StackStorm Deployment
StackStorm (ST2) is an open-source event-driven automation platform that integrates apps, services, and workflows. It uses sensors to detect events, triggers to initiate actions, and workflows for complex automations. StackStorm supports real-time automation, ChatOps, and integrates with various services like AWS, Kubernetes, and Slack.
Make sure you have the following prerequisites before starting:
A running Kubernetes cluster.
kubectl should be configured to access the cluster.
Helm 3 must be installed.
A storage class that supports
ReadWriteManyaccess mode.Docker Hub credentials to pull the private images.
Create Docker registry credentials
Create a dedicated namespace and a Docker registry secret so Kubernetes can pull the required private images.
kubectl create namespace virtana-stackstorm kubectl create secret docker-registry dh-reg-cred -n virtana-stackstorm \ --docker-server=https://index.docker.io/v2/ \ --docker-username=<username> \ --docker-password=<password>
Replace <username> and <password> with your Docker Hub credentials.
Create Persistent Volume Claims (PVCs)
StackStorm requires three persistent volumes to store packs, virtual environments, and configuration files. These must support ReadWriteMany since multiple pods will access them.
Create a new file stackstorm-pvcs.yaml with the following content, change storageClassName.
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-st2-packs
spec:
storageClassName: <STORAGE_CLASS>
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-st2-virtualenvs
spec:
storageClassName: <STORAGE_CLASS>
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-st2-configs
spec:
storageClassName: <STORAGE_CLASS>
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1GiField | Description |
|---|---|
| Unique name for the PVC. |
| The Kubernetes StorageClass used to provision the volume. Replace |
| Set to |
| Requested storage size. |
To create the PVCs, run the following command:
kubectl apply -f stackstorm-pvcs.yaml -n virtana-stackstorm
Create the StackStorm values file
Create a working directory in your repository to hold all StackStorm deployment configurations and confirm the namespace. In your preferred editor, create stackstorm-values.yaml to customize the Helm deployment.
image:
pullSecret: dh-reg-cred
global:
storageClass: ""
st2:
username: st2admin
password: Ch@ngeMe
packs:
images:
- repository: virtana
name: virtana-st2-pack
tag: latest
pullPolicy: Always
pullSecret: dh-reg-cred
volumes:
enabled: true
packs:
persistentVolumeClaim:
claimName: pvc-st2-packs
virtualenvs:
persistentVolumeClaim:
claimName: pvc-st2-virtualenvs
configs:
persistentVolumeClaim:
claimName: pvc-st2-configs
st2web:
service:
type: LoadBalancer
replicas: 1
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 50m
memory: 25Mi
mongodb:
image:
repository: bitnamilegacy/mongodb
architecture: replicaset
enabled: true
replicaCount: 2
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 10m
memory: 80Mi
rabbitmq:
image:
repository: bitnamilegacy/rabbitmq
tag: 3.8.9
replicaCount: 1
resources:
limits:
cpu: 500m
memory: 1.5Gi
requests:
cpu: 10m
memory: 80Mi
redis:
image:
repository: bitnamilegacy/redis
tag: 6.0.9
cluster:
slaveCount: 1
replica:
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 10m
memory: 80Mi
sentinel:
image:
repository: bitnamilegacy/redis-sentinel
tag: 6.0.9
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 10m
memory: 80Mi
st2actionrunner:
replicas: 3
resources:
limits:
cpu: 200m
memory: 400Mi
requests:
cpu: 75m
memory: 200Mi
st2api:
replicas: 1
resources:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 25m
memory: 150Mi
st2auth:
replicas: 1
resources:
limits:
cpu: 100m
memory: 170Mi
requests:
cpu: 50m
memory: 85Mi
st2client:
resources:
limits:
cpu: 200m
memory: 500Mi
requests:
cpu: 5m
memory: 5Mi
st2garbagecollector:
replicas: 1
resources:
limits:
cpu: 50m
memory: 160Mi
requests:
cpu: 10m
memory: 80Mi
st2notifier:
replicas: 1
resources:
limits:
cpu: 100m
memory: 150Mi
requests:
cpu: 50m
memory: 75Mi
st2rulesengine:
replicas: 1
resources:
limits:
cpu: 200m
memory: 400Mi
requests:
cpu: 25m
memory: 75Mi
st2scheduler:
replicas: 1
resources:
limits:
cpu: 100m
memory: 150Mi
requests:
cpu: 50m
memory: 75Mi
st2sensorcontainer:
deployments: 1
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 50m
memory: 100Mi
st2stream:
replicas: 1
resources:
limits:
cpu: 100m
memory: 200Mi
requests:
cpu: 50m
memory: 100Mi
st2timersengine:
resources:
limits:
cpu: 50m
memory: 150Mi
requests:
cpu: 10m
memory: 75Mi
st2workflowengine:
replicas: 1
resources:
limits:
cpu: 200m
memory: 400Mi
requests:
cpu: 100m
memory: 200Mi
The following table describes each field in the core StackStorm settings file.
Field | Description |
|---|---|
| Name of the Docker registry secret created. See Create Docker registry credentials. |
| Default storage class for all dynamically provisioned volumes. |
| Admin username for the StackStorm UI/API. Change from default. |
| Admin password, change from default for security. |
| List of custom StackStorm pack images to install at startup. |
| Docker registry namespace. |
| Pack image name. |
| Image tag. |
| When Kubernetes pulls the image. |
| Registry credential secret to pull the image. |
| Enables persistent storage for packs. |
| PVC for installed packs. |
| PVC for pack-specific Python virtual environments. |
| PVC for pack configuration files. |
The following table describes each field of the StackStorm Web UI.
Field | Description |
|---|---|
| Kubernetes Service type to expose the UI. |
| Number of UI pod replicas. |
| Maximum CPU/memory allowed per pod. |
| Minimum CPU/memory reserved per pod |
Each component below is a microservice that performs a specific role. They all support replicas and resources (limits/requests) configuration.
Component | Description |
|---|---|
| Executes actions triggered by workflows or rules. |
| Public REST API for the platform. |
| Handles authentication and token issuance. |
| CLI client utilities. |
| Cleans up old execution records to manage DB size. |
| Sends out notifications when actions complete. |
| Evaluates rules against incoming triggers. |
| Schedules actions for execution. |
| Hosts sensors that watch for external events. |
| Streams real-time events to clients via HTTP/SSE. |
| Handles scheduled/timed triggers |
| Orchestrates multi-step workflows |
Deploy StackStorm with Helm
This section adds the official StackStorm Helm repository and deploys (or upgrades) the stackstorm-ha chart using the stackstorm-values.yaml you customized earlier. Run these commands from the same machine where kubectl and helm are configured to point at your target cluster.
helm repo add stackstorm https://helm.stackstorm.com/ helm upgrade --install \ --namespace virtana-stackstorm --create-namespace \ virtana-stackstorm stackstorm/stackstorm-ha \ -f stackstorm-values.yaml \ --version "1.1.0"
Once the command completes successfully, Helm will provision all StackStorm microservices (for example, API, auth, action runners, sensors, MongoDB, RabbitMQ, Redis, and the Web UI) into the virtana-stackstorm namespace.
Open the StackStorm
Use these steps to verify that the deployment was successful, validate end-to-end connectivity from your browser to the cluster, and begin interacting with StackStorm.
Get the Service IP or Hostname.
For cloud providers that assign an IP
kubectl -n virtana-stackstorm get svc virtana-stackstorm-st2web \ -o=jsonpath='{.status.loadBalancer.ingress[0].ip}'For cloud providers that assign a hostname, for example, AWS ELB.
kubectl -n virtana-stackstorm get svc virtana-stackstorm-st2web \ -o=jsonpath='{.status.loadBalancer.ingress[0].hostname}'Open the URL
http://<STACKSTORM_IP_OR_HOSTNAME>/in your default browser.Log in using the credentials configured in
stackstorm-values.yaml.Username:
st2.usernamePassword:
st2.password