"Kubernetes Meetup" 1Day Spinnaker on Kubernetes Jinwoong Kim (@ddiiwoong)

1. Spinnaker on Kubernetes
Kubernetes Korea Group Meetup (Nov 23, 2018)
Jinwoong Kim (ddiiwoong@gmail.com)

2. • Leading Cloud Native Service Dev Part @SK C&C Cloud Z Unit
• Serverless Platform (K8s, Dispatch, Fission…)
• IaC Platform (Ansible, Terraform, Packer, Vault…)
• Continous Delivery (Spinnaker, Jenkins Blue Ocean)
• Game Platfrom (Agones, Matchmaker)
• Blog : ddiiwoong.github.io
• Facebook : ddiiwoong
• Email : ddiiwoong@gmail.com
Bio

3. • Pronunciation
[spinəkər]
• A supplemental sail to the main sail,
especially a triangular one,
used on yachts for running
before the wind.
Spinnaker

4. • OpenSource multi-cloud CD platform
• Initially developed by Netflix's Asgard (2014), Open-Sourced in 2015
• Built for releasing software changes with High velocity, confidence
• Designed with pluggability in mind
• Support for all major Cloud Provider
(OpenStack, GCP, Azure, AWS, Kubernetes, DC/OS, Oracle Cloud, Cloud Foundry)
• Backed by Netflix, Google, MS, Veritas
What is Spinnaker on Cloud?
Inventory Pipelines

5.  Cluster management
 Deployment management
 Multi-cloud capable
Deployments are built-in and no Custom Scripting in needed.
Core Feature

6. Quick CI/CD
Tenants (Line-of-
business)
Operators (Core IT
Teams)

7. • Multi-Cloud Continuous Delivery/Deployment Platform
• Variable pipeline type, Easy Rollback
• Flexible pipeline management system
• Variable Deployment Strategy (Blue-Green, Rolling Red/Black, Canary)
• Community (github, slack, https://community.spinnaker.io/)
• Hybrid Cloud(VM, Container)
• Continuous Integration (Jenkins, Travis CI)
• Halyard CLI (configuring, installing, and updating Spinnaker)
• Packer, Helm Packaging, Terraform(ing…)
• RBAC(Role Based Access Control)
• Notification - Email, Slack, Hipchat, SMS
• Safe Deployment - Judgement
• Chaos Monkey Built-in
Advantages (TL;DR)

8. Independent microservices
 Deck : Browse-based UI
 Gate : API Gateway
 Orca : Orchestration engine
 Clouddriver : Cloud Provider API Connect,
Caching, Indexing
 Front50 : applications, pipelines, projects
and notifications
 Rosco : Machine Image (w/ Packer)
 Igor : CI Integration (Travis CI, Jenkins)
 Echo : Eventing Bus (Slack, email, SMS)
 Fiat : authorization service
 Kayenta : automated canary analysis
 Halyard : Spinnaker Configuration
(install, provider, update)
 Other Dependencies
S3(or Minio) : To save artifacts
Redis : Job/History storage

9. • Halyard is a tool to configure, update and install Spinnaker
Halyard
 On Kubernetes
 Local Installation of Dedian Pakages
 Git Installation (for contributing)
 S3 or Compatible S3
 Minio
 Azure Storage
 Google Cloud Storage
 Redis(not recommended)
 On Debian/Ubuntu or
macOS
 On Docker

10. • Google App Engine
• AWS
• Azure
• DC/OS
• Google Compute Engine
• Kubernetes (legacy)
• Kubernetes v2 (manifest based)
• Openstack
• Oracle Cloud
• Terraform (Not yet…)
Supported Cloud Providers
hal config provider kubernetes account add prod-gke-account
--provider-version v2
--context $(kubectl config current-context)

11. • Legacy vs Manifest
Versus
V1 (Legacy) V2 (Manifest)
Autonomy Little As you want
Deploy
Cluster, Server Groups, Load
Balancers
Manifests File
Deprecated Will Soon Alpha(1.8) , Beta(1.9~)
Container Regist
ry
GCR, DockerHub, Quay, ECR, JFro
g
Any Registry
Manifests
(Artifacts)
N/A
Base64
Bitbucket
Custom
GCS
GitHub
Gitlab
S3

12. • Jenkins vs Spinnaker
• Native Kubernetes vs Spinnaker
Versus
Jenkins Spinnaker
Powerful Build
No Deployment tool (Plug-in)
Many Scripts
Many Plug-ins
Resource Integration
Directly Use Cloud API
Few Scripts
No CI Tools(CI is Backend)
Native Kubernetes Spinnaker
Replica Rollout
Slow Rollout
Linear Rollout
No Approval
Percent Rollout
Fast Rollback
High Manage cost(infra)
Approval(Judgement)

13. Terminology
Spinnaker Kubernetes 비고
Cluster Deployment Logical Server Groups
Server-Group Workloads
Artifact + Configuration
CRDs - Custom Build (istio – 1.10)
Load Balancer Services
Firewall Network Policy
Account
Cluster
Credentials
Kubeconfig(service account)

14. • Cluster
• Not Kubernetes Cluster
• Logical Server Groups
• Artifacts
https://www.spinnaker.io/reference/artifacts/
• a Docker image
• a file stored in GitHub
• an Amazon Machine Image (AMI)
• a binary blob in S3, Google Cloud Storage, Google Pub/Sub, etc.
• Server Group
• Set of application(VM, Pod)
• Basic Resources(Configuration) : Deployable artifacts, Instance(pod), Auto-Scaling,
metadata
• Optionally LoadBalancer or Firewall can be included
Concept

15. • Cloud Provider
• IaaS - AWS, GCP, Azure, Oracle, Openstack(V3 API)
• PaaS - Google App Engine, Cloud Foundry
• Orchestrator - K8s, DC/OS
• Docker v2 Registry
• Account
• Used Unique Name by Spinnaker to authenticate to the Cloud Provider
• Multiple Account Registration for each Cloud Provider
• ex) prod_gke_account
Concept
hal config provider kubernetes account add prod-gke-account
--provider-version v2
--context $(kubectl config current-context)

16. Deployment strategies

17. • Deploying Kubernetes resources
• Stage (atomic building block)
Pipeline

18. • Kubernetes Source To Prod (Manifest Based)
Demo
https://www.spinnaker.io/guides/tutorials/codelabs/kubernetes-v2-source-to-
prod/
Delivery
Pipeline
Deploy
to Staging
Git
Commit
Manifest
(YAML)
Docker
Triggers
Deploy
to Production
Validation
(Judgement)

19. • Canary Release
• Automated Canary Analysis (Kayenta)
Demo
Load Balancer
Production (v1.0)
Baseline (v1.0)
Canary (v2.0)
Metric
(Prometheu
s)
Live
Traffic
Judgement
Spinnaker
Kayenta
Live
Traffic
Load Balancer
Production (v1.0)
Canary (v2.0)
Metric
(Prometheus)
5%
95%
1 server
19 servers
• System Resources
• HTTP Responses
• JVM Memory, GC
• Connections
• Latency
• Threads
Many servers
1+ servers
1+ servers

20. • How Spinnaker helps
• Single source of truth for deployments
• Auditability
• Verified code/images
• Integration with additional tools
Wrap up
CI/CD Artifacts Monitoring
Notification
s
Security Bakery Triggers Canary
Jenkins
Travis
Base64
Bitbucket
Custom
GCS
GitHub
Gitlab
S3
Prometheus
Stackdriver
Datadog
Slack
Email
HipChat
SMS
Google Group
s
Github Teams
LDAP
SAML
Helm
Packer
Pub/Sub
Github Webhho
k
Docker Build
Scope
Judge
Metrics

21. • Productionize Spinnaker
• Do Install, Config, Update with Halyard
• Best : Spinnaker + Jenkins + Packer + Helm + Terraform(not ready)
• Tunning Point : Redis (Externalize)
• HPA (Horizontal Pod Autoscaler)
• Clouddriver (Cloud API Connect, Caching, Indexing)
• Orca (Pipeline Execution tasks)
• Monitoring / Logging
• Datadog, Prometheus, Stackdriver
• Node logging agent
Wrap up

22. • Our Goals
Wrap up
Application Services
Team
Ops
Team
Business-Driven
Golden Images
Delivery Pipeline
Container
Registry
Staging
Production

23. • We are hiring, come join us!
• Blog : ddiiwoong.github.io
• Facebook : ddiiwoong
• Email : ddiiwoong@gmail.com
Q&A