Safe Deployments

Enhance an existing deployment process to take advantage of Spinnaker safety features.

Overview

In this codelab, you will improve a deployment process by adding safeguards to your deployments.

This codelab is a continuation of the Kubernetes: code to prod codelab. It assumes you have an application set up and ready to deploy.

Setup

Please follow the steps in the Kubernetes Source to Prod guide to create a deployed Spinnaker cluster.

Making manual operations safer

Using the Rollback action

The rollback action automates the process of restoring to the previous good known server group. This feature enhances a traditionally manual operation by ensuring that the restored cluster is taking traffic before disabling the current server group.

Go to the clusters screen for your application and make sure you have at least one cluster with one server group with an attached load balancer.

If you don’t have an existing server group, click on Create Server Group, select your deployment details (pick an image name and load balancer) and click on CREATE .

Safe Deployments - 图1

Clone this server group:

  1. Select the server group
  2. Click on actions, then select clone server group in the dropdown.
  3. In the new dialog, select Red/Black push as the strategy.
  4. Click CREATE.

Safe Deployments - 图2

Wait for the task to finish. You should now have at least two server groups in your cluster, with the previous one disabled and the new one enabled.

Safe Deployments - 图3

Rollback the deployment:

  1. Select the new server group
  2. Click on actions, then select rollback in the dropdown.

Safe Deployments - 图4

  1. In the new dialog, select the previous server group from the dropdown.

Safe Deployments - 图5

  1. Click OK

You should see a task window and the deployment being rolled back safely and automatically. The previous server group should be eneabled and the current one disabled.

Safe Deployments - 图6

Making a deployment pipeline safer

Creating your deployment pipeline

Go to the Pipelines screen and select Create New

Select Pipeline as the type and name it Safe Deployment

Safe Deployments - 图7

Under Configuration, add a Docker Registry trigger

Point it to your Docker registry and image

Safe Deployments - 图8

Add a new stage of type Deploy

Add a new cluster, select copy configuration from an existing template.

Select your cluster.

Click Use this template.

Safe Deployments - 图9

You should see the details for your cluster filled in.

Safe Deployments - 图10

Select Add

Save the pipeline

Adding an execution window to deployment pipelines

Execution windows allow you to restrict the times of the day or week when deployments can happen. By using execution windows, you can ensure that deployments don’t interfere with times where your service is at peak demand. You can also use execution windows to make sure that there is always someone in the office ready to manually intervene or rollback your pipeline.

Let’s modify our existing pipeline to add a deployment window.

Navigate to the deploy stage of your pipeline.

Check the Restrict execution to specific time windows checkbox

Click on Add an execution window

Safe Deployments - 图11

Enter a start time and end time that will block the deployment if deployed right now.

Safe Deployments - 图12

Save the pipeline

Go to the pipeline screen by clicking on the back arrow next to the pipeline name

Click on Start Manual Execution for your pipeline.

You will see a warning that your deploy stage is waiting for an execution window.

Safe Deployments - 图13

You can click on Skip Execution Window to start the stage right away.

Go back and modify the execution window so your stage falls within the current window.

Execute your pipeline again. You should see your deployment continue without waiting.

Adding a Manual Judgment to deployment pipelines

Manual Judgments serve as a gate for your pipeline. You can add manual judment stages to interrupt the pipeline execution to run a manual check. This is great for teams that have a manual or out-of-band QA process.

Let’s modify our pipeline by adding a manual judgment stage.

Click on Configuration and select Add new stage

Enter “please approve this pipeline” in the instructions

Safe Deployments - 图14

Click on Add Notification Preference.

In the popup dialog:

  1. select type Email
  2. Enter your email address
  3. Select to notify when This stage is awaiting judgment.

Click Update

Safe Deployments - 图15

Go to your deploy stage

Select Manual Judgment in the Depends On field

Safe Deployments - 图16

Your pipeline view should look like this.

Safe Deployments - 图17

Save this pipeline and run it.

Check your email. You should see one that says that your pipeline is awaiting judgment.

Safe Deployments - 图18

Click on the link in your email. You should see the manual judgment awaiting approval.

Safe Deployments - 图19

Click on Continue

Your pipeline should run now.

Changing pipeline behavior based on selected judgment

Manual Judgments can also be used to run a rollback task based on some input.

Go to your Manual Judgement stage and type in “continue” as an input option.

Click on Add Judgment Input and type in “rollback.”

Safe Deployments - 图20

Add a new stage called Rollback of type Wait

In the new stage, check the Conditional on Expression checkbox and enter ${ #judgment("Manual Judgment").equals("rollback")}. In this step, we’re telling Spinnaker to only run this stage if the rollback option was selected.

Safe Deployments - 图21

Select the deploy stage, check the Conditional on Expression checkbox and enter ${ #judgment("Manual Judgment").equals("continue")}.

Save your pipeline and run it.

In the manual judgment stage, select rollback as your input.

Safe Deployments - 图22

You should see that the deploy stage is skipped while the rollback stage runs.

Safe Deployments - 图23

Run your pipeline again, this time selecting continue as your input.

The rollback stage should not run

Safe Deployments - 图24

Creating an automatic rollback pipeline

You can also create a pipeline to run in case a deployment fails.

For this exercise, we’re going to create a pipeline that will trigger if a deployment pipeline fails.

We’re going to make a parent pipeline that will allow us to decide its success status based on a parameter.

Create a new pipeline called Parent Pipeline

  1. Click Show Options
  2. Enter true as an option
  3. Click on Add New Option
  4. Enter false as another option.

Safe Deployments - 图25

Add a new stage of type Check Preconditions.

Add a new Precondition:

  1. Set Check to Expression
  2. Enter ${ parameters["Pipeline Successful"].equals("true") } as the expression.

Safe Deployments - 图26

  1. Click Update

Safe Deployments - 图27

Save your pipeline

Create a rollback pipeline

Create a new pipeline called ‘Child Pipeline’

Under Configuration, add a new automated trigger of type Pipeline

  1. Set your application to be the same as your parent pipeline
  2. Set pipeline name to be Parent Pipeline
  3. Click on Pipeline Status failed

Safe Deployments - 图28

Add a new stage of type Wait

Safe Deployments - 图29

Save your child pipeline

Test your rollback pipeline

Go to the pipelines screen and select Start Manual Execution on your Parent Pipeline

In the popup dialog, select false as the choice for Pipeline Successful

Safe Deployments - 图30

You should see the pipeline fail, and the Child Pipeline run the rollback

Safe Deployments - 图31

If you click on the Parent Pipeline link in the child pipeline, it should take you the the failed execution.

Now run the Parent Pipeline again, this time selecting true.

The child pipeline should not run

Safe Deployments - 图32

Learn more

Hopefully this codelab has given you a taste of the built-in mechanisms for safe deployment in Spinnaker. An almost complete list of safe deployment features in Spinnaker can be found in this blog post .

Last modified August 18, 2020: tutorials/codelabs: change _index to index in all sections (c732aa0)