With the release of the open source Netflix Spinnaker delivery platform, the cloud-savvy video on demand company signals that the cloud is bigger than AWS
Video on demand provider Netflix has been successfully running much of their operation in the AWS cloud for six years now, and the relationship has been mutually beneficial. If people are talking about AWS, then the odds are that you’ll hear something about Netflix: whether it’s how they migrated their huge workload to AWS, their Simian Army resilience testing tool, or how well Netflix manages AWS outages. Now you can add Netflix Spinnaker to the conversation.
In a blog post a few months ago, Netflix first mentioned Spinnaker, an open source, multi-cloud deployment tool that was then under development. The post mentioned how the company was planning to move to Spinnaker from its own Asgard. The Netflix Spinnaker code is now publicly available.
What is Netflix Spinnaker?
According to Netflix:
Netflix Spinnaker is an open source multi-cloud Continuous Delivery platform for releasing software changes with high velocity and confidence. Spinnaker is designed with pluggability in mind; the platform aims to make it easy to extend and enhance cloud deployment models. To create a truly extensible multi-cloud platform, the Spinnaker team partnered with Google, Microsoft and Pivotal to deliver out-of-the-box cluster management and deployment. As of today, Spinnaker can deploy to and manage clusters simultaneously across both AWS and Google Cloud Platform with full feature compatibility across both cloud providers. Spinnaker also features deploys to Cloud Foundry; support for its newest addition, Microsoft Azure, is actively underway.
It’s very interesting that Netflix, which has always relied on AWS for its infrastructure, has now built a tool to migrate or deploy on AWS or Google Cloud Platform and Pivotal. Are they trying to reduce their dependency on a sole vendor?
Netflix Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes. It provides both Cluster and Deployment management.
Cluster Management deals with cloud resources like:
- Server Groups. Collections of cloud-based virtual machines (VMs) built from AMIs or images. A server group can also be associated with a load balancer, Security Group, user information, region and availability zones.
- Load Balancers. Protocols for managing traffic loads associated with a server group.
- Security Groups. Rules defining network traffic access and firewall rules according to IP range (CIDR), communication protocol (e.g., TCP) and port range.
- Clusters. User-defined, logical groupings of Server Groups within Spinnaker.
Netflix Spinnaker deployment management provides for continuous integration and workflow. It facilitates the creation of pipelines that represent a delivery process that can begin with the creation of some deployable asset (such as a machine image, JAR file, or Docker image) and end with a deployment.
- Pipeline. The key deployment management construct in Netflix Spinnaker. Pipelines are defined by a sequence of stages, triggers that kick off the pipeline, and parameters that get passed between pipeline stages and can be configured to issue notifications (via email, SMS or HipChat) as the pipeline executes. Triggers can be either automatic – like a Jenkins job, CRON schedule, or another pipeline – or manual.
- Stage. A Stage in Spinnaker represents different phases in a pipeline’s lifecycle. Spinnaker comes pre-packaged with a number of stages, including:
- Bake: Bakes an image within the specified region.
- Deploy: Deploys a previously baked or found image.
- Destroy Server Group: Destroys a server group.
- Disable Server Group: Disables a server group.
- Enable Server Group: Enables a server group.
- Find Image: Finds a previously-baked image to deploy into an existing cluster.
- Jenkins: Runs a Jenkins job.
- Manual Judgment: Waits for user approval before continuing.
- Modify Scaling Process: Suspend or resume server group scaling processes.
- Pipeline: Runs a pipeline. This allows pipelines to be composed hierarchically.
- Quick Patch Server Group: Quick patches a server group. Used for emergency patches.
- Resize Server Group: Resizes a server group.
- Script: Runs an arbitrary shell script.
- Shrink Cluster: Shrinks a cluster.
- Wait: Waits a specified period of time.
Netflix Spinnaker Components:
Spinnaker includes the following micro services:
- Clouddriver: encapsulates all cloud operations.
- Deck: user interface.
- Echo: the event service that is responsible for triggering pipeline executions and forwarding pipeline events to listeners.
- Front50: data store for pipelines, notifications and applications.
- Gate: service gateway responsible for providing an API and UI to end users.
- Igor: interface to Jenkins, Stash, and GitHub.
- Orca: orchestration engine responsible for running Spinnaker pipelines and tasks.
- Rosco: bakery responsible for creating images for deployment.
- Rush: general purpose scripting engine.
(Netflix Spinnaker components – courtesy: Netflix)
Setting Up Netflix Spinnaker
Setting up Spinnaker for development takes just a few steps. These instructions cover pulling Spinnaker from source and setting it up to run locally against Amazon Web Services and/or Google Cloud Platform accounts. We will then see how Spinnaker is configured for the AWS Cloud from a developer machine.
Before jumping in, make sure you have an AWS account. We’ll follow the steps from the Spinnaker getting started guide:
Create an EC2 role
- Create a New Role in AWS Identity & Access Management (IAM) and set the Role Name to BaseIAMRole. EC2 instances launched with Spinnaker will be associated with this role.
Create an EC2 Key Pair
- Create a Key Pair and name the key pair <aws_account_name>-keypair (note: this must match your account name plus “-keypair”).
- Download the private key file <aws_account_name>-keypair.pem and change its permissions:
chmod 400 aws_account_name-keypair.pem
Create AWS credentials for Spinnaker
- Create a new user in IAM. Create an access key for the user. Save the access key and secret key into the ~/.aws/credentials file on your workstation.
- Click the checkbox next to PowerUserAccess in IAM, then click Attach Policy.
- Create an inline policy with “Select for Policy Generator”.
- From the IAM Policy Generator, select “AWS Identity and Access Management” as an AWS Service, and then “PassRole” for Actions.
- Type * (the asterisk character) and “Apply Policy”.
The bootstrap scripts are meant to run on Ubuntu 14.04 LTS and Mac OS X 10.11. Here’s now it works on Ubuntu:
- Clone the Spinnaker from GitHub. Make sure you have git version 2.0 and above.
mkdir -p $SPINNAKER_HOME cd $SPINNAKER_HOME git clone email@example.com:spinnaker/spinnaker.git
- Set the path as follows:
Configure the Environment:
- Before setting up Spinnaker, make sure your workstation meets the following dependencies.
- Run the following scripts:
cd $SPINNAKER_HOME spinnaker/dev/install_development.sh spinnaker/dev/bootstrap_dev.sh
- Create a directory for Spinnaker configuration overrides, copy the default configuration template there, and edit to select the appropriate cloud provider(s). Here we will have for AWS.
cd $SPINNAKER_HOME mkdir -p $HOME/.spinnaker spinnaker/config/default-spinnaker-local.yml $HOME/.spinnaker/spinnaker-local.yml chmod 600 $HOME/.spinnaker/spinnaker-local.yml
- If you are deployed on a supported cloud provider (e.g., AWS or Google) and you only wish to deploy on that platform, then you do not need to perform additional configuration. Otherwise, edit $HOME/.spinnaker/spinnaker-local.yml, enable the cloud provider(s) of your choice, and configure the attributes for that provider. Here we will enable only AWS.
Start the Netflix Spinnaker Service
- To start the Spinnaker Service, execute following:
cd $SPINNAKER_HOME/build ../spinnaker/dev/run_dev.sh [service]
- If a service is provided, then just that one service will be started. If no service is provided, then all the services will be started.
Stop the Netflix Spinnaker Service
- To Stop Spinnaker (except Redis and Cassandra), run following:
cd $SPINNAKER_HOME/build ../spinnaker/dev/stop_dev.sh [service]
This has been just a quick introduction to Netflix Spinnaker. With support for many cloud vendors and even containers like Docker, this looks like a very promising package. We hope to bring you more posts on Spinnaker in coming weeks to demonstrate how it can be installed on AWS and Google Cloud Platform, and how it can manage clusters and workflows.
New Content: Featuring CKAD Labs in Consumable Sizes
New Content in the Training Library In May, our team of expert certification specialists released seven new or updated learning paths, 18 courses, 28 hands-on labs, and two lab challenges! Three very large CKAD hands-on labs (average duration over two hours each) have been refactore...
New Content: AWS VPC & CloudFormation Playgrounds, Alibaba Lab Challenges and more
New Content in the Training Library In April, our Content Team released three new or updated learning paths, 15 courses, 18 hands-on labs, and six lab challenges! You can always find the latest content additions, as well as insight into what content we’re working on next, on our Conte...
New Content: Platforms, Programming, and DevOps – Something for Everyone
This month our team of expert certification specialists released three new or updated learning paths, 16 courses, 13 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon....
Mastering AWS Organizations Service Control Policies
Service Control Policies (SCPs) are IAM-like policies to manage permissions in AWS Organizations. SCPs restrict the actions allowed for accounts within the organization making each one of them compliant with your guidelines. SCPs are not meant to grant permissions; you should consider ...
New Content: Focus on DevOps and Programming Content this Month
This month our team of expert certification specialists released 12 new or updated learning paths, 15 courses, 25 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon. Ja...
New Content: Get Ready for the CISM Cert Exam & Learn About Alibaba, Plus All the AWS, GCP, and Azure Courses You Know You Can Count On
This month our team of intrepid certification specialists released five learning paths, seven courses, 19 hands-on labs, and three lab challenges! One particularly interesting new learning path is Certified Information Security Manager (CISM) Foundations. After completing this learn...
Which Certifications Should I Get?
The old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and companies. With all that in mind, the s...
The 12 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing. As the market leader and most ma...
AWS Certified Solutions Architect Associate: A Study Guide
Want to take a really impactful step in your technical career? Explore the AWS Solutions Architect Associate certificate. Its new version (SAA-C02) was released on March 23, 2020. The AWS Solutions Architect - Associate Certification (or Sol Arch Associate for short) offers some ...
New Content: AWS Terraform, Java Programming Lab Challenges, Azure DP-900 & DP-300 Certification Exam Prep, Plus Plenty More Amazon, Google, Microsoft, and Big Data Courses
This month our Content Team continues building the catalog of courses for everyone learning about AWS, GCP, and Microsoft Azure. In addition, this month’s updates include several Java programming lab challenges and a couple of courses on big data. In total, we released five new learning...
Where Should You Be Focusing Your AWS Security Efforts?
Another day, another re:Invent session! This time I listened to Stephen Schmidt’s session, “AWS Security: Where we've been, where we're going.” Amongst covering the highlights of AWS security during 2020, a number of newly added AWS features/services were discussed, including: AWS Audit...
AWS re:Invent: 2020 Keynote Top Highlights and More
We’ve gotten through the first five days of the special all-virtual 2020 edition of AWS re:Invent. It’s always a really exciting time for practitioners in the field to see what features and services AWS has cooked up for the year ahead. This year’s conference is a marathon and not a...