Deploy Spinnaker onto K8S and access via Ingress

-

Deploy Spinnaker onto K8S and access via Ingress

In this small story, I would like to share how I deployed Spinnaker onto Kubernetes and accessed it via ingress.
Spinnaker is a multi-cloud continuous delivery platform. It provides two main features.
  • Application management
  • Application deployment
Back in my previous company we used Spinnaker to deploy our microservices onto Kubernetes clusters. I did not involve in setting up the Spinnaker but I created pipelines for microservices. But I always wanted to setup Spinnaker by my own.
As usual I started reading Spinnaker documentation. According to the documentation the recommended way to setup Spinnaker is a distributed installation onto a Kubernetes cluster. So I wanted to try that.
Instructions given by the Spinnaker documentation, were followed.
I installed Halyard using below 2 commands,
curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/macos/InstallHalyard.sh
sudo bash InstallHalyard.sh
Then I setup my cloud provider as kubernetes.
hal config provider kubernetes enable
Then added an account.
CONTEXT=$(kubectl config current-context)
ACCOUNT=do-k8s-v2-account
hal config provider kubernetes account add $ACCOUNT \
    --provider-version v2 \
    --context $CONTEXT
hal config features edit --artifacts true
Then Halyard was configured to deploy Spinnaker onto Kubernetes. As it is the recommended way to use in production.
hal config deploy edit --type distributed --account-name $ACCOUNT
Then I setup a value for LONGEST_SERVICE_STARTUP_TIME. That is used for liveness-probe-initial-delay-seconds . I setup it as 600 but it can be changed according to your requirement (My k8s is very basic one first time it took some time to spin up pods).
hal config deploy edit --liveness-probe-enabled true --liveness-probe-initial-delay-seconds $LONGEST_SERVICE_STARTUP_TIME
Then I selected Redis as my storage. But it is not recommended for production(for this demo it is enough).
hal config storage edit --type redis
Then I did very important thing that is not in the documentation. I setup UI hostname and API host name. I did it using below 2 commands.
hal config security ui edit \
    --override-base-url http://spinnaker.prod

hal config security api edit \
    --override-base-url http://spinnaker-api.prod
Then Spinnaker version was configured.
hal config version edit --version 1.13.12
Then I applied these changes using below command.
hal deploy apply
When you run above command you will get an error similar below.
Error from server (AlreadyExists): error when creating "STDIN": namespaces
"spinnaker" already exists
Try again running the same command. It will solve the that issue.
What is important next is I created an ingress rules for Spinnaker UI(dek) and API(gate)
Ingress for Gate
Ingress for Spinnaker Dek
Then I got public IP for Spinnaker UI and API by running kubectl get ingress -n spinnaker command.
Spinnaker Ingress
Then I added host entries for spinnaker.prod and spinnaker-api.prod. Then accessed Spinnaker using spinnaker.prod host name. If it doesn’t work first time then you will have to restart spin-deck pod.
Spinnaker via Ingress

Comments

Post a Comment

Popular posts from this blog

Docker sizing Java application

-
Image
Many developers put java in docker yet they face many issues from development to running containers. Docker sizing Java application As  a Java developer, I faced many issues when dockerizing and running java applications. Running dockrized java application When we start our development we used java 8 as our runtime environment. We ran jars as separate processes (yes using java -jar ) in VM, at that time there was no requirement to dockerize applications and everything worked without any major issues. Later we experienced the need for dockerizing applications. Then we faced many performance issues. Our initial docker environment was just docker containers running in a VM without any container orchestration. When we compared dockerized application with normal java application, the performance of dockerized application was not good. When we set the memory limits for docker application, most of the applications threw  java.lang.OutOfMemoryError: Java heap space .   When we inves
Read more

Spinnaker Authentication with Keycloak

-
Image
Spinnaker Authentication with Keycloak In my previous  story  I explained how I deployed Spinnaker onto Kubernetes and enabled public access via ingress. In this short story I’m going to explain how I secure Spinnaker by enabling authentication with Keycloak. For this demo I used Kubernetes running on my Mac and also I’m not going to explain OAuth 2.0, OpenID Connect, all the features of Keycloak. Keycloak Keycloak is an Open Source software for Identity and Access Management. It is developed on the top of  Wildfly   server. It provides support for standard protocols like OpenID Connect, OAuth 2.0, and SAML. Authentication Spinnaker authentication involves three main components. They are, Deck  : Sinnaker UI. That is what you see when you access spinnaker. Gate : API gateway for Spinnaker. All the requests go through the Gate and check whether the request is coming from authenticated user. Identity Provider:  In our case this is Keycloak. Spinnaker Authen
Read more

Four Event Driven Patterns

-
Image
In this story I would like to explain my understanding of the Event Driven Architecture(EDA) and its patterns. I was assigned to introduce the CQRS pattern in my previous company. That is how I got to know about EDA. EDA comes with a lot of concepts like  Events, Commands, Event sourcing, Aggreate, Evet Reaplay  etc.. . I’ll briefly explain what EDA is and what common patterns are. Event Driven Architecture(EDA) EDA is producing, captureing , processing and persisting of Events . The concept of the EDA is not new. When we talk about EDA, we can identify two types of objects, those are  Event  and  Command.  We cannot do a proper implementation without knowing these two. Command Command is a request to a system to do something and sometimes expects a response for that. Command is very specific and it has a known destination. That means we know what is going to process and who is going to execute our command. Let’s take an Ordering System as an example. When we want to
Read more