Armory Spinnaker Documentation: How To Set Up, Safely Administer the System, How to Use the System
Feb 1, 2017 by Armory
This documentation can help you set up Armory Spinnaker, safely administer the system, and learn about how to use the system. If you want to know more about Armory Spinnaker read What is Armory Spinnaker.
See the following for Armory Spinnaker Administration
Deploying Armory Spinnaker
Armory Spinnaker comes with an installer that walks you through deploying Spinnaker with in your AWS account. It should only take around 15 minutes to have an instance of Armory Spinnaker up and running. To get started, open up a terminal and execute the following:
bash -c "$(curl -sS http://get.armory.io)"
If you want to learn more about what is happening behind the scenes, you can go through the components below.
Installer
The installer is a script that is responsible for asking the user for customer specific inputs like AWS keys, VPC, subnets and S3 buckets. These inputs are kept locally on your system and then passed to Terraform
Terraform Templates
Armory Spinnaker relies on Terraform templates to create the infrastructure described above. The tfstate
file is created and backed by S3 for record keeping.
Spinnaker-Terraform
Configuration(s) to set Spinnaker up for the first time.
ha
– Configuration for a highly available setup.
stand-alone
– Configuration for a development setup.
modules
– Common configuration shared by both setups.
Armory-Spinnaker AMI & Debian Distribution
When significant updates are available we intend to distribute a new version of Armory Spinnaker that includes updated components from the OSS community edition as well. We release minor patches every few days for priority fixes.
Architecture
We provide two methods of installing Spinnaker: Stand-Alone and High-Availability (HA). The stand-alone version is there for development purposes. It’s a simplified deployment and is the quickest way to evaluate Spinnaker. The HA deployment provides redundancy and additional security such that there is no single point of failure.
Stand-Alone
Below is a diagram of the architecture & components deployed in a stand-alone configuration.
Security Groups
In order to not expose Spinnaker sub-services, we use internal and user-facing security groups. The user-facing security group exposes ports for gate
and deck
. We use a separate security group for internal communication between services.
Autoscaling Groups & Launch Configurations
We’ll create an ASG with the name armoryspinnaker-preprod-v000
.
By default, we create an instance with a private IP and keys which should only be accessible by your team.
Load Balancing
We put a load balancer in front of the instance to provide external access.
High Availability (HA)
Below is a diagram of the architecture & components deployed in an HA configuration.
Security Groups
The install provides two security groups: one for user-facing access and the internal sub-service communication. The user-facing security groups access opens 3 ports: 9000
, 8084
, and 80
. This is applied to the ELB and the nodes in the Spinnaker cluster. The security group only exposes access to gate
and deck
. The other services communicate using another security group which is the internal security group. The security group is applied to the Interservice ELB
and the nodes on the machine.
Dependencies
Armory Spinnaker is Docker based and uses Docker-Compose to orchestrate it’s deployment, therefore Docker is the primary dependency of Armory Spinnaker. As of the time of this writing, Docker-Compose v1.10.0 is required.