicy: Always
+          args:
+            [
+              "trap"
+            ] 
+          env:
+            - name: CONFIG_PATH
+              value: /app/config/config.yaml
+            - name: CELERY_BROKER_URL
+              value: redis://release-name-redis-master:6379/0
+            - name: MONGO_URI
+              value: mongodb://release-name-mongodb:27017
+            - name: MIB_SOURCES
+              value: "http://release-name-mibserver/asn1/@mib@"
+            - name: MIB_INDEX
+              value: "http://release-name-mibserver/index.csv"
+            - name: MIB_STANDARD
+              value: "http://release-name-mibserver/standard.txt"
+            - name: LOG_LEVEL
+              value: INFO
+            - name: DISABLE_MONGO_DEBUG_LOGGING
+              value: "true"
+            - name: PYSNMP_DEBUG
+              value: ""
+            - name: SPLUNK_HEC_SCHEME
+              value: "https"
+            - name: SPLUNK_HEC_HOST
+              value: "10.202.18.152"
+            - name: SPLUNK_HEC_PORT
+              value: "8088"
+            - name: SPLUNK_HEC_INSECURESSL
+              value: "true"
+            - name: INCLUDE_SECURITY_CONTEXT_ID
+              value: "false"
+            - name: SNMP_V3_SECURITY_ENGINE_ID
+              value: 80003a8c04
+            - name: SPLUNK_HEC_TOKEN
+              valueFrom:
+                  secretKeyRef:
+                    name: splunk-connect-for-snmp-splunk
+                    key: hec_token
+            - name: IPv6_ENABLED
+              value: "false"
+          ports:
+            - name: snmp-udp
+              containerPort: 2162
+              protocol: UDP
+          volumeMounts:
+            - name: config
+              mountPath: "/app/config"
+              readOnly: true
+            - name: pysnmp-cache-volume
+              mountPath: "/.pysnmp/"
+              readOnly: false                
+            - name: tmp
+              mountPath: "/tmp/"
+              readOnly: false                    
+
+          resources:
+            {}
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 1
+              podAffinityTerm:
+                topologyKey: kubernetes.io/hostname
+                labelSelector:
+                  matchLabels:
+                      app.kubernetes.io/name: splunk-connect-for-snmp-trap
+                      app.kubernetes.io/instance: release-name
+      volumes:
+        # You set volumes at the Pod level, then mount them into containers inside that Pod
+        - name: config
+          configMap:
+            # Provide the name of the ConfigMap you want to mount.
+            name: splunk-connect-for-snmp-traps
+            # An array of keys from the ConfigMap to create as files
+            items:
+              - key: "config.yaml"
+                path: "config.yaml"
+        - name: pysnmp-cache-volume
+          emptyDir: {}    
+        - name: tmp
+          emptyDir: {}
@@ -0,0 +1,18 @@
+---
+# Source: splunk-connect-for-snmp/templates/traps/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: release-name-splunk-connect-for-snmp-trap
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-trap
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+spec:
+  minAvailable: 80%
+  selector:
+    matchLabels:
+        app.kubernetes.io/name: splunk-connect-for-snmp-trap
+        app.kubernetes.io/instance: release-name
@@ -0,0 +1,28 @@
+---
+# Source: splunk-connect-for-snmp/templates/traps/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: release-name-splunk-connect-for-snmp-trap
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-trap
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: ip
+    service.beta.kubernetes.io/aws-load-balancer-scheme: internal
+    service.beta.kubernetes.io/aws-load-balancer-type: external
+
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: Local
+  ports:
+    - port: 162
+      targetPort: 2162
+      protocol: UDP
+      name: snmp-udp
+  selector:
+    app.kubernetes.io/name: splunk-connect-for-snmp-trap
+    app.kubernetes.io/instance: release-name
@@ -0,0 +1,18 @@
+---
+# Source: splunk-connect-for-snmp/templates/worker/pdb.yaml
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: release-name-splunk-connect-for-snmp-worker
+  labels:
+    app.kubernetes.io/name: splunk-connect-for-snmp-worker
+    app.kubernetes.io/instance: release-name
+    helm.sh/chart: splunk-connect-for-snmp-CURRENT-VERSION
+    app.kubernetes.io/version: "CURRENT-VERSION"
+    app.kubernetes.io/managed-by: Helm
+spec:
+  minAvailable: 80%
+  selector:
+    matchLabels:
+        app.kubernetes.io/name: splunk-connect-for-snmp-worker
+        app.kubernetes.io/instance: release-name