Popular Tags: Kubernetes | Lens | OpenStack | Containers | Docker | Helm | MCP | Edge | Virtlet | Spinnaker | NFV
Home > Blog > How to deploy Spinnaker on Kubernetes: a quick and dirty guide

How to deploy Spinnaker on Kubernetes: a quick and dirty guide

Nick Chase - July 24, 2018 - |

It would be nice to think that open source applications are as easy to use as they are to get, but unfortunately, that’s not always true. This is particularly the case when a technology is very new, with little idiosyncrasies that aren’t always well documented. In this article I’m going to give you all the steps necessary to install Spinnaker, including the “magic” steps that aren’t always clear in the docs.

We’ve recently provided an even easier way to install Spinnaker on Kubernetes, but this article gives you a good look at how things work.

In general, we’re going to take the following steps:

  1. Create a Kubernetes cluster. (We’ll use a Google Kubernetes Engine cluster, but any cluster that meets the requirements should work.)
  2. Create the Kubernetes objects Spinnaker will need to run properly.
  3. Create a single pod that will be used to coordinate the deployment of Spinnaker itself.
  4. Configure the Spinnaker deployment.
  5. Deploy Spinnaker

Let’s get started.

Create a Kubernetes cluster

You can deploy Spinnaker in a number of different environments, including on OpenStack and on your local machine, but for the sake of simplicity (and because a local deployment of Spinnaker is a bit of a hefty beast) we’re going to do a distributed deployment on a Kubernetes cluster.

In our case, we’re going to use a Kubernetes cluster spun up on Google Kubernetes Engine, but the only requirement is that your cluster has:

  • at least 2 vCPU available
  • approximately 13GB of RAM available (the default of 7.5GB isn’t quite enough)
  • at least one scheduleable (as in untainted) node
  • functional networking (so you can reach the outside world from within your pod)

You can quickly spin up such a cluster by following these steps:

  1. Create an account on http://cloud.google.com and make sure you have billing enabled.
  2. Configure the Google Cloud SDK on the machine you’ll be working with to control your cluster.
  3. Go to the Console and scroll the left panel down to Compute->Kubernetes Engine->Kubernetes Clusters.
  4. Click Create Cluster.
  5. Choose an appropriate name.  (You can keep the default.)
  6. Under Machine Type, click Customize.
  7. Allocate at least 2 vCPU and 10GB of RAM.
    Create a new Kubernetes cluster
  8. Change the cluster size to 1.
    Create a new Kubernetes cluster
  9. Keep the rest of the defaults and click Create.
  10. After a minute or two, you’ll see your new cluster ready to go.
    Final Kubernetes cluster

Now let’s go ahead and create the objects Spinnaker is going to need.

Create the Kubernetes objects Spinnaker needs

In order for your deployment to go smoothly, it will help for you to prepare the way by creating some objects ahead of time. These includes namespaces, accounts, and services that you’ll use later to access the Spinnaker UI.

  1. Start by configuring kubectl to access your cluster.  How you do this will depend on your setup; to configure kubectl for a GKE cluster, click Connect on the Kubernetes clusters page then click the Copy icon to copy the command to your clipboard.
  2. Paste the command into a command line window: 
    gcloud container clusters get-credentials cluster-2 --zone us-central1-a --project nick-chase
Fetching cluster endpoint and auth data.
kubeconfig entry generated for cluster-2.
  3. Next we’re going to create the accounts that Halyard, Spinnaker’s deployment tool, will use.  First create a text file called spinacct.yaml and add the following to it: 
    apiVersion: v1
kind: ServiceAccount
metadata:
  name: spinnaker-service-account
  namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: spinnaker-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- namespace: default
  kind: ServiceAccount
  name: spinnaker-service-account

    This file creates an account called spinnaker-service-account, then gives assigns it the cluster-admin role. You will, of course, want to tailor this approach to your own security situation.

    Save and close the file.

  4. Create the account by running the script with kubectl: 
    kubectl create -f spinacct.yaml
serviceaccount "spinnaker-service-account" created
clusterrolebinding "spinnaker-role-binding" created
  5. We can also create accounts from the command line.  For example, use these commands to create the account we’ll need later for Helm: 
    kubectl -n kube-system create sa tiller
serviceaccount "tiller" created
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding "tiller" created
  6. In order to access Spinnaker, you have two choices. You can either use SSH tunnelling, or you can expose your installation to the outside world. BE VERY CAREFUL IF YOU’RE GOING TO DO THIS as Spinnaker doesn’t have any authentication attached to it; anybody who has the URL can do whatever your Spinnaker user can do, and remember, we made the user the cluster-admin.For the sake of simplicity, and because this is a “quick and dirty” guide, we’re going to go ahead and create two services, one for the front end of the UI, and one for the scripting that takes place behind the scenes. First, create the spinnaker namespace: 
    kubectl create namespace spinnaker
namespace "spinnaker" created
  7. Now you can go ahead and create the services. Create a new text file called spinsvcs.yaml and add the following to it: 
    apiVersion: v1
kind: Service
metadata:
  namespace: spinnaker
  labels:
    app: spin
    stack: gate
  name: spin-gate-np
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 8084
    protocol: TCP
  selector:
    load-balancer-spin-gate: "true"
---
apiVersion: v1
kind: Service
metadata:
  namespace: spinnaker
  labels:
    app: spin
    stack: deck
  name: spin-deck-np
spec:
  type: LoadBalancer
  ports:
  - name: http
    port: 9000
    protocol: TCP
  selector:
    load-balancer-spin-deck: "true"

    Here we’re creating two load balancers, one on port 9000 and one on port 8084; if your cluster doesn’t support load balancers, you will need to adjust accordingly or just use SSH tunneling.

  8. Create the services: 
    kubectl create -f spinsvcs.yaml
service "spin-gate-np" created
service "spin-deck-np" created

While the services are created and IPs are allocated, let’s go ahead and configure the deployment.

Prepare to configure the Spinnaker deployment

Spinnaker is configured and deployed through a configuration management tool called Halyard.  Fortunately, Halyard itself is easy to get; it is itself available as an image.

  1. Create a deployment to host Halyard: 
    kubectl create deployment hal --image gcr.io/spinnaker-marketplace/halyard:1.5.0
deployment "hal" created
  2. It will take a minute or two for Kubernetes to download the image and instantiate the pod; in the meantime, you can edit the hal deployment to use the new spinnaker account. First execute the edit command: 
    kubectl edit deploy hal
  3. Depending on the operating system of your kubectl client, you’ll either see the configuration in the command window, or a text editor will pop up.  Either way, you want to add the serviceAccountName to the spec just above the containers: 
    ...
    spec:
      serviceAccountName: spinnaker-service-account
      containers:
      - image: gcr.io/spinnaker-marketplace/halyard:stable
        imagePullPolicy: IfNotPresent
        name: halyard
        resources: {}
...
  4. Save and close the file; Kubernetes will automatically edit the deployment and start a new pod with the new credentials. 
    deployment "hal" edited
  5. Get the name of the pod by executing: 
    kubectl get pods
NAME                   READY STATUS       RESTARTS AGE
hal-65fdf47fb7-tq4r8   0/1 ContainerCreating   0 23s

    Notice that the container isn’t actually running yet; wait until it is before you move on.

    kubectl get pods
NAME                   READY STATUS RESTARTS   AGE
hal-65fdf47fb7-tq4r8   1/1 Running 0        4m
  6. Connect to bash within the container: 
    kubectl exec -it <CONTAINER-NAME> bash

    So in my case, it would be
    kubectl exec -it hal-65fdf47fb7-tq4r8 bash

    This will put you into the command line of the container.  Change to the spinnaker user’s home directory:

    spinnaker@hal-65fdf47fb7-tq4r8:/workdir# cd
spinnaker@hal-65fdf47fb7-tq4r8:~#
  7. We’ll need to interact with Kubernetes, but fortunately kubectl is already installed; we just have to configure it: 
    kubectl config set-cluster default --server=https://kubernetes.default --certificate-authority=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
kubectl config set-context default --cluster=default
token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
kubectl config set-credentials user --token=$token
kubectl config set-context default --user=user
kubectl config use-context default
  8. Another tool we’re going to need is Helm; fortunately that’s also exceedingly straightforward to install: 
    spinnaker@hal-65fdf47fb7-tq4r8:~# curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
  % Total    % Received % Xferd  Average Speed Time    Time Time Current
                                 Dload Upload Total Spent Left  Speed
100  6689 100  6689 0   0 58819 0 --:--:-- --:--:-- --:--:-- 59194
  9. The script needs some quick updates to run without root or sudo access: 
    sed -i 's/\/usr\/local\/bin/\/home\/spinnaker/g' get_helm.sh
sed -i 's/sudo //g' get_helm.sh
export PATH=/home/spinnaker:$PATH
  10. Now go ahead and run the script: 
    spinnaker@hal-65fdf47fb7-tq4r8:~# chmod 700 get_helm.sh
spinnaker@hal-65fdf47fb7-tq4r8:~# ./get_helm.sh
Downloading https://kubernetes-helm.storage.googleapis.com/helm-v2.8.2-linux-amd64.tar.gz
Preparing to install into /usr/local/bin
helm installed into /usr/local/bin/helm
Run 'helm init' to configure helm.
  11. Next we’ll have to run it against the actual cluster. We want to make sure we use the tiller account we created earlier, and that we upgrade to the latest version: 
    helm init --service-account tiller --upgrade
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes
Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
For more information on securing your installation see: https://docs.helm.sh/usi
ng_helm/#securing-your-helm-installation
Happy Helming!

OK!  Now we’re ready to do the actual configuration.

Configure the Spinnaker deployment

Deploying Spinnaker involves defining the various choices you’re going to make, such as the Docker repos you want to access or the persistent storage you want to use, then telling Halyard to go ahead and do the deployment.  In our case, we’re going to define the following choices:

  • Distributed installation on Kubernetes
  • Basic Docker repos
  • Minio (an AWS S3-compatible project) for storage
  • Access to Kubernetes
  • Version 1.8.1 of Spinnaker itself
  • UI accessible from outside the cluster

Let’s get started.

  1. We’ll start by setting up the Docker registry. In this example, we’re using Docker Hub; you can find instructions on using other registries here. In addition, we’re specifying just one public repo, library/nginx. From inside the halyard container, execute the following commands: 
    ADDRESS=index.docker.io
REPOSITORIES=library/nginx 
hal config provider docker-registry enable
hal config provider docker-registry account add my-docker-registry \
   --address $ADDRESS \
   --repositories $REPOSITORIES

    As you can see, we’re enabling the docker-registry provider, then configuring it using the environment variables we set:

    + Get current deployment
  Success
+ Add the my-docker-registry account
  Success
+ Successfully added account my-docker-registry for provider
  dockerRegistry.
  2. Now we need to set up storage. The first thing that we need to do is set up Minio, the storage provider.  We’ll do that by first pointing at the Mirantis Helm chart repo, where we have a custom Minio chart: 
    helm repo add mirantisworkloads https://mirantisworkloads.storage.googleapis.com
"mirantisworkloads" has been added to your repositories
  3. Next you need to actually install Minio: 
    helm install mirantisworkloads/minio
NAME:   eating-tiger
LAST DEPLOYED: Sun Mar 25 07:16:47 2018
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1beta1/StatefulSet
NAME                DESIRED CURRENT AGE
minio-eating-tiger  4 1 0s

==> v1/Pod(related)
NAME                  READY STATUS    RESTARTS AGE
minio-eating-tiger-0  0/1 ContainerCreating  0 0s

==> v1/Secret
NAME                TYPE DATA AGE
minio-eating-tiger  Opaque 2 0s

==> v1/ConfigMap
NAME                DATA AGE
minio-eating-tiger  1 0s

==> v1/Service
NAME                    TYPE CLUSTER-IP EXTERNAL-IP  PORT(S) AGE
minio-svc-eating-tiger  ClusterIP None <none>       9000/TCP 0s
minio-eating-tiger      NodePort 10.7.253.69 <none>       9000:31235/TCP 0s

NOTES:
Minio chart has been deployed.

Internal URL:
    minio: minio-eating-tiger:9000

External URL:
Get the Minio URL by running these commands:
    export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services minio-eating-tiger)export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
    echo http://$NODE_IP:$NODE_PORT

    Make note of the internal URL; we’re going to need it in a moment.

  4. Set the endpoint to the default for the internal URL you saved a moment ago.  For example, my internal URL was: 
    minio: minio-eating-tiger:9000

    So I’d set my endpoint as follows:

    ENDPOINT=http://minio-eating-tiger.default:9000
  5. Set the access key and password, then configure Haylard with your storage choices: 
    MINIO_ACCESS_KEY=miniokey
MINIO_SECRET_KEY=miniosecret
echo $MINIO_SECRET_KEY | hal config storage s3 edit --endpoint $ENDPOINT \
   --access-key-id $MINIO_ACCESS_KEY \
   --secret-access-key
hal config storage edit --type s3
  6. Now we’re ready to set it to use Kubernetes: 
    hal config provider kubernetes enable
hal config provider kubernetes account add my-k8s-account --docker-registries my-docker-registry
hal config deploy edit --type distributed --account-name my-k8s-account
  7. The last standard parameter we need to define is the version: 
    hal config version edit --version 1.8.1
+ Get current deployment
  Success
+ Edit Spinnaker version
  Success
+ Spinnaker has been configured to update/install version "1.8.1".
  Deploy this version of Spinnaker with `hal deploy apply`.
  8. At this point we can go ahead and deploy, but if we do, we’ll have to use SSH tunelling.  Instead, let’s configure Spinnaker to use those services we created way back at the beginning.  First, we’ll need to find out what IP addresses they’ve been assigned: 
    kubectl get svc -n spinnaker
NAME           CLUSTER-IP EXTERNAL-IP      PORT(S) AGE
spin-deck-np   10.7.254.29 35.184.29.246    9000:30296/TCP   35m
spin-gate-np   10.7.244.251 35.193.195.231   8084:30747/TCP   35m
  9. We want to set the UI to the EXTERNAL-IP for port 9000, and the api for the EXTERNAL-IP for port 8084, so for me it would be: 
    hal config security ui edit --override-base-url http://35.184.29.246:9000 
hal config security api edit --override-base-url http://35.193.195.231:8084

OK!  Now we are finally ready to actually deploy Spinnaker.

Deploy Spinnaker

Now that we’ve done all of our configuration, deployment is paradoxically easy:

hal deploy apply

Once you execute this command, Halyard will begin cranking away for quite some time. You can watch the console to see how it’s getting along, but you can also check in on the pods themselves by opening a second console window and looking at the pods in the spinnaker namespace:

kubectl get pods -n spinnaker

This will give you a running look at what’s happening.  For example:

kubectl get pods -n spinnaker
NAME                                    READY STATUS RESTARTS AGE
spin-clouddriver-bootstrap-v000-pdgqr   1/1 Running 0 1m
spin-orca-bootstrap-v000-xkhhh          0/1 Running 0 36s
spin-redis-bootstrap-v000-798wm         1/1 Running 0 2m

kubectl get pods -n spinnaker
NAME                                    READY STATUS RESTARTS AGE
spin-clouddriver-bootstrap-v000-pdgqr   1/1 Running 0 2m
spin-orca-bootstrap-v000-xkhhh          1/1 Running 0 49s
spin-redis-bootstrap-v000-798wm         1/1 Running 0 2m
spin-redis-v000-q9wzj                   1/1 Running 0 7s

kubectl get pods -n spinnaker
NAME                                    READY STATUS RESTARTS AGE
spin-clouddriver-bootstrap-v000-pdgqr   1/1 Running 0 2m
spin-orca-bootstrap-v000-xkhhh          1/1 Running 0 54s
spin-redis-bootstrap-v000-798wm         1/1 Running 0 2m
spin-redis-v000-q9wzj                   1/1 Running 0 12s

kubectl get pods -n spinnaker
NAME                                    READY STATUS RESTARTS AGE
spin-clouddriver-bootstrap-v000-pdgqr   1/1 Running 0 2m
spin-clouddriver-v000-jswbg             0/1 ContainerCreating 0 3s
spin-deck-v000-nw629                    0/1 ContainerCreating 0 5s
spin-echo-v000-m5drt                    0/1 ContainerCreating 0 4s
spin-front50-v000-qcpfh                 0/1 ContainerCreating 0 3s
spin-gate-v000-8jk8d                    0/1 ContainerCreating 0 4s
spin-igor-v000-xbfvh                    0/1 ContainerCreating 0 4s
spin-orca-bootstrap-v000-xkhhh          1/1 Running 0 1m
spin-orca-v000-9452p                    0/1 ContainerCreating 0 4s
spin-redis-bootstrap-v000-798wm         1/1 Running 0 2m
spin-redis-v000-q9wzj                   1/1 Running 0 18s
spin-rosco-v000-zd6wj                   0/1 Pending 0 2s

As you can see, the pods come up as Halyard gets to them.  The entire process can take half an hour or more, but eventually, you will see that all pods are running and ready.

NAME                                    READY STATUS RESTARTS AGE
 spin-clouddriver-bootstrap-v000-pdgqr   1/1 Running 0 8m
 spin-clouddriver-v000-jswbg             1/1 Running 0 6m
 spin-deck-v000-nw629                    1/1 Running 0 6m
 spin-echo-v000-m5drt                    1/1 Running 0 6m
 spin-front50-v000-qcpfh                 1/1 Running 1 6m
 spin-gate-v000-8jk8d                    1/1 Running 0 6m
 spin-igor-v000-xbfvh                    1/1 Running 0 6m
 spin-orca-bootstrap-v000-xkhhh          1/1 Running 0 7m
 spin-orca-v000-9452p                    1/1 Running 0 6m
 spin-redis-bootstrap-v000-798wm         1/1 Running 0 8m
 spin-redis-v000-q9wzj                   1/1 Running 0 6m
 spin-rosco-v000-zd6wj                   1/1 Running 0 6m

When that happens, point your browser to the UI URL you configured in the last section; it’s the address for port 9000. For example, in my case it is:

http://35.184.29.246:9000

You should see the Spinnaker “Recently Viewed” page, which will be blank because you haven’t done anything yet:

To make sure everything’s working, choose Actions->Create Application:

Spinnaker Recently Viewed

Enter your name and email address and click Create.  

Create new Spinnaker Application

You should find yourself on the Clusters page for your new app:

Spinnaker clusters page

So that’s it!  Next time, we’ll look at actually creating a new pipeline in Spinnaker.

(Thanks to Andrey Pavlov for walking me through the mysteries of how to make this work!)

Want to learn more?

Check out our Spinnaker Fundamentals course, from code check-in to production in one day.

Subscribe to Mirantis Newsletter

Get blogs and other content delivered straight to your inbox.

FREE EBOOK!
Service Mesh for Mere Mortals
by Bruce Basil Mathews
DOWNLOAD
LIVE WEBINAR
Docker Swarm is Dead! Long Live Docker Swarm

Thursday, October 28 at 10:00am PDT
SAVE SEAT
LIVE WEBINAR
You've Got Kubernetes. Now You Need App-Focused Security Using Istio

Presented with Aspen Mesh
SAVE SEAT
LIVE WEBINAR
Defining a Kubernetes that just works, anywhere

Thursday, November 11 at 8:00am PST
SAVE SEAT
Mirantis Webstore
Purchase Kubernetes support
SHOP NOW

Nick Chase (@NickChase on Twitter)

Nick Chase is head of Content for Mirantis and author of over a dozen technical books, including Machine Learning for Mere Mortals.

Subscribe to Mirantis Newsletter

Get blogs and other content delivered straight to your inbox.

FREE EBOOK!
Service Mesh for Mere Mortals
by Bruce Basil Mathews
DOWNLOAD
LIVE WEBINAR
Docker Swarm is Dead! Long Live Docker Swarm

Thursday, October 28 at 10:00am PDT
SAVE SEAT
LIVE WEBINAR
You've Got Kubernetes. Now You Need App-Focused Security Using Istio

Presented with Aspen Mesh
SAVE SEAT
LIVE WEBINAR
Defining a Kubernetes that just works, anywhere

Thursday, November 11 at 8:00am PST
SAVE SEAT
Mirantis Webstore
Purchase Kubernetes support
SHOP NOW

29 responses to “How to deploy Spinnaker on Kubernetes: a quick and dirty guide

  1. Heya, thanks for this article came at a good time 🙂

    When I do the deploy apply all pods come up just fine except the front pod, looking at the log messages it seems like it cant connect to minio, so I tried changing the endpoint to a LoadBalancer, and used the minio client to test it, and it works just fine (I changed the key too to one that is the same size as AWS ones), now, the pod still can’t connect to it…. the error message in the logs is

    “`
    2018-03-29 21:48:06.818 WARN 1 — [ main] ationConfigEmbeddedWebApplicationContext : Exception encountered during context initialization – cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘pipelineTemplateController’: Unsatisfied dependency expressed through field ‘pipelineTemplateDAO’; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘pipelineTemplateDAO’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Unsatisfied dependency expressed through method ‘pipelineTemplateDAO’ parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.services.s3.model.AmazonS3Exception: Bad Request (Service: Amazon S3; Status Code: 400; Error Code: 400 Bad Request; Request ID: 1520826EE2416379; S3 Extended Request ID: null), S3 Extended Request ID: null
    “`

    any ideas?

    Reply

  2. Actually, disregard my last comment, started again from scratch and it worked, i might have missed a step somewhere 😀

    Reply

  3. Hi. Excellent guide, thanks! Although it looks like the latest version of the Halyard container doesn’t allow access to the root account, so it’s not easy to install Helm locally.

    Perhaps your doc should be updated to suggest running Helm from a different host? Or installing minio via a different method?

    Reply

    1. Yes, this is a relatively recent change to Halyard that I ran up against myself this weekend! I will be posting an update as soon as I get the right workaround, but you’re right: installing Minio from the host machine should do it.

      Reply

    2. Till we have a workaround, make below changes to ‘get_helm.sh’ script to avoid root account conflicts.

      sed -i ‘s/\/usr\/local\/bin/\/home\/spinnaker/g’ get_helm.sh
      sed -i ‘s/sudo //g’ get_helm.sh
      export PATH=/home/spinnaker:$PATH

      Reply

  4. Hello Nick,

    without access to the internet the tutorial does not seem to work as it keep trying to access external stores. Can you point me to any doc that can assist with this

    Reply

  5. Hi,

    First of all – thank you so much for sharing this procedure with the community, I am almost there.

    I guess there was some update in k8s or even Minio, but I am facing the erorr:

    time=”2018-06-05T22:42:49Z” level=fatal msg=”Unable to create configuration directories.” cause=”mkdir /root/.minio/certs: read-only file system” source=”[server-main.go:143:serverMain()]”

    Is there any other workaround?

    Thanks again

    Reply

  6. Hi Nick, Thanks for an amazing blog post,

    I am facing below issue:
    On create load balancer page, not showing any namespace, which is causing ` Error:
    upsertKubernetesLoadBalancerAtomicOperationDescription.namespace.notRegistered` error. is there any known issue related to this. can someone please help.

    Also I wanted to understand how application configs are managed.

    Reply

  8. Hi Nick,

    Thank you for article its very useful. any inputs on exposing spinnaker to End users in distributed environment (Kubernetes v2 AWS) ?

    Can you bit elaborate this steps for expose Spinnaker UI into hostname:9000 instead of localhost:9000 on kubernetes distributed environment AWS.

    I problem I am facing, load balancer in aws is not a static IP. I followed this documentation in installing spinnaker.

    Reply

  9. Thanks NIck. This is very helpful.

    I have encountered below issue with installing minio.
    spinnaker@hal-66fb4558bf-f7rlt:~$ helm install mirantisworkloads/minio
    Error: no available release name found

    Reply

  10. Hi,
    i’M using k8s v1.11.2 installed manually on AWS Provider
    i followed the same steps but i have issue on front50 Pod

    kubectl get pods -n spinnaker
    ========================
    NAME READY STATUS RESTARTS AGE
    spin-clouddriver-bootstrap-v000-wm8rl 1/1 Running 0 17h
    spin-clouddriver-v000-7sxk6 1/1 Running 0 17h
    spin-deck-v000-b2tc5 1/1 Running 0 17h
    spin-echo-v000-97gw8 1/1 Running 0 17h
    spin-front50-v000-zl6xq 0/1 Error 207 17h
    spin-gate-v000-7r5ph 1/1 Running 0 17h
    spin-igor-v000-p8zwh 1/1 Running 0 17h
    spin-orca-bootstrap-v000-fb2gn 1/1 Running 0 17h
    spin-orca-v000-qrc2f 1/1 Running 0 17h
    spin-redis-bootstrap-v000-lcqwm 1/1 Running 0 17h
    spin-redis-v000-hf9gm 1/1 Running 0 17h
    spin-rosco-v000-8qg8x 1/1 Running 0 17h

    ——————–
    kubectl logs -f spin-front50-v000-zl6xq -n spinnaker
    ==========================================
    . ____ _ __ _ _
    /\\ / ___’_ __ _ _(_)_ __ __ _ \ \ \ \
    ( ( )\___ | ‘_ | ‘_| | ‘_ \/ _` | \ \ \ \
    \\/ ___)| |_)| | | | | || (_| | ) ) ) )
    ‘ |____| .__|_| |_|_| |_\__, | / / / /
    =========|_|==============|___/=/_/_/_/
    :: Spring Boot :: (v1.5.7.RELEASE)
    2018-09-18 10:06:08.585 INFO 1 — [ main] com.netflix.spinnaker.front50.Main : Starting Main v1.126.0-SNAPSHOT on spin-front50-v000-zl6xq with PID 1 (/opt/front50/lib/front50-web-1.126.0-SNAPSHOT.jar started by spinnaker in /)
    2018-09-18 10:06:08.588 INFO 1 — [ main] com.netflix.spinnaker.front50.Main : The following profiles are active: test,local
    2018-09-18 10:06:08.676 INFO 1 — [ main] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@34645867: startup date [Tue Sep 18 10:06:08 GMT 2018]; root of context hierarchy
    2018-09-18 10:06:10.481 INFO 1 — [ main] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean ‘accessDeniedExceptionHandler’ with a different definition: replacing [Generic bean: class [com.netflix.spinnaker.front50.exceptions.AccessDeniedExceptionHandler]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in URL [jar:file:/opt/front50/lib/front50-web-1.126.0-SNAPSHOT.jar!/com/netflix/spinnaker/front50/exceptions/AccessDeniedExceptionHandler.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=front50WebConfig; factoryMethodName=accessDeniedExceptionHandler; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [com/netflix/spinnaker/front50/config/Front50WebConfig.class]]
    2018-09-18 10:06:10.739 INFO 1 — [ main] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean ‘httpRequestHandlerAdapter’ with a different definition: replacing [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.autoconfigure.web.WebMvcAutoConfiguration$EnableWebMvcConfiguration; factoryMethodName=httpRequestHandlerAdapter; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/autoconfigure/web/WebMvcAutoConfiguration$EnableWebMvcConfiguration.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.data.rest.webmvc.config.RepositoryRestMvcConfiguration; factoryMethodName=httpRequestHandlerAdapter; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/data/rest/webmvc/config/RepositoryRestMvcConfiguration.class]]
    2018-09-18 10:06:10.816 INFO 1 — [ main] o.s.b.f.s.DefaultListableBeanFactory : Overriding bean definition for bean ‘managementServletContext’ with a different definition: replacing [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.actuate.autoconfigure.EndpointWebMvcHypermediaManagementContextConfiguration; factoryMethodName=managementServletContext; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/actuate/autoconfigure/EndpointWebMvcHypermediaManagementContextConfiguration.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration; factoryMethodName=managementServletContext; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfiguration.class]]
    2018-09-18 10:06:11.225 INFO 1 — [ main] f.a.AutowiredAnnotationBeanPostProcessor : JSR-330 ‘javax.inject.Inject’ annotation found and supported for autowiring
    2018-09-18 10:06:11.393 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘pollingScheduler’ of type [com.netflix.config.FixedDelayPollingScheduler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.399 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘polledConfigurationSource’ of type [com.netflix.spinnaker.kork.archaius.SpringEnvironmentPolledConfigurationSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.434 WARN 1 — [ main] c.n.c.sources.URLConfigurationSource : No URLs will be polled as dynamic configuration sources.
    2018-09-18 10:06:11.434 INFO 1 — [ main] c.n.c.sources.URLConfigurationSource : To enable URLs as dynamic configuration sources, define System property archaius.configurationSource.additionalUrls or make config.properties available on classpath.
    2018-09-18 10:06:11.538 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration’ of type [org.springframework.security.config.annotation.configuration.ObjectPostProcessorConfiguration$$EnhancerBySpringCGLIB$$feb26576] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.554 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘objectPostProcessor’ of type [org.springframework.security.config.annotation.configuration.AutowireBeanFactoryObjectPostProcessor] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.555 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler@625487a6’ of type [org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.570 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration’ of type [org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration$$EnhancerBySpringCGLIB$$23870828] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:11.582 INFO 1 — [ main] trationDelegate$BeanPostProcessorChecker : Bean ‘methodSecurityMetadataSource’ of type [org.springframework.security.access.method.DelegatingMethodSecurityMetadataSource] is not eligible for getting processed by all BeanPostProcessors (for example: not eligible for auto-proxying)
    2018-09-18 10:06:12.397 INFO 1 — [ main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http)
    2018-09-18 10:06:12.412 INFO 1 — [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
    2018-09-18 10:06:12.413 INFO 1 — [ main] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.5.20
    2018-09-18 10:06:12.614 INFO 1 — [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
    2018-09-18 10:06:12.614 INFO 1 — [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 3944 ms
    2018-09-18 10:06:13.266 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘authenticatedRequestFilter’ to: [/*]
    2018-09-18 10:06:13.266 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘simpleCORSFilter’ to: [/*]
    2018-09-18 10:06:13.267 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘metricsFilter’ to: [/*]
    2018-09-18 10:06:13.267 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘characterEncodingFilter’ to: [/*]
    2018-09-18 10:06:13.267 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘hiddenHttpMethodFilter’ to: [/*]
    2018-09-18 10:06:13.267 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘httpPutFormContentFilter’ to: [/*]
    2018-09-18 10:06:13.267 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘requestContextFilter’ to: [/*]
    2018-09-18 10:06:13.268 INFO 1 — [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: ‘springSecurityFilterChain’ to: [/*]
    2018-09-18 10:06:13.268 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘webRequestLoggingFilter’ to: [/*]
    2018-09-18 10:06:13.268 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: ‘applicationContextIdFilter’ to: [/*]
    2018-09-18 10:06:13.268 INFO 1 — [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean : Mapping servlet: ‘dispatcherServlet’ to [/]
    2018-09-18 10:06:17.801 WARN 1 — [ main] ationConfigEmbeddedWebApplicationContext : Exception encountered during context initialization – cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘entityTagsController’: Unsatisfied dependency expressed through field ‘taggedEntityDAO’; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘entityTagsDAO’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Unsatisfied dependency expressed through method ‘entityTagsDAO’ parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    2018-09-18 10:06:17.805 INFO 1 — [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
    2018-09-18 10:06:17.814 WARN 1 — [ost-startStop-1] o.a.c.loader.WebappClassLoaderBase : The web application [ROOT] appears to have started a thread named [spectator-gauge-polling-0] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
    sun.misc.Unsafe.park(Native Method)
    java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
    java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
    java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
    java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
    java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1074)
    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134)
    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    java.lang.Thread.run(Thread.java:748)
    2018-09-18 10:06:17.832 INFO 1 — [ main] utoConfigurationReportLoggingInitializer :
    Error starting ApplicationContext. To display the auto-configuration report re-run your application with ‘debug’ enabled.
    2018-09-18 10:06:17.843 ERROR 1 — [ main] o.s.boot.SpringApplication : Application startup failed
    org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘entityTagsController’: Unsatisfied dependency expressed through field ‘taggedEntityDAO’; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘entityTagsDAO’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Unsatisfied dependency expressed through method ‘entityTagsDAO’ parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:588) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1264) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867) ~[spring-context-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) ~[spring-context-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:693) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:360) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:303) ~[spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:134) [spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.springframework.boot.builder.SpringApplicationBuilder$run$0.call(Unknown Source) [spring-boot-1.5.7.RELEASE.jar:1.5.7.RELEASE]
    at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48) [groovy-all-2.4.13.jar:2.4.13]
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113) [groovy-all-2.4.13.jar:2.4.13]
    at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:125) [groovy-all-2.4.13.jar:2.4.13]
    at com.netflix.spinnaker.front50.Main.main(Main.groovy:51) [front50-web-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘entityTagsDAO’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Unsatisfied dependency expressed through method ‘entityTagsDAO’ parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:749) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:467) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:585) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    … 22 common frames omitted
    Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:599) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1173) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1067) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:513) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:835) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:741) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    … 35 common frames omitted
    Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:189) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:588) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    … 48 common frames omitted
    Caused by: com.amazonaws.SdkClientException: Unable to execute HTTP request: minio-operatic-heron
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleRetryableException(AmazonHttpClient.java:1114) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1064) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:743) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:717) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4325) ~[aws-java-sdk-s3-1.11.251.jar:na]
    at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4272) ~[aws-java-sdk-s3-1.11.251.jar:na]
    at com.amazonaws.services.s3.AmazonS3Client.headBucket(AmazonS3Client.java:1337) ~[aws-java-sdk-s3-1.11.251.jar:na]
    at com.netflix.spinnaker.front50.model.S3StorageService.ensureBucketExists(S3StorageService.java:71) ~[front50-s3-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    at com.netflix.spinnaker.front50.config.S3Config.s3StorageService(S3Config.java:160) ~[front50-s3-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    at com.netflix.spinnaker.front50.config.S3Config$$EnhancerBySpringCGLIB$$ed325651.CGLIB$s3StorageService$7() ~[front50-s3-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    at com.netflix.spinnaker.front50.config.S3Config$$EnhancerBySpringCGLIB$$ed325651$$FastClassBySpringCGLIB$$27ca23c4.invoke() ~[front50-s3-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) ~[spring-core-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:358) ~[spring-context-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    at com.netflix.spinnaker.front50.config.S3Config$$EnhancerBySpringCGLIB$$ed325651.s3StorageService() ~[front50-s3-1.126.0-SNAPSHOT.jar:1.126.0-SNAPSHOT]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_151]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_151]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_151]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_151]
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:162) ~[spring-beans-4.3.11.RELEASE.jar:4.3.11.RELEASE]
    … 49 common frames omitted
    Caused by: java.net.UnknownHostException: minio-operatic-heron
    at java.net.InetAddress.getAllByName0(InetAddress.java:1280) ~[na:1.8.0_151]
    at java.net.InetAddress.getAllByName(InetAddress.java:1192) ~[na:1.8.0_151]
    at java.net.InetAddress.getAllByName(InetAddress.java:1126) ~[na:1.8.0_151]
    at com.amazonaws.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:27) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.DelegatingDnsResolver.resolve(DelegatingDnsResolver.java:38) ~[aws-java-sdk-core-1.11.264.jar:na]
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:112) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359) ~[httpclient-4.5.3.jar:4.5.3]
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_151]
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_151]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_151]
    at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_151]
    at com.amazonaws.http.conn.ClientConnectionManagerFactory$Handler.invoke(ClientConnectionManagerFactory.java:76) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.conn.$Proxy93.connect(Unknown Source) ~[na:na]
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) ~[httpclient-4.5.3.jar:4.5.3]
    at com.amazonaws.http.apache.client.impl.SdkHttpClient.execute(SdkHttpClient.java:72) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1236) ~[aws-java-sdk-core-1.11.264.jar:na]
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1056) ~[aws-java-sdk-core-1.11.264.jar:na]

    Reply

  11. Hey Nick,

    Thanks a ton for this detailed commands, I was checking other docs which does the same for GKE but this is awesome.

    Thanks again
    Sireehsa

    Reply

  13. Hi Arvind, you probably solved this already, but I sending a reply for posterity.

    In AWS what you do is reserve an Elastic IP Address, which is public, and associate it with your load balancer. That way you have a public ip address for your load balancer.

    Be aware is has a cost, if your machine is not running. If the instance associated is running, then there is no cost (it’s included in the cost of EC2).

    Also, you can associated the Elastic IP Address with the instance or with the network card.
    Associate it with the network card, since I heard second hand (I have not proven this) that if associated with the instance and you shutdown one day reboot the other, you have to reassociated it again (since the instance changes in that case). No true for reboot, since same instance is being used.

    Reply

  15. hello , when i can create application or project using the Deck , the screen runs forever and i dont see any application get created. i googled couple of things and notice that in your documentation you didn’t mention anything about Minio storage file “front50-loca.yml: with “spinnaker.s3.versionining: false ”
    ——-

    vi ~/.hal/default/profiles/front50-local.yml
    add this value
    spinnaker.s3.versioning: false
    ———

    Do i have to setup it up and re run “hal deploy apply” (actually i have tried but no luck) .

    Any help .?

    Reply

  16. Wow. Worked like a charm. Thanks Nick!

    Installed this on a homelab cluster running the Charmed Distribution of Kubernetes running on a PowerEdge 9150 and some NUCS deployed using Juju and MAAS (master set to allowPrivileged=true).

    Reply

  17. I have logged into the hal pod but i was logging in as different user not spinnaker.
    I have no name!@hal-66fb4558bf-fpd5g:/$

    Reply

  18. Hi,

    I got stuck while installing minio
    I am getting error while installing “helm install mirantisworkloads/minio”

    Error: could not find tiller
    I even tried installing the alternate mirantisworkloads/halyard but got the same error.

    Reply

  19. Can someone help me with this issue, front50 pod keeps crashing, with s3 enabled storage:

    Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘healthEndpoint’ defined in class path resource [org/springframework/boot/actuate/autoconfigure/health/HealthEndpointConfiguration.class]: Unsatisfied dependency expressed through method ‘healthEndpoint’ parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘healthIndicatorRegistry’ defined in class path resource [org/springframework/boot/actuate/autoconfigure/health/HealthIndicatorAutoConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.boot.actuate.health.HealthIndicatorRegistry]: Factory method ‘healthIndicatorRegistry’ threw exception; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘applicationDAOHealthIndicator’ defined in class path resource [com/netflix/spinnaker/front50/config/Front50WebConfig.class]: Unsatisfied dependency expressed through method ‘applicationDAOHealthIndicator’ parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘applicationDAO’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Unsatisfied dependency expressed through method ‘applicationDAO’ parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘s3StorageService’ defined in class path resource [com/netflix/spinnaker/front50/config/S3Config.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.netflix.spinnaker.front50.model.S3StorageService]: Factory method ‘s3StorageService’ threw exception; nested exception is com.amazonaws.SdkClientException: Unable to execute HTTP request: spins3t.spinnaker-minio
    at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:769) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]

    Cluster in Aws EKS

    s3:
    enabled: true
    bucket: “abcdef”
    rootFolder: “front50”
    #region: “us-east-1”
    endpoint: “http://abcded.s3-website-us-east-1.amazonaws.com”
    accessKey: “myaccesskey”
    secretKey: “mysecretkey”
    #assumeRole: “”
    ## Here you can pass extra arguments to configure s3 storage options
    #extraArgs: []
    # – “–path-style-access true”

    Reply

  20. I followed the blog as it is but got below error while running hal deploy apply
    Problems in Global:
    ! ERROR Unexpected exception:
    io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET
    at:
    https://kubernetes.default/apis/extensions/v1beta1/namespaces/spinnaker/replicasets.
    Message: the server could not find the requested resource. Received status:
    Status(apiVersion=v1, code=404, details=StatusDetails(causes=[], group=null,
    kind=null, name=null, retryAfterSeconds=null, uid=null,
    additionalProperties={}), kind=Status, message=the server could not find the
    requested resource, metadata=ListMeta(resourceVersion=null, selfLink=null,
    additionalProperties={}), reason=NotFound, status=Failure,
    additionalProperties={}).

    Please let me know how could I fix this?

    Reply

  21. Hi,
    This is a great article, this have reduced my work lot ways.
    this installation works perfectly fine till
    halyard version : 1.21.1
    Spinnaker version : 1.18.9

    after that lots of thing breaks, i am not able to understand whether this is issue with latest spinnaker version or halyard version.

    is it possible if could upgrade above configuration to latest stable version.

    Thanks in advance

    Thanks
    Sandip H.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *