FAQs

Question: What are the ways I could try spinnaker for trial purposes? Answer: You can install your own spinnaker in the following ways:

Question: How to configure GitLab webhook in Spinnaker? Answer: Steps to configure GitLab Webhook:

  1. Navigate to the settings page of a repository

  2. Choose the 'Integrations Menu'

  3. Fill out the fields

    1. URL: The Payload URL should be $API-ENDPOINT/webhooks/webhook/gitlab We need Spinnaker’s API running on an endpoint that is publicly reachable. This is required to allow GitLab’s webhooks to reach Spinnaker. For example, http://<Public-IP>:8084/webhooks/webhook/gitlab If you’re unsure of what your Spinnaker API endpoint is, check the value of services.gate.baseUrl in ~/.hal/$DEPLOYMENT/staging/spinnaker.yml. The value of $DEPLOYMENT is typically default.

    2. Secret Token: Spinnaker validates the source of the requests with the secret token

  4. Select 'Trigger' options like, "Push Events", "Tag Push Events" etc.

  5. Check / Un-check "Enable SSL verification" according to Spinnaker Server SSL Configuration

  6. Click "Add Webhook"

Question: How to access Spinnaker with External(or Halyard IP) after installing as Distributed installation on kubernetes ? Answer: After Spinnaker installation is done, we need to change the Service type for deck and gate to LoadBalancer IP and override the UI and gate base URL's hal config security ui edit \ --override-base-url http://<deck-IP>:9000/ hal config security api edit \ --override-base-url http://<Gate-IP>:8084/ Question: How to customize the spinnaker pipeline to ignore the failed steps and proceed with exception to next steps? Answer: We have to enable a checkbox in the pipeline execution options in Spinnaker. After login to Spinnaker console, click on Pipelines, then clink on any stage option, under execution option you can see how spinnaker should handle a failure of the stage. Refer the screenshot below.

Question: Spinnaker pipeline shows running even after all the tasks are completed. What can we do? Answer: One possible solution is to clear the Redis Cache.

Question: How to remove local debian installation? Answer: Uninstalling Halyard deletes the entire contents of your ~/.hal directory.

  • If you used Halyard to deploy Spinnaker, and you want to purge that deployment, run the following command: hal deploy clean

  • Now you can safely uninstall Halyard: # ~/.hal/uninstall.sh

Question: How to do Multiple spinnaker installation using halyard? Answer: By changing "hal" deployment configuration we can setup multiple installation. The procedure is, In "hal" configuration in the place of default we can change name to name you want to give to the new spinnaker setup. Each time the name is changed, halyard will deploy a new instance of Spinnaker. use: hal deploy apply --deployment <name of spinnaker instance> Question: Where to find all spinnaker logs in 1.16.1? Answer: For local Debian install, by default we can find all logs in this location /var/log/syslog for most versions. Question: Do we have instructions to Integrate Lambda with Spinnaker Answer: https://blog.opsmx.com/how-to-integrate-aws-lambda-with-spinnaker/. Question: How to fix "Error fetching applications" after spinnaker successful installation? Answer: As a security measure, default spinnaker installation allows for local access only. The browser needs to reach Deck (UI component of Spinnaker) and Gate(API gateway component of Spinnaker). The procedure for exposing Spinnaker outside of local host is provided in the link below. Note that if its a debian install, please check if gate is listing on the expected port by using the command: ps -ef | grep 8084 (8084 is the gate default port number) or the command netstat -ntlp. Accordingly need to change these files to allow gate and deck to accept connections from anywhere:

echo host: 0.0.0.0 > /home/spinnaker/.hal/default/service-settings/gate.yml

echo host: 0.0.0.0 > /home/spinnaker/.hal/default/service-settings/deck.yml These links may help:

https://blog.spinnaker.io/exposing-spinnaker-to-end-users-4808bc936698https://www.spinnaker.io/setup/quickstart/faq/ Question: What is maximum number of spinnaker pipeline execution history that can be visible at any given time? Answer: Currently Spinnaker UI only supports visibility of maximum 50 pipeline executions. Question: How to Migrate datastore in Spinnaker from Redis to MySQL? Answer: Instructions available in this blog, https://blog.opsmx.com/how-to-migrate-mysql-to-redis-database-in-spinnaker/ In case, if you notice the following exception "Caused by: java.sql.SQLException: Access denied for user 'front50_migrate'@'10.32.0.1' (using password: YES)". Execute the below commands

GRANT ALL PRIVILEGES ON . TO 'orca'@'%';

GRANT ALL ON . TO 'orca'@'%' IDENTIFIED BY '<OrcaDBPassword>' WITH GRANT OPTION;

GRANT ALL ON . TO 'orca_migrate'@'%' IDENTIFIED BY '<OrcaUserPassword-1>' WITH GRANT OPTION;

GRANT ALL ON . TO 'orca_service'@'%' IDENTIFIED BY '<OrcaUserPassword-2>' WITH GRANT OPTION;

flush privileges;

Question: How to deploy to Azure cloud? Answer: https://blog.opsmx.com/deploying-to-azure-cloud-using-spinnaker/ Question: How to install spinnaker using script Answer: Checkout the installation scripts from this blog:

https://blog.opsmx.com/spinnaker-oes-easy-install-on-single-node-kubernetes/

or a fairly simple procedure here:

https://docs.opsmx.com/setup-spinnaker/oesinstallation/ Question: How to "dynamically" set labels for taking decision in Manual Judgement stage, and subsequently how to use the option selected in Manual Judgement stage by downstream stages? Answer: These links might help:https://www.spinnaker.io/guides/tutorials/codelabs/safe-deployments/#adding-a-manual-judgment-to-deployment-pipelines

https://www.spinnaker.io/guides/tutorials/codelabs/safe-deployments/#changing-pipeline-be havior-based-on-selected-judgment Question: How to upgrade spinnaker version ? Answer: Execute the steps as below: $ hal version list

$ hal config version edit --version (xxxx)(Desired version)

$ hal deploy apply (edited)

Example:

$hal config version edit --version "1.16.1"

$hal deploy apply Question: How to configure email notifications in spinnaker? Answer: This may help to setup email notifications

https://www.spinnaker.io/setup/features/notifications/#email Question: Do you have any best practices for deploying spinnaker in production? Answer: Yes. https://blog.opsmx.com/how-to-deploy-spinnaker-in-production/ Question: How To Build/Bake CentOS RPM Using – Spinnaker? Answer: This might help: https://blog.opsmx.com/how-to-build-bake-centos-rpm-using-spinnaker/ Question: How can I deploy to Cloud Foundry/PCF using Spinnaker? Answer: We have a blog and video that can help:

https://blog.opsmx.com/continuous-deployments-in-vmware-pivotal-pcf-environments-with-spinnaker/ https://www.youtube.com/watch?time_continue=12&v=LCKf-Gcgqg8&feature=emb_logo

There are many other interesting videos at:

https://www.opsmx.com/videos.html Question: Is it possible to enforce authorisation for users based on an external authorisation/authentication system such as LDAP? Answer: Yes, from version 1.17.1. Check out:https://blog.opsmx.com/how-to-enable-external-sources-authorization-in-spinnaker/ Question: Does Spinnaker support authentication with SAML? Answer: Yes. Try:

https://blog.opsmx.com/saml-authentication-on-spinnaker-using-gsuite/ Question: Do we have instructions for setting up AWS/EC2 as a provider in Spinnaker? Answer: https://blog.opsmx.com/spinnaker-integration-with-aws-ec2/ Question: On a local Debian Installation, halyard daemon is not starting. Showing the following exception: "Is your daemon running?" Answer: This might occur if the Halyard was not shutdown properly before shutting down the server

  • First try to restart halyard "sudo service halyard restart" and, if it still doesn't come up...

  • Check for the status of the halyard "sudo service halyard status".

  • If it shows inactive then try to start again "sudo service halyard restart"

  • In case if the service doesn't respond with above #1 & #2, try "sudo update-halyard"

Question: Which version of Kubernetes Supports fine with Spinnaker? Answer: In theory, Spinnaker should with any of the supported versions of Kubernetes.

Clouddriver is responsible to connect with kubernetes and it uses kubectl binary to do so (V2 version). So, as the current version of kubectl of 1.16, Kubernetes versions up to 1.18 should work fine. Note that, if using halyard, one must use a relatively newer version of Halyard for for deployments to work as apps/v1beta2 has been depricated in Kubernetes 1.16. Given a choice, we recommend k8s 1.15 with Spinnaker 1.17.6 Question: How to bake helm3 chart in Spinnaker? Answer: The following link gives step-by-step instructions:

https://blog.opsmx.com/baking-helm-3-charts-in-spinnaker/ Question: How to move a pipeline from one application to another? Answer: This link may help: https://www.spinnaker.io/guides/user/pipeline/pipeline-templates/create/ Question: How to Setup ECS with Spinnaker? Answer: This blog might help

https://blog.opsmx.com/how-to-integrate-aws-ecs-with-spinnaker/ Question: How to setup Dynamic account configuration with Spinnaker? Answer: This blog might help you

https://blog.opsmx.com/dynamic-external-account-configuration-in-spinnaker/ Question: How to set the logging level for spinnaker microservices? Answer: Following Instructions from this GitHub might help. Question: How to expose Spinnaker to end user without Tunneling ? Answer: Below are the steps.

echo "host: 0.0.0.0" | tee \

~/.hal/default/service-settings/gate.yml \

~/.hal/default/service-settings/deck.yml

sudo hal deploy apply

Here is a referenced link it will help

https://www.spinnaker.io/setup/quickstart/halyard-gke-public/ Question: How to do port Forwarding on Spinnaker? Answer: Port forwarding is bound to the IP you give to ssh. If you give localhost (default),it will be accessible only on localhost (127.0.0.1)

Here is a steps to connect using port forwarding,

Local machine to Spinnaker.

Step1: -> Localhost to AWS instance

ssh -A -L 9000:localhost:9000 -L 8084:localhost:8084 -L 8087:localhost:8087 ec2-user@<aws-instance-ip>

Step2: -> Aws instance to Spinnaker cluster

ssh -L 9000:localhost:9000 -L 8084:localhost:8084 -L 8087:localhost:8087ubuntu@10.100.10.5 This will work fine when as such http://localhost:9000 Question: How to use Spinnaker for deployment of short running jobs, similar in spirit to what Kubernetes do? Answer: kubernetes provider specifically supports a Run Job stage in a pipeline that allows execution of a container that is expected to run to completion. Question: How to add label to the deployment from spinnaker UI While i am creating a server group? Answer: The new Kubernetes Provider (v2), which is manifest-based, allows you to configure labels Question: Is it safe/right to deploy spinnaker to same kubernetes cluster which spinnaker will manage? Answer: Yes the architectures of Spinnaker and Kubernetes compliment each other very well, and running Spinnaker in the same K8s cluster it is managing is definitely safe, In this document is Specifically states the following

https://www.spinnaker.io/guides/tutorials/codelabs/kubernetes-v2-source-to-prod/ Question: Is there a limit in the number of application in spinnaker UI? Answer: There is no limit However, if the number of applications increase, the performance might be impacted and one should consider going for HA configuration Question: How to change spinnaker time zone? Answer: You can change the value in spinnaker-local.yml and restart spinnaker service,

You Also need to change the timezone in the UI's by using settings.js file. Question: Can Spinnaker use local Storage ? Answer: The Spinnaker microservice responsible for persisting your pipeline configs and application metadata,front50, has support for the storage systems you listed. One could add support for additional systems like mysql by extending front50, but that support does not exist today.By configuring front50 to use s3 and pointing it at a minio installation. Question: How to setup Spinnaker with restricted namespace access? Answer: You can try to get your admin to give you access to a ClusterRole+RoleBinding that has access to namespaces read.

Something like this:

ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: namespace-reader rules: - apiGroups: [""] resources: ["namespaces"] verbs: ["get", "watch", "list"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: read-all-namespaces subjects: - kind: User name: your-user apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: namespace-reader apiGroup: rbac.authorization.k8s.io Question: How to setup Spinnaker communicate with kubernetes cluster? Answer: Try to adding the kubernetes details to the halyard contest

hal config provider kubernetes account add <ACCOUNT> hal config provider kubernetes enable

Here is a reference link

https://www.spinnaker.io/reference/halyard/commands/ Question: Why, there is a delay after executing a pipeline for deployment. Is that deployment will take time which leads to delay update the status after deployment stage. Is any solution or recommendation with it could be reduced or avoided. Answer: By default in kubernetes account live-manifest-calls will be disabled. This may cause for the delay. This could be resolved by enabling live-manifest-calls in kubenetes account. For the need to execute the below command

hal config provider kubernetes account edit ACCOUNT --live-manifest-calls=true Question: What is the relationship between projects and application in spinnaker? Answer: Projects provide an aggregated view of a collection of applications, but that's about it. If you're only interested in a subset of applications managed by Spinnaker, it's a decent way to manage them.

The relationship is modeled as many-to-many: a project is made up of one or more applications, and applications can be part of multiple projects.

Being in a project doesn't affect the application in any way, beyond making it present in the project view. There are no notifications to be configured at the project level,

or pipelines that span multiple applications. You can set up a project pretty quickly and easily to get an idea what the view looks like. Question: How to deploy distributes spinnaker under specific namespace? Answer: Hal command is

hal config deploy edit \

--type distributed \

--account-name offline-k8s \

--location offline Question: Is it possible to deploy Spinnaker on IBM Bluemix? Answer: Cloud Foundry support (which is what IBM Bluemix is based upon) is available, This link can help :https://blog.opsmx.com/continuous-deployments-in-vmware-pivotal-pcf-environments-with-spinnaker/ Question: How to get Spinnaker pull Artifact from Artifactory? Answer: These are a couple of the relevant steps below link will Explainhttps://www.spinnaker.io/guides/user/pipeline/triggers-with-artifactsrewrite/artifactory/ Question: How to integrate Spinnaker Okta successfully? Answer: Need to Change Tomcat config apparently inn spinnaker in later version for gate

Below snippet is example:

~/.hal/default/profiles/gate-local.yml

server: tomcat: protocolHeader: X-Forwarded-Proto remoteIpHeader: X-Forwarded-For internalProxies: .*

After all the Changes need to do spinnaker deploy again. Question: How to take Backup and Restore spinnaker Pipelines? Answer: You Can copy the configurations for pipelines and applications from front50 manually,

For pipelines, just do a curl to:

curl http://<front50-IP>:8080/pipelines -o pipelines.json

For application config:

curl http://<front50-IP>:8080/v2/applications -o applications.json

To push pipeline config to Spinnaker:

cat pipelines.json | curl -d@- -X POST \ --header "Content-Type: application/json" --header \ "Accept: /" http://<Front50_URL>:8080/pipelines Question: How to specify an elastic beanstalk deployment using spinnaker? Answer: You can deploy to Beanstalk by using the Jenkins stage and then deploy a Cloud-formation template with the CF stage,Basically you just have to set up the AWSprovider as per below instructions

https://www.spinnaker.io/setup/install/providers/aws/aws-ec2/ Question: When triggerring pipeline 'B' from pipeline 'A' by using the pipeline stage, how do we pass any artifacts from pipeline 'A' to pipeline 'B'? Answer: It is supposed to happen automatically. Check out this one:

https://www.spinnaker.io/reference/artifacts/in-pipelines/#passing-artifacts-between-pipelines Question: How to do spinnaker Blue/Green Strategy with External versioning and K8s Deployment object? Answer: This blog will help you.

https://blog.opsmx.com/spinnaker-blue-green-strategy-with-external-versioning-and-kubernetes-deployment-object/ Question: How to do Continuous Deployment to kubernetes using GitHub Triggered spinnaker Pipelines? Answer: Below blog will help to you,https://blog.opsmx.com/continuous-deployment-to-kubernetes-using-github-triggered-spinnaker-pipelines/ Question: What are the New updates in Spinnaker-1.20? Answer: This blog will help to you,

https://blog.opsmx.com/spinnaker-1-20-whats-new/ Question: Will Spinnaker support Targeting Multiple Kubernetes Clusters? Answer: In Spinnaker supports multiple Kubernetes clusters, each is added as an 'accounin Spinnaker configuration. The configured accounts are presented as options at deployment time, and the Server Groups for each application are rolled up under the account they belong to.

It is possible to change that configuration and refresh it at runtime, but it would involve editing the on-disk yaml file that backs the Clouddriver component of Spinnaker and triggering the /config-refresh endpoint. Question: How to create service account for spinnaker? Answer: Create Role for spinnaker with role name spinnaker-role you can edit role as per you need,

apiVersion: rbac.authorization.k8s.io/v1

kind: Role

metadata:

name: spinnaker-role

namespace: default

rules:

- apiGroups: [""]

resources: ["namespaces", "configmaps", "events", "replicationcontrollers", "serviceaccounts", "pods/logs"]

verbs: ["get", "list"]

- apiGroups: [""]

resources: ["pods", "services", "secrets"]

verbs: ["*"]

- apiGroups: ["autoscaling"]

resources: ["horizontalpodautoscalers"]

verbs: ["list", "get"]

- apiGroups: [“apps”]

resources: [“controllerrevisions”, "statefulsets"]

verbs: [“list”]

- apiGroups: ["extensions", "app"]

resources: ["deployments", "replicasets", "ingresses"]

verbs: ["*"]

Service Account for spinnaker:

apiVersion: v1 kind: ServiceAccount metadata: name: spinnaker-service-account namespace: default

Main part roll binding:

apiVersion: rbac.authorization.k8s.io/v1

kind: RoleBinding metadata: name: spinnaker-role-binding namespace: default roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: spinnaker-role subjects: - namespace: default kind: ServiceAccount name: spinnaker-service-account Question: How to trigger a Spinnaker pipeline by schedule or time? Answer: When editing your pipeline, click "Add Trigger" and then choose "CRON" as the trigger type. There is a tooltip on the "CRON Expression" field that gives some help on how to construct the cron expression. Question: How to access spinnaker from my Machine's IP Answer: 1) Edit /etc/apache/ports.conf and remove change Listen 127.0.0.1:9000 to Listen 9000

2)Add a reverse proxy for ports you wish to open in Apache

3) You may edit service files in /opt/spinnaker/conf to disable the bind to local host. Change localhost to domain name or 0.0.0.0 Question: Can we use an external version source for spinnaker to manage blue/green deployment in kubernetes? Answer: This below will help you,https://blog.opsmx.com/spinnaker-blue-green-strategy-with-external-versioning-and-kubernetes-deployment-object/ Question: Is it possible to add the ELB dynamically to Spinnaker? Answer: 1) perform the 'add load balancer' action via deck while having the inspection panel open in the network tab. capture the API call. you'll notice there's a json payload. you can modify and subsequently script that action.

2)Edit the pipeline config and under the Deploy stage edit the appropriate "Deploy Configuration". Select the load balancer use a Spring Expression like:${ trigger.properties.LB_NAME }

This assumes you have pre-provisioned a loadbalancer that matches the LB_NAME passed in the trigger properties file. Question: Where to modify Spinnaker to listed on network ip,Rather that localhost? Answer: Add a config in /opt/spinnaker/config/gate.yml

Cors: allowedOriginsPattern: 'http://your ip address:9000'

then restart the gate sudo restart gate Question: How to Decide which stage to go next in spinnaker ? Answer: In the desired pipeline select Stage A > Execution Options > If stage fails > ignore the failure

Stage B > Execution Options > Conditional on Expression > Add your expression when successful

Stage C > Execution Options > Conditional on Expression > Add your expression when Stage A fails. Question: Using the k8s Job stage, we can execute anything e.g. aws cli commands. But what if we don't have a k8s account available? How do we execute aws cli as part of a pipeline? Answer: One option is to use Jenkins job, shell script as part of Jenkins pipeline stage and use it from Spinnaker Jenkins stage

Could also use custom stage with a webhook service that will run the script as built in or passed as argument Question: Can I re-run a failed stage in Spinnaker? Answer: Yes, you can re-run a failed stage in Spinnaker from the "Execution Details" view of a failed stage - under the Actions menu, there will be a menu item to restart the stage again.

  • Question: Can I notify people when a manual judgement stage is waiting for their action? Answer: Yes, the manual judgement stage has a different notification option from other stages in its configuration setting to allow to do this. This allows you to notify people via email, chat and other supported notification options when a manual judgement stage is waiting their inputs.

  • Question: How to use help using help commands ? Answer : Option1: user kubernetes version less than 1.16, Option2: use-dry-run option in the helm command this creates yaml.files on your machine but does not deploy.change all api version to apps/v1,kubectl apply the yamls Question: Is there a way building docker images using spinnaker? Answer: You can also use a kaniko container in a kubernetes job manifest and use runjob stage. no need for custom job. Advantage is that no need to have docker daemon, and no need to have a privileged pod which is a security risk. Question: I am trying to install spinnaker on desktop Machine with 8GB Ram , it will work? Answer: I doubt it...bare minimum I was able to work wit was 12GB or so. Once it comes and stabilizes, it needs only 6 GB, though. Question: How to connect to live Spinnaker instance from fresh hal install? Answer: This blog will help youhttps://blog.opsmx.com/deploying-spinnaker-to-kubernetes-using-helm-chart/ Question: Do we have solution to ignore the non-reachable kubernetes Account? Answer: If the account is unreachable during hal deploy apply , it will fail. If it is unreachable afterwards it will skip to next account.Problem is with kubeconfig filecheck and redeploy Question: Do we have the option of bypassing bake phase and directly deploy artifacts on ec2 instances. We want to use already existing install scripts as part of spinnaker pipeline. Is that possible? Answer: If the previously baked image is available then possible. Question: How can do the value of an expression resulting from a pipeline before it is executed? Answer: You can put the expression in the next stage Question: How to run spinnaker on one k8s cluster, deploying to a second. I presume we only need to add the custom-resources to the account spinnaker is deploying to, not both. What we're finding is that the piplines appear to run as expected, but no changes are made on the cluster. Answer: The solution was the add the custom resource (--add-custom-resource) and add it to the list of Kinds spinnaker can deploy (--add-kind (don't forget to include the APIgroup). Question: Will spinnaker support targeting multiple kubernetes cluster? Answer: It is possible to change that configuration and refresh it at runtime, but it would involve editing the on-disk yaml file that backs the Clouddriver component of Spinnaker and triggering the /config-refresh endpoint. Question: Is it possible to edit a server group in spinnaker? Answer: Spinnaker heavily relies on the "immutable infrastructure" approach, meaning infrastructure & artifact definitions should not be changed once they're created. here is a link to clear explanation https://www.slideshare.net/profyclub_ru/8-mitchell-hashimoto-hashicorp Question: How to install Spinnaker on local kubernetes cluster ? Answer: This guide will help out https://www.spinnaker.io/setup/quickstart/halyard-gke/ Question: How to user github files in spinnaker pipeline? Answer: This link will help you https://www.spinnaker.io/setup/artifacts/github/ Question: Accounts not visible on Spiinnaker deck? Answer: You must choose an Account provider to deploy to and set it as a new Account in Halyard. Set up. This will give you more detail https://www.spinnaker.io/setup/install/providers/ Question: How can spinnaker perform incremental app deployments? Answer: Spinnaker has native support for deployment to supported cloud platforms (AWS, Google, CloudFoundry, and soon Azure). In those environments, the Spinnaker model is an immutable infrastructure-style deployment where new VMs are created to push new software versions. If that fits your needs, then Spinnaker could replace an existing deployment automation tool. If that doesn't fit your model, then Spinnaker also supports calling out to an external execution environment as a pipeline stage (currently Jenkins is well supported) where you could implement custom behaviors to integrate to an existing deployment tool. Question: How to use spinnaker update a pipeline definition API? Answer: Something like that: { "name": "just waiting", "description": "", "parameterConfig": [], "notifications": [], "triggers": [], "stages": [ { "refId": "wait1", "requisiteStageRefIds": [], "type": "wait", "waitTime": "420" } ], "expectedArtifacts": [], "keepWaitingPipelines": false, "limitConcurrent": true } Question: Is it possible to add the ELB dynamically to spinnanker? Answer: Is there way to add the load balancer name dynamically in Spinnaker? Say for example, I have a Pipeline which does the bake and deploy the AMI in the ASG for different environment. In Deploy Phase for Cluster definition, I don't want to hardcode the ELB name and instead read from properties file. This I can use the same pipeline for different environment. Any thoughts or ideas? Question: How to select a version of spinnaker to deploy? Answer: This is because Halyard needs a Spinnaker version to picked for deploying. This can be done with the following commands, 1) List down the available Spinnaker versions hal version list 2) Pick your preferred versionhal config version edit --version yourPrefferedVersion Question: How do i setup rolling deployment in Spinnaker? Answer: To implement a rolling release, just create a Deploy stage in Spinnaker, and set the Deployment Strategy to RollingUpdate in your Server Group config. You will need to make sure that the Deployment checkbox is checked before you can change the Deployment Strategy. For the Canary Deployment, it is a little more involved. I don't think that the Canary Stage currently supports Kubernetes Deployments(yet), but apparently you can manually deploy a canary(e.g. 1 replica) into the same Kubernetes LoadBalancer where your app is running. This is done using a separate Spinnaker Server Group. Then you can add a Manual Judgement to your Spinnaker pipeline that will pause until you test/validate the canary. Once the canary has been validated, you "Continue" the Manual Judgement, and the new Server Group gets deployed, and the old Server Group gets disabled, and the canary destroyed. If you don't want to use a Manual Judgement, and want this fully automated, you can add an ACA Stage(Automated Canary Analysis). This involves setting up a judge, that Spinnaker can connect to, that will gather various metrics and provide an ACA score. You can then use that score to decide whether to proceed with a deployment, or stop the deployment. Question: How to access spinnaker deck UI using machine Ip address on EC2 Answer: This blog will help out https://blog.spinnaker.io/exposing-spinnaker-to-end-users-4808bc936698 Question: Unable to create project/application on fresh spinnaker installation? Answer: This link will help out https://github.com/armory/minnaker Question: Is it possible for spinnaker to bake an image without a package? Answer: This link will help out https://blog.spinnaker.io/spinnaker-rosco-deduping-logic-e03716e04a30 Question: How to connect to deck via tunneling ? Answer: This will help out https://www.spinnaker.io/setup/quickstart/faq/#i-want-to-expose-the-distributed- kubernetes-hosted-spinnaker-publicly Question: Where to show Bake stage type in dropdown option in spinnaker? Answer: Here you can find some guides on getting similar results when using Kubernetes and containers , This link will help you out https://www.spinnaker.io/guides/tutorials/codelabs/kubernetes-v2-source-to-prod/ Question: How to refresh kubernetes config access token in GKE? Answer: Here is a guide line that will helps to you.https://cloud.google.com/sdk/gcloud/reference/container/clusters/get-credentials Question: How to get created jira ticket as a pipeline artifact? Answer: This link will help out https://www.spinnaker.io/guides/user/pipeline/expressions/#dynamically-skip-a-stage Question: How to create a Cronjob in spinnaker? Answer: We can create cronjob using kubectl These two links will help out https://k8s.io/examples/application/job/cronjob.yaml https://k8s.io/examples/application/job/cronjob.yaml Question: How to build spinnaker pipeline automatically? Answer: This link will help out https://cloud.google.com/solutions/continuous-delivery-spinnaker-kubernetes-engine Question: How to do automatically replace/reject a pending release with newer version one? Answer: This Behaviour can be controlled by making a change in the Deployment Queue Settings area. Switching to "Deploy latest and cancel the others" will automatically cancel the previously queued release and queue the newer one. If you have Slack integration turned on (as I do) you will see a cancellation message. This link also will help out https://docs.microsoft.com/en-us/azure/devops/pipelines/process/ stages?view=azure-devops&tabs=classic#queuing-policies Question: How to build a particular revision in jenkins pipeline? Answer: We can also use the environment variable SVN_REVISION to get the revision and use something like @${SVN_REVISION} in your SVN location. Documentation is available at https://wiki.jenkins- ci.org/display/JENKINS/Building+a+software+project#Buildingasoftwareproject-JenkinsSetEnvironmentVariables Question: How to load anther groovy script in the same jenkins node? Answer: When loading a pipeline script from another pipeline script, the two pipelines don't get executed on the same node : the first one is executed on my master node and the second gets executed on a slave node. I'm using Jenkins pipelines with Pipeline Script from SCM option for a lot of jobs in this way: Each of my jobs defines their corresponding Git repo URL with Poll SCM option so that the repository gets automatically polled when a change is made to my code (basic job usage). Each of my jobs define a simple Jenkins file at the root of their repository, and the pipeline script inside does basically nothing but loading a more generic pipeline. E.g. : node { // --- Load the generic pipeline --- checkout scm: [$class: 'GitSCM', branches: [[name: '*/master']], extensions: [], submoduleCfg: [], userRemoteConfigs: [[url: 'http://github/owner/pipeline-repo.git']]] load 'common-pipeline.groovy' }() My common-pipeline.groovy pipeline does the actual stuff such as building, releasing or deploying artifacts, e.g. : { -> node() {def functions = load 'common/functions.groovy' functions.build() functions.release() functions.deploy() } } Question: How to continuously deliver database changes within devops pipeline? Answer: standing up a CI/CD pipeline where we are automatically building, configuring and deploying software to servers. We would like to have some automated process to move database changes along with the code in some automated fashion, And keep the ability to deploy our application to a server and have the database be populated with the necessary data to have a run able application. Question: How to so plugin task executes after configuration phase? Answer: Any code you put in the main body of your build.gradle script will run during the configuration phase. If you want it done last, just put it at the bottom. if (inventory_link == null) //or whatever check makes sense throw new GradleException('Hey, you need to set the inventory_link') Question: How to setup continuous delivery on docker with wasting bandwidth? Answer: The only way is to build them locally, as you said. Use these images on your project, with volumes if necessary. Maybe you can use the API to build automatically: This link will helphttps://docs.docker.com/engine/api/v1.24/#33-misc Question: How to skip already-run setup in kubeflow pipeline? Answer: Via a pipeline Parameter Starting Step from which everything needs to be rerun Something like this with dsl.Condition(first_step_to_run == "prep"): create_ops(StartingStep.prep) with dsl.Condition(first_step_to_run == "train"): create_ops(StartingStep.train) with dsl.Condition(first_step_to_run == "evaluate"): create_ops(StartingStep.evaluate) Question: How to reduce spinnaker log level? Answer: We can amend spinnaker-local.yml, logging: level: com: netflix: spinnaker: DEBUG retrofit: TRACEW we can update it to log only WARN OR ERROR events higher Question: How to do Nexus integration with spinnaker? Answer: If your nexus repo is running on HTTP then you should set --insecure-registry flag kin your command. So you would final command would be as follows hal config provider docker-registry account add my-docker-registry \ --address <pvtIP>:9082 \ --repositories repository/<repoName> \ --insecure-registry true \ --username <userName> \ --password Question: How to do spinnaker with restricted namespace access? Answer: here is trial something kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: namespace-reader rules: - apiGroups: [""] resources: ["namespaces"] verbs: ["get", "watch", "list"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: read-all-namespaces subjects: - kind: User name: your-user apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: namespace-reader apiGroup: rbac.authorization.k8s.io Question: How to setup Spinnaker+ECR access setup? Answer: Use the Following AWS IAM policy (Spinnaker Managing Policy) to be attached to the AWS Managing User to give access to ECR. Please replace the AWS Accounts based on your need. Question: How to do spinnaker server group labelling? Answer: The new Kubernetes Provider (v2), which is manifest-based, allows you toconfigure labels. This version, however, is still in alpha.This link also will help out https://github.com/spinnaker/spinnaker/issues/1624 Question: How to get spinnaker file properties from jenkins? Answer: Try this: https://spinnaker.io/guides/user/pipeline/expressions/#property-files Question: How to make spinnaker work with AWS ECR Answer: This blog will helps a lot https://blog.spinnaker.io/using-aws-ecr-with-spinnaker-and-kubernetes-2b2a9bac8bd1 Question: How to Run spinnaker pipeline only if new Tag found? Answer: This link provides a generic answer: https://www.spinnaker.io/guides/user/pipeline/expressions/ Question: How to decide which stage is next in spinnaker? Answer : "Conditional On Expression" can be used to evaluate each of the possible "next stages. A possible scenario is: Stage A > Execution Options > If stage fails > ignore the failure Stage B > Execution Options > Conditional on Expression > Add your expression when succesful Stage C > Execution Options > Conditional on Expression > Add your expression when Stage A fails. Question: How to build Azure AD with Authz? Answer: This link may helpful to you https://blog.opsmx.com/configuring-spinnaker-authentication-with-azure-active-directory/ Question: After upgrading to 1.20.0, I am not seeing the "Expected Artifacts" section in the pipeline configuration section. Where did it go? Answer: From the 1.20.0 release, "Expected Artifacts" are now defined inline against Triggers in the Artifacts Constraints section or inline in stages. Question: Is there's a way to read the output from a webhook stage? Answer: Webhook stage expects output in json format. If you want to make webhook stage wait till the complete execution of your webhook task, you need to enable "Wait for completion" option in this stage. Upon completion, response json is available in SPeL expressions. Below link may give more clarity. https://spinnaker.io/reference/pipeline/stages/#webhook Question: Can we replicate the Clouddriver/echo pods in spinnaker HA mode? All of them including the RW ones? Answer: Clouddriver pods (all profiles) can run multiple instances. Echo when run in HA, runs as scheduler and worker. You can run multiple instances of worker nodes, however, scheduler can be run as only one instance unless backend is sql. With sql as backend, even scheduler can run multiple instances Question: One reason this happens is that the k8s account is not configured for the namespace being deployed to. Check the .hal/config for the account and namespaces the account is configured for. Answer: If you are using OES, you can check it in settings->Accounts. Question: In a custom job stage in orca, how do you provide dynamic values for application, account? That is, say use the application in which the stage is used rather than hard-coded value? - label: TSDestroyJob application: opsmx cloudProvider: kubernetes credentials: target-aks-cluster description: Stage for terraspin destroy operation account: target-aks-cluster type: customTSDestroyJobStage waitForCompletion: true Answer: application: "${execution.application}" works for using the stage in any application For account, if you have it somewhere in exec context, then you can use it the same way. Question: When configuring Dynamic accounts, clouddriver fails to start saying that there is "No such label: master". This is because the dynamic account configuration assumes that branch is "master". When you create a git-repo, by default it creates 'main" branch and not "master". Answer: The fix is simple. Go to github repo, create master branch. Then go into settings, branches, and set "master" as the "default" branch. Restarting the clouddriver helps. Question: How to fix No server group found in spinnaker application? Answer: Below are the steps for solution 1) Install spinnaker, 2) Create an application, 3) Click on infrastructure 4) Configure the application by clicking on config ( top right) 5) Click on Edit application attributes 6) Type in your email and click on update Question: Clouddriver crashes when dynamic account is configured Answer: Check if the repo has "master" branch (not "main") and is set to the default branch. Other issues might have to do with the authentication and or incorrect repo-path. Question: How to generate a random value in a spinnaker field using Spin CLI? Answer : ${new java.text.SimpleDateFormat("yyyy-MM-dd-HH-mmss").format(new java.util.Date())} Question: why do we need “Force Cache Refresh” after deploying the spinnaekr service? Answer: Caching accounts runs on a corn timer.The cached infrastructure tab items are potentially/probably invalidated by a deploy.This forces the UI as well as a sync pipelines stages that may run on different containers to see the updates from the deploy. Question: When I deploy applications to Kubernetes from Spinnaker post-deployment none of the deployed clusters are visible. Below exception is observed in Clouddriver. com.netflix.spinnaker.clouddriver.kubernetes.op.job.KubectlJobExecutor$KubectlException: Failed to read [configMap, controllerRevision, cronJob, daemonSet, deployment, event, horizontalpodautoscaler, ingress, job, limitRange, networkPolicy, persistentVolumeClaim, pod, podPreset, podDisruptionBudget, replicaSet, role, roleBinding, secret, service, serviceAccount, statefulSet] from default: error: the server doesn't have a resource type "podPreset"Answer :

  • This issue occurs mostly in the Kubernetes version 1.19.x or the latest version. If you run into this issue in the hal config file under "omitKind" add "podPrest" in the below format omitKinds: - "podPreset" Generic

  • Now, restart spinnaker services hal deploy apply Generic

  • Once, all the spinnaker services are up and running all the deployed resources should be visible in Spinnaker Clusters. Question: How do we get of a pipeline-cancel situation? It keeps going round-and-round but does not come back? Answer: a) Please delete the underlying objects in k8s/deployment envrionment. For example, if we were trying to create a "deployment", go and delete it. That should fix the issue. That object, if it is crashloop, will not go away easily. A simple approach is to have pipelines that delete objects created by other pipelines...so you can simple run a pipeline to clean-up a deployment left in a messy state. b) orca pod could have run out of resources. Try restarting it or increasing its CPU/Mem. Question: All spinnaker pipelines have vanished. What should we do? Answer: Try restarting the spin-front50 pod.

Last updated