Install Spinnaker for Kubernetes on Oracle Cloud

Spinnaker is a battle tested and powerful enterprise CI/CD tool from Netflix. It supports deployment to multiple public cloud providers and also Kubernetes. I’ll show you how to get Spinnaker up and running on Oracle Cloud.

There are a few ways to deploy Spinnaker. For instance, you could deploy it directly to a Kubernetes cluster. In this example I’m going to keep it simple and just deploy to a VM.

We have some experimental support for Oracle Cloud in Spinnaker but at the time of writing it isn’t ready for use.

Create a machine to deploy Spinnaker on

Log into the OCI console and create a Virtual Machine or Bare Metal instance. Be sure to add an SSH key so you can log in. Spinnaker currently supports Ubuntu 14.04 only.

SSH onto your machine

ssh ubuntu@MYIP

The Spinnaker provider for Kubernetes assumes you have a working Kubernetes cluster with a “kubeconfig” file to access the cluster. Assuming you do we can copy some required files to our Ubuntu instance.

scp generated/kubeconfig ubuntu@130.61.43.63:~/.kube/
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv kubectl /usr/local/bin

Install Minio for local storage

We are pushing out an update that will support Oracle Cloud storage soon. You could also use the OCI S3 compatible API. In this example I’ll use minio.

wget https://dl.minio.io/server/minio/release/linux-amd64/minio
chmod +x minio
sudo mv minio /usr/local/bin/
export MINIO_SECRET_KEY=miniosecretkey
export MINIO_ACCESS_KEY=minioaccesskey
nohup minio server $HOME/data --address ":9001" > /dev/null 2>&1 &

Install Spinnaker

# Install Halyard
curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
sudo bash InstallHalyard.sh

## Install Docker
sudo apt-get update
sudo apt-get -y install linux-image-extra-$(uname -r) linux-image-extra-virtual
sudo apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
sudo apt-get install -y docker-ce

# Configure Spinnaker
hal config version edit --version $(hal version latest -q)

hal config provider docker-registry enable
export ADDRESS=index.docker.io
export REPOSITORIES=owainlewis/hello-spinnaker
export USERNAME=owainlewis
hal config provider docker-registry account add my-docker-registry \
--address $ADDRESS \
--repositories $REPOSITORIES \
--username $USERNAME \
--password

echo $MINIO_SECRET_KEY | hal config storage s3 edit --endpoint http://localhost:9001 \
--access-key-id $MINIO_ACCESS_KEY \
--secret-access-key

hal config storage edit --type s3

hal config provider kubernetes enable
hal config provider kubernetes account add my-k8s-v2-account \
--provider-version v2 \
--context $(kubectl config current-context)

hal config features edit --artifacts true

sudo hal deploy apply

sudo service spinnaker restart

Exposing Spinnaker

By default, the Spinnaker UI runs on localhost:9000. You can use an SSH tunnel to access this from your workstation. However, it’s likely if you work in a team that you’ll want to expose your Spinnaker instance. Be careful about how you do this and enable authentication.

sudo iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8084 -j ACCEPT
sudo iptables -F
echo "host: 0.0.0.0" | tee \
~/.hal/default/service-settings/gate.yml \
~/.hal/default/service-settings/deck.yml

hal config security ui edit \
--override-base-url http://130.61.43.63:9000

hal config security api edit \
--override-base-url http://130.61.43.63:8084

sudo hal deploy apply

That’s it. You should now have a Spinnaker instance up and running that’s ready to deploy to your Kubernetes cluster.

If you spot any mistakes in the above documentation, or if you have questions please feel free to get in touch (owain.lewis@oracle.com).

Like what you read? Give Owain Lewis a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.