Deploy Software Safer & Faster with Spinnaker
Jan 16, 2017 by DROdio
Armory’s focus is to make your software deployments boring, fast and continuous.
Here is Armory’s recommended process to evaluate (and ensure) the success of Spinnaker within your organization to deploy software more safely, reliably, and with higher velocity.
Before you begin: Read our Stages of Software Delivery Evolution Infographic to understand which stage your company currently falls into.
What Is Spinnaker?
Spinnaker is an open-source, multi-cloud continuous delivery platform initially created by Netflix and open-sourced in November 2015. It is an opinionated framework that leverages the benefits of immutable infrastructure brought by deploying to the cloud, and has a vibrant open source community with over 1,900 members in the Spinnaker Slack channel, with over fifty paid engineers from Netflix, Google, Microsoft, Veritas, Target, Pivotal and Armory working on Spinnaker full-time.
*Spinnaker has strong community support, with many global companies successfully using it in production.*
*A screenshot of the Spinnaker interface*
Spinnaker takes an application-centric view of your infrastructure, allowing development teams to create and easily modify reliable, self-service deployment pipelines with the flexibility to respond to changing business needs over time.
What Does Spinnaker Do?
Spinnaker gives companies a sophisticated platform to deploy software in scalable ways. It was built for the cloud, leveraging the ability to spin up, manage and destroy virtual machines (something not possible on bare metal) as a new and safer way to deploy, manage and roll back applications.
Spinnaker offers a number of features out of the box that companies typically look for as they move from bare metal into public or private clouds, including:
- Canary: Supports phased, canary deployments. Deploy to a percentage of traffic or to specific regions, and easily change your canary approach on the fly.
- Blue/Green: Supports “Blue/Green” deployments, enabling fast roll-backs to previous application versions if needed. You define how long you want to keep previous versions of applications available, and how many past versions to keep as backups.
- Multi-Cloud: Users can manage resources using cloud-agnostic constructs, abstracting deployments to IaaS providers like AWS, GCP, and Azure.
- Immutable: Configure pipelines for deploying infrastructure rather than managing resources manually
- Flexible: Easy creation and modification of deployment pipelines (including complex pipelines) using a visual interface (or via programmatic endpoints).
- Kubernetes Support: Enables more sophisticated deployments to Kubernetes.
How does Spinnaker work?
Spinnaker is a collection of microservices including CloudDriver, Deck, Igor, Orca , Front50, Rosco and Fiat that together comprise the CD platform. Each microservice performs a specific function (click the links above for details) and together they comprise a new way to deploy applications to the cloud. To see Spinnaker in action, watch this first time demo where our CTO Isaac demos Spinnaker.
Spinnaker can be installed from source inside a company’s cloud account. Supported IaaS providers include AWS, GCP, Azure, CloudFoundry & OpenStack. Dig into how Spinnaker works in the Spinnaker documentation.
Why Is Spinnaker Important to Your Company?
Every company realizes the importance of shipping features its users will love. But most companies ship software via slow, unreliable and brittle home-grown scripted deployment pipelines.
In this new software-first world, the relationship customers have with companies becomes defined primarily by how effective the company is at crafting and delivering software. A company can only be as agile as its ability to get code in front of its customers.
Creating features is always a hit-or-miss process. Customers may not love the feature a company ships. Even worse, many enterprises are breaking customer trust in expensive ways by deploying software that breaks the user experience, which leads to an ‘all hands on deck’ emergency reactive situation as the company tries to fix bad software deployments.
It doesn’t have to be this way.
Here’s an example of the impact of introducing Continuous Integration + Deployment best-practices to an organization. This graph shows an increase in engineering velocity from 5 to over 1,500 deployments per month (this company has since surpassed 2,500 deployments per month):
Each color shows the number of deployments per microservice. As engineering velocity skyrocketed, the number of microservices also increased by over 500%, allowing the company to deploy more software, faster, in more parts of its business.
Not only can the organization deploy features faster, but the product and engineering teams have become much happier now that they can commit code to master and have it immediately out in front of users, at scale.
The industry data bears these observations out. High-performing companies release code over 200x as often as low performing companies. Netflix, for example, deploys 4,000 times per day:
As an engineer, there’s nothing more de-motivating than working at a company that’s so scared of its software deployment process that it releases less often and puts more layers of human approvals on the release process in an effort to stem the fire drill that software deployments often create in these companies.
The irony of this cycle is that holding more features back to deploy in larger batches less frequently impacts the business in two devastating ways:
- Larger deployments with more features introduce more risk into the deployment process, which makes the business even more scared to release code — a destructive cycle.
- Releasing less often means many fewer opportunities to put code in front of customers and learn from them, which slows successful feature creation to a crawl.
Spinnaker allows companies to increase their deployment velocity by several orders of magnitude, and to deploy software consistently across teams by replacing the home-grown, brittle “glue code” scripted deployment pipelines that vary across teams in most companies with a flexible, modern deployment platform that increases safety, self-service, reliability and velocity.
What does Armory do?
Armory is helping commercialize Spinnaker so it “just works” for Global 2,000 companies that want to deploy to the cloud with safety and velocity, and we are building enterprise-grade features into Spinnaker to solve the pain points enterprises experience when moving away from brittle, home-grown scripted deployment pipelines.
While Spinnaker is a powerful continuous delivery platform for the cloud, it can be a challenge to install and configure (especially in a stable HA production environment) because it’s a young and rapidly evolving open source project. For that reason, we’ve created ‘Armory Spinnaker’ — an enterprise distribution of Spinnaker that you can run “on-prem” within your AWS account. Installing it takes about 15 minutes vs. the days or weeks it can take to manually install and configure all the Spinnaker sub-services from source.
If you want to get to know Spinnaker really well, we still suggest you install it manually and we encourage you to participate in the vibrant open source community (a great place to start is by joining the Spinnaker Slack team where there are over 2,800 people that can help). But if you’d prefer to have a faster, simpler installation of Spinnaker that “just works” for AWS, try using our installer to install Armory Spinnaker. It’ll solve the following challenges you may face if you install Spinnaker manually:
- Installing and configuring Spinnaker is hard: Spinnaker consists of eight sub-services (plus other external dependencies like S3 and Redis) that must each be installed and configured manually. Our Installer automates that process and takes just 15 minutes to run.
- There is no clear upgrade path for Spinnaker: If you successfully install and configure Spinnaker manually, you’ll still have to repeat the process when upgrading, and because each sub-service revs independently, it can be a challenge to successfully upgrade your installation. When you use Armory Spinnaker, we’ll ship you regular Spinnaker updates that have passed integration tests for AWS, removing these upgrade challenges.
- How do I monitor my Spinnaker instances in production? Armory Spinnaker works with the most popular APM solutions. Armory will assist in configuring your monitoring tools based on your needs. Armory Spinnaker also performs health checks on the sub-services to ensure they are up and running.
How does Armory compare to Open Source Spinnaker?
Provisions open-source Spinnaker instances within Customer’s Virtual Private Clouds (VPCs) with the following characteristics:
|Install from source
How does Armory work with enterprise customers to deploy Spinnaker?
Armory helps companies evaluate Spinnaker, run a successful Proof of Concept with one application and team, and then expand Spinnaker across all teams within the organization. We do this through a combination of People, Process and Technology:
We offer a free trial of Armory Spinnaker, which installs Spinnaker on-prem in your AWS account.
This is the architecture of Armory Spinnaker:
*Here’s how Armory installs Spinnaker in High Availability*
The Armory Customer Engagement process typically happens as follows:
And results in the following deliverables:
Here is a sample POC Delivery report (fictional company name; real data)
Here is how Armory runs the Customer Proof Of Concept:
Pre-kickoff meeting w/ key stakeholder
- Send out this survey to engineering managers/team
- Go over presentation (and give edit access)
- Customize demo to reflect customer deployment process
- Evaluate areas of value for Armory Spinnaker
- Dev tooling (efficiency; speed, happiness & productivity)
- Cost savings (SLA, not breaking customer trust)
- Revenue generation (Certifications enabled like FedRamp, ISO, PCI; entering new markets)
Engineering Management Presentation: Review how Spinnaker’s approach to application development can address existing customer pain points and provide for consolidation of application deployment workflows across teams.
Kickoff Meeting: (we can record this meeting for Customer’s internal use)
- Define success metrics
- Align on the vision of safe, intelligent deployments w/ more velocity
- Specific metrics to measure + how we measure
- Identify and start tracking baseline metrics. Things like:
- Number of issues
- Deploys per day
- Number of deploys
- Identify team + app to do POC with:
Day to day POC for implementation
- Administrative contact
- Billing contact (may be the same)
- Engineering team to work with
- Identify (with the team) the initial app to pilot Spinnaker with
- Get agreement between DevOps Lead, App Manager, App Principal on these implementation details:
- Should have high deployment velocity
- Should be non-mission critical
- What technology stack
- Who’s developing on it
- How it’s deployed today
- What does the app do?
- What monitoring, alerting does the app use?
- Frame out at high level how Spinnaker expands past first app
- Who are other teams, and decision-makers for those teams, and how do they function (esp. if different from first app)
- How do we make this first app so successful that our Champion = Hero within the org.
- Dependencies required for successful POC:
- Identify how customer will stand up ongoing CD expertise: Will company create an internal CD team?
- Define how we work together (i.e., on-site, daily/weekly standups, etc.)
- Schedule start of implementation
- Selecting team
- Initial meeting between Armory & Team
Contract & Administrative:
- Steps needed to get POC contract signed
- Preferred billing process
- Steps w/ the POC team
- Present to the team
Expanding Past POC
- Analyze & score all the services:
- Urgency of need
- How team is deploying today
- How well POC solves for those needs
- From POC to Beta: Find next X apps or teams (typically 3-5) and repeat process above.
- From Beta to General Availability (GA): Define rollout process of Spinnaker across all teams. Define rollout schedule. Repeat process above and track adoption across teams.
Armory offers a free 30 day evaluation of Armory Spinnaker. Pricing post-evaluation is based on usage, billed per Customer application deployed to production using Spinnaker. Get pricing details here.
Armory 2017 Roadmap
Armory’s Spinnaker provides an enterprise-grade version of Spinnaker that “just works”. Our 2017 roadmap includes functionality to solve other pain points we’ve heard from our customers, including:
- Configuration Dashboard
- On-boarding Documentation
- Spot Instance Management
- Audit Reporting
- Secrets Management
- APM Integrations
- New Deployment Targets (ie. ECS, Mesos, etc)
- Deploying Stateful Services
We’d love to hear from you, especially if you have feedback on the roadmap prioritization above.
- Armory’s enterprise pricing
- How Spinnaker enables Global Software Delivery Best-Practices
- How to succeed with Spinnaker: Armory’s Spinnaker Adoption Playbook
- Armory Spinnaker training & reference materials
- Armory’s User Guide and Administrative Documentation
- Want to try it yourself? Install Armory Spinnaker here.
How Companies Go Digital: We highly recommend O’Reilly’s free PDF e-Book about migrating toward cloud-native technologies and practices by shifting from monolithic onsite architectures to applications designed solely to operate on cloud computing platforms.
Recently Published Posts
Welcoming 2022: Reflecting and looking forward
Nearly all cultures globally have some form of celebration marking the Winter Solstice. Common threads found in most observances of the annual event are celebration of family and friends (living and past), reflection of the past year, and some form of giving thanks for continued health and sustenance. Exiting 2021, said celebrations would seem especially […]
Read more →
Resiliency and Load distribution
Introduction When scaling a network service, there are always two concerns: resiliency and load distribution, to understand these concepts let us first understand the broader term “Redundancy”. Redundancy is the duplication of a component to increase reliability of the system, usually in the form of a backup, fail-safe, or to improve actual system performance. Resiliency […]
Read more →
CVE-2021-44228 – log4j (Log4Shell) – an analysis
Today marked a 0-day disclosure of a rather nasty vulnerability in one of the most commonly used frameworks for logging – log4j. This one is nasty on multiple levels. Note that Armory Enterprise is NOT affected by this vulnerability. The impact on this vulnerability is likely huge and is already being exploited. Additionally it can […]
Read more →