This document provides an overview of Spinnaker, an open source continuous delivery platform. It discusses Spinnaker's architecture, components, supported cloud providers, cluster and deployment management features, and how it enables reliable deployments through rollback capabilities, execution windows, automated canary analysis, and chaos automation. Some drawbacks mentioned are documentation/errors, and limited support for ECS and Docker Swarm.
2. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Introduction
● Lee Xie
● Senior Education Engineer at Smashware
● Built OpenStack and Kubernetes Training @ Mirantis
● http://smashware.io/labform
● lxie@smashware.io
● @Lee Xie on slack
3. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Chapter Objectives
● What is Spinnaker
● Spinnaker Architecture
● Supported Cloud Providers
● Cluster Management
● Deployment Management
● Reliable Deployments
5. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
History
● Created at Netflix 2014
● Open Sourced in Nov, 2015
● Cross-Organization Initiative
● Netflix, Google, Microsoft, Cisco
6. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Current Delivery Process
● Most companies are using Jenkins plus custom scripts
● Jenkins is a very powerful build server, but not a complete deployment tool
● Jenkins is centered around scripts, ad-hoc executions and passing
parameters between them
● Jenkins has zero knowledge of what the infrastructure is doing
● Spinnaker has first class support for cloud resources. Servers and
deployments are built-in and no custom scripting is needed.
● Debugging Jenkins plus the glue code is a big challenge
7. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
What is Spinnaker?
“Spinnaker is an open source, multi-cloud continuous delivery platform for
releasing software changes with high velocity and confidence.”
8. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
What is Spinnaker
● Immutable Infrastructure
● Safe, repeatable Deployments
● Multi-cloud support
● Zero Downtime
● Canary Analysis and Chaos Engineering
9. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
What Spinnaker is NOT
● Spinnaker is NOT PLATFORM-AS-A-Service
● Spinnaker is NOT an Abstraction Layer for Multiple Clouds
● Spinnaker is NOT a replacement for IAAS
10. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Why Spinnaker
● Integrates with existing CI tools
● Clear picture of what is happening
● Easy Scaling and Rollbacks
● Multiple Deployment Strategies OOB
● Consolidated Best Practices
11. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Stats
● Netflix runs 100,000 AWS Instances
● Deploy 95% of them
● Runs OSS Spinnaker with Additional Features Layered
● 150K pipeline executions(8Mil tasks) / Month
12. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Trends
● Companies that need high scalability are looking at Spinnaker
● Companies want to run Spinnaker on their premises
● Teams are formed around Spinnaker management and installation
● Spinnaker installation and usage is becoming easier over time
● Customers are running hundreds of VMs with Spinnaker
14. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Architecture
● Spinnaker is composed of 10 independent microservices
● Minimum of 5 + redis or S3 to be viable
● Optional components can be included as required
● Components can be upgraded, scaled, and configured independently
● Written in Java/Groovy/Kotlin
15. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Central Components
● Gate - the API gateway. The Spinnaker UI and all api callers communicate
with Spinnaker via Gate
● Deck - the browser-based UI
● CloudDriver - responsible for all mutating calls to the cloud providers and
for indexing/caching all deployed resources
● Orca - the orchestration engine. It handles all ad-hoc operations and
pipelines.
● Front50 - used to persist the metadata of applications, pipelines, projects
and notifications
16. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Optional Components
● Echo - Spinnaker’s eventing bus. It supports sending notifications and act
on incoming webhooks from services like Github.
● Igor - used to trigger pipelines via continuous integration jobs in systems
like Jenkins and Travis, and to allow for Jenkins/Travis stages to be used
in pipelines.
● Rosco - the bakery. It is used to produce machine images (e.g. GCE
images, AWS AMIs, Azure VM images). It presently wraps packer
● Fiat - Spinnaker’s authorization service, access controls
● Halyard - Spinnaker’s configuration service. Halyard manages the lifecycle
of each of the above services.
17. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Architecture
Rosco
Gate
Deck
OrcaCloudDriver
HalyardIgor Echo
Front50
Fiat
S3/
Minio/
Redis
Script / Api Call
19. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Troubleshooting Components
● Spinnaker component logs
○ Find pod
■ Kubectl get pods -n spinnaker
○ View logs
■ Kubectl logs -n spinnaker <name of pod>
■ Kubectl describe -n spinnaker <name of pod>
22. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Core Feature Sets
● Cluster Management
○ Spinnaker’s cluster management features are used to view and manage your resources in
the cloud.
● Deployment Management
○ Spinnaker’s deployment management features are used to construct and manage
continuous delivery workflows.
25. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Spinnaker Cloud Data Model
● Account - A credentialed Target for Deployment, a logical grouping of
Clusters
● Cluster - A group of versioned Server Groups
● Server Group - A group of versioned instances
● Instance - Single Instance of a versioned application
● Load Balancer - Runtime resource for balancing traffic between instances
● Security Group - Defines traffic Access to resources
29. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Custom Deployment Strategy
● Provide a re-usable opinionated path for the the best strategy to roll out a
new application version
● One example can be adding scripts to create change control
● A mechanism to provide something better than out of the box options
32. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Basic Delivery Pipeline
● Build - Jenkins to build and package the app, Publish deb to repo
● Bake - After Jenkins build finishes, the Bakery stage take the new code and
build a new image
● Deploy - Once new image is available, deploy it as a new Server Group
35. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Move Fast and Break Things
● Spinnaker enables us to move fast without breaking things
● These built in safeguards enables speed without sacrificing safety
○ Easy Roll-backs
○ Execution Windows
○ ACA Automated Canary Analysis
○ ChAP
36. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Easy Roll Back
● Requires Red/Black or Rolling
Red/Black
● When code is breaks something,
switch traffic back to last good
version
○ Manually via UI
○ Automatically via pipeline
37. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Execution Window
● Spinnaker features ability to restrict the
execution time of a stage
○ Ensure risky stages are only run when
manual intervention is available in case
something goes wrong
○ Deploy during times when servers are not
at peak traffic
● SPS metrics can be used to visually
compare execution windows to the traffic
38. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Automated Canary Analysis
● ACA compares metrics from live
traffic on a canary with baseline
to determine if the level of
deviation is acceptable
○ Simple stage that can be added to
any Pipeline
■ Define your own scores
■ Define Baseline and New code
cluster(Canary)
■ Spinnaker will spin up one new
instance of each baseline and
canary cluster and will generate a
Canary score every x minutes
39. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Chaos Automation
● Randomly kills instances on
purpose to keep dev’s honest
● Ensure code is resilient to
instance failover
● Deeply integrated with Spinnaker
○ Zones
○ Regions
41. property of smashware
DO NOT COPY
property of smashware
DO NOT COPY
Drawbacks
● Documentation and Error Messages
● No ECS support
● No Docker Swarm support
● Limited provider extensibility