Armory Agent Service Installation Using a Helm Chart

Use a Helm chart to install the Armory Agent service in your Kubernetes and Armory Enterprise environments.

Proprietary

Chart overview

This Helm chart replaces installing the Agent using kubectl. The chart:

  • Exposes all settings for installing the Agent service.
  • Enables you to easily deploy the Agent service with default configuration using a single command.
  • Gives you the ability to customize the service settings in a file or via the command line.

Connecting to Armory Cloud services is enabled by default. Armory Cloud services is required for some features to function and affects how you configure the Agent service installation. If you want to connect to Armory Cloud services, you must include your Armory Cloud client ID and secret. You can disable connecting to Armory Cloud services by setting a gPRC URL instead of providing your Armory Cloud services credentials.

Before you begin

Ensure you have completed the following steps before you install the Agent using the Helm chart:

  1. You have installed the Clouddriver plugin.

  2. You are familiar with Helm and have installed v3.6.3+.

  3. You have added or updated the Armory charts repo in your Kubernetes environment.

    To add the Armory chart repo, execute the following command:

       helm repo add armory-charts http://armory.jfrog.io/artifactory/charts
       

    If you have previously added the chart repo, update it with the following commands:

       helm repo update
       helm upgrade armory-agent armory-charts/agent-k8s-full
       

Quickstart

Run one of the following commands:

  1. If you want to connect to Armory Cloud services:

    You must include your Armory Cloud clientId and clientSecret credentials.

       helm install armory-agent armory-charts/agent-k8s-full \
       --create-namespace \
       --namespace=<agent-namespace> \
       --set hub.auth.armory.clientId=<your-clientID>,hub.auth.armory.secret=<your-clientSecret>
       
  2. If you don’t want to connect to Armory Cloud services:

    You must include your gPRC endpoint, such as localhost:9090.

       helm install armory-agent armory-charts/agent-k8s-full \
       --create-namespace \
       --namespace=<agent-namespace> \
       --set config.clouddriver.grpc=<endpoint>
       

Command options:

  • --create-namespace: (Optional) Creates the namespace if not present. See the Helm install docs.
  • --namespace=<agent-namespace>: (Required) The namespace where you install the Agent, which is also the deployment target for your app.

Before you start, make sure:

  1. Each account has a kubeconfig file that grants access to the deployment target cluster. If you use Amazon EKS, you can run the following command:

       aws eks update-kubeconfig --name <target-cluster>
       
  2. Each account has a kubeconfig file and a secret created from that file. For example:

       kubectl create secret generic kubeconfig --from-file=<path>/.kube/config -n <namespace>
       

    See the kubectl create secret generic docs for command details.

Run one of the following commands:

  1. If you want to connect to Armory Cloud services:

    You must set your Armory Cloud clientId and clientSecret credentials.

    You must set your kubeconfig file and secret. <kubeconfig> is the name of the file you used when you created the secret. If you used --from-file=<path>/.kube/config, the value of <kubeconfig> is config.

       helm install armory-agent armory-charts/agent-k8s-full \
       --create-namespace \
       --namespace=<agent-namespace> \
       --set hub.auth.armory.clientId=<your-clientID> \
       ,hub.auth.armory.secret=<your-clientSecret> \
       ,kubeconfigs.<account-name>.file=<kubeconfig> \
       ,kubeconfigs.<account-name>.secret=<secret>
       
  2. If you don’t want to connect to Armory Cloud services:

    You must include your gPRC endpoint, such as localhost:9090.

    You must set your kubeconfig file and secret. <kubeconfig> is the name of the file you used when you created the secret. If you used --from-file=<path>/.kube/config, the value of <kubeconfig> is config.

       helm install armory-agent armory-charts/agent-k8s-full \
       --create-namespace \
       --namespace=<agent-namespace> \
       --set config.clouddriver.grpc=<endpoint> \
       ,kubeconfigs.<account-name>.file=<kubeconfig> \
       ,kubeconfigs.<account-name>.secret=<secret>
       

Command options:

  • --create-namespace: (Optional) Creates the namespace if not present. See the Helm install docs.
  • --namespace=<agent-namespace>: (Required) The namespace where you install the Agent, which is also the deployment target for your app.

Confirm success

Create a pipeline with a Deploy manifest stage. You should see your target cluster available in the Accounts list. Deploy a static manifest.

Set proxy settings

The env parameters are optional and only need to be used if Armory Enterprise is behind an HTTP(S) proxy. If you need to set more than one of the env parameters, you must increment the index value for the parameters. For example: env[0].name="HTTP_PROXY, env[1].name="HTTPS_PROXY", and env[2].name="NO_PROXY".

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=<agent-namespace> \
--set env[0].name=”HTTP_PROXY”,env[0].value="<hostname>:<port>" \
,env[1].name=”HTTPS_PROXY”,env[1].value="<hostname>:<port>" \
,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker"

Alternatively, you can create a values.yaml file to include the parameters:

env:
  - name: HTTP_PROXY
    value: <hostname>:<port>
  - name: HTTPS_PROXY
    value: <hostname>:<port>
  - name: NO_PROXY
    value: localhost,127.0.0.1,*.spinnaker

With the file, you can avoid setting individual env parameters in the helm install command. Instead include the --values parameter as part of the Helm install command:

--values=<path>/values.yaml

Set a custom Agent image registry

If you need to download the Armory Agent image from a different registry, you can specify that repository using the following settings:

--set image.repository=<repo-name>,image.imagePullPolicy=IfNotPresent, /
image.imagePullSecrets=<secret>

Alternatively, you can create a values.yaml file to include the settings:

image:
  repository: <repo-name>
  imagePullPolicy: IfNotPresent
  imagePullSecrets: <secret>

Include the --values parameter as part of the Helm install command:

--values=<path>/values.yaml

Custom configuration

If you need greater flexibility, you can override any supported configuration option, either by setting values using the command line or by setting values in an armory-agent.yml file.

Set config values using the command line

You can update configuration options via the command line by using --set config.<option>. For example, if you want to set logging.level to debug, use --set config.logging.level=debug to do that.

Set config in a file

You can also override default settings in your own armory-agent.yml file. For example, if you want to modify the default logging settings, create an armory-agent.yml file with the following content:

logging:
  file: "my-log"
  format: "json"
  level: "debug"

Note that you do not use “config” in the armory-agent file even though you do when setting config using the command line.

Then use the --set-file option in the Helm install command:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=<agent-namespace> \
--set-file agentyml=<path-to>/armory-agent.yml

You can pass in an armory-agent.yml file and also override values on the command line:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=<agent-namespace> \
--set-file agentyml=<path-to>/armory-agent.yml \
--set config.logging.level=debug

The difference between values.yaml and armory-agent.yml

armory-agent.yml: any supported configuration option listed in the Agent Options configuration option section.

values.yaml: environmental values such as proxy settings and image repository.

You can use both files. For example:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=<agent-namespace> \
--set-file agentyml=<path-to>/armory-agent.yml \
--values=<path-to>/values.yaml

Examples

Agent mode

Armory Cloud, custom config

This example installs the Agent service into the “dev” namespace with a connection to Armory Cloud services and the following custom configuration:

  • debug logging level
  • Increase the Agent request retry attempts to 5
  • Increase the time (in milliseconds) to wait between retry attempts to 5000
  • Enables Prometheus.
helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=dev \
--set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \
,config.logging.level=debug,config.kubernetes.retries.maxRetries=5 \
,config.kubernetes.retries.backOffMs=5000,config.prometheus.enabled=true

The same custom configuration in an armory-agent.yml file:

logging:
  level: "debug"
kubernetes:
  retries:
    maxRetries: 5
    backOffMs: 5000
prometheus:
  enabled: true

Install the Agent with configuration in a file:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=dev \
--set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret
--set-file agentyml=/Users/armory/armory-agent.yml
Local gPRC, private image registry, proxy

This example installs the Agent service into the “dev” namespace with a local gPRC endpoint (no Armory Cloud services connection), pulls the image from a private registry, and configures proxy settings.

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=dev \
--set config.clouddriver.grpc=spin-clouddriver-grpc:9091 \
,image.repository=private-reg/agent-k8s \
,image.imagePullPolicy=IfNotPresent \
,image.imagePullSecrets=regcred \
,env[0].name=”HTTP_PROXY”,env[0].value="corp.proxy.com:8080" \
,env[1].name=”HTTPS_PROXY”,env[1].value="corp.proxy.com:443" \
,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker"

The same custom configuration in a values.yaml file:

image:
  repository: private-reg/agent-k8s
  imagePullPolicy: IfNotPresent
  imagePullSecrets: regcred

env:
  - name: HTTP_PROXY
    value: corp.proxy.com:8080
  - name: HTTPS_PROXY
    value: corp.proxy.com:443
  - name: NO_PROXY
    value: localhost,127.0.0.1,*.spinnaker

Install the Agent with configuration in a file:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=dev \
--values=/Users/armory/values.yaml
--set config.clouddriver.grpc=spin-clouddriver-grpc:9091
Agent and environment config in files

This example installs the Agent service into the “dev” namespace with a connection to Armory Cloud services and the following custom Agent configuration:

  • debug logging level
  • Increase the Agent request retry attempts to 5
  • Increase the time (in milliseconds) to wait between retry attempts to 5000
  • Enables Prometheus.

Agent configuration in an armory-agent.yml file:

logging:
  level: "debug"
kubernetes:
  retries:
    maxRetries: 5
    backOffMs: 5000
prometheus:
  enabled: true

Additionally, a values.yaml file contains custom repository and proxy settings:

image:
  repository: private-reg/agent-k8s
  imagePullPolicy: IfNotPresent
  imagePullSecrets: regcred

env:
  - name: HTTP_PROXY
    value: corp.proxy.com:8080
  - name: HTTPS_PROXY
    value: corp.proxy.com:443
  - name: NO_PROXY
    value: localhost,127.0.0.1,*.spinnaker

Install command:

helm install armory-agent armory-charts/agent-k8s-full \
--create-namespace \
--namespace=dev \
--set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret
--set-file agentyml=/Users/armory/armory-agent.yml
--vaues=/Users/amory/values.yaml

Infrastructure mode

Armory Cloud, custom config

This example installs the Agent service into the “dev” namespace with a connection to Armory Cloud services and the following custom configuration:

  • debug logging level
  • Increase the Agent request retry attempts to 5
  • Increase the time (in milliseconds) to wait between retry attempts to 5000
  • Enables Prometheus.

Create the namespace:

kubectl create namespace dev

Create the secret:

kubectl create secret generic kubeconfig --from-file=/User/armory/.kube/config -n dev

Install the Agent:

helm install armory-agent armory-charts/agent-k8s-full \
--namespace=dev \
--set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \
,kubeconfigs.account1.file=config \
,kubeconfigs.account1.secret=s3cr3t \
,config.logging.level=debug,config.kubernetes.retries.maxRetries=5 \
,config.kubernetes.retries.backOffMs=5000,config.prometheus.enabled=true

The same custom configuration in an armory-agent.yml file:

logging:
  level: "debug"
kubernetes:
  retries:
    maxRetries: 5
    backOffMs: 5000
prometheus:
  enabled: true

Install the Agent with configuration in a file:

helm install armory-agent armory-charts/agent-k8s-full \
--namespace=dev \
--set hub.auth.armory.clientId=clientID123,hub.auth.armory.secret=s3cret \
,kubeconfigs.account1.file=config \
,kubeconfigs.account1.secret=s3cr3t \
--set-file agentyml=/Users/armory/armory-agent.yml
Local gPRC, private image registry, proxy

This example installs the Agent service into the “dev” namespace with a local gPRC endpoint (no Armory Cloud services connection), pulls the image from a private registry, and configures proxy settings.

Create the namespace:

kubectl create namespace dev

Create the secret:

kubectl create secret generic kubeconfig --from-file=/User/armory/.kube/config -n dev

Install the Agent:

helm install armory-agent armory-charts/agent-k8s-full \
--namespace=dev \
--set config.clouddriver.grpc=spin-clouddriver-grpc:9091 \
,kubeconfigs.account1.file=config \
,kubeconfigs.account1.secret=s3cr3t \
,image.repository=private-reg/agent-k8s \
,image.imagePullPolicy=IfNotPresent \
,image.imagePullSecrets=regcred \
,env[0].name=”HTTP_PROXY”,env[0].value="corp.proxy.com:8080" \
,env[1].name=”HTTPS_PROXY”,env[1].value="corp.proxy.com:443" \
,env[2].name=”NO_PROXY”,env[2].value="localhost,127.0.0.1,*.spinnaker"

The same custom configuration in a values.yaml file:

image:
  repository: private-reg/agent-k8s
  imagePullPolicy: IfNotPresent
  imagePullSecrets: regcred

env:
  - name: HTTP_PROXY
    value: corp.proxy.com:8080
  - name: HTTPS_PROXY
    value: corp.proxy.com:443
  - name: NO_PROXY
    value: localhost,127.0.0.1,*.spinnaker

Install the Agent with configuration in a file:

helm install armory-agent armory-charts/agent-k8s-full \
--namespace=dev \
--values=/Users/armory/values.yaml
--set config.clouddriver.grpc=spin-clouddriver-grpc:9091 \
,kubeconfigs.account1.file=config \
,kubeconfigs.account1.secret=s3cr3t

Uninstall

helm uninstall <release-name> --namespace=<agent-namespace>
  • <release-name>: (Reqired) the Armory Agent service release, such as 1.0.22.
  • <agent-namespace>: (Required) The namespace where you installed the Agent.

What’s next


Last modified December 10, 2021: (556c295d)