I just installed new Spinnaker instance using Helm chart (stable/spinnaker) on my GKE cluster. In this configuration, Halyard is deployed to kubernetes cluster as a separate pod.
By default, in halyard config there is some default account which doesn’t point at any service account, kube config file or whatever. When I log in to Spinnaker, despite that in Halyard config exists some default account., I don’t see this account e.g. during deployment.
My questions are:
- Why if I connect to Halyard pod there is no kube config file, but ‘cluster-info’ command works? How does it happen?!
- How should I configure my halyard/deployment if I want to be able to deploy my app in any namespace I want (inside cluster spinnaker is deployed)? In my opinion, I should create new service account with ‘cluster-admin’ role binded. But how can I tell halyard: “hey, tell Spinnaker I want this account for my deployments”? Should I do this by ‘kubeConfig’ field? Or maybe using ‘serviceAccount’? If it’s ‘serviceAccount’, how should I provide token or something to authorize? How should I point spinnaker that “yeah, Kubernetes cluster you are deployed in is the Kubernetes cluster I want to use for my deployments”? What if I want to use an external cluster? Halyard documentation doesn’t say too much about that.
I didn’t find these answers in any tutorial in the internet, while it seems to be a base knowledge when deploying Spinnaker.
Thanks in advance!