Skip to main content

StackStorm Deployment

StackStorm (ST2) is an open-source event-driven automation platform that integrates apps, services, and workflows. It uses sensors to detect events, triggers to initiate actions, and workflows for complex automations. StackStorm supports real-time automation, ChatOps, and integrates with various services like AWS, Kubernetes, and Slack.

Make sure you have the following prerequisites before starting:

  • A running Kubernetes cluster.

  • kubectl should be configured to access the cluster.

  • Helm 3 must be installed.

  • A storage class that supports ReadWriteMany access mode.

  • Docker Hub credentials to pull the private images.

Create Docker registry credentials

Create a dedicated namespace and a Docker registry secret so Kubernetes can pull the required private images.

kubectl create namespace virtana-stackstorm

kubectl create secret docker-registry dh-reg-cred -n virtana-stackstorm \
  --docker-server=https://index.docker.io/v2/ \
  --docker-username=<username> \
  --docker-password=<password>

Replace <username> and <password> with your Docker Hub credentials.

Create Persistent Volume Claims (PVCs)

StackStorm requires three persistent volumes to store packs, virtual environments, and configuration files. These must support ReadWriteMany since multiple pods will access them.

Create a new file stackstorm-pvcs.yaml with the following content, change storageClassName.

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-st2-packs
spec:
  storageClassName: <STORAGE_CLASS>
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-st2-virtualenvs
spec:
  storageClassName: <STORAGE_CLASS>
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-st2-configs
spec:
  storageClassName: <STORAGE_CLASS>
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
Table 100.

Field

Description

metadata.name

Unique name for the PVC.

spec.storageClassName

The Kubernetes StorageClass used to provision the volume. Replace <STORAGE_CLASS> with your cluster's storage class.

spec.accessModes

Set to ReadWriteMany so multiple StackStorm pods can simultaneously mount the volume

spec.resources.requests.storage

Requested storage size.



To create the PVCs, run the following command:

kubectl apply -f stackstorm-pvcs.yaml -n virtana-stackstorm

Create the StackStorm values file

Create a working directory in your repository to hold all StackStorm deployment configurations and confirm the namespace. In your preferred editor, create stackstorm-values.yaml to customize the Helm deployment.

image:
  pullSecret: dh-reg-cred

global:
  storageClass: ""  

st2:
  username: st2admin       
  password: Ch@ngeMe       
  packs:
    images:
      - repository: virtana
        name: virtana-st2-pack
        tag: latest
        pullPolicy: Always
        pullSecret: dh-reg-cred
    volumes:
      enabled: true
      packs:
        persistentVolumeClaim:
          claimName: pvc-st2-packs
      virtualenvs:
        persistentVolumeClaim:
          claimName: pvc-st2-virtualenvs
      configs:
        persistentVolumeClaim:
          claimName: pvc-st2-configs

st2web:
  service:
    type: LoadBalancer  
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 200Mi
    requests:
      cpu: 50m
      memory: 25Mi

mongodb:
  image:
    repository: bitnamilegacy/mongodb
  architecture: replicaset
  enabled: true
  replicaCount: 2
  resources:
    limits:
      cpu: 500m
      memory: 1Gi
    requests:
      cpu: 10m
      memory: 80Mi

rabbitmq:
  image:
    repository: bitnamilegacy/rabbitmq
    tag: 3.8.9
  replicaCount: 1
  resources:
    limits:
      cpu: 500m
      memory: 1.5Gi
    requests:
      cpu: 10m
      memory: 80Mi

redis:
  image:
    repository: bitnamilegacy/redis
    tag: 6.0.9
  cluster:
    slaveCount: 1
  replica:
    resources:
      limits:
        cpu: 500m
        memory: 1Gi
      requests:
        cpu: 10m
        memory: 80Mi
  sentinel:
    image:
      repository: bitnamilegacy/redis-sentinel
      tag: 6.0.9
    resources:
      limits:
        cpu: 500m
        memory: 1Gi
      requests:
        cpu: 10m
        memory: 80Mi
st2actionrunner:
  replicas: 3
  resources:
    limits:
      cpu: 200m
      memory: 400Mi
    requests:
      cpu: 75m
      memory: 200Mi
st2api:
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 300Mi
    requests:
      cpu: 25m
      memory: 150Mi
st2auth:
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 170Mi
    requests:
      cpu: 50m
      memory: 85Mi
st2client:
  resources:
    limits:
      cpu: 200m
      memory: 500Mi
    requests:
      cpu: 5m
      memory: 5Mi
st2garbagecollector:
  replicas: 1
  resources:
    limits:
      cpu: 50m
      memory: 160Mi
    requests:
      cpu: 10m
      memory: 80Mi
st2notifier:
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 150Mi
    requests:
      cpu: 50m
      memory: 75Mi
st2rulesengine:
  replicas: 1
  resources:
    limits:
      cpu: 200m
      memory: 400Mi
    requests:
      cpu: 25m
      memory: 75Mi
st2scheduler:
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 150Mi
    requests:
      cpu: 50m
      memory: 75Mi
st2sensorcontainer:
  deployments: 1
  resources:
    limits:
      cpu: 500m
      memory: 1Gi
    requests:
      cpu: 50m
      memory: 100Mi
st2stream:
  replicas: 1
  resources:
    limits:
      cpu: 100m
      memory: 200Mi
    requests:
      cpu: 50m
      memory: 100Mi
st2timersengine:
  resources:
    limits:
      cpu: 50m
      memory: 150Mi
    requests:
      cpu: 10m
      memory: 75Mi
st2workflowengine:
  replicas: 1
  resources:
    limits:
      cpu: 200m
      memory: 400Mi
    requests:
      cpu: 100m
      memory: 200Mi

The following table describes each field in the core StackStorm settings file.

Table 101.

Field

Description

image.pullSecret

Name of the Docker registry secret created. See Create Docker registry credentials.

global.storageClass

Default storage class for all dynamically provisioned volumes.

st2.username

Admin username for the StackStorm UI/API. Change from default.

st2.password

Admin password, change from default for security.

st2.packs.images

List of custom StackStorm pack images to install at startup.

st2.packs.images[].repository

Docker registry namespace.

st2.packs.images[].name

Pack image name.

st2.packs.images[].tag

Image tag.

st2.packs.images[].pullPolicy

When Kubernetes pulls the image.

st2.packs.images[].pullSecret

Registry credential secret to pull the image.

st2.packs.volumes.enabled

Enables persistent storage for packs.

st2.packs.volumes.packs.persistentVolumeClaim.claimName

PVC for installed packs.

st2.packs.volumes.virtualenvs.persistentVolumeClaim.claimName

PVC for pack-specific Python virtual environments.

st2.packs.volumes.configs.persistentVolumeClaim.claimName

PVC for pack configuration files.



The following table describes each field of the StackStorm Web UI.

Table 102.

Field

Description

st2web.service.type

Kubernetes Service type to expose the UI.

st2web.replicas

Number of UI pod replicas.

st2web.resources.limits

Maximum CPU/memory allowed per pod.

st2web.resources.requests

Minimum CPU/memory reserved per pod



Each component below is a microservice that performs a specific role. They all support replicas and resources (limits/requests) configuration.

Table 103.

Component

Description

st2actionrunner

Executes actions triggered by workflows or rules.

st2api

Public REST API for the platform.

st2auth

Handles authentication and token issuance.

st2client

CLI client utilities.

st2garbagecollector

Cleans up old execution records to manage DB size.

st2notifier

Sends out notifications when actions complete.

st2rulesengine

Evaluates rules against incoming triggers.

st2scheduler

Schedules actions for execution.

st2sensorcontainer

Hosts sensors that watch for external events.

st2stream

Streams real-time events to clients via HTTP/SSE.

st2timersengine

Handles scheduled/timed triggers

st2workflowengine

Orchestrates multi-step workflows



Deploy StackStorm with Helm

This section adds the official StackStorm Helm repository and deploys (or upgrades) the stackstorm-ha chart using the stackstorm-values.yaml you customized earlier. Run these commands from the same machine where kubectl and helm are configured to point at your target cluster.

helm repo add stackstorm https://helm.stackstorm.com/

helm upgrade --install \
  --namespace virtana-stackstorm --create-namespace \
  virtana-stackstorm stackstorm/stackstorm-ha \
  -f stackstorm-values.yaml \
  --version "1.1.0"

Once the command completes successfully, Helm will provision all StackStorm microservices (for example, API, auth, action runners, sensors, MongoDB, RabbitMQ, Redis, and the Web UI) into the virtana-stackstorm namespace.

Open the StackStorm

Use these steps to verify that the deployment was successful, validate end-to-end connectivity from your browser to the cluster, and begin interacting with StackStorm.

  1. Get the Service IP or Hostname.

    For cloud providers that assign an IP

    kubectl -n virtana-stackstorm get svc virtana-stackstorm-st2web \
      -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'
    

    For cloud providers that assign a hostname, for example, AWS ELB.

    kubectl -n virtana-stackstorm get svc virtana-stackstorm-st2web \
      -o=jsonpath='{.status.loadBalancer.ingress[0].hostname}'
  2. Open the URL http://<STACKSTORM_IP_OR_HOSTNAME>/ in your default browser.

  3. Log in using the credentials configured in stackstorm-values.yaml.

    • Username: st2.username

    • Password: st2.password