Hashicorp had HashiConf 2020 virtually this year.  The two day conference debuted two new products, Hashi Boundary and Hashi Waypoint.  The former is an Identity at the perimeter solution and the later is their first offering in the CI/CD space.

What is Waypoint and how can we use it?  Let's dive in.

Setup

By now you're familiar with my pattern in Azure.  In summary, we will create an SP for AKS, a resource group, ACR (registry), AKS (cluster) and lastly show they are up.

$  az ad sp create-for-rbac -n ijk8suser --skip-assignment --output json > my_sp.json && export SP_PASS=`cat my_sp.json | jq -r .password` && export SP_ID=`cat my_sp.json | jq -r .appId`

$ az group create -n ijk8senv --location centralus

$ az acr create --name ijk8senv1cr --resource-group ijk8senv --sku Basic --admin-enabled true

$ az aks create -n ijk8s --resource-group ijk8senv --location centralus -
-node-count 3 --enable-cluster-autoscaler --min-count 2 --max-count 4 --generate-ssh-keys --network-plugin azure --network-policy azure --service-principal $SP_ID --client-secret $SP_PASS

Verification

$ az aks list -o table
Name    Location    ResourceGroup    KubernetesVersion    ProvisioningState    Fqdn
------  ----------  ---------------  -------------------  -------------------  ------------------------------------------------------
ijk8s   centralus   ijk8senv         1.17.11              Succeeded            ijk8s-ijk8senv-70b42e-ef4f4f76.hcp.centralus.azmk8s.io

$ az aks get-credentials -n ijk8s -g ijk8senv --admin
Merged "ijk8s-admin" as current context in /home/builder/.kube/config

$ kubectl get nodes
NAME                                STATUS   ROLES   AGE   VERSION
aks-nodepool1-45047845-vmss000000   Ready    agent   11h   v1.17.11
aks-nodepool1-45047845-vmss000002   Ready    agent   11h   v1.17.11

Installing Waypoint

Install waypoint with Apt. There is a brew package for Mac and a download for Windows as well (see Downloads).

$ curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
[sudo] password for builder:
OK
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint$ sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
Get:1 http://packages.cloud.google.com/apt cloud-sdk InRelease [6349 B]
Get:2 http://packages.cloud.google.com/apt cloud-sdk/main amd64 Packages [140 kB]
Hit:3 http://ppa.launchpad.net/git-core/ppa/ubuntu bionic InRelease
Get:4 https://packages.microsoft.com/repos/azure-cli bionic InRelease [3965 B]
Get:5 https://packages.microsoft.com/ubuntu/18.04/prod bionic InRelease [4003 B]
Get:6 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:7 https://apt.releases.hashicorp.com bionic InRelease [4421 B]
Hit:8 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:9 https://packages.microsoft.com/repos/azure-cli bionic/main amd64 Packages [10.9 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:11 https://packages.microsoft.com/ubuntu/18.04/prod bionic/main amd64 Packages [141 kB]
Get:12 https://apt.releases.hashicorp.com bionic/main amd64 Packages [12.1 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Get:14 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [1387 kB]
Get:15 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [1713 kB]
Get:16 http://security.ubuntu.com/ubuntu bionic-security/main Translation-en [274 kB]
Get:17 http://security.ubuntu.com/ubuntu bionic-security/restricted amd64 Packages [160 kB]
Get:18 http://security.ubuntu.com/ubuntu bionic-security/restricted Translation-en [21.5 kB]
Get:19 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [1075 kB]
Get:20 http://archive.ubuntu.com/ubuntu bionic-updates/main Translation-en [364 kB]
Get:21 http://archive.ubuntu.com/ubuntu bionic-updates/restricted amd64 Packages [178 kB]
Get:22 http://archive.ubuntu.com/ubuntu bionic-updates/restricted Translation-en [24.0 kB]
Get:23 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [1678 kB]
Get:24 http://security.ubuntu.com/ubuntu bionic-security/universe Translation-en [240 kB]
Get:25 http://security.ubuntu.com/ubuntu bionic-security/multiverse amd64 Packages [12.6 kB]
Get:26 http://security.ubuntu.com/ubuntu bionic-security/multiverse Translation-en [2936 B]
Get:27 http://archive.ubuntu.com/ubuntu bionic-updates/universe Translation-en [353 kB]
Get:28 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse amd64 Packages [31.6 kB]
Get:29 http://archive.ubuntu.com/ubuntu bionic-updates/multiverse Translation-en [6952 B]
Get:30 http://archive.ubuntu.com/ubuntu bionic-backports/main amd64 Packages [10.0 kB]
Get:31 http://archive.ubuntu.com/ubuntu bionic-backports/universe amd64 Packages [10.3 kB]
Fetched 8115 kB in 5s (1615 kB/s)
Reading package lists... Done

$ sudo apt-get update && sudo apt-get install waypoint
Hit:1 https://packages.microsoft.com/repos/azure-cli bionic InRelease
Hit:2 https://packages.microsoft.com/ubuntu/18.04/prod bionic InRelease
Hit:3 https://apt.releases.hashicorp.com bionic InRelease
Hit:4 http://packages.cloud.google.com/apt cloud-sdk InRelease
Hit:5 http://archive.ubuntu.com/ubuntu bionic InRelease
Hit:6 http://security.ubuntu.com/ubuntu bionic-security InRelease
Hit:7 http://ppa.launchpad.net/git-core/ppa/ubuntu bionic InRelease
Hit:8 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:9 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libdumbnet1 libstartup-notification0 libxcb-util1 python-chardet python-cliapp python-markdown python-pygments
  python-ttystatus python-yaml
Use 'sudo apt autoremove' to remove them.
The following NEW packages will be installed:
  waypoint
0 upgraded, 1 newly installed, 0 to remove and 209 not upgraded.
Need to get 74.7 MB of archives.
After this operation, 148 MB of additional disk space will be used.
Get:1 https://apt.releases.hashicorp.com bionic/main amd64 waypoint amd64 0.1.1 [74.7 MB]
Fetched 74.7 MB in 12s (6248 kB/s)
Selecting previously unselected package waypoint.
(Reading database ... 114263 files and directories currently installed.)
Preparing to unpack .../waypoint_0.1.1_amd64.deb ...
Unpacking waypoint (0.1.1) ...
Setting up waypoint (0.1.1) ...

Verification

$ waypoint --version
Welcome to Waypoint
Docs: https://waypointproject.io
Version: v0.1.1

Usage: waypoint [-version] [-help] [-autocomplete-(un)install] <command> [args]

Common commands
  build        Build a new versioned artifact from source
  deploy       Deploy a pushed artifact
  release      Release a deployment
  up           Perform the build, deploy, and release steps for the app

Other commands
  artifact        Artifact and build management
  config          Application configuration management
  context         Server access configurations
  deployment      Deployment creation and management
  destroy         Delete all the resources created for an app
  docs            Show documentation for components
  exec            Execute a command in the context of a running application instance
  hostname        Application URLs
  init            Initialize and validate a project
  install         Install the Waypoint server to Kubernetes, Nomad, or Docker
  logs            Show log output from the current application deployment
  runner          Runner management
  server          Server management
  token           Authenticate and invite collaborators
  ui              Open the web UI
  version         Prints the version of this Waypoint CLI

Installing Waypoint to AKS

This is ridiculously simple. I was pleasantly surprised there were no issues at all.

$ waypoint install --platform=kubernetes -accept-tos
service/waypoint created
statefulset.apps/waypoint-server created
Waypoint server successfully installed and configured!

The CLI has been configured to connect to the server automatically. This
connection information is saved in the CLI context named "install-1602808475".
Use the "waypoint context" CLI to manage CLI contexts.

The server has been configured to advertise the following address for
entrypoint communications. This must be a reachable address for all your
deployments. If this is incorrect, manually set it using the CLI command
"waypoint server config-set".

Advertise Address: 13.89.115.105:9701
HTTP UI Address: 13.89.115.105:9702
Waypoint UI running in AKS

Next, you'll need a token. This we can get from the command line.

$ waypoint token new
bM152PWkXxfoy4vA51JFhR7LsQPkR9F4NbKw9FMEz5EpJHCokuFtrybwUGQqb48j7MB24KZTejqbeqCgdkL56mkPsLuXyywGxEYGQ

Use that to login and you'll see instructions for adding a project

Let's do that now.

$ waypoint init
Initial Waypoint configuration created!
No Waypoint configuration was found in this directory.

A sample configuration has been created in the file "waypoint.hcl". This
file is heavily commented to help you get started.

Once you've setup your initial configuration, run "waypoint init" again to
validate the configuration and initialize your project.

$ cat waypoint.hcl
# The name of your project. A project typically maps 1:1 to a VCS repository.
# This name must be unique for your Waypoint server. If you're running in
# local mode, this must be unique to your machine.
project = "my-project"

# Labels can be specified for organizational purposes.
# labels = { "foo" = "bar" }

# An application to deploy.
app "web" {
    # Build specifies how an application should be deployed. In this case,
    # we'll build using a Dockerfile and keeping it in a local registry.
    build {
        use "docker" {}

        # Uncomment below to use a remote docker registry to push your built images.
        #
        # registry {
        #   use "docker" {
        #     image = "registry.example.com/image"
        #     tag   = "latest"
        #   }
        # }

    }

    # Deploy to Docker
    deploy {
        use "docker" {}
    }
}

First, let's setup a nodejs project:

$ npm init

$ npm install -g express-generator
npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
/home/builder/.nvm/versions/node/v8.10.0/bin/express -> /home/builder/.nvm/versions/node/v8.10.0/lib/node_modules/express-generator/bin/express-cli.js
+ express-generator@4.16.1
added 10 packages in 1.671s

$ express --view=pug myapp

   create : myapp/
   create : myapp/public/
   create : myapp/public/javascripts/
   create : myapp/public/images/
   create : myapp/public/stylesheets/
   create : myapp/public/stylesheets/style.css
   create : myapp/routes/
   create : myapp/routes/index.js
   create : myapp/routes/users.js
   create : myapp/views/
   create : myapp/views/error.pug
   create : myapp/views/index.pug
   create : myapp/views/layout.pug
   create : myapp/app.js
   create : myapp/package.json
   create : myapp/bin/
   create : myapp/bin/www

   change directory:
     $ cd myapp

   install dependencies:
     $ npm install

   run the app:
     $ DEBUG=myapp:* npm start

$ cd myapp

We need to enable AKS to talk to ACR. We can install a docker secret, but since we are both in Azure, we can just enable AKS to talk to our ACR.

$ az aks update -n ijk8s -g ijk8senv --attach-acr ijk8senv1cr
{
  "aadProfile": null,
  "addonProfiles": {
    "KubeDashboard": {
      "config": null,
      "enabled": true,
      "identity": null
    }
  },
  "agentPoolProfiles": [
    {
      "availabilityZones": null,
      "count": 2,
      "enableAutoScaling": true,
      "enableNodePublicIp": null,
      "maxCount": 4,
      "maxPods": 30,
      "minCount": 2,
      "name": "nodepool1",
      "nodeLabels": null,
      "nodeTaints": null,
      "orchestratorVersion": "1.17.11",
      "osDiskSizeGb": 128,
      "osType": "Linux",
      "provisioningState": "Succeeded",
      "scaleSetEvictionPolicy": null,
      "scaleSetPriority": null,
      "tags": null,
      "type": "VirtualMachineScaleSets",
      "vmSize": "Standard_DS2_v2",
      "vnetSubnetId": null
    }
  ],
  "apiServerAccessProfile": null,
  "dnsPrefix": "ijk8s-ijk8senv-70b42e",
  "enablePodSecurityPolicy": null,
  "enableRbac": true,
  "fqdn": "ijk8s-ijk8senv-70b42e-ef4f4f76.hcp.centralus.azmk8s.io",
  "id": "/subscriptions/asdfasdf-6faf-4fed-bcec-asdfasdf1234/resourcegroups/ijk8senv/providers/Microsoft.ContainerService/managedClusters/ijk8s",
  "identity": null,
  "identityProfile": null,
  "kubernetesVersion": "1.17.11",
  "linuxProfile": {
    "adminUsername": "azureuser",
    "ssh": {
      "publicKeys": [
        {
          "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDHZ3iOnMMLkiltuikXSjqudfCHmQvIjBGMOuGk6wedwG8Xai3uv0M/X3Z2LS6Ac8tComKEKg7Zje2KFBnvBJvU5JqkTwNHnmp682tXf15EYgn4tB7MDz5DUARpcUXJbYfUg8yPUDveYHw8PEm1n+1MvLJN0ftvdORG5CQQEl/m7jErbJJQI70xg7C8/HG5GmJpIQjDl7UVsJANKab/2/bbUlG1Sqp4cQ/LwxKxQ6/QK/HVauxDkudoTkFLqukLWVjHvNZD37MC/wygSsEVYF+yrkNJySlNbMk4ZNmMwva1yLX8Shhr8G4wWe8QI9Ska8B0keSIu8fzRWxXAv2gB3xB"
        }
      ]
    }
  },
  "location": "centralus",
  "maxAgentPools": 10,
  "name": "ijk8s",
  "networkProfile": {
    "dnsServiceIp": "10.0.0.10",
    "dockerBridgeCidr": "172.17.0.1/16",
    "loadBalancerProfile": {
      "allocatedOutboundPorts": null,
      "effectiveOutboundIps": [
        {
          "id": "/subscriptions/asdfasdf-6faf-4fed-bcec-asdfasdf1234/resourceGroups/MC_ijk8senv_ijk8s_centralus/providers/Microsoft.Network/publicIPAddresses/7f6cac00-6fbe-4c37-b254-659b1cb6c77c",
          "resourceGroup": "MC_ijk8senv_ijk8s_centralus"
        }
      ],
      "idleTimeoutInMinutes": null,
      "managedOutboundIps": {
        "count": 1
      },
      "outboundIpPrefixes": null,
      "outboundIps": null
    },
    "loadBalancerSku": "Standard",
    "networkPlugin": "azure",
    "networkPolicy": "azure",
    "outboundType": "loadBalancer",
    "podCidr": null,
    "serviceCidr": "10.0.0.0/16"
  },
  "nodeResourceGroup": "MC_ijk8senv_ijk8s_centralus",
  "privateFqdn": null,
  "provisioningState": "Succeeded",
  "resourceGroup": "ijk8senv",
  "servicePrincipalProfile": {
    "clientId": "asdfasdf-8390-460d-9fe4-asdfasdf1234",
    "secret": null
  },
  "tags": null,
  "type": "Microsoft.ContainerService/ManagedClusters",
  "windowsProfile": {
    "adminPassword": null,
    "adminUsername": "azureuser"
  }
}

Then we need to enable HCL to use our registry:

$ cat waypoint.hcl
project = "myapp"

app "myapp" {
  labels = {
    "service" = "myapp",
    "env"     = "dev"
  }

  build {
    use "pack" {}
    registry {
      use "docker" {
        image = "ijk8senv1cr.azurecr.io/myapp"
        tag   = "latest"
      }
    }
  }

  deploy {
    use "kubernetes" {
      probe_path = "/"
    }
  }

  release {
    use "kubernetes" {
    }
  }
}

Let's do an init

builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint init
✓ Configuration file appears valid
✓ Connection to Waypoint server was successful
✓ Project "myapp" and all apps are registered with the server.
✓ Plugins loaded and configured successfully
✓ Authentication requirements appear satisfied.

Project initialized!

You may now call 'waypoint up' to deploy your project or
commands such as 'waypoint build' to perform steps individually.

Then we can build (however waypoint up will do this for us)

$ waypoint build
Creating new buildpack-based image using builder: heroku/buildpacks:18
✓ Creating pack client
✓ Building image
 │ [exporter] Adding 1/1 app layer(s)
 │ [exporter] Adding layer 'launcher'
 │ [exporter] Adding layer 'config'
 │ [exporter] Adding label 'io.buildpacks.lifecycle.metadata'
 │ [exporter] Adding label 'io.buildpacks.build.metadata'
 │ [exporter] Adding label 'io.buildpacks.project.metadata'
 │ [exporter] *** Images (3e44fc2b490a):
 │ [exporter]       index.docker.io/library/myapp:latest
 │ [exporter] Adding cache layer 'heroku/nodejs-engine:nodejs'
 │ [exporter] Adding cache layer 'heroku/nodejs-engine:toolbox'
✓ Injecting entrypoint binary to image
✓ Tagging Docker image: myapp:latest => myapp:latest

...

⠙ Building image
 │ [builder] ---> Installing toolbox
 │ [builder] ---> Getting Node version
 │ [builder] ---> Resolving Node version
 │ [builder] ---> Reusing Node v12.19.0
 │ [builder] ---> Parsing package.json
 │ [builder] ---> No file to start server
 │ [builder] ---> either use 'docker run' to start container or add index.js or ser
 │ ver.js
 │ [builder] ---> Using npm v6.14.8 from Node
 │ [builder] ---> Installing node modules

...

 Building image
 │ [exporter] Reusing 1/1 app layer(s)
 │ [exporter] Reusing layer 'launcher'
 │ [exporter] Reusing layer 'config'
 │ [exporter] Adding label 'io.buildpacks.lifecycle.metadata'
 │ [exporter] Adding label 'io.buildpacks.build.metadata'
 │ [exporter] Adding label 'io.buildpacks.project.metadata'
 │ [exporter] *** Images (3e44fc2b490a):
 │ [exporter]       index.docker.io/library/myapp:latest
 │ [exporter] Reusing cache layer 'heroku/nodejs-engine:nodejs'
 │ [exporter] Reusing cache layer 'heroku/nodejs-engine:toolbox'
⠇ Injecting entrypoint binary to image


Then we can do waypoint up

$ waypoint up

» Building...
Creating new buildpack-based image using builder: heroku/buildpacks:18
✓ Creating pack client
✓ Building image
 │ [exporter] Reusing 1/1 app layer(s)
 │ [exporter] Reusing layer 'launcher'
 │ [exporter] Reusing layer 'config'
 │ [exporter] Adding label 'io.buildpacks.lifecycle.metadata'
 │ [exporter] Adding label 'io.buildpacks.build.metadata'
 │ [exporter] Adding label 'io.buildpacks.project.metadata'
 │ [exporter] *** Images (3e44fc2b490a):
 │ [exporter]       index.docker.io/library/myapp:latest
 │ [exporter] Reusing cache layer 'heroku/nodejs-engine:nodejs'
 │ [exporter] Reusing cache layer 'heroku/nodejs-engine:toolbox'
✓ Injecting entrypoint binary to image

Generated new Docker image: myapp:latest
✓ Tagging Docker image: myapp:latest => myapp:latest

» Deploying...
✓ Kubernetes client connected to https://ijk8s-ijk8senv-70b42e-ef4f4f76.hcp.centralus.azmk8s.io:443 with namespace default
✓ Creating deployment...
⠹ Waiting on deployment to become available: 1/1/0


 Docker image pushed: ijk8senv1cr.azurecr.io/myapp:latest

» Deploying...
✓ Kubernetes client connected to https://ijk8s-ijk8senv-70b42e-ef4f4f76.hcp.centralus.azmk8s.io:443 with namespace default
✓ Creating deployment...
✓ Deployment successfully rolled out!

» Releasing...
✓ Kubernetes client connected to https://ijk8s-ijk8senv-70b42e-ef4f4f76.hcp.centralus.azmk8s.io:443 with namespace default
✓ Creating service...
✓ Service is ready!

The deployment was successful! A Waypoint deployment URL is shown below. This
can be used internally to check your deployment and is not meant for external
traffic. You can manage this hostname using "waypoint hostname."

   Release URL: http://10.0.71.158:80
Deployment URL: https://cleanly-ideal-dolphin--v2.waypoint.run

Let's check our cluster:

$ kubectl get deployments
NAME                               READY   UP-TO-DATE   AVAILABLE   AGE
myapp-01emqn9a7t249smqjd517b5xn2   0/1     1            0           8h
myapp-01emqp2mjb9s8ryjyes560g2d7   1/1     1            1           8h

$ kubectl get pods
NAME                                                READY   STATUS         RESTARTS   AGE
myapp-01emqn9a7t249smqjd517b5xn2-cd56466b4-sg4lj    0/1     ErrImagePull   0          8h
myapp-01emqp2mjb9s8ryjyes560g2d7-6c55d746d8-bmh9g   1/1     Running        0          8h
waypoint-server-0                                   1/1     Running        0          10h

$ kubectl get svc
NAME         TYPE           CLUSTER-IP     EXTERNAL-IP     PORT(S)                         AGE
kubernetes   ClusterIP      10.0.0.1       <none>          443/TCP                         3h35m
myapp        ClusterIP      10.0.71.158    <none>          80/TCP                          2m17s
waypoint     LoadBalancer   10.0.125.253   13.89.115.105   9701:32336/TCP,9702:31333/TCP   162m

And the app:

So what did the deployment look like?

$ kubectl get deployments myapp-01emqp2mjb9s8ryjyes560g2d7 -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
  creationTimestamp: "2020-10-16T03:08:29Z"
  generation: 1
  name: myapp-01emqp2mjb9s8ryjyes560g2d7
  namespace: default
  resourceVersion: "31591"
  selfLink: /apis/apps/v1/namespaces/default/deployments/myapp-01emqp2mjb9s8ryjyes560g2d7
  uid: b1f0216b-4462-4031-a2ae-a161fa97b0a8
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      name: myapp-01emqp2mjb9s8ryjyes560g2d7
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        name: myapp-01emqp2mjb9s8ryjyes560g2d7
        waypoint.hashicorp.com/id: 01EMQASDFASDFASDFJYES560G2D7
    spec:
      containers:
      - env:
        - name: PORT
          value: "3000"
        - name: WAYPOINT_SERVER_TLS_SKIP_VERIFY
          value: "1"
        - name: WAYPOINT_CEB_INVITE_TOKEN
          value: 4RmBPBvZ1DkZTw93YzCpgYGyWVasdfasdfasdfasdfasdfasdfp8ShLZqj7yiU2wUa2U6VMzjuqdnDpdZd7BqSGvDCpMnmzuDHFRUNK9pwtPQG45emMW5A4BEbYs5pNGCud2vZfgL
        - name: WAYPOINT_DEPLOYMENT_ID
          value: 01EMQP2MDEEEXRQ8S7YNDAFKRQ
        - name: WAYPOINT_SERVER_ADDR
          value: 13.89.115.105:9701
        - name: WAYPOINT_SERVER_TLS
          value: "1"
        image: ijk8senv1cr.azurecr.io/myapp:latest
        imagePullPolicy: Always
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /
            port: 3000
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        name: myapp-01emqp2mjb9s8ryjyes560g2d7
        ports:
        - containerPort: 3000
          name: http
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /
            port: 3000
            scheme: HTTP
          initialDelaySeconds: 5
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext: {}
      terminationGracePeriodSeconds: 30
status:
  availableReplicas: 1
  conditions:
  - lastTransitionTime: "2020-10-16T03:14:48Z"
    lastUpdateTime: "2020-10-16T03:14:48Z"
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: "2020-10-16T03:08:29Z"
    lastUpdateTime: "2020-10-16T03:14:48Z"
    message: ReplicaSet "myapp-01emqp2mjb9s8ryjyes560g2d7-6c55d746d8" has successfully
      progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 1
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1

Waypoint UI

What we see here is that we can see the build, deployments and releases right at the top

The exec was interesting.. for one, was not availabe in the web ui yesdft:

When i did exec on the command line, it was pretty clear it was in Heroku, not AKS

$ waypoint exec pwd
Connected to deployment v2
/
$ waypoint exec uname
Connected to deployment v2
$ waypoint exec whoami
Connected to deployment v2
heroku
$ waypoint exec ps
Connected to deployment v2
   PID TTY          TIME CMD

Additionally, i tried a few ways, but couldnt get parameters to work

builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec 'ps -a'
Connected to deployment v2
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec "ps -a"
Connected to deployment v2
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec "sh -c ps -a"
Connected to deployment v2
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec "ls -ltra"
Connected to deployment v2
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec 'ls -ltra'
Connected to deployment v2
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ waypoint exec 'sh -c ls'
Connected to deployment v2

But this is the first day since the announcement so it's worth checking back on later.

Bad Releases

So i did have one with an improper image.. while i can see this is in error on the UI, there is no way to remove it from there:

Destroy

We can remove an active release, but apparently not the former failed ones:

So i did need to remove that one manually:

builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ kubectl get deployments
NAME                               READY   UP-TO-DATE   AVAILABLE   AGE
myapp-01emqn9a7t249smqjd517b5xn2   0/1     1            0           8h
builder@DESKTOP-2SQ9NQM:~/Documents/waypoint/myapp$ kubectl delete deployment myapp-01emqn9a7t249smqjd517b5xn2

Next steps

We can use hooks to add shell steps to our build: https://www.waypointproject.io/docs/waypoint-hcl/hook

We can also use golang to create our own plugins: https://www.waypointproject.io/docs/extending-waypoint/creating-plugins

We can also add hooks for GH Actions: https://www.waypointproject.io/docs/automating-execution/github-actions

Summary

Hashi Waypoint is a great initial offering.  It has a lot of promise and is worthy player in the CI/CD space for quick builds.  

However, it is an initial offering so we will watch to see how we can extend it to tie to ticketting systems and more complicated deployments, including blue/green, in the future.