Armory Spinnaker Documentation: How To Set Up, Safely Administer the System, How to Use the System

This documentation can help you set up Armory Spinnaker, safely administer the system, and learn about how to use the system. If you want to know more about Armory Spinnaker read What is Armory Spinnaker.

See the following for Armory Spinnaker Administration

Deploying Armory Spinnaker

Armory Spinnaker comes with an installer that walks you through deploying Spinnaker with in your AWS account. It should only take around 15 minutes to have an instance of Armory Spinnaker up and running. To get started, open up a terminal and execute the following:

bash -c "$(curl -sS http://get.armory.io)"

If you want to learn more about what is happening behind the scenes, you can go through the components below.

Installer

The installer is a script that is responsible for asking the user for customer specific inputs like AWS keys, VPC, subnets and S3 buckets. These inputs are kept locally on your system and then passed to Terraform

Terraform Templates

Armory Spinnaker relies on Terraform templates to create the infrastructure described above. The tfstate file is created and backed by S3 for record keeping.

Spinnaker-Terraform

Configuration(s) to set Spinnaker up for the first time.

ha – Configuration for a highly available setup.

stand-alone – Configuration for a development setup.

modules – Common configuration shared by both setups.

Armory-Spinnaker AMI & Debian Distribution

When significant updates are available we intend to distribute a new version of Armory Spinnaker that includes updated components from the OSS community edition as well. We release minor patches every few days for priority fixes.

Architecture

We provide two methods of installing Spinnaker: Stand-Alone and High-Availability (HA). The stand-alone version is there for development purposes. It’s a simplified deployment and is the quickest way to evaluate Spinnaker. The HA deployment provides redundancy and additional security such that there is no single point of failure.

Stand-Alone

Below is a diagram of the architecture & components deployed in a stand-alone configuration.

Security Groups

In order to not expose Spinnaker sub-services, we use internal and user-facing security groups. The user-facing security group exposes ports for gate and deck. We use a separate security group for internal communication between services.

Autoscaling Groups & Launch Configurations

We’ll create an ASG with the name armoryspinnaker-preprod-v000.

By default, we create an instance with a private IP and keys which should only be accessible by your team.

Load Balancing

We put a load balancer in front of the instance to provide external access.

High Availability (HA)

Below is a diagram of the architecture & components deployed in an HA configuration.

Security Groups

The install provides two security groups: one for user-facing access and the internal sub-service communication. The user-facing security groups access opens 3 ports: 9000, 8084, and 80. This is applied to the ELB and the nodes in the Spinnaker cluster. The security group only exposes access to gate and deck. The other services communicate using another security group which is the internal security group. The security group is applied to the Interservice ELB and the nodes on the machine.

Dependencies

Armory Spinnaker is Docker based and uses Docker-Compose to orchestrate it’s deployment, therefore Docker is the primary dependency of Armory Spinnaker. As of the time of this writing, Docker-Compose v1.10.0 is required.