Existing services not being listed for Accounts


#1

Hi,
I have configured spinnaker making use of hal deploy. Spinnaker is installed in its own kubernetes cluster on Google’s Kubernetes Engine. I have added this cluster as an account during the hal setup. I have then additionally added 2 other Kubernetes cluster accounts also hosted on Google’s Kubernetes Engine. When I launch hal deploy connect I can see my 3 accounts when I create a new application. What I am not seeing is the existing services deployed to any of these clusters. I am also not seeing any information about these clusters in the UI.

It is as if none of the information is being pulled from gke into spinnaker, see images below:

Here is my hal config:

currentDeployment: default
deploymentConfigurations:
- name: default
  version: 1.10.2
  providers:
    appengine:
      enabled: false
      accounts: []
    aws:
      enabled: false
      accounts: []
      bakeryDefaults:
        baseImages: []
      defaultKeyPairTemplate: '{{name}}-keypair'
      defaultRegions:
      - name: us-west-2
      defaults:
        iamRole: BaseIAMRole
    ecs:
      enabled: false
      accounts: []
    azure:
      enabled: false
      accounts: []
      bakeryDefaults:
        templateFile: azure-linux.json
        baseImages: []
    dcos:
      enabled: false
      accounts: []
      clusters: []
    dockerRegistry:
      enabled: false
      accounts: []
    google:
      enabled: false
      accounts: []
      bakeryDefaults:
        templateFile: gce.json
        baseImages: []
        zone: us-central1-f
        network: default
        useInternalIp: false
    kubernetes:
      enabled: true
      accounts:
      - name: xxx-k8s-dev
        requiredGroupMembership: []
        providerVersion: V2
        permissions: {}
        dockerRegistries: []
        context: xxx_europe-xxx-dev
        configureImagePullSecrets: true
        cacheThreads: 1
        namespaces: []
        omitNamespaces: []
        kinds: []
        omitKinds: []
        customResources: []
        cachingPolicies: []
        kubeconfigFile: /home/xxx/.kube/config
        oauthScopes: []
        oAuthScopes: []
        onlySpinnakerManaged: false
      - name: xxx-k8s-prod
        requiredGroupMembership: []
        providerVersion: V2
        permissions: {}
        dockerRegistries: []
        context: xxx_europe-xxx-prod
        configureImagePullSecrets: true
        cacheThreads: 1
        namespaces: []
        omitNamespaces: []
        kinds: []
        omitKinds: []
        customResources: []
        cachingPolicies: []
        kubeconfigFile: /home/xxx/.kube/config
        oauthScopes: []
        oAuthScopes: []
        onlySpinnakerManaged: false
      - name: xxx-k8s-spinnaker
        requiredGroupMembership: []
        providerVersion: V2
        permissions: {}
        dockerRegistries: []
        context: xxx_europe-west3_spinnaker
        configureImagePullSecrets: true
        cacheThreads: 1
        namespaces: []
        omitNamespaces: []
        kinds: []
        omitKinds: []
        customResources: []
        cachingPolicies: []
        kubeconfigFile: /home/xxx/.kube/config
        oauthScopes: []
        oAuthScopes: []
        onlySpinnakerManaged: false
      primaryAccount: xxx-k8s-dev
    openstack:
      enabled: false
      accounts: []
      bakeryDefaults:
        baseImages: []
    oracle:
      enabled: false
      accounts: []
      bakeryDefaults:
        templateFile: oci.json
        baseImages: []
  deploymentEnvironment:
    size: SMALL
    type: Distributed
    accountName: xxx-k8s-spinnaker
    updateVersions: true
    consul:
      enabled: false
    vault:
      enabled: false
    customSizing: {}
    sidecars: {}
    gitConfig:
      upstreamUser: spinnaker
    haServices:
      clouddriver:
        enabled: false
        disableClouddriverRoDeck: false
      echo:
        enabled: false
  persistentStorage:
    persistentStoreType: gcs
    azs: {}
    gcs:
      jsonPath: /home/xxx/.gcp/gcs-account.json
      project: xxx
      bucket: spin-xxx
      rootFolder: front50
      bucketLocation: eu
    redis: {}
    s3:
      rootFolder: front50
    oracle: {}
  features:
    auth: false
    fiat: false
    chaos: false
    entityTags: false
    jobs: false
    artifacts: true
  metricStores:
    datadog:
      enabled: false
      tags: []
    prometheus:
      enabled: false
      add_source_metalabels: true
    stackdriver:
      enabled: false
    period: 30
    enabled: false
  notifications:
    slack:
      enabled: false
  timezone: America/Los_Angeles
  ci:
    jenkins:
      enabled: false
      masters: []
    travis:
      enabled: false
      masters: []
    wercker:
      enabled: false
      masters: []
  security:
    apiSecurity:
      ssl:
        enabled: false
    uiSecurity:
      ssl:
        enabled: false
    authn:
      oauth2:
        enabled: false
        client: {}
        resource: {}
        userInfoMapping: {}
      saml:
        enabled: false
      ldap:
        enabled: false
      x509:
        enabled: false
      iap:
        enabled: false
      enabled: false
    authz:
      groupMembership:
        service: EXTERNAL
        google:
          roleProviderType: GOOGLE
        github:
          roleProviderType: GITHUB
        file:
          roleProviderType: FILE
        ldap:
          roleProviderType: LDAP
      enabled: false
  artifacts:
    bitbucket:
      enabled: false
      accounts: []
    gcs:
      enabled: false
      accounts: []
    oracle:
      enabled: false
      accounts: []
    github:
      enabled: false
      accounts: []
    gitlab:
      enabled: false
      accounts: []
    http:
      enabled: false
      accounts: []
    s3:
      enabled: false
      accounts: []
  pubsub:
    enabled: false
    google:
      enabled: false
      subscriptions: []
  canary:
    enabled: false
    serviceIntegrations:
    - name: google
      enabled: false
      accounts: []
      gcsEnabled: false
      stackdriverEnabled: false
    - name: prometheus
      enabled: false
      accounts: []
    - name: datadog
      enabled: false
      accounts: []
    - name: signalfx
      enabled: false
      accounts: []
    - name: aws
      enabled: false
      accounts: []
      s3Enabled: false
    reduxLoggerEnabled: true
    defaultJudge: NetflixACAJudge-v1.0
    stagesEnabled: true
    templatesEnabled: true
    showAllConfigsEnabled: true

Could anyone perhaps assist, I am expecting my existing services deployed to my kubernetes clusters via kubectl to be displayed as well as some information pulled from the accounts added but this is not the case.

hal -v
1.12.0-20181024113436

Regards


#2

I’d suggest taking a look in your clouddriver logs; it’s possible that the service account that Spinnaker is running as doesn’t have permission to read the existing infrastructure.

If that’s the case you may see some errors in the clouddriver logs indicating that it was unable to read information from your cluster—that’s where I’d check first.


#3

Thanks, I manged to solve this by installing the service account yml file to the clusters as described here: https://www.spinnaker.io/setup/install/providers/kubernetes-v2/#optional-create-a-kubernetes-service-account. I initially did not do this as it was an optional step.