Armory Agent for Kubernetes Installation

Learn how to install the Armory Agent in your Kubernetes and Armory Enterprise environments.

Proprietary

This installation guide is designed for installing the Agent in a test environment. It does not include mTLS configuration, so the Agent service and plugin do not communicate securely.

Before you begin

  • You have read the Armory Agent overview.

  • You deployed Armory Enterprise using the Armory Operator and Kustomize patches.

  • You have configured Clouddriver to use MySQL or PostgreSQL. See the Configure Clouddriver to use a SQL Database guide for instructions. The Agent plugin uses the SQL database to store cache data.

  • For Clouddriver pods, you have mounted a service account with permissions to list and watch the Kubernetes kind Endpoint in namespace where Clouddriver is running.

    apiVersion: rbac.authorization.k8s.io/v1
    kind: Role
    metadata:
      name: spin-sa
    rules:
      - apiGroups:
          - ""
        resources:
          - endpoints
        verbs:
          - list
          - watch
    
  • Verify that there is a Kubernetes Service with prefix name spin-clouddriver (configurable) routing HTTP traffic to Clouddriver pods, having a port with name http (configurable). This Service is created automatically when installing Armory Enterprise using the Armory Operator.

  • You have an additional Kubernetes cluster to serve as your deployment target cluster.

Networking requirements

Communication from the Agent service to the Clouddriver plugin occurs over gRPC port 9091. Communication between the service and the plugin must be http/2. http/1.1 is not compatible and causes communication issues between the Agent service and Clouddriver plugin.

Consult the Communication With Clouddriver Instances in Kubernetes page for details on how the Agent plugin communicates with Clouddriver instances in Kubernetes.

Compatibility matrix

Armory Enterprise (Spinnaker) Version Armory Agent Plugin Version Armory Agent Version
2.25.x (1.25.x) 0.8.62 1.0.22
2.26.x (1.26.x) 0.9.54 1.0.22
2.27.x (1.27.x) 0.10.38 1.0.22

Your Clouddriver service must use a MySQL-compatible database. See the Configure Clouddriver to use a SQL Database guide for instructions.

Database compatibility:

MySQL PostgreSQL
5.7; AWS Aurora 10+

Installation overview

In this guide, you deploy the Agent service to your target cluster.

Installation steps:

  1. Install the Clouddriver plugin. You do this in the cluster where you are running Armory Enterprise.

    1. Create the plugin manifest as a Kustomize patch.
    2. Create a LoadBalancer service Kustomize patch to expose the plugin on gRPC port 9091.
    3. Apply the manifests.
  2. Install the Agent service using a Helm chart or using kubectl.

What’s next

Install the Clouddriver plugin using kubectl.


Last modified March 22, 2022: (617cdce5)