Spinnaker - HackMD

# Spinnaker ### Pre-Requirements - kubernates context configuration file to a valid cluster - aws user with s3 bucket read and write access - aws s3 bucket ### Install Halyard Run Halyard via docker container: ```shell docker run --name halyard --rm \ -p 8084:8084 -p 9000:9000 \ -v ~/.hal:/home/spinnaker/.hal -it \ --net host \ gcr.io/spinnaker-marketplace/halyard:stable ``` Log into container: ```shell docker exec -it halyard bash ``` Run initial commands in the container: ```shell source <(hal --print-bash-completion) cd mkdir .kube ``` ### Choose Cloud Providers Copy `kube.config` to the container: ```shell docker cp kube.config halyard:/home/spinnaker/.kube/config ``` Enable kubernates provider: ```shell hal config provider kubernetes enable CONTEXT=$(kubectl config current-context) hal config provider kubernetes account add my-k8s-v2-account \ --provider-version v2 \ --context $CONTEXT hal config features edit --artifacts true ``` ### Choose your Environment This selects the kubernetes cluster to deploy spinnaker, skip if will want to deploy local: ```shell hal config deploy edit --type distributed --account-name $ACCOUNT ``` ### Configure Storage Service #### Run minio ```shell docker run -p 9000:9000 -v /mnt/data:/data minio/minio server /data MINIO_SECRET_KEY=`echo $(sudo docker exec minio cat /data/.minio.sys/config/config.json) | jq -r '.credential.secretKey'` MINIO_ACCESS_KEY=`echo $(sudo docker exec minio cat /data/.minio.sys/config/config.json) | jq -r '.credential.accessKey'` ``` #### Setup storage service Configure s3 storage, dont type the access-key, the command will prompt for it: ```shell echo $MINIO_SECRET_KEY | hal config storage s3 edit \ --access-key-id $MINIO_SECRET_KEY \ --region us-east-1 \ --secret-access-key hal config storage edit --type s3 ``` ### Configure Authentication ```shell hal config security authn ldap edit \ --url ldap://ldap.uolcorp.intranet:389 --manager-dn "${MANAGER_DN}" --user-search-filter "${SEARCH_FILTER}" --user-search-base "${SEARCH_BASE}" --manager-password hal config security authn ldap enable ``` ### Configure URLs ```shell hal config security api edit \ --override-base-url http://${API_URL}:8084 hal config security ui edit \ --override-base-url http://${UI_URL}:9000 ``` ### Deploy Select version and deploy Spinnaker: ```shell hal version list hal config version edit --version $VERSION hal deploy apply echo "host: 0.0.0.0" | tee \ ~/.hal/default/service-settings/gate.yml \ ~/.hal/default/service-settings/deck.yml hal deploy apply hal deploy connect ``` Access in the browser: http://localhost:9000