Installing Spinnaker on Openstack
By Intuitive / Apr 06,2019
Overview
In this post will learn about how to deploy a Spinnaker on Openstack instance. Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.
Prerequisites
- Inorder to run a Spinnaker, Halyard installation needed.
- Ubuntu 14.04 lts x86_64 openstack instance.
- Minio for Persistence storage.
- Openstack API that are required to be enabled on openstack.
- Keystone (Identity) v3
- Compute v2
- LBaaS v2
- Networking v2
- Orchestration (Heat)
- Ceilometer
- Telemetry Alarming (Aodh)
- Glance v1
- Choose an Environment as a Local installations of Debian packages.
Spinnaker Architecture
Spinnaker is composed of a number of independent microservices:
- Deck is the browser-based UI.
- Gate is the API gateway. The Spinnaker UI and all api callers communicate with Spinnaker via Gate.
- Orca is the orchestration engine. It handles all ad-hoc operations and pipelines.
- Clouddriver is responsible for all mutating calls to the cloud providers and for indexing/caching all deployed resources.
- Front50 is used to persist the metadata of applications, pipelines, projects and notifications.
- Rosco is the bakery. It is used to produce machine images (for example GCE images, AWS AMIs, Azure VM images). It currently wraps packer, but will be expanded to support additional mechanisms for producing images.
- Igor is used to trigger pipelines via continuous integration jobs in systems like Jenkins and Travis CI, and it allows Jenkins/Travis stages to be used in pipelines.
- Echo is Spinnaker’s eventing bus. It supports sending notifications (e.g. Slack, email, Hipchat, SMS), and acts on incoming webhooks from services like Github.
- Fiat is Spinnaker’s authorization service. It is used to query a user’s access permissions for accounts, applications and service accounts.
- Kayenta provides automated canary analysis for Spinnaker.
Install Halyard
Halyard manages the lifecycle of your Spinnaker deployment, including writing & validating your deployment’s configuration, deploying each of Spinnaker’s microservices, and updating the deployment. Created user as a ubuntu with sudo previllages enabled, follow the below steps as a ubuntu user.
-
- Get the latest version of Halyard for Debian/Ubuntu:
ubuntu@spinnaker:~$ curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/debian/InstallHalyard.sh % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 9138 100 9138 0 0 18531 0 --:--:-- --:--:-- --:--:-- 18573 ubuntu@spinnaker:~$
- Install it:
If you’re prompted for any information, default answers are usually suitable.
ubuntu@spinnaker:~$ sudo bash InstallHalyard.sh Halyard version will be stable Halyard will be downloaded from gs://spinnaker-artifacts/halyard Halyard config will come from bucket gs://halconfig Halconfig will be stored at /home/ubuntu/.hal/config Uninstall script is located at /home/ubuntu/.hal/uninstall.sh .........
- Check whether Halyard was installed properly:
ubuntu@spinnaker:~$ hal -v 1.3.1-20180620105301 ubuntu@spinnaker:~$
- Run the below to enable command completion:
ubuntu@spinnaker:~$ . ~/.bashrc ubuntu@spinnaker:~$
Configure Minio Locally
Minio is an S3-compatible object store that you can host yourself. This is the persistent storage solution we recommend when you don’t want to depend on a cloud provider to host your Spinnaker data. Follow the below steps as a root user to configure minio.
- Download the latest verison of Minio:
root@spinnaker:~$ wget https://dl.minio.io/server/minio/release/linux-amd64/minio --2018-07-09 13:46:15-- https://dl.minio.io/server/minio/release/linux-amd64/minio Resolving dl.minio.io (dl.minio.io)... 162.243.132.171 Connecting to dl.minio.io (dl.minio.io)|162.243.132.171|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 28048192 (27M) [application/octet-stream] Saving to: ‘minio’ 100%[===================================================================================================================================================================================================>] 28,048,192 7.25MB/s in 3.7s 2018-07-09 13:46:19 (7.25 MB/s) - ‘minio’ saved [28048192/28048192] root@spinnaker:~$
- Provide executable permision to Minio file:
root@spinnaker:~$ chmod +x minio root@spinnaker:~$
- Below command will give you credential info of Minio to access:
root@spinnaker:~# ./minio server /mnt/minio
- Next step we are going to configure Minio with Halyard using Minio credentials, which we got from previous command:
ubuntu@spinnaker:~$ hal config storage s3 edit --endpoint http://localhost:9001 \ > --access-key-id VI82U0FEE674IZBC8TTP \ > --secret-access-key Your AWS Secret Key.: + Get current deployment Success + Get persistent store Success Generated bucket name: spin-5accf3fb-f2a2-4eb0-bfc0-150fbdc9d5f5 + Edit persistent store Success Problems in default.persistentStorage: - WARNING Your deployment will most likely fail until you configure and enable a persistent store. + Successfully edited persistent store "s3". ubuntu@spinnaker:~$
ubuntu@spinnaker:~$ hal config storage edit --type s3 + Get current deployment Success + Get persistent storage settings Success + Edit persistent storage settings Success + Successfully edited persistent storage. ubuntu@spinnaker:~$
Minio persistent storage has been configured and ready to use for Spinnaker installation.
Configure Openstack API on Ubuntu
Download Openstack RC file v3 from openstack api access & security.
Configure the file and run locally on ubuntu, which is downloaded from openstack.
ubuntu@spinnaker:~$ cat vmware-cloud-openrc.sh
[2]+ Stopped vim vmware-cloud-openrc.sh
ubuntu@spinnaker:~$ rm vmware-cloud-openrc.sh/
rm: cannot remove ‘vmware-cloud-openrc.sh/’: Is a directory
ubuntu@spinnaker:~$ rm -r vmware-cloud-openrc.sh/
ubuntu@spinnaker:~$ ls
] InstallHalyard.sh minio
ubuntu@spinnaker:~$ vim vmware-cloud-openrc.sh
ubuntu@spinnaker:~$ cat vm
cat: vm: No such file or directory
ubuntu@spinnaker:~$ cat vmware-cloud-openrc.sh
#!/usr/bin/env bash
# To use an OpenStack cloud you need to authenticate against the Identity
# service named keystone, which returns a **Token** and **Service Catalog**.
# The catalog contains the endpoints for all services the user/tenant has
# access to - such as Compute, Image Service, Identity, Object Storage, Block
# Storage, and Networking (code-named nova, glance, keystone, swift,
# cinder, and neutron).
#
# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other
# OpenStack API is version 3. For example, your cloud provider may implement
# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
# only for the Identity API served through keystone.
export OS_AUTH_URL=http://10.9.80.50:5000/v3
# With the addition of Keystone we have standardized on the term **project**
# as the entity that owns the resources.
export OS_PROJECT_ID=af33d031da1743b199e6f90b75ca3d6d
export OS_PROJECT_NAME="vmware-cloud"
export OS_USER_DOMAIN_NAME="Default"
if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi
# unset v2.0 items in case set
unset OS_TENANT_ID
unset OS_TENANT_NAME
# In addition to the owning entity (tenant), OpenStack stores the entity
# performing the action as the **user**.
export OS_USERNAME="karthik1"
# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT
# If your configuration has multiple regions, we set that information here.
# OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME="us-east"
# Don't leave a blank variable, unset it if it was empty
if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3
ubuntu@spinnaker:~$
Enter the openstack login password for API access:
ubuntu@spinnaker:~$ source vmware-cloud-openrc.sh
Please enter your OpenStack Password for project vmware-cloud as user karthik1:
ubuntu@spinnaker:~$
Choose an Environment as a Local Debian
The Local Debian installation means Spinnaker will be downloaded and run on the single machine Halyard is currently installed on.
The Local Debian installation is intended for smaller deployments of Spinnaker, and for clouds where the Distributed installation is not yet supported; however, since all services are on a single machine, there will be downtime when Halyard updates Spinnaker.
ubuntu@spinnaker:~$ hal config deploy edit --type localdebian
+ Get current deployment
Success
+ Get the deployment environment
Success
- No changes supplied.
ubuntu@spinnaker:~$
Deploy Spinnaker
Now that we’ve enabled one Cloud Provider, picked a Deployment Environment, and configured Persistent Storage, we’re ready to pick a version of Spinnaker, deploy it, and connect to it.
- List the available versions:
ubuntu@spinnaker:~$ hal version list
+ Get current deployment
Success
+ Get Spinnaker version
Success
+ Get released versions
Success
+ You are on version "", and the following are available:
- 1.5.4 (Atypical):
Changelog: https://gist.github.com/spinnaker-release/6b9fd632caeaefd32246074998af8498
Published: Wed Jan 10 18:46:49 UTC 2018
(Requires Halyard >= 0.40.0)
- 1.6.1 (GLOW):
Changelog: https://gist.github.com/spinnaker-release/f1cd6232151b70492ebdcbb557a209fc
Published: Wed Apr 04 19:20:54 UTC 2018
(Requires Halyard >= 0.41.0)
- 1.7.6 (Ozark):
Changelog: https://gist.github.com/spinnaker-release/5d3af465f07eaca64f4383167877897d
Published: Tue May 29 16:26:20 UTC 2018
(Requires Halyard >= 1.0.0)
- 1.8.0 (Dark):
Changelog: https://gist.github.com/spinnaker-release/9b37ca56f2bfa676a60ecbd9a9ebffbd
Published: Fri Jun 22 17:48:29 UTC 2018
(Requires Halyard >= 1.0.0)
ubuntu@spinnaker:~$
- Set the version you want to use:
ubuntu@spinnaker:~$ hal config version edit --version 1.8.0
+ Get current deployment
Success
+ Edit Spinnaker version
Success
+ Spinnaker has been configured to update/install version "1.8.0".
Deploy this version of Spinnaker with `hal deploy apply`.
ubuntu@spinnaker:~$
- Deploy Spinnaker:
sudo hal deploy apply
Exposing Spinnaker on OpenStack Network
This post focuses on a Local environment. To prevent inadvertently exposing your cloud infrastructure to the whole world, Halyard installs Spinnaker in its most locked-down form. This means all services only bind to localhost , which only accepts connections from inside the same server.
On the other hand, Distributed environment services bind to 0.0.0.0 , which allows them to receive requests from services running on different hosts. This is essential to scaling Spinnaker to large enterprise deployments as a high-availability service.
Opening Gate and Deck
We’ll specify the 0.0.0.0 host in both gate.yml and deck.yml in our default Halyard deployment with this command:
ubuntu@spinnaker:~$ echo "host: 0.0.0.0" | tee \
> ~/.hal/default/service-settings/gate.yml \
> ~/.hal/default/service-settings/deck.yml
host: 0.0.0.0
ubuntu@spinnaker:~$
Run sudo hal deploy apply
to update the changes to spinnaker.
Now, You can test this out by navigating to the instance’s public IP address on port 9000 in your browser.