Skip to content

EC2

Amazon EC2 as a Cloud Provider

  • In AWS, an EC2 is used to launch as many VM’s as we need, to configure security and networking, and to manage storage.
  • In Spinnaker, AWS plays almost the same role when user configures AWS as a Cloud Provider.
  • There are two methods to configure AWS as Cloud Driver,

    1. By using AWS Console
    2. By using AWS CLI

    AWS Setup using Console

    Changes to be made in the managing account :
    • Login to AWS Console > Navigate to Cloud Formation and Select Preferred region.

    • Download the yaml template from here.

    • Steps to create Cloud Formation Stack

      1. Create Stack
      2. Upload the template to Amazon S3
      3. Browse to the template downloaded in Step#2
      4. Click Next
      5. Enter Stack Name as spinnaker-managing-infrastructure-setup and follow the UI to continue for the completion of creating stack.
    • Post creation of Stack from Step#3, ensure to have all the outputs values are noted. All of these values will be of use during the other configurations.
Changes to be made in each of the Managed Node :

Note

Ensure to carry out these steps to the managing account as well.

  • Login to AWS Console > Navigate to Cloud Formation and Select Preferred region.
  • Download the yaml template from here.
  • Steps to Create Cloud Formation Stack
    • Create Stack and Upload a template to Amazon S3
    • Browse to the template which is download from Step#2 from above and Click Next
    • Enter Stack Name as spinnaker-managing-infrastructure-setup and follow the UI to continue for the completion of creating stack.
    • Enter AuthArn and Managing Account and follow the UI to continue with the Stack Creation.

AWS Setup using AWS CLI

  • Assuming that the user has the AWS CLI installed and configured, and has all the necessary roles and permissions to managing each of the managed account
Steps to execute in Managing Account:
  • To use the Access Keys and Secrets to run Spinnaker execute the below command

    curl https://d3079gxvs8ayeg.cloudfront.net/templates/managing.yaml
    echo "Optionally add Managing account to the file downloaded as shown at
    https://github.com/spinnaker/spinnaker.github.io/tree/master/setup/install/providers/
    aws/managing.yaml#L104"
    
    aws cloudformation deploy --stack-name spinnaker-managing-infrastructure-setup --
    template-file managing.yaml \
    --parameter-overrides UseAccessKeyForAuthentication=true --capabilities
    CAPABILITY_NAMED_IAM --region us-west-2
    
    * Execute the below command to use Instance Profile run Spinnaker

    curl https://d3079gxvs8ayeg.cloudfront.net/templates/managing.yaml
    echo "Optionally add Managing account to the file downloaded as shown at
    https://github.com/spinnaker/spinnaker.github.io/tree/master/setup/install/providers/
    aws/managing.yaml#L104"
    aws cloudformation deploy --stack-name spinnaker-managing-infrastructure-setup --
    template-file managing.yaml \
    --parameter-overrides UseAccessKeyForAuthentication=false --capabilities
    CAPABILITY_NAMED_IAM --region us-west-2
    
Steps to execute in each of Managed Account:

Note

Any Process related to Managed Account, needs to be carried out for the managing account as well.

  • Execute the below command to make changes from the downloaded yaml file.
curl https://d3079gxvs8ayeg.cloudfront.net/templates/managed.yaml
aws cloudformation deploy --stack-name spinnaker-managed-infrastructure-setup --
template-file managed.yaml \
--parameter-overrides AuthArn=FROM_ABOVE ManagingAccountId=FROM_ABOVE --
capabilities CAPABILITY_NAMED_IAM --region us-west-2

Configure Halyard to use AccessKeys: (If Configured)

  • If UseAccessKeyForAuthentication is selected as true in Option-1 or Option-1 only then below configuration needs to carried out

    hal config provider aws edit --access-key-id ${ACCESS_KEY_ID} \
    --secret-access-key # do not supply the key here, you will be prompted
    

Configure Halyard to add AWS Accounts

  • Follow the below commands to add AWS Accounts to Spinnaker

    $AWS_ACCOUNT_NAME={name for AWS account in Spinnaker, e.g. my-aws-account}
    hal config provider aws account add $AWS_ACCOUNT_NAME \
    --account-id ${ACCOUNT_ID} \
    --assume-role role/spinnakerManaged
    
  • By Executing the below we will be able to Enable AWS

    hal config provider aws enable
    

Comments