DeprecatedThe following documentation is for an Armory product that is deprecated.
You can find additional information at Halyard Deprecation.
Visit the Armory-extended Halyard Release Notes page for a list of available Armory-extended Halyard versions and their release notes. You can view version differences as well as which versions are compatible with which Armory releases.
Running in Docker
Running Armory-extended Halyard in Docker is convenient and portable. The daemon will need access to files and environment variables, such as:
- Halyard’s main configuration directory - make sure the daemon has write access to that directory
kubeconfigfile for Spinnaker’s installation cluster (usually
- AWS profiles (usually
~/.aws) if access to AWS is needed
- Any other configuration files that reside on the Docker host
The Docker container expects to use
Before you execute the command below, you need to set permissions on the host (local) directories mapped to the Docker container. These directories must allow for modification from within the container. The
~/.halfolder within the host (local) system directory needs write permissions (
chmod 777 ~/.hal), or you will encounter issues when attempting to execute a
hal deploy applyfrom within the container.
You can start Armory-extended Halyard in a Docker container with the following command:
docker run --name armory-halyard --rm \ -v ~/.hal:/home/spinnaker/.hal \ -v ~/.kube:/home/spinnaker/.kube \ -v ~/.aws:/home/spinnaker/.aws \ -it docker.io/armory/halyard-armory:1.12.0
Note: If you’re installing to Google Cloud, you’ll want to change the “.aws” mapping above to your Google credentials json file, and then you’ll need to set the environment variable GOOGLE_APPLICATION_CREDENTIALS within the shell so the installer can find it.
Our installer currently expects to find your kubeconfig named
.kube directory you map below. If you’ve named your config something
else, you’ll need to rename or symlink the file accordingly.
Running Halyard Commands
Once Armory-extended Halyard is running, you can interact with it by opening a separate Terminal and running:
docker exec -it armory-halyard bash
From there, you can issue all your Halyard commands.
Run in Kubernetes
Armory-extended Halyard can also be installed as a Kubernetes
StatefulSet. The advantage of running Halyard in the same cluster as Spinnaker is to get the same network access as Spinnaker itself in some locked down environments.
You can install Armory-extended Halyard with the following manifest:
--- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: halconfig-pvc labels: app: halyard namespace: halyard spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi --- apiVersion: apps/v1 kind: StatefulSet metadata: name: halyard namespace: halyard spec: replicas: 1 selector: matchLabels: app: halyard serviceName: halyard template: metadata: labels: app: halyard spec: containers: - name: halyard image: index.docker.io/armory/halyard-armory:1.12.0 volumeMounts: - name: halconfig mountPath: /home/spinnaker/ securityContext: fsGroup: 65533 volumes: - name: halconfig persistentVolumeClaim: claimName: halconfig-pvc
Copy and paste the manifest into a file named halyard.yml, then deploy the above manifest (halyard.yml) into Kubernetes with the following command:
kubectl apply -f halyard.yml
Note: This installs Halyard into the namespace ‘halyard’
Running Halyard Commands
StatefulSet is ready - you can interact with it by running:
kubectl -n halyard exec -ti statefulset/halyard -- bash
Users of Kubernetes versions older than 1.16 may need to run this instead:
kubectl -n halyard exec -ti statefulset/halyard bash
Be sure to check the
kubectl docs for the version of Kubernetes that you are running.
Was this page helpful?
Thank you for letting us know!
Sorry to hear that. Please tell us how we can improve.
Last modified July 22, 2021: (837ccc4)