This repository has been archived by the owner on Feb 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 16.7k
[stable/spinnaker] Leverage Halyard for installation #6407
Merged
Merged
Changes from 46 commits
Commits
Show all changes
63 commits
Select commit
Hold shift + click to select a range
c24e566
Use Halyard for Spinnaker installation
e6b3516
Bump spinnaker version in Chart.yaml
860d3da
Add whitespace in helpers
1f5b171
Remove dependency on Jenkins
a6f8865
Fix cleanup
922a6b9
Fix NOTES command for exec into hal
caf18ce
No longer need override_config_map helper
88c57ca
Simplify cleanup job
716576b
Remove halyard-pvc empty file
d5f558b
Update README
b43b281
Add lwander as maintainer of Spinnaker chart
a397e5f
Make halyard-local config simpler
e52f106
Remove type: Opaque from kubeconfig map
c1e12a9
Mount GCS key on Halyard statefulset
df6efb0
Fix credentials when using kubeConfig.enabled
e15e03d
Allow custom config to be provided at install time.
1cae6ff
Fix port-forward commands in README
cd651f7
Configure Halyard's RBAC
39653bb
Use redis deployed by helm
d15f23b
Use Deck to route /gate requests
961c58b
Fix RBAC in default configuration
7782318
Scope template helper names
eaceaser 07924be
Helper for resource metadata
eaceaser 9cc213f
Enable spinnakerFeatureFlags
dpujadas 7667063
Fix deck service name
dpujadas 9d11408
Merge pull request #11 from eaceaser/spin-v1.0.0-updates
407f9ee
Merge branch 'spin-v1.0.0' into spin-v1.0.0-fix-ingress
f7c214d
Merge pull request #13 from GekoCloud/spin-v1.0.0-fix-ingress
fc44dc5
Basic S3 support.
eaceaser 248cb4c
Smallish updates.
eaceaser edb4204
Merge pull request #15 from eaceaser/spin-v1.0.0-updates-2
ae289b4
Merge branch 'spin-v1.0.0' into spin-v1.0.0-s3
9e13f54
Merge pull request #14 from eaceaser/spin-v1.0.0-s3
997019c
Enable 'jobs' feature flag by default
dpujadas 420d626
Merge branch 'spin-v1.0.0' into spin-v1.0.0-feature-flags
267801f
Merge pull request #12 from GekoCloud/spin-v1.0.0-feature-flags
2263457
Fix typo in README
43eee44
Follow RBAC best practices for chart
c2776d5
Remove trailing space
3a03a5a
update helm dependencies
paulczar 1f30a21
Merge pull request #17 from paulczar/update-minio-redis-deps
d681f66
support username/password for docker registry
paulczar 0e87bb6
fix variable condition for registrysecret
paulczar 668572f
remove rogue sleep command from debugging
paulczar 40c50ac
add readme info about using secret for registry passwords
paulczar c43836b
Merge pull request #18 from paulczar/repo-creds
4cb44d0
fix writing the secret key to hal's config
eaceaser 4e00d00
Merge pull request #19 from eaceaser/spin-v1.0.0-s3fix
20f5165
Enable artifacts by default
552f4ba
Allow Halyard and Spinnaker SAs to be configurable
8f64a11
Use custom SA in halyard SS if passed
56dbdc9
Default to version 1.8.4 of Spinnaker
2d1c4cf
Simplify ingress values, fix nodeports for svcs
5e35e41
Slight change; moving 'host' to be under Ingress resource
sc250024 bcec62e
Merge pull request #21 from sc250024/spin-v1.0.0
933e6a3
Merge branch 'master' into spin-v1.0.0
e3576ae
Updater Spinnaker to 1.8.5
8f4b952
Make nodeport exposure idempotent
eaceaser 5fd48a2
Add newline
b61619a
Add newline
eda73e2
Add newline
f586f23
Add newline
7297496
Merge pull request #24 from eaceaser/spin-v1.0.0-nodeport-fix
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,8 +1,8 @@ | ||
| apiVersion: v1 | ||
| description: Open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. | ||
| name: spinnaker | ||
| version: 0.5.0 | ||
| appVersion: 1.6.0 | ||
| version: 1.0.0 | ||
| appVersion: 1.8.0 | ||
| home: http://spinnaker.io/ | ||
| sources: | ||
| - https://github.com/spinnaker | ||
|
|
@@ -11,3 +11,5 @@ icon: https://pbs.twimg.com/profile_images/669205226994319362/O7OjwPrh_400x400.p | |
| maintainers: | ||
| - name: viglesiasce | ||
| email: [email protected] | ||
| - name: lwander | ||
| email: [email protected] | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| approvers: | ||
| - viglesiasce | ||
| - lwander | ||
| reviewers: | ||
| - viglesiasce | ||
| - lwander |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,8 +3,8 @@ | |
| [Spinnaker](http://spinnaker.io/) is an open source, multi-cloud continuous delivery platform. | ||
|
|
||
| ## Chart Details | ||
| This chart will provision a fully functional and fully featured Spinnaker installation | ||
| that can deploy and manage applications in the cluster that it is deployed to. | ||
| This chart will provision a fully functional and fully featured Spinnaker installation | ||
| that can deploy and manage applications in the cluster that it is deployed to. | ||
|
|
||
| Redis and Minio are used as the stores for Spinnaker state. | ||
|
|
||
|
|
@@ -15,10 +15,10 @@ For more information on Spinnaker and its capabilities, see it's [documentation] | |
| To install the chart with the release name `my-release`: | ||
|
|
||
| ```bash | ||
| $ helm install --name my-release stable/spinnaker | ||
| $ helm install --name my-release stable/spinnaker --timeout 600 | ||
| ``` | ||
|
|
||
| Note that this chart pulls in many different Docker images so can take a while to fully install. | ||
| Note that this chart pulls in many different Docker images so can take a while to fully install. | ||
|
|
||
| ## Configuration | ||
|
|
||
|
|
@@ -55,5 +55,64 @@ for Spinnaker. If you want to add arbitrary clusters need to do the following: | |
| contexts: | ||
| # Names of contexts available in the uploaded kubeconfig | ||
| - my-context | ||
| # This is the context from the list above that you would like | ||
| # to deploy Spinnaker itself to. | ||
| deploymentContext: my-context | ||
| ``` | ||
|
|
||
| ## Specifying Docker Registries and Valid Images (Repositories) | ||
|
|
||
| Spinnaker will only give you access to Docker images that have been whitelisted, if you're using a private registry or a private repository you also need to provide credentials. Update the following values of the chart to do so: | ||
|
|
||
| ```yaml | ||
| dockerRegistries: | ||
| - name: dockerhub | ||
| address: index.docker.io | ||
| repositories: | ||
| - library/alpine | ||
| - library/ubuntu | ||
| - library/centos | ||
| - library/nginx | ||
| # - name: gcr | ||
| # address: https://gcr.io | ||
| # username: _json_key | ||
| # password: '<INSERT YOUR SERVICE ACCOUNT JSON HERE>' | ||
| # email: [email protected] | ||
| ``` | ||
|
|
||
| You can provide passwords as a Helm value, or you can use a pre-created secret containing your registry passwords. The secret should have an item per Registry in the format: `<registry name>: <password>`. In which case you'll specify the secret to use in `dockerRegistryAccountSecret` like so: | ||
|
|
||
| ```yaml | ||
| dockerRegistryAccountSecret: myregistry-secrets | ||
| ``` | ||
|
|
||
| ## Customizing your installation | ||
|
|
||
| ### Manual | ||
| While the default installation is ready to handle your Kubernetes deployments, there are | ||
| many different integrations that you can turn on with Spinnaker. In order to customize | ||
| Spinnaker, you can use the [Halyard](https://www.spinnaker.io/reference/halyard/) command line `hal` | ||
| to edit the configuration and apply it to what has already been deployed. | ||
|
|
||
| Halyard has an in-cluster daemon that stores your configuration. You can exec a shell in this pod to | ||
| make and apply your changes. The Halyard daemon is configured with a persistent volume to ensure that | ||
| your configuration data persists any node failures, reboots or upgrades. | ||
|
|
||
| For example: | ||
|
|
||
| ```shell | ||
| $ helm install -n cd stable/spinnaker | ||
| $ kubectl exec -it cd-spinnaker-halyard-0 bash | ||
| spinnaker@cd-spinnaker-halyard-0:/workdir$ hal version list | ||
| ``` | ||
|
|
||
| ### Automated | ||
| If you have known set of commands that you'd like to run after the base config steps or if | ||
| you'd like to override some settings before the Spinnaker deployment is applied, you can enable | ||
| the `halyard.additionalConfig.enabled` flag. You will need to create a config map that contains a key | ||
| containing the `hal` commands you'd like to run. You can set the key via the config map name via `halyard.additionalConfig.configMapName` and the key via `halyard.additionalConfig.configMapKey`. The `DAEMON_ENDPOINT` environment variable can be used in your custom commands to | ||
| get a prepopulated URL that points to your Halyard daemon within the cluster. For example: | ||
|
|
||
| ```shell | ||
| hal --daemon-endpoint $DAEMON_ENDPOINT config security authn oauth2 enable | ||
| ``` | ||
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this shell command be present in a ConfigMap map that we manually create?
If so, could we also provide a sample
yamlfor this ConfigMap, to make things a little bit easier to understand?I'm imagining that we would need to do something like:
vi my-custom-hal-cmds-configmap.yamlkubectl apply -f my-custom-hal-cmds-configmap.yamlAnd then run
helm install stable/spinnaker --set halyard.additionalConfig.configMapName=my-custom-halyard-config --set halyard.additionalConfig.configMapKey=custom_commands.shIs that right?