Installing Spinnaker on Openstack

By Intuitive / Apr 06,2019

Overview

In this post will learn about how to deploy a Spinnaker on Openstack instance. Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence.

Prerequisites

Inorder to run a Spinnaker, Halyard installation needed.
Ubuntu 14.04 lts x86_64 openstack instance.
Minio for Persistence storage.
Openstack API that are required to be enabled on openstack.
- Keystone (Identity) v3
- Compute v2
- LBaaS v2
- Networking v2
- Orchestration (Heat)
- Ceilometer
- Telemetry Alarming (Aodh)
- Glance v1
Choose an Environment as a Local installations of Debian packages.

Spinnaker Architecture

Spinnaker is composed of a number of independent microservices:

Deck is the browser-based UI.
Gate is the API gateway. The Spinnaker UI and all api callers communicate with Spinnaker via Gate.
Orca is the orchestration engine. It handles all ad-hoc operations and pipelines.
Clouddriver is responsible for all mutating calls to the cloud providers and for indexing/caching all deployed resources.
Front50 is used to persist the metadata of applications, pipelines, projects and notifications.
Rosco is the bakery. It is used to produce machine images (for example GCE images, AWS AMIs, Azure VM images). It currently wraps packer, but will be expanded to support additional mechanisms for producing images.
Igor is used to trigger pipelines via continuous integration jobs in systems like Jenkins and Travis CI, and it allows Jenkins/Travis stages to be used in pipelines.
Echo is Spinnaker’s eventing bus. It supports sending notifications (e.g. Slack, email, Hipchat, SMS), and acts on incoming webhooks from services like Github.
Fiat is Spinnaker’s authorization service. It is used to query a user’s access permissions for accounts, applications and service accounts.
Kayenta provides automated canary analysis for Spinnaker.

Install Halyard

Halyard manages the lifecycle of your Spinnaker deployment, including writing & validating your deployment’s configuration, deploying each of Spinnaker’s microservices, and updating the deployment. Created user as a ubuntu with sudo previllages enabled, follow the below steps as a ubuntu user.

Get the latest version of Halyard for Debian/Ubuntu:

ubuntu@spinnaker:~$ curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/debian/InstallHalyard.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  9138  100  9138    0     0  18531      0 --:--:-- --:--:-- --:--:-- 18573
ubuntu@spinnaker:~$

Install it:

If you’re prompted for any information, default answers are usually suitable.

ubuntu@spinnaker:~$ sudo bash InstallHalyard.sh
Halyard version will be stable
Halyard will be downloaded from gs://spinnaker-artifacts/halyard
Halyard config will come from bucket gs://halconfig
Halconfig will be stored at /home/ubuntu/.hal/config
Uninstall script is located at /home/ubuntu/.hal/uninstall.sh
.........

Check whether Halyard was installed properly:

ubuntu@spinnaker:~$ hal -v
1.3.1-20180620105301
ubuntu@spinnaker:~$

Run the below to enable command completion:

ubuntu@spinnaker:~$ . ~/.bashrc
ubuntu@spinnaker:~$

Configure Minio Locally

Minio is an S3-compatible object store that you can host yourself. This is the persistent storage solution we recommend when you don’t want to depend on a cloud provider to host your Spinnaker data. Follow the below steps as a root user to configure minio.

Download the latest verison of Minio:

root@spinnaker:~$ wget https://dl.minio.io/server/minio/release/linux-amd64/minio
--2018-07-09 13:46:15--  https://dl.minio.io/server/minio/release/linux-amd64/minio
Resolving dl.minio.io (dl.minio.io)... 162.243.132.171
Connecting to dl.minio.io (dl.minio.io)|162.243.132.171|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 28048192 (27M) [application/octet-stream]
Saving to: ‘minio’
100%[===================================================================================================================================================================================================>] 28,048,192  7.25MB/s   in 3.7s
2018-07-09 13:46:19 (7.25 MB/s) - ‘minio’ saved [28048192/28048192]
root@spinnaker:~$

Provide executable permision to Minio file:

root@spinnaker:~$ chmod +x minio
root@spinnaker:~$

Below command will give you credential info of Minio to access:

root@spinnaker:~# ./minio server /mnt/minio

Next step we are going to configure Minio with Halyard using Minio credentials, which we got from previous command:

ubuntu@spinnaker:~$ hal config storage s3 edit --endpoint http://localhost:9001 \
> --access-key-id VI82U0FEE674IZBC8TTP \
> --secret-access-key
Your AWS Secret Key.:
+ Get current deployment
  Success
+ Get persistent store
  Success
Generated bucket name: spin-5accf3fb-f2a2-4eb0-bfc0-150fbdc9d5f5
+ Edit persistent store
  Success
Problems in default.persistentStorage:
- WARNING Your deployment will most likely fail until you configure
  and enable a persistent store.

+ Successfully edited persistent store "s3".
ubuntu@spinnaker:~$

ubuntu@spinnaker:~$ hal config storage edit --type s3
+ Get current deployment
  Success
+ Get persistent storage settings
  Success
+ Edit persistent storage settings
  Success
+ Successfully edited persistent storage.
ubuntu@spinnaker:~$

Minio persistent storage has been configured and ready to use for Spinnaker installation.

Configure Openstack API on Ubuntu

Download Openstack RC file v3 from openstack api access & security.

Configure the file and run locally on ubuntu, which is downloaded from openstack.

ubuntu@spinnaker:~$ cat vmware-cloud-openrc.sh

[2]+  Stopped                 vim vmware-cloud-openrc.sh
ubuntu@spinnaker:~$ rm vmware-cloud-openrc.sh/
rm: cannot remove ‘vmware-cloud-openrc.sh/’: Is a directory
ubuntu@spinnaker:~$ rm -r vmware-cloud-openrc.sh/
ubuntu@spinnaker:~$ ls
]  InstallHalyard.sh  minio
ubuntu@spinnaker:~$ vim vmware-cloud-openrc.sh
ubuntu@spinnaker:~$ cat vm
cat: vm: No such file or directory
ubuntu@spinnaker:~$ cat vmware-cloud-openrc.sh
#!/usr/bin/env bash

# To use an OpenStack cloud you need to authenticate against the Identity
# service named keystone, which returns a **Token** and **Service Catalog**.
# The catalog contains the endpoints for all services the user/tenant has
# access to - such as Compute, Image Service, Identity, Object Storage, Block
# Storage, and Networking (code-named nova, glance, keystone, swift,
# cinder, and neutron).
#
# *NOTE*: Using the 3 *Identity API* does not necessarily mean any other
# OpenStack API is version 3. For example, your cloud provider may implement
# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
# only for the Identity API served through keystone.
export OS_AUTH_URL=http://10.9.80.50:5000/v3

# With the addition of Keystone we have standardized on the term **project**
# as the entity that owns the resources.
export OS_PROJECT_ID=af33d031da1743b199e6f90b75ca3d6d
export OS_PROJECT_NAME="vmware-cloud"
export OS_USER_DOMAIN_NAME="Default"
if [ -z "$OS_USER_DOMAIN_NAME" ]; then unset OS_USER_DOMAIN_NAME; fi

# unset v2.0 items in case set
unset OS_TENANT_ID
unset OS_TENANT_NAME

# In addition to the owning entity (tenant), OpenStack stores the entity
# performing the action as the **user**.
export OS_USERNAME="karthik1"

# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT

# If your configuration has multiple regions, we set that information here.
# OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME="us-east"
# Don't leave a blank variable, unset it if it was empty
if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi

export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3

ubuntu@spinnaker:~$

Enter the openstack login password for API access:

ubuntu@spinnaker:~$ source vmware-cloud-openrc.sh
Please enter your OpenStack Password for project vmware-cloud as user karthik1:
ubuntu@spinnaker:~$

Choose an Environment as a Local Debian

The Local Debian installation means Spinnaker will be downloaded and run on the single machine Halyard is currently installed on.

The Local Debian installation is intended for smaller deployments of Spinnaker, and for clouds where the Distributed installation is not yet supported; however, since all services are on a single machine, there will be downtime when Halyard updates Spinnaker.

ubuntu@spinnaker:~$ hal config deploy edit --type localdebian
+ Get current deployment
  Success
+ Get the deployment environment
  Success
- No changes supplied.
ubuntu@spinnaker:~$

Deploy Spinnaker

Now that we’ve enabled one Cloud Provider, picked a Deployment Environment, and configured Persistent Storage, we’re ready to pick a version of Spinnaker, deploy it, and connect to it.

List the available versions:

ubuntu@spinnaker:~$ hal version list
+ Get current deployment
  Success
+ Get Spinnaker version
  Success
+ Get released versions
  Success
+ You are on version "", and the following are available:
 - 1.5.4 (Atypical):
   Changelog: https://gist.github.com/spinnaker-release/6b9fd632caeaefd32246074998af8498
   Published: Wed Jan 10 18:46:49 UTC 2018
   (Requires Halyard >= 0.40.0)
 - 1.6.1 (GLOW):
   Changelog: https://gist.github.com/spinnaker-release/f1cd6232151b70492ebdcbb557a209fc
   Published: Wed Apr 04 19:20:54 UTC 2018
   (Requires Halyard >= 0.41.0)
 - 1.7.6 (Ozark):
   Changelog: https://gist.github.com/spinnaker-release/5d3af465f07eaca64f4383167877897d
   Published: Tue May 29 16:26:20 UTC 2018
   (Requires Halyard >= 1.0.0)
 - 1.8.0 (Dark):
   Changelog: https://gist.github.com/spinnaker-release/9b37ca56f2bfa676a60ecbd9a9ebffbd
   Published: Fri Jun 22 17:48:29 UTC 2018
   (Requires Halyard >= 1.0.0)

ubuntu@spinnaker:~$

Set the version you want to use:

ubuntu@spinnaker:~$ hal config version edit --version 1.8.0
+ Get current deployment
  Success
+ Edit Spinnaker version
  Success
+ Spinnaker has been configured to update/install version "1.8.0".
  Deploy this version of Spinnaker with `hal deploy apply`.
ubuntu@spinnaker:~$

Deploy Spinnaker:
sudo hal deploy apply

Exposing Spinnaker on OpenStack Network

This post focuses on a Local environment. To prevent inadvertently exposing your cloud infrastructure to the whole world, Halyard installs Spinnaker in its most locked-down form. This means all services only bind to localhost , which only accepts connections from inside the same server.

On the other hand, Distributed environment services bind to 0.0.0.0 , which allows them to receive requests from services running on different hosts. This is essential to scaling Spinnaker to large enterprise deployments as a high-availability service.

Opening Gate and Deck

We’ll specify the 0.0.0.0 host in both gate.yml and deck.yml in our default Halyard deployment with this command:

ubuntu@spinnaker:~$ echo "host: 0.0.0.0" | tee \
> ~/.hal/default/service-settings/gate.yml \
> ~/.hal/default/service-settings/deck.yml
host: 0.0.0.0
ubuntu@spinnaker:~$

Run sudo hal deploy apply to update the changes to spinnaker.

Now, You can test this out by navigating to the instance’s public IP address on port 9000 in your browser.

Installing Spinnaker on Openstack