In the build-up to Spinnaker Summit, our speakers have been dropping hints and previews of their upcoming talks in blogs, podcasts, and one-on-one interviews. While there's nothing quite like the original, some of their insights and anecdotes bear repeating.
A couple weeks ago, we summarized a podcast episode where Armory's Isaac Mosquera revealed a few golden nuggets of wisdom on effectively managing technical teams. Going by the popularity of that post, we've decided to turn another fascinating podcast ep into an easy read. This time, we listened to a podcast episode by DevOps.com where the host Mitch Ashley chats with Cameron Motevasselani, a software engineer at Armory.
Cameron is scheduled to give two jam-packed talks at the upcoming Summit: "Spinnaker Plugins: Extending Spinnaker for the Enterprise", and "Secrets Management with Spinnaker." In this post, we'll nicely sum up the episode so you can get a preview of both his talks and find out how Armory is extending Spinnaker. Read on.
Moving into GitOps with Secrets Management
Armory is known as a leader in continuous software delivery at enterprise-scale. Essentially, they offer a platform powered by Spinnaker with enterprise-grade availability and robust feature extensions already built-in and ready to go. Cameron is one of the savvy engineers working on the plugins to extend Spinnaker for enterprise use cases. He's also working on "Secrets Management," a secure capability so you can safely store your secrets (like database passwords and API keys) in your configs rather than in plaintext in Hal config files for a true GitOps workflow.
"Spinnaker manages your infrastructure. It essentially holds the keys to the kingdom," Cameron tells Mitch on the podcast. "It has your cluster keys and credentials to deploy cloud resources—you just can't have that stored in source control."
He explains that Secrets Management surfaced after speaking to Armory customers about their Spinnaker setups and how they deploy and manage the configurations for Spinnaker. Turns out that many of them want to move towards GitOps so they can manage their configuration via pull requests, but they can't because the keys are quite literally in the Spinnaker configurations.
"So we pulled those keys out and are essentially referring to them with our secrets management solution. So you can use different backing stores such as S3 Buckets or Vault, store your secrets there, then refer to them in the Spinnaker configuration."
Cameron concludes by saying his talk at Spinnaker Summit will focus on how Secrets Management works, how to implement it, and how it differs from other available open-source solutions.
Simplifying Spinnaker plugins for enterprise users
Spinnaker is a powerful CD platform, but it doesn’t natively integrate with every tool. Enterprises looking to leverage Spinnaker will still need to add some functionality themselves (read: plugins). In the podcast, Cameron discusses a new plugin system for Spinnaker that will make it easier for users to add functionality without having to rebuild and maintain the entire project, or go through pull requests to extend the project for their own purposes.
With the help of the open-source community, particularly Netflix and Google, Cameron and his team have been plugging away at an MVP of this new system. He admits there's still no UI to boast about, but they're working on it and will open source that too. What he can tell us now is that they'll be moving away from their current implementation into a full-fledged plugin framework called PF4J.
"Moving to PF4J will give us a lot of really nice features that our current information implementation doesn't have, such as using a different class loader for every plugin so that it can have its own dependencies." Cameron says, adding that PF4J is available on GitHub under an Apache license. He also highlights the major challenge that comes with creating a flexible plugin system, considering Spinnaker is many different micro-services composed into one application.
Cameron, along with fellow Armory software engineer Brandon Powell, will be sharing all the details of Armory's journey running and creating this much-needed project, as well as showcasing how easy this new plugin system will be for enterprise users.
"The idea here is to lower the barrier of entry for users, particularly in enterprises, to be able to create extensions for Spinnaker," Cameron explains. He says that most users interact with Spinnaker by creating pipelines and finding stages. So, rather than having to learn how Spinnaker works on a deep level, they can "implement this nice simple interface, click on what they need, and just get it going."
He concludes his airtime with an earnest promise: "By the end of the talk, the audience will see that this new system is an easy way of modifying or extending Spinnaker. We'll go through it together and I hope to leave them with a solid understanding of how to create and implement a plugin on their own."
Meet Cameron at Spinnaker Summit
If you want to keep the momentum going, check out Rob Zeinert's friendly blog post on how Netflix is extending Spinnaker, plus Airbnb's Brian Wolfe and Jens Vanderhaeghe's detailed post on how Airbnb scaled its migration to continuous delivery with Spinnaker.
Now, if you're left hungry for more details or some way to meet Cameron and other engineers in person to discuss your questions, we have good news: you can meet them at Spinnaker Summit! Finding out how leading companies leverage and extend Spinnaker is an ongoing theme, and we're expecting hundreds of industry leaders and savvy developers from almost every continent to join us. It's the place to be if you work (or want to start) with open source software. Register and save your spot while there's still time.