Spinnaker Cheat Sheet
Overview
Spinnaker is an open-source, multi-cloud continuous delivery platform originally built by Netflix. It supports deploying to AWS, GCP, Azure, Kubernetes, and other cloud providers through a unified pipeline interface. Spinnaker provides deployment strategies like blue-green, canary, rolling updates, and custom pipelines with manual judgments.
Spinnaker separates the concepts of applications, clusters, server groups, and load balancers into a cloud-agnostic model. Its pipeline system supports complex deployment workflows with stages for building, testing, deploying, and promoting across multiple environments and cloud providers.
Installation
Using Halyard (Official CLI)
# Install Halyard
curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/debian/InstallHalyard.sh
sudo bash InstallHalyard.sh
# Or on macOS
curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/macos/InstallHalyard.sh
sudo bash InstallHalyard.sh
# Verify
hal version listConfigure and Deploy
# Set Spinnaker version
hal config version edit --version 1.32.0
# Configure storage (S3 example)
hal config storage s3 edit \
--access-key-id $AWS_ACCESS_KEY \
--secret-access-key --region us-east-1 \
--bucket my-spinnaker-bucket
hal config storage edit --type s3
# Configure Kubernetes provider
hal config provider kubernetes enable
hal config provider kubernetes account add my-k8s \
--context $(kubectl config current-context) \
--provider-version v2
# Deploy Spinnaker
hal deploy apply
# Connect to Spinnaker UI
hal deploy connect
# UI: http://localhost:9000
# API: http://localhost:8084Core Commands (Halyard)
| Command | Description |
|---|---|
hal version list | List available Spinnaker versions |
hal config version edit --version <v> | Set Spinnaker version |
hal deploy apply | Apply configuration and deploy |
hal deploy connect | Forward ports to Spinnaker services |
hal config provider <provider> enable | Enable a cloud provider |
hal config ci <ci> enable | Enable CI integration |
hal config artifact <type> enable | Enable artifact type |
hal config security authn <type> enable | Configure authentication |
hal shutdown | Stop Halyard daemon |
Spin CLI
# Install spin CLI
curl -LO https://storage.googleapis.com/spinnaker-artifacts/spin/latest/linux/amd64/spin
chmod +x spin
sudo mv spin /usr/local/bin/
# Configure
spin config edit --gate-endpoint http://localhost:8084
# Application management
spin application list
spin application save --application-name my-app \
--owner-email team@example.com \
--cloud-providers kubernetes
# Pipeline management
spin pipeline list --application my-app
spin pipeline get --application my-app --name deploy-prod
spin pipeline save --file pipeline.json
spin pipeline execute --application my-app --name deploy-prod
# Manual execution with parameters
spin pipeline execute --application my-app --name deploy-prod \
--parameter-file params.jsonPipeline Configuration
Basic Pipeline (JSON)
{
"name": "Deploy to Production",
"application": "my-app",
"stages": [
{
"type": "bake",
"name": "Bake AMI",
"package": "my-app",
"baseOs": "ubuntu",
"regions": ["us-east-1"]
},
{
"type": "deploy",
"name": "Deploy to Prod",
"clusters": [
{
"account": "my-aws",
"application": "my-app",
"capacity": {
"desired": 3,
"max": 6,
"min": 3
},
"strategy": "redblack"
}
],
"requisiteStageRefIds": ["1"]
}
],
"triggers": [
{
"type": "docker",
"registry": "index.docker.io",
"repository": "myorg/my-app",
"tag": "latest",
"enabled": true
}
]
}Kubernetes Deploy Stage
{
"type": "deployManifest",
"name": "Deploy to Kubernetes",
"account": "my-k8s-account",
"cloudProvider": "kubernetes",
"manifests": [],
"source": "artifact",
"manifestArtifactId": "deployment-manifest",
"namespaceOverride": "production"
}Configuration
Cloud Providers
# AWS
hal config provider aws enable
hal config provider aws account add my-aws \
--account-id 123456789012 \
--regions us-east-1,us-west-2
# GCP
hal config provider google enable
hal config provider google account add my-gcp \
--project my-project \
--json-path /path/to/service-account.json
# Kubernetes
hal config provider kubernetes enable
hal config provider kubernetes account add my-k8s \
--context my-context \
--namespaces default,staging,productionCI Integration
# Jenkins
hal config ci jenkins enable
hal config ci jenkins master add my-jenkins \
--address https://jenkins.example.com \
--username admin \
--password
# GitHub Actions (via webhook triggers)
# Configure in pipeline trigger settingsNotifications
# Slack
hal config notification slack enable
hal config notification slack edit \
--bot-name spinnaker \
--token $SLACK_TOKEN
# Email
hal config notification email enable
hal config notification email edit \
--smtp-host smtp.example.com \
--smtp-port 587Advanced Usage
Canary Analysis (Kayenta)
# Enable canary
hal config canary enable
hal config canary google enable
hal config canary google account add my-canary \
--project my-project \
--json-path /path/to/sa.json \
--bucket my-canary-bucket
# Or with Prometheus
hal config canary prometheus enable
hal config canary prometheus account add my-prom \
--base-url http://prometheus:9090Pipeline Templates
# Save pipeline as template
spin pipeline-template save --file template.json
# List templates
spin pipeline-template list
# Create pipeline from template
spin pipeline save --file pipeline-from-template.jsonPipeline Expressions (SpEL)
{
"stages": [
{
"type": "wait",
"name": "Conditional Wait",
"skipWait": "${trigger.parameters.skipWait == 'true'}",
"waitTime": "${trigger.parameters.waitMinutes ?: 5}"
}
]
}Manual Judgment Stage
{
"type": "manualJudgment",
"name": "Approve Production Deploy",
"instructions": "Review the canary analysis before promoting.",
"judgmentInputs": [
{ "value": "approve" },
{ "value": "reject" }
],
"notifications": [
{
"type": "slack",
"channel": "#deployments",
"when": ["manualJudgment"]
}
]
}Troubleshooting
| Issue | Solution |
|---|---|
hal deploy apply hangs | Check Halyard daemon: hal shutdown then restart |
| Services not starting | Check kubectl get pods -n spinnaker and pod logs |
| Pipeline stuck | Check stage logs in UI; verify cloud provider creds |
| Artifact not found | Verify artifact account config in Halyard |
| Auth redirect issues | Check hal config security authn settings |
| OOM on clouddriver | Increase memory: hal config deploy component-sizing clouddriver container limits memory 2Gi |
# Check service status
hal deploy details
# View service logs
kubectl logs -n spinnaker deployment/spin-clouddriver -f
kubectl logs -n spinnaker deployment/spin-orca -f
# Backup Spinnaker config
hal backup create
# Restore from backup
hal backup restore --backup-path /path/to/backup.tar
# Validate configuration
hal config