Using Spinnaker for Continuous Delivery on Kubernetes: Architecture, Pipelines, and Best Practices

Spinnaker in Kubernetes Environments

Spinnaker, originally created by Netflix, is an open‑source multi‑cloud continuous delivery tool that simplifies deploying applications to cloud providers such as GCP, AWS, and Azure, and provides a GUI for managing Kubernetes deployments.

While Kubernetes manages containers, it does not include built‑in CD capabilities; Spinnaker fills this gap by automating manifest generation, testing, and deployment, reducing the complexity of using Jenkins alone.

Using Spinnaker with Kubernetes

Spinnaker integrates with many cloud providers and, when installed on Kubernetes, offers native, manifest‑based deployments authenticated via a single account.

Key functions include application management (viewing, scaling, rolling back, etc.) and application deployment supporting strategies like Blue/Green, rolling updates, and canary releases, all orchestrated through pipelines and stages.

Spinnaker Architecture

Spinnaker consists of independent micro‑service components:

Deck – UI for interacting with Spinnaker

Gate – API gateway

Orca – pipeline orchestration

Clouddriver – cloud provider integrations

Front50 – metadata storage

Rosco – image baking

Igor – CI trigger integration (Jenkins, Travis CI)

Echo – notifications and webhooks

Fiat – authorization service

Kayenta – automated canary analysis

Halyard – installation and configuration

Designing Continuous Delivery Pipelines with Spinnaker

Five pipelines are demonstrated for deploying manifests and Docker images to DEV and UAT namespaces, including manual deployment pipelines that allow users to specify image tags.

Typical pipeline stages are:

Configure – automatic trigger detecting changes in YAML files or new Docker images

Jenkins – builds Docker images and records tags

Bake (Manifest) – renders Helm templates with image tags

Deploy (Manifest) – deploys the final artifact to the target namespace

Pipeline Workflow

Changes to Kubernetes manifests are pushed to GitHub, triggering webhooks to Jenkins, which builds Docker images and pushes them to Docker Hub. Spinnaker monitors Docker Hub, triggers the appropriate pipeline, and deploys the artifact to DEV or UAT.

Best Practices for Spinnaker CD Pipelines

Prefer editing YAML files in source control rather than directly in the Spinnaker GUI.

Use Docker image pushes as pipeline triggers instead of GitHub or Jenkins triggers.

Never bake secrets into Docker images; load them at runtime via cloud KMS.

Enable audit logging by integrating Spinnaker with cloud monitoring services (e.g., GCP Stackdriver, AWS CloudWatch).

Define Docker images in manifests by digest rather than tag to ensure immutable deployments.

Spinnaker provides a powerful CD platform for automating Kubernetes deployments, supporting pre‑deployment testing and accelerating code delivery to production.