From d52a7575ba4f39e5c1f18bc9ac63fbe0a6664df7 Mon Sep 17 00:00:00 2001 From: nauman Date: Mon, 10 Jan 2022 18:46:05 +0000 Subject: [PATCH] Spinnaker deployment spinnaker deployment using halyard cli minio chart install & deployment update calico-spinnaker scenario Deploy-Scenario: k8-calico-spinnaker Change-Id: If399108c581bd7d5558edad5df4d681ae8f008f5 --- .../vars/main.yml => minio/install.yml} | 10 +- apps/minio/roles/install/tasks/main.yml | 52 +++ .../roles/install/vars/main.yml} | 20 +- .../install.yml | 3 +- .../roles/install/tasks/create-user.yml | 49 +++ .../roles/install/tasks/deploy-spin.yml | 62 ++++ .../roles/install/tasks/install-pkg.yml | 36 ++ .../roles/install/tasks/main.yml} | 16 +- .../roles/install/tasks/poll-pods.yml | 33 ++ .../roles/install/vars/main.yml | 32 ++ .../install/files/log-spinnaker-status.sh | 47 --- .../playbooks/roles/install/tasks/main.yml | 195 ----------- .../roles/install/templates/index.yaml.j2 | 22 -- .../roles/install/templates/values.yaml.j2 | 308 ------------------ scenarios/k8-calico-spinnaker.yaml | 6 +- 15 files changed, 298 insertions(+), 593 deletions(-) rename apps/{spinnaker/kubespray/playbooks/roles/install/vars/main.yml => minio/install.yml} (79%) create mode 100644 apps/minio/roles/install/tasks/main.yml rename apps/{spinnaker/kubespray/playbooks/roles/install/vars/offline-deployment.yaml => minio/roles/install/vars/main.yml} (71%) rename apps/{spinnaker/kubespray/playbooks => spinnaker-halyard}/install.yml (92%) create mode 100644 apps/spinnaker-halyard/roles/install/tasks/create-user.yml create mode 100644 apps/spinnaker-halyard/roles/install/tasks/deploy-spin.yml create mode 100644 apps/spinnaker-halyard/roles/install/tasks/install-pkg.yml rename apps/{spinnaker/kubespray/playbooks/roles/install/vars/online-deployment.yaml => spinnaker-halyard/roles/install/tasks/main.yml} (74%) create mode 100644 apps/spinnaker-halyard/roles/install/tasks/poll-pods.yml create mode 100644 apps/spinnaker-halyard/roles/install/vars/main.yml delete mode 100755 apps/spinnaker/kubespray/playbooks/roles/install/files/log-spinnaker-status.sh delete mode 100644 apps/spinnaker/kubespray/playbooks/roles/install/tasks/main.yml delete mode 100644 apps/spinnaker/kubespray/playbooks/roles/install/templates/index.yaml.j2 delete mode 100644 apps/spinnaker/kubespray/playbooks/roles/install/templates/values.yaml.j2 diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/vars/main.yml b/apps/minio/install.yml similarity index 79% rename from apps/spinnaker/kubespray/playbooks/roles/install/vars/main.yml rename to apps/minio/install.yml index 4995e3d..3345798 100644 --- a/apps/spinnaker/kubespray/playbooks/roles/install/vars/main.yml +++ b/apps/minio/install.yml @@ -1,6 +1,6 @@ --- # ============LICENSE_START======================================================= -# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,9 +16,9 @@ # # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= -helm_charts_git_url: https://github.com/helm/charts.git -spinnaker_service: "spinnaker" -spinnaker_namespace: "spinnaker" +- hosts: jumphost + gather_facts: true -# vim: set ts=2 sw=2 expandtab: + roles: + - role: install diff --git a/apps/minio/roles/install/tasks/main.yml b/apps/minio/roles/install/tasks/main.yml new file mode 100644 index 0000000..a63d5c7 --- /dev/null +++ b/apps/minio/roles/install/tasks/main.yml @@ -0,0 +1,52 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- name: Add minio chart repository + command: helm repo add minio "{{ chart_repo }}" + changed_when: false + +- name: Create minio values file + tempfile: + state: file + register: values_file + +- name: Write minio values to file + vars: + values: + replicas: "{{ replicas }}" + rootUser: "{{ root_user }}" + rootPassword: "{{ root_password }}" + users: "{{ users }}" + persistence: + size: "{{ disk_size }}" + resources: + requests: + memory: "{{ container_mem_req }}" + copy: + content: "{{ values | to_yaml }}" + dest: "{{ values_file.path }}" + mode: 0644 + +- name: Install minio chart + shell: > + helm install minio minio/minio + --create-namespace + --namespace minio + --values "{{ values_file.path }}" + changed_when: false diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/vars/offline-deployment.yaml b/apps/minio/roles/install/vars/main.yml similarity index 71% rename from apps/spinnaker/kubespray/playbooks/roles/install/vars/offline-deployment.yaml rename to apps/minio/roles/install/vars/main.yml index 2d8de91..e7ef8b1 100644 --- a/apps/spinnaker/kubespray/playbooks/roles/install/vars/offline-deployment.yaml +++ b/apps/minio/roles/install/vars/main.yml @@ -1,6 +1,6 @@ --- # ============LICENSE_START======================================================= -# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,9 +17,17 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= -gcrio_image_repository: "{{ server_fqdn }}" -helm_charts_git_url: "{{ engine_workspace }}/offline/git/charts" -local_repo_url: "http://{{ server_fqdn }}/charts/local" -stable_repo_url: "http://{{ server_fqdn }}/charts/stable" +root_user: root +root_password: password -# vim: set ts=2 sw=2 expandtab: +disk_size: 5Gi +replicas: 4 + +chart_repo: https://charts.min.io/ +container_mem_req: 256Mi + +users: + - accessKey: spinnaker + secretKey: spinnaker + # [readonly|readwrite|writeonly|consoleAdmin|diagnostics] + policy: consoleAdmin diff --git a/apps/spinnaker/kubespray/playbooks/install.yml b/apps/spinnaker-halyard/install.yml similarity index 92% rename from apps/spinnaker/kubespray/playbooks/install.yml rename to apps/spinnaker-halyard/install.yml index 97d22ae..f12b964 100644 --- a/apps/spinnaker/kubespray/playbooks/install.yml +++ b/apps/spinnaker-halyard/install.yml @@ -1,6 +1,6 @@ --- # ============LICENSE_START======================================================= -# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ - hosts: jumphost gather_facts: true - become: false roles: - role: install diff --git a/apps/spinnaker-halyard/roles/install/tasks/create-user.yml b/apps/spinnaker-halyard/roles/install/tasks/create-user.yml new file mode 100644 index 0000000..eb02b38 --- /dev/null +++ b/apps/spinnaker-halyard/roles/install/tasks/create-user.yml @@ -0,0 +1,49 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- name: Create halyard OS user + user: + name: halyard + shell: /bin/bash + +- name: Allow 'halyard' group to have passwordless sudo + lineinfile: + dest: /etc/sudoers + state: present + regexp: '^%halyard' + line: '%halyard ALL=(ALL) NOPASSWD: ALL' + validate: 'visudo -cf %s' + +- name: Copy ssh config + copy: + src: "{{ user_home }}/.ssh" + dest: /home/halyard + remote_src: true + owner: halyard + group: halyard + mode: preserve + +- name: Copy kube config + copy: + src: "{{ user_home }}/.kube" + dest: /home/halyard + remote_src: true + owner: halyard + group: halyard + mode: preserve diff --git a/apps/spinnaker-halyard/roles/install/tasks/deploy-spin.yml b/apps/spinnaker-halyard/roles/install/tasks/deploy-spin.yml new file mode 100644 index 0000000..610e12f --- /dev/null +++ b/apps/spinnaker-halyard/roles/install/tasks/deploy-spin.yml @@ -0,0 +1,62 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- name: Enable spinnaker k8s provider + command: hal config provider kubernetes enable + changed_when: false + +- name: Create spinnaker k8s provider account + shell: > + hal config provider kubernetes + account add {{ spinnaker_account }} + --context $(kubectl config current-context) + changed_when: false + +- name: Set spinnaker install version + shell: > + hal config version edit + --version "{{ spinnaker_version }}" + changed_when: false + +- name: Set spinnaker deployment account + shell: > + hal config deploy edit + --type distributed + --account-name {{ spinnaker_account }} + changed_when: false + +- name: Set minio storage config + shell: > + hal config storage s3 edit + --endpoint http://minio.minio:9000 + --access-key-id spinnaker + --secret-access-key spinnaker + changed_when: false + +- name: Set external storage to minio + command: hal config storage edit --type s3 + changed_when: false + +- name: Set minio storage path style + command: hal config storage s3 edit --path-style-access true + changed_when: false + +- name: Deploy spinnaker + command: hal deploy apply + changed_when: false diff --git a/apps/spinnaker-halyard/roles/install/tasks/install-pkg.yml b/apps/spinnaker-halyard/roles/install/tasks/install-pkg.yml new file mode 100644 index 0000000..0c4cd8d --- /dev/null +++ b/apps/spinnaker-halyard/roles/install/tasks/install-pkg.yml @@ -0,0 +1,36 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- name: Install JRE + package: + name: default-jre + state: present + +- name: Download halyard install script + get_url: + url: "{{ halyard_install_sh_url }}" + dest: /tmp/install-halyard.sh + mode: 0755 + +- name: Install halyard + shell: > + /tmp/install-halyard.sh -y + --user {{ halyard_user }} + --version {{ halyard_version }} + changed_when: false diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/vars/online-deployment.yaml b/apps/spinnaker-halyard/roles/install/tasks/main.yml similarity index 74% rename from apps/spinnaker/kubespray/playbooks/roles/install/vars/online-deployment.yaml rename to apps/spinnaker-halyard/roles/install/tasks/main.yml index 188786f..eed857b 100644 --- a/apps/spinnaker/kubespray/playbooks/roles/install/vars/online-deployment.yaml +++ b/apps/spinnaker-halyard/roles/install/tasks/main.yml @@ -1,6 +1,6 @@ --- # ============LICENSE_START======================================================= -# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,9 +17,11 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= -gcrio_image_repository: "gcr.io" -helm_charts_git_url: "https://github.com/helm/charts.git" -local_repo_url: "http://{{ server_fqdn }}/charts/local" -stable_repo_url: "https://charts.helm.sh/stable" - -# vim: set ts=2 sw=2 expandtab: +- import_tasks: create-user.yml + become: true +- import_tasks: install-pkg.yml + become: true +- import_tasks: deploy-spin.yml + become: true + become_user: "{{ halyard_user }}" +- import_tasks: poll-pods.yml diff --git a/apps/spinnaker-halyard/roles/install/tasks/poll-pods.yml b/apps/spinnaker-halyard/roles/install/tasks/poll-pods.yml new file mode 100644 index 0000000..40477e2 --- /dev/null +++ b/apps/spinnaker-halyard/roles/install/tasks/poll-pods.yml @@ -0,0 +1,33 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +- name: Wait for all spinnaker pods to become ready + k8s_facts: + kind: Pod + namespace: spinnaker + label_selectors: + - app = spin + field_selectors: + - status.phase=Running + register: spin_status + until: + - spin_status.resources is defined + - spin_status.resources + retries: 30 + delay: 10 diff --git a/apps/spinnaker-halyard/roles/install/vars/main.yml b/apps/spinnaker-halyard/roles/install/vars/main.yml new file mode 100644 index 0000000..332f880 --- /dev/null +++ b/apps/spinnaker-halyard/roles/install/vars/main.yml @@ -0,0 +1,32 @@ +--- +# ============LICENSE_START======================================================= +# Copyright (C) 2022 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +halyard_user: halyard + +halyard_version: "1.44.1" + +spinnaker_version: "1.26.6" + +# yamllint disable-line rule:line-length +halyard_install_sh_url: https://raw.githubusercontent.com/spinnaker/halyard/master/install/debian/InstallHalyard.sh + +spinnaker_account: "spin-k8s-account" + +user_home: "{{ lookup('env', 'HOME') if provisioner_type == 'bifrost' else '/root' }}" diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/files/log-spinnaker-status.sh b/apps/spinnaker/kubespray/playbooks/roles/install/files/log-spinnaker-status.sh deleted file mode 100755 index c176ac1..0000000 --- a/apps/spinnaker/kubespray/playbooks/roles/install/files/log-spinnaker-status.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash - -cat << EOF ---------------------------------------------------- -Halyard Spinnaker Deployment Log ---------------------------------------------------- -$(kubectl -n spinnaker logs $(kubectl -n spinnaker get pod --no-headers -o custom-columns=':metadata.name' | grep spinnaker-install-using)) - - ---------------------------------------------------- -Spinnaker pods in Create or ImagePullBackOff state ---------------------------------------------------- -$(kubectl get pod -n spinnaker | grep -i 'creating\|ImagePullBackOff') - - ---------------------------------------------------- -Spinnaker pods in Init state ---------------------------------------------------- -$(kubectl get pod -n spinnaker | grep Init | grep -v Error) - - ---------------------------------------------------- -Spinnaker pods in Error or CrashLoopBackOff state ---------------------------------------------------- -$(kubectl get pod -n spinnaker | grep 'Crash\|Error') - - ---------------------------------------------------- -Spinnaker POD Summary ---------------------------------------------------- -Creating/ImagePullBackOff : $(kubectl get pod -n spinnaker | grep -i 'creating\|ImagePullBackOff' | wc -l) pods -Init : $(kubectl get pod -n spinnaker | grep Init | grep -v Error | wc -l) pods -Error/CrashLoopBackOff : $(kubectl get pod -n spinnaker | grep 'Error\|Crash' | wc -l) pods -Terminating : $(kubectl get pod -n spinnaker | grep -i terminating | wc -l) pods -Running/Completed : $(kubectl get pod -n spinnaker | grep -i 'running\|completed' | wc -l) pods -Total : $(kubectl get pod -n spinnaker | grep -v RESTART | wc -l) pods ---------------------------------------------------- - - ---------------------------------------------------- -Summary of Container Images pulled for Spinnaker ---------------------------------------------------- -Number of Spinnaker containers : $(kubectl get pods -n spinnaker -o jsonpath="{..image}" | tr -s '[[:space:]]' '\n' | sort | uniq | grep '^spin.*' | wc -l) -Number of non-Spinnaker containers : $(kubectl get pods -n spinnaker -o jsonpath="{..image}" | tr -s '[[:space:]]' '\n' | sort | uniq | grep -v 'spin' | wc -l) -Total number of containers : $(kubectl get pods -n spinnaker -o jsonpath="{..image}" | tr -s '[[:space:]]' '\n' | sort | uniq | wc -l) ---------------------------------------------------- -EOF diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/tasks/main.yml b/apps/spinnaker/kubespray/playbooks/roles/install/tasks/main.yml deleted file mode 100644 index e90fbad..0000000 --- a/apps/spinnaker/kubespray/playbooks/roles/install/tasks/main.yml +++ /dev/null @@ -1,195 +0,0 @@ ---- -# ============LICENSE_START======================================================= -# Copyright (C) 2019 The Nordix Foundation. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -# -- name: Load execution mode variables - include_vars: "{{ execution_mode }}.yaml" - -- block: - - name: Create directories for helm repositories - file: - path: "{{ item.path }}" - state: "{{ item.state }}" - loop: - - {path: "{{ engine_workspace }}/offline/charts/stable", state: absent} - - {path: "{{ engine_workspace }}/offline/charts/stable", state: directory} - - {path: "{{ engine_workspace }}/offline/charts/local", state: absent} - - {path: "{{ engine_workspace }}/offline/charts/local", state: directory} - - - name: Place index.yaml to webserver stable charts repository - template: - src: "index.yaml.j2" - dest: "{{ engine_workspace }}/offline/charts/stable/index.yaml" - force: true - - - name: Create local repo index (empty initially) - command: "helm repo index {{ engine_workspace }}/offline/charts/local/" - creates: "{{ engine_workspace }}/offline/charts/local/index.yaml" - when: execution_mode == "offline-deployment" - -- name: Initialize Helm - command: helm init --client-only --local-repo-url {{ local_repo_url }} --stable-repo-url {{ stable_repo_url }} - register: helm_init_result - changed_when: true - when: helm_version is version('v3', '<') - -- name: Check if stable helm repo exists (helm v3+) - command: "helm repo list" - changed_when: true - failed_when: false - register: helm_repo_list_result - -- name: Add stable helm repo (helm v3+) - command: "helm repo add stable {{ stable_repo_url }}" - register: helm_repo_add_stable_result - changed_when: true - when: > - helm_version is version('v3.0.0', '>=') - and execution_mode == "online-deployment" - and helm_repo_list_result is not search(stable_repo_url) - -- name: Add local helm repo (helm v3+) - command: "helm repo add local {{ local_repo_url }}" - register: helm_repo_add_local_result - changed_when: true - when: > - helm_version is version('v3.0.0', '>=') - and execution_mode == "offline-deployment" - and helm_repo_list_result is not search(local_repo_url) - -- name: Clone Helm Charts repository - git: - repo: "{{ helm_charts_git_url }}" - dest: "{{ engine_cache }}/repos/charts" - version: "{{ charts_version }}" - force: true - recursive: true - environment: - http_proxy: "{{ lookup('env','http_proxy') }}" - https_proxy: "{{ lookup('env','https_proxy') }}" - no_proxy: "{{ lookup('env','no_proxy') }}" - -- name: Generate values.yaml - template: - src: "values.yaml.j2" - dest: "{{ engine_cache }}/repos/charts/stable/spinnaker/values.yaml" - force: true - -- name: Remove previous installations of Spinnaker - command: > - helm delete --purge "{{ spinnaker_service }}" - changed_when: true - ignore_errors: true - tags: reset - -- name: Remove Spinnaker namespace - command: > - kubectl delete ns "{{ spinnaker_namespace }}" - changed_when: true - ignore_errors: true - tags: reset - -- name: Create Spinnaker namespace - k8s: - state: present - definition: - apiVersion: v1 - kind: Namespace - metadata: - name: "{{ spinnaker_namespace }}" - -- name: Verify Spinnaker Helm charts are available to be deployed - command: helm search spinnaker -l - register: helm_search - changed_when: false - -- name: Log Helm chart list to console - debug: - msg: "{{ helm_search.stdout_lines }}" - -- name: Inform user about Spinnaker deployment - debug: - msg: > - Spinnaker deployment is about to start! - This takes a while and nothing will be logged to console until the process is completed. - -- name: Fetch all helm dependencies for Spinnaker - command: > - helm dependency update - {{ engine_cache }}/repos/charts/stable/spinnaker - changed_when: true - -- name: Install Spinnaker using helm - command: > - helm install - {% if helm_version is version('v3.0.0', '<')%} --name {% endif %}"{{ spinnaker_service }}" - --namespace "{{ spinnaker_namespace }}" - --timeout "900{% if helm_version is version('v3.0.0', '>=') %}s{% endif %}" - {{ engine_cache }}/repos/charts/stable/spinnaker - register: spinnaker_helm_log - changed_when: true - -- name: Log Spinnaker helm output to console - debug: - msg: "{{ spinnaker_helm_log.stdout_lines }}" - -# wait 10 minutes for all containers to be started -- name: Wait for all containers to be started - shell: | - set -o pipefail - kubectl get po -n spinnaker | grep ContainerCreating | wc -l - register: kube - changed_when: - kube.stdout == '0' - until: - kube.stdout == '0' - retries: 60 - delay: 10 - -# wait 20 minutes for all containers to be initialized -- block: - - name: Wait for all containers to be initialized - shell: | - set -o pipefail - kubectl get po -n spinnaker | grep Init | grep -v Error | wc -l - register: kube - changed_when: - kube.stdout == '0' - until: - kube.stdout == '0' - retries: 120 - delay: 10 - always: - - name: Get POD status - command: kubectl get po -n spinnaker - changed_when: false - register: kube - - - name: Log POD status to console - debug: - msg: "{{ kube.stdout_lines }}" - - - name: Get summary of Spinnaker deployment - script: log-spinnaker-status.sh - register: spinnaker_status - - - name: Log Spinnaker status to console - debug: - msg: "{{ spinnaker_status.stdout_lines }}" - -# vim: set ts=2 sw=2 expandtab: diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/templates/index.yaml.j2 b/apps/spinnaker/kubespray/playbooks/roles/install/templates/index.yaml.j2 deleted file mode 100644 index 963516c..0000000 --- a/apps/spinnaker/kubespray/playbooks/roles/install/templates/index.yaml.j2 +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -entries: - spinnaker: - - apiVersion: v1 - description: Open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. - name: spinnaker - version: {{ spinnaker_version }} - appVersion: {{ spinnaker_app_version }} - home: http://spinnaker.io/ - sources: - - https://github.com/spinnaker - - https://github.com/viglesiasce/images - icon: https://pbs.twimg.com/profile_images/669205226994319362/O7OjwPrh_400x400.png - maintainers: - - name: viglesiasce - email: viglesias@google.com - - name: ezimanyi - email: ezimanyi@google.com - - name: dwardu89 - email: hello@dwardu.com - - name: paulczar - email: username.taken@gmail.com diff --git a/apps/spinnaker/kubespray/playbooks/roles/install/templates/values.yaml.j2 b/apps/spinnaker/kubespray/playbooks/roles/install/templates/values.yaml.j2 deleted file mode 100644 index 8d88583..0000000 --- a/apps/spinnaker/kubespray/playbooks/roles/install/templates/values.yaml.j2 +++ /dev/null @@ -1,308 +0,0 @@ -halyard: - spinnakerVersion: {{ spinnaker_app_version }} - image: - repository: {{ gcrio_image_repository }}/spinnaker-marketplace/halyard - tag: {{ spinnaker_version }} - pullSecrets: [] - # Set to false to disable persistence data volume for halyard - persistence: - enabled: false - # Provide a config map with Hal commands that will be run the core config (storage) - # The config map should contain a script in the config.sh key - additionalScripts: - enabled: false - configMapName: my-halyard-config - configMapKey: config.sh - # If you'd rather do an inline script, set create to true and put the content in the data dict like you would a configmap - # The content will be passed through `tpl`, so value interpolation is supported. - create: false - data: {} - additionalSecrets: - create: false - data: {} - ## Uncomment if you want to use a pre-created secret rather than feeding data in via helm. - # name: - additionalConfigMaps: - create: false - data: {} - ## Uncomment if you want to use a pre-created ConfigMap rather than feeding data in via helm. - # name: - ## Define custom profiles for Spinnaker services. Read more for details: - ## https://www.spinnaker.io/reference/halyard/custom/#custom-profiles - ## The contents of the files will be passed through `tpl`, so value interpolation is supported. - additionalProfileConfigMaps: - data: {} - ## if you're running spinnaker behind a reverse proxy such as a GCE ingress - ## you may need the following profile settings for the gate profile. - ## see https://github.com/spinnaker/spinnaker/issues/1630 - ## otherwise its harmless and will likely become default behavior in the future - ## According to the linked github issue. - # gate-local.yml: - # server: - # tomcat: - # protocolHeader: X-Forwarded-Proto - # remoteIpHeader: X-Forwarded-For - # internalProxies: .* - # httpsServerPort: X-Forwarded-Port - - ## Define custom settings for Spinnaker services. Read more for details: - ## https://www.spinnaker.io/reference/halyard/custom/#custom-service-settings - ## You can use it to add annotations for pods, override the image, etc. - additionalServiceSettings: {} - # deck.yml: - # artifactId: gcr.io/spinnaker-marketplace/deck:2.9.0-20190412012808 - # kubernetes: - # podAnnotations: - # iam.amazonaws.com/role: - # clouddriver.yml: - # kubernetes: - # podAnnotations: - # iam.amazonaws.com/role: - - ## Populate to provide a custom local BOM for Halyard to use for deployment. Read more for details: - ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem - bom: ~ - # artifactSources: - # debianRepository: https://dl.bintray.com/spinnaker-releases/debians - # dockerRegistry: gcr.io/spinnaker-marketplace - # gitPrefix: https://github.com/spinnaker - # googleImageProject: marketplace-spinnaker-release - # services: - # clouddriver: - # commit: 031bcec52d6c3eb447095df4251b9d7516ed74f5 - # version: 6.3.0-20190904130744 - # deck: - # commit: b0aac478e13a7f9642d4d39479f649dd2ef52a5a - # version: 2.12.0-20190916141821 - # ... - # timestamp: '2019-09-16 18:18:44' - # version: 1.16.1 - - ## Define local configuration for Spinnaker services. - ## The contents of these files would be copies of the configuration normally retrieved from - ## `gs://halconfig/`, but instead need to be available locally on the halyard pod to facilitate - ## offline installation. This would typically be used along with a custom `bom:` with the `local:` prefix on a - ## service version. - ## Read more for details: - ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem - ## The key for each entry must be the name of the service and a file name separated by the '_' character. - serviceConfigs: {} - # clouddriver_clouddriver-ro.yml: |- - # ... - # clouddriver_clouddriver-rw.yml: |- - # ... - # clouddriver_clouddriver.yml: |- - # ... - # deck_settings.json: |- - # ... - # echo_echo.yml: |- - # ... - - ## Uncomment if you want to add extra commands to the init script - ## run by the init container before halyard is started. - ## The content will be passed through `tpl`, so value interpolation is supported. - # additionalInitScript: |- - - ## Uncomment if you want to add annotations on halyard and install-using-hal pods - # annotations: - # iam.amazonaws.com/role: - - ## Uncomment the following resources definitions to control the cpu and memory - # resources allocated for the halyard pod - resources: {} - # requests: - # memory: "1Gi" - # cpu: "100m" - # limits: - # memory: "2Gi" - # cpu: "200m" - - ## Uncomment if you want to set environment variables on the Halyard pod. - # env: - # - name: JAVA_OPTS - # value: -Dhttp.proxyHost=proxy.example.com - customCerts: - ## Enable to override the default cacerts with your own one - enabled: false - secretName: custom-cacerts - -# Define which registries and repositories you want available in your -# Spinnaker pipeline definitions -# For more info visit: -# https://www.spinnaker.io/setup/providers/docker-registry/ - -# Configure your Docker registries here -dockerRegistries: -- name: dockerhub - address: index.docker.io - repositories: - - library/alpine - - library/ubuntu - - library/centos - - library/nginx -# - name: gcr -# address: https://gcr.io -# username: _json_key -# password: '' -# email: 1234@5678.com - -# If you don't want to put your passwords into a values file -# you can use a pre-created secret instead of putting passwords -# (specify secret name in below `dockerRegistryAccountSecret`) -# per account above with data in the format: -# : - -# dockerRegistryAccountSecret: myregistry-secrets - -kubeConfig: - # Use this when you want to register arbitrary clusters with Spinnaker - # Upload your ~/kube/.config to a secret - enabled: false - secretName: my-kubeconfig - secretKey: config - # Use this when you want to configure halyard to reference a kubeconfig from s3 - # This allows you to keep your kubeconfig in an encrypted s3 bucket - # For more info visit: - # https://www.spinnaker.io/reference/halyard/secrets/s3-secrets/#secrets-in-s3 - # encryptedKubeconfig: encrypted:s3!r:us-west-2!b:mybucket!f:mykubeconfig - # List of contexts from the kubeconfig to make available to Spinnaker - contexts: - - default - deploymentContext: default - omittedNameSpaces: - - kube-system - - kube-public - onlySpinnakerManaged: - enabled: false - - # When false, clouddriver will skip the permission checks for all kubernetes kinds at startup. - # This can save a great deal of time during clouddriver startup when you have many kubernetes - # accounts configured. This disables the log messages at startup about missing permissions. - checkPermissionsOnStartup: true - - # A list of resource kinds this Spinnaker account can deploy to and will cache. - # When no kinds are configured, this defaults to ‘all kinds'. - # kinds: - # - - - # A list of resource kinds this Spinnaker account cannot deploy to or cache. - # This can only be set when –kinds is empty or not set. - # omittedKinds: - # - - -# Change this if youd like to expose Spinnaker outside the cluster -ingress: - enabled: false - # host: spinnaker.example.org - # annotations: - # ingress.kubernetes.io/ssl-redirect: 'true' - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - # tls: - # - secretName: -tls - # hosts: - # - domain.com - -ingressGate: - enabled: false - # host: gate.spinnaker.example.org - # annotations: - # ingress.kubernetes.io/ssl-redirect: 'true' - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - # tls: - # - secretName: -tls - # hosts: - # - domain.com - -# spinnakerFeatureFlags is a list of Spinnaker feature flags to enable -# Ref: https://www.spinnaker.io/reference/halyard/commands/#hal-config-features-edit -# spinnakerFeatureFlags: -# - artifacts -# - pipeline-templates -spinnakerFeatureFlags: - - artifacts - - jobs - -# Node labels for pod assignment -# Ref: https://kubernetes.io/docs/user-guide/node-selection/ -# nodeSelector to provide to each of the Spinnaker components -nodeSelector: {} - -# Redis password to use for the in-cluster redis service -# Enable redis to use in-cluster redis -redis: - enabled: true - # External Redis option will be enabled if in-cluster redis is disabled - external: - host: "" - port: 6379 - # password: "" - password: password - nodeSelector: {} - cluster: - enabled: false -# Uncomment if you don't want to create a PVC for redis - master: - persistence: - enabled: false - -# Minio access/secret keys for the in-cluster S3 usage -# Minio is not exposed publically -minio: - enabled: true - imageTag: RELEASE.2019-02-13T19-48-27Z - serviceType: ClusterIP - accessKey: spinnakeradmin - secretKey: spinnakeradmin - bucket: "spinnaker" - nodeSelector: {} -# Uncomment if you don't want to create a PVC for minio - persistence: - enabled: false - -# Google Cloud Storage -gcs: - enabled: false - project: my-project-name - bucket: "" - ## if jsonKey is set, will create a secret containing it - jsonKey: '' - ## override the name of the secret to use for jsonKey, if `jsonKey` - ## is empty, it will not create a secret assuming you are creating one - ## external to the chart. the key for that secret should be `key.json`. - secretName: - -# AWS Simple Storage Service -s3: - enabled: false - bucket: "" - # rootFolder: "front50" - # region: "us-east-1" - # endpoint: "" - # accessKey: "" - # secretKey: "" - # assumeRole: "" - -# Azure Storage Account -azs: - enabled: false -# storageAccountName: "" -# accessKey: "" -# containerName: "spinnaker" - -rbac: - # Specifies whether RBAC resources should be created - create: true - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccounts to use. - # If left blank it is auto-generated from the fullname of the release - halyardName: - spinnakerName: -securityContext: - # Specifies permissions to write for user/group - runAsUser: 1000 - fsGroup: 1000 diff --git a/scenarios/k8-calico-spinnaker.yaml b/scenarios/k8-calico-spinnaker.yaml index a52a61d..277f247 100644 --- a/scenarios/k8-calico-spinnaker.yaml +++ b/scenarios/k8-calico-spinnaker.yaml @@ -47,8 +47,12 @@ import_playbook: "../apps/prometheus/kubespray/playbooks/install.yml" tags: postinstall +- name: Install Minio + import_playbook: "../apps/minio/install.yml" + tags: postinstall + - name: Install Spinnaker - import_playbook: "../apps/spinnaker/kubespray/playbooks/install.yml" + import_playbook: "../apps/spinnaker-halyard/install.yml" tags: postinstall # vim: set ts=2 sw=2 expandtab: -- 2.25.1