Change to using external addresses?


#1

In order to access Spinnaker from an external IP address, I had been creating Kubernetes services that use Load Balancers (on GKE), then pointing the UI at them. It’s always worked for me in previous versions, but for some reason that seems to have stopped, possibly with 1.9.0. I can ping the IP but it doesn’t respond on :9000. I tried adding a firewall rule but that didn’t help. I deployed Spinnaker with the “quick install” and his is my halconfig:

name: default
version: 1.9.0
providers:
  appengine:
    enabled: false
    accounts: []
  aws:
    enabled: false
    accounts: []
    bakeryDefaults:
      baseImages: []
    defaultKeyPairTemplate: '{{name}}-keypair'
    defaultRegions:
    - name: us-west-2
    defaults:
      iamRole: BaseIAMRole
  ecs:
    enabled: false
    accounts: []
  azure:
    enabled: false
    accounts: []
    bakeryDefaults:
      templateFile: azure-linux.json
      baseImages: []
  dcos:
    enabled: false
    accounts: []
    clusters: []
  dockerRegistry:
    enabled: false
    accounts: []
  google:
    enabled: false
    accounts: []
    bakeryDefaults:
      templateFile: gce.json
      baseImages: []
      zone: us-central1-f
      network: default
      useInternalIp: false
  kubernetes:
    enabled: true
    accounts:
    - name: my-kubernetes-account
      requiredGroupMembership: []
      providerVersion: V2
      permissions: {}
      dockerRegistries: []
      configureImagePullSecrets: true
      serviceAccount: true
      cacheThreads: 1
      namespaces: []
      omitNamespaces: []
      kinds: []
      omitKinds: []
      customResources: []
      cachingPolicies: []
      oauthScopes: []
      oAuthScopes: []
    primaryAccount: my-kubernetes-account
  openstack:
    enabled: false
    accounts: []
    bakeryDefaults:
      baseImages: []
  oracle:
    enabled: false
    accounts: []
    bakeryDefaults:
      templateFile: oci.json
      baseImages: []
deploymentEnvironment:
  size: SMALL
  type: Distributed
  accountName: my-kubernetes-account
  updateVersions: true
  consul:
    enabled: false
  vault:
    enabled: false
  customSizing: {}
  sidecars: {}
  gitConfig:
    upstreamUser: spinnaker
  haServices:
    clouddriver:
      enabled: false
      disableClouddriverRoDeck: false
    echo:
      enabled: false
persistentStorage:
  persistentStoreType: s3
  azs: {}
  gcs:
    rootFolder: front50
  redis: {}
  s3:
    bucket: spinnaker-artifacts
    rootFolder: front50
    endpoint: http://minio-service.spinnaker:9000
    accessKeyId: dont-use-this
    secretAccessKey: for-production
  oracle: {}
features:
  auth: false
  fiat: false
  chaos: false
  entityTags: false
  jobs: false
  artifacts: true
metricStores:
  datadog:
    enabled: false
    tags: []
  prometheus:
    enabled: false
    add_source_metalabels: true
  stackdriver:
    enabled: false
  period: 30
  enabled: false
notifications:
  slack:
    enabled: false
timezone: America/Los_Angeles
ci:
  jenkins:
    enabled: false
    masters: []
  travis:
    enabled: false
    masters: []
  wercker:
    enabled: false
    masters: []
security:
  apiSecurity:
    ssl:
      enabled: false
    overrideBaseUrl: http://35.184.6.178:8084
  uiSecurity:
    ssl:
      enabled: false
    overrideBaseUrl: http://35.188.40.35:9000
  authn:
    oauth2:
      enabled: false
      client: {}
      resource: {}
      userInfoMapping: {}
    saml:
      enabled: false
    ldap:
      enabled: false
    x509:
      enabled: false
    iap:
      enabled: false
    enabled: false
  authz:
    groupMembership:
      service: EXTERNAL
      google:
        roleProviderType: GOOGLE
      github:
        roleProviderType: GITHUB
      file:
        roleProviderType: FILE
      ldap:
        roleProviderType: LDAP
    enabled: false
artifacts:
  bitbucket:
    enabled: false
    accounts: []
  gcs:
    enabled: false
    accounts: []
  oracle:
    enabled: false
    accounts: []
  github:
    enabled: false
    accounts: []
  gitlab:
    enabled: false
    accounts: []
  http:
    enabled: false
    accounts: []
  s3:
    enabled: false
    accounts: []
pubsub:
  enabled: false
  google:
    enabled: false
    subscriptions: []
canary:
  enabled: true
  serviceIntegrations:
  - name: google
    enabled: false
    accounts: []
    gcsEnabled: false
    stackdriverEnabled: false
  - name: prometheus
    enabled: false
    accounts: []
  - name: datadog
    enabled: false
    accounts: []
  - name: signalfx
    enabled: false
    accounts: []
  - name: aws
    enabled: true
    accounts:
    - name: kayenta-minio
      bucket: spinnaker-artifacts
      rootFolder: kayenta
      endpoint: http://minio-service.spinnaker:9000
      accessKeyId: dont-use-this
      secretAccessKey: for-production
      supportedTypes:
      - OBJECT_STORE
      - CONFIGURATION_STORE
    s3Enabled: true
  reduxLoggerEnabled: true
  defaultJudge: NetflixACAJudge-v1.0
  stagesEnabled: true
  templatesEnabled: true
  showAllConfigsEnabled: true

Am I missing something?