Sharding Spinnaker

How to shard traffic to different areas of Spinnaker, in case a service doesn’t efficiently serve all queries with a single instance of Orca or Clouddriver.

Intro

This document shows you how to shard traffic to different areas of Spinnaker:

The general pattern is that you define a selector class in your configuration. The requests will then be propagated to the defined selected shard.

At Netflix, we create read-only shards for clouddriver to better manage requests. Each read-only shard is connected to a Redis replica.

Selectors exist at these levels:

  • Application
  • Execution type (i.e, Pipeline vs Orchestration)
  • Origin
  • Authenticated User

You want to modify your deployment pipelines to ensure the infrastructure for each shard is correctly created.

If no selector is specified, the default request will be used.

There is a special additional dynamicEndpoints configuration in gate.yml to send all requests from Deck to that particular shard.

Sharding Orca Requests

In gate.yml

  1. services:
  2.   orca:
  3.     shards:
  4.       baseUrls:
  5.         - baseUrl: https://orca.example.com
  6.         - baseUrl: https://orca-shard1.example.com
  7.           priority: 10
  8.           config:
  9.             selectorClass: com.netflix.spinnaker.kork.web.selector.ByApplicationServiceSelector
  10.             applicationPattern: xxxxyyyapp |demo.*xxxxyyyy

Clouddriver Read-only Shards

gate.yml

  1. services:
  2.   clouddriver:
  3.     baseUrl: https://clouddriver-readonly.example.com
  4.     config:
  5.       dynamicEndpoints:
  6.         deck: https://clouddriver-readonly-deck.example.com

orca.yml

  1. clouddriver:
  2.   readonly:
  3.     baseUrls:
  4.     - baseUrl: https://clouddriver-readonly-orca-1.example.com
  5.       priority: 10
  6.       config:
  7.         selectorClass: com.netflix.spinnaker.orca.clouddriver.config.ByExecutionTypeServiceSelector
  8.         executionTypes:
  9.           - orchestration
  10.     - baseUrl: https://clouddriver-readonly-orca-2.example.com
  11.       priority: 20
  12.       config:
  13.         selectorClass: com.netflix.spinnaker.orca.clouddriver.config.ByApplicationServiceSelector
  14.         applicationPattern: app1|.*app2.*
  15.     - baseUrl: https://clouddriver-readonly-orca-3.example.com
  16.       priority: 30
  17.       config:
  18.         selectorClass: com.netflix.spinnaker.orca.clouddriver.config.ByOriginServiceSelector
  19.         origin: deck
  20.         executionTypes:
  21.           - orchestration
  22.     - baseUrl: https://clouddriver-readonly-orca-4.example.com
  23.       priority: 50
  24.       config:
  25.         selectorClass: com.netflix.spinnaker.orca.clouddriver.config.ByAuthenticatedUserServiceSelector
  26.         users:
  27.           - horseman.*
  28.           - bojack.*
  29.     - baseUrl: https://clouddriver-readonly-orca-5.example.com

Last modified October 8, 2020: docs(headers): shorten linkTitle and description where applicable (5a887a6)