forked from dcos/examples
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
58 changed files
with
593 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,169 @@ | ||
| # DC/OS Spinnaker Service Guide | ||
|
|
||
|
|
||
| # Overview | ||
|
|
||
| DC/OS Spinnaker is an automated service that makes it easy to deploy and manage [Spinnaker](https://www.spinnaker.io/) on [DC/OS](https://mesosphere.com/product/). | ||
|
|
||
| Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. | ||
|
|
||
| Created at Netflix, it has been battle-tested in production by hundreds of teams over millions of deployments. It combines a powerful and flexible pipeline management system with integrations to the major cloud providers. | ||
|
|
||
| ### Note | ||
| The DC/OS Spinnaker service currently only works with **DC/OS Enterprise**. See also the [release notes](docs/RELEASE_NOTES.md). | ||
|
|
||
|
|
||
|
|
||
| # Install | ||
|
|
||
| ## Create DC/OS User | ||
| In the DC/OS console under Organization create a user to be used by Spinnaker to provision DC/OS services. The user has to have the following permissions. | ||
|
|
||
| ``` | ||
| dcos:superuser | ||
| ``` | ||
|
|
||
| You will need the user name and password for the *clouddriver-local.yml* configuration in the following step. | ||
|
|
||
|
|
||
| ## Prepare Spinnaker configuration | ||
|
|
||
| Use the following command to download Spinnaker configuration templates to get started. | ||
| ``` | ||
| curl -O https://s3-us-west-1.amazonaws.com/mbgl-bucket/spinnaker/assets/spin-config.zip && unzip spin-config.zip && cd config && chmod +x gen-configjson | ||
| ``` | ||
|
|
||
| You will have to tailor the Spinnaker yml configuration files for your specific needs. | ||
|
|
||
| **Note:** If you follow the links to the detailed Spinnaker configuration options you will also see the configuration of service dependencies. Don't worry about those configurations they are all taken care of by the DC/OS Spinnaker framework. | ||
|
|
||
|
|
||
| ### [front50-local.yml](config/front50-local.yml) | ||
| Front50 is the Spinnaker **persistence service**. The file shows how to configure the AWS S3 (enabled=true) and GCS (enabled=false) persistence plugin. | ||
|
|
||
| For giving spinnaker a 1st spin on DC/OS you can use the S3 compatible minio service availble from the DC/OS catalog. Configure it to be available on port 9001 via the marathon-lb. The only addition that you need in the front50-local.yml is the specification of the S3 enpoint url shown in the following. | ||
| ``` | ||
| ... | ||
| s3: | ||
| enabled: true | ||
| bucket: <s3-bucket-name> | ||
| rootFolder: <name-of-folder-in-the-s3-bucket> | ||
| endpoint: http://marathon-lb.marathon.mesos:9001 | ||
| ... | ||
| ``` | ||
|
|
||
| In order to complete the front50 configuration you have to configure the following secrets in DC/OS. You have to create all of them, you create the ones you are not using with empty content. | ||
| ``` | ||
| dcos security secrets create -v <your-aws-access-key-id> spinnaker/aws_access_key_id | ||
| dcos security secrets create -v <your-aws-secret-access-key> spinnaker/aws_secret_access_key | ||
| dcos security secrets create -v <your-gcp-key> spinnaker/gcp_key | ||
| ``` | ||
|
|
||
| For more configuration options see [spinnaker/front50](https://github.com/spinnaker/front50/blob/master/front50-web/config/front50.yml), and [spinnaker/spinnaker](https://github.com/spinnaker/spinnaker/blob/master/config/front50.yml). | ||
|
|
||
|
|
||
| ### [clouddriver-local.yml](config/clouddriver-local.yml) | ||
| Clouddriver is the Spinnaker **cloud provider service**. The file shows how to configure the DC/OS provider plugin. | ||
|
|
||
| For more configuration options see [spinnaker/clouddriver](https://github.com/spinnaker/clouddriver/blob/master/clouddriver-web/config/clouddriver.yml), and [spinnaker/spinnaker](https://github.com/spinnaker/spinnaker/blob/master/config/clouddriver.yml). | ||
|
|
||
|
|
||
| ### [echo-local.yml](config/echo-local.yml) (optional) | ||
| Echo is the Spinnaker **notification service**. The file shows how to configure the email notification plugin. | ||
|
|
||
| For more configuration options see [spinnaker/echo](https://github.com/spinnaker/echo/blob/master/echo-web/config/echo.yml), and [spinnaker/spinnaker](https://github.com/spinnaker/spinnaker/blob/master/config/echo.yml). | ||
|
|
||
|
|
||
| ### [igor-local.yml](config/igor-local.yml) (optional) | ||
| Igor is the Spinnaker **trigger service**. The file shows how to configure the dockerRegsitry trigger plugin. | ||
|
|
||
| For more configuration options see [spinnaker/igor](https://github.com/spinnaker/igor/blob/master/igor-web/config/igor.yml), and [spinnaker/spinnaker](https://github.com/spinnaker/spinnaker/blob/master/config/igor.yml). | ||
|
|
||
|
|
||
| ### Create config.json file with gen-configjson | ||
| Once you are done with tailoring the Spinnaker yml configuration files use the following command in the config folder to produce the *config.json* file that we will have to pass on package install. Optional yml configuration files for which you dont want to specify content at this point should be removed from config folder. | ||
|
|
||
| ``` | ||
| ./gen-configjson | ||
| ``` | ||
|
|
||
|
|
||
| ## Install the Spinnaker service | ||
|
|
||
| ``` | ||
| dcos package install --yes spinnaker --options=<path>/config.json | ||
| ``` | ||
|
|
||
| ## Install the Spinnaker proxy service | ||
|
|
||
| Create a proxy.json file with the following content. | ||
|
|
||
| ``` | ||
| { | ||
| "id": "spinnaker-proxy", | ||
| "container": { | ||
| "type": "DOCKER", | ||
| "docker": { | ||
| "image": "realmbgl/spinproxy", | ||
| "forcePullImage": true | ||
| } | ||
| }, | ||
| "args": [], | ||
| "cpus": 0.1, | ||
| "mem": 256, | ||
| "env": { | ||
| }, | ||
| "instances": 1, | ||
| "constraints": [], | ||
| "acceptedResourceRoles": [ | ||
| "slave_public" | ||
| ] | ||
| } | ||
| ``` | ||
|
|
||
| The proxy will run on the public agent and serve both the spinnaker user interface (deck service) and api (gate service). | ||
|
|
||
| Use the following command to launch the proxy. | ||
|
|
||
| ``` | ||
| dcos marathon app add proxy.json | ||
| ``` | ||
|
|
||
| Create the following ssh tunnels to the public agent. | ||
|
|
||
| ``` | ||
| ssh -i <private-key-file> -f core@<public-agent-ip> -L 9000:localhost:9000 -N | ||
| ssh -i <private-key-file> -f core@<public-agent-ip> -L 8084:localhost:8084 -N | ||
| ``` | ||
|
|
||
|
|
||
| # Update | ||
|
|
||
| ## Update Spinnaker configuration | ||
| Update one or more of the Spinnaker yml configuration files. Once you are done use the following command to produce the updated *config.json* file that we will have to pass with the spinnaker update command. | ||
|
|
||
| ``` | ||
| ./gen-configjson | ||
| ``` | ||
|
|
||
| ## Update the Spinnaker service | ||
|
|
||
| ``` | ||
| dcos spinnaker --name=/spinnaker update start --options=<path>/config.json | ||
| ``` | ||
|
|
||
| # Using Spinnaker | ||
|
|
||
| Go to your browser and enter the following url to get to the spinnaker unser interface. | ||
|
|
||
| ``` | ||
| http://localhost:9000 | ||
| ``` | ||
|
|
||
| Follow these links to learn more. | ||
| * [Spinnaker Apllications, Clusters, and Server Groups](docs/APPLICATIONS_CLUSTERS_SERVERGROUPS.md) | ||
| * [Spinnaker Pipelines](docs/PIPELINES.md) | ||
| * [DC/OS Enterprise Edge-LB](docs/EDGE_LB.md) | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| dockerRegistry: | ||
| enabled: true | ||
| accounts: | ||
| - name: <my-docker-registry-account> | ||
| address: https://index.docker.io/ | ||
| repositories: | ||
| - library/nginx | ||
| username: <docker-user> | ||
| password: <docker-password> | ||
|
|
||
| dcos: | ||
| enabled: true | ||
| clusters: | ||
| - name: <my-dcos-cluster, e.g dcos-west> | ||
| dcosUrl: <dcos-url> | ||
| insecureSkipTlsVerify: true | ||
| accounts: | ||
| - name: <my-dcos-account> | ||
| dockerRegistries: | ||
| - accountName: <my-docker-registry-account> | ||
| clusters: | ||
| - name: <my-dcos-cluster> | ||
| uid: <dcos-user> | ||
| password: <dcos-password> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| mail: | ||
| enabled: true | ||
| from: <from-gmail-address> | ||
| spring: | ||
| mail: | ||
| host: smtp.gmail.com | ||
| username: <from-gmail-address> | ||
| password: <app-password, see https://support.google.com/accounts/answer/185833?hl=en > | ||
| properties: | ||
| mail: | ||
| smtp: | ||
| auth: true | ||
| ssl: | ||
| enable: true | ||
| socketFactory: | ||
| port: 465 | ||
| class: javax.net.ssl.SSLSocketFactory | ||
| fallback: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| cassandra: | ||
| enabled: false | ||
|
|
||
| spinnaker: | ||
| cassandra: | ||
| enabled: false | ||
| embedded: true | ||
| s3: | ||
| enabled: true | ||
| bucket: <s3-bucket-name> | ||
| rootFolder: <name-of-folder-in-the-s3-bucket> | ||
| gcs: | ||
| enabled: false | ||
| bucket: <gcs-bucket-name-> | ||
| bucketLocation: <gcs-bucket-location, e.g. us, ... > | ||
| rootFolder: <name-of-folder-in-the-gcs-bucket> | ||
| project: <gcp-project-name> | ||
| jsonPath: /mnt/mesos/sandbox/data/keys/gcp_key.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,57 @@ | ||
| #!/bin/bash | ||
|
|
||
|
|
||
| if [ -f clouddriver-local.yml ] && [ -s clouddriver-local.yml ]; then | ||
| CLOUDDRIVER_CONFIG=$(echo "$(< clouddriver-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f front50-local.yml ] && [ -s front50-local.yml ]; then | ||
| FRONT50_CONFIG=$(echo "$(< front50-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f echo-local.yml ] && [ -s echo-local.yml ]; then | ||
| ECHO_CONFIG=$(echo "$(< echo-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f igor-local.yml ] && [ -s igor-local.yml ]; then | ||
| IGOR_CONFIG=$(echo "$(< igor-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f fiat-local.yml ] && [ -s fiat-local.yml ]; then | ||
| FIAT_CONFIG=$(echo "$(< fiat-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f orca-local.yml ] && [ -s orca-local.yml ]; then | ||
| ORCA_CONFIG=$(echo "$(< orca-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
| if [ -f gate-local.yml ] && [ -s gate-local.yml ]; then | ||
| GATE_CONFIG=$(echo "$(< gate-local.yml)" | awk '{printf "%s ", $0}' | sed -e "s:\: :\: :g" | sed -e "s:\:\ :\:\ :g") | ||
| fi | ||
|
|
||
|
|
||
| cat > ./config.json <<EOF | ||
| { | ||
| "front": { | ||
| "config": "$FRONT50_CONFIG" | ||
| }, | ||
| "clouddriver": { | ||
| "config": "$CLOUDDRIVER_CONFIG" | ||
| }, | ||
| "echo": { | ||
| "config": "$ECHO_CONFIG" | ||
| }, | ||
| "igor": { | ||
| "config": "$IGOR_CONFIG" | ||
| }, | ||
| "fiat": { | ||
| "config": "$FIAT_CONFIG" | ||
| }, | ||
| "orca": { | ||
| "config": "$ORCA_CONFIG" | ||
| }, | ||
| "gate": { | ||
| "config": "$GATE_CONFIG" | ||
| } | ||
| } | ||
| EOF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| services: | ||
| clouddriver: | ||
| baseUrl: ${SERVICES_CLOUDDRIVER_BASEURL} | ||
| echo: | ||
| baseUrl: ${SERVICES_ECHO_BASEURL} | ||
|
|
||
| dockerRegistry: | ||
| enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| # Applications, Clusters, and Server Groups | ||
|
|
||
| ## Concepts | ||
|
|
||
| The following three concept pictures are from Will Gorman's great [mesoscon presentation]( | ||
| http://events.linuxfoundation.org/sites/events/files/slides/Continuous%20Delivery%20for%20DC%3AOS%20%20with%20Spinnaker.pdf). They introduce the key concepts that we will use in the following. | ||
|
|
||
| A Spinnaker **application** contains **(0-n)** **clusters**. | ||
|
|
||
|  | ||
|
|
||
| A Spinnaker **cluster** contains **(1-n)** **server groups**, and each **server groups** contains **(0-n)** **service instances**. Each server group representing a new version of the cluster. | ||
|
|
||
|  | ||
|
|
||
| A Spinnaker **server group** maps (1-1) to a DC/OS **service** (aka marathon app). | ||
|
|
||
|  | ||
|
|
||
|
|
||
| ## Users Guide | ||
|
|
||
| * [Creating an Application](#creating-an-application) | ||
| * [Creating a Server Group]#creating-a-server-group) | ||
| * [Creating a Server Group Version](#creating-a-new-server-group-version) | ||
|
|
||
|
|
||
| ### Creating an Application | ||
|
|
||
| On the Spinnaker home page select the *Applications* tab. There you select the *Create Application* action. | ||
|
|
||
|  | ||
|
|
||
| In the *New Application* dialog type *myapp* for the name and *[email protected]* for the owner email. | ||
|
|
||
|  | ||
|
|
||
| The new *myapp* shows up in the applications list. Select *myapp* to open the app and get ready for the next steps. | ||
|
|
||
|  | ||
|
|
||
|
|
||
| ### Creating a Server Group | ||
|
|
||
| In the *myapp* *Clusters* view select *Create Server Group*. | ||
|
|
||
|  | ||
|
|
||
| As we learned in the concepts section a server group is a DC/OS service (or marathon app), so most of the things you have to fill in the following are the things you familiar with from creating marathon json defitions. | ||
|
|
||
| First selecte the *dcos Account* and *dcos Region* you want to create the server group in. Next select the name of the *Stack*. The Spinnaker application name plus stack name make the cluster name, in our case *myapp-prod* | ||
|
|
||
|  | ||
|
|
||
| In *Container Settings* selecte *nginx:1.11* for the image to use. | ||
|
|
||
|  | ||
|
|
||
| In *Network* selecte *Bridge* for *Network Type* and port *80* for *Container Port*. Also set *web* for service endpoint *Name*. | ||
|
|
||
|  | ||
|
|
||
| In *Health Checks* define a simple health check specifying */* for *Path* and *0* for *Port Index*. After that hit *Create* to create the server group. | ||
|
|
||
|  | ||
|
|
||
| In the *myapp* *Clusters* view you will see the new cluster with one server group containing one instance, i.e. one nginx server running in our sample. | ||
|
|
||
|  | ||
|
|
||
|
|
||
| ### Creating a Server Group Version | ||
|
|
||
| In this section we go through *Create Server Group* a second time. Choose same *dcos Account*, same *dcos Region*, and same name for *Stack* as before. | ||
|
|
||
| In *Container Settings* select *nginx:1.12* for the image. For the other sections do the same settings we used the 1st time arround, and hit *Create* to create a new version of the server group. | ||
|
|
||
|  | ||
|
|
||
| The *myapp* *Clusters* view now shows that our cluster runs two server group versions *V000* and *V001*. Later we show how you can leverage this capability in blue green deployments. | ||
|
|
||
|  | ||
|
|
||
| The following shows how our two server group versions look on the DC/OS side. They are DC/OS services with the name made up from cluster name and version number, in this sample *myapp-prod-V000* and *myapp-prod-v001*. | ||
|
|
||
|  |
Oops, something went wrong.