#general (2022-02)
General conversations related to DevOps/Automation
General Discussions
2022-02-01
Hey everyone, a quick question, in Atmos, I’m working on deploying a new organization with the account component utilizing atmos. Can anyone point in the atmos example repo, where the tenant variable is defined?
Thank you for your help!
I actually keep getting this message:
The stack name pattern '{tenant}-{environment}-{stage}' specifies 'tenant, but the stack gbl-root does not have a tenant defined`
Which I’m a bit confused about. In the readme it specifies tenant isn’t required so I removed but it still wants an environment and stage. I can add these in the gbl-root but I’m not sure if that is needed when creating the acocunts. I also followed the the example you provided and still receive that message when I run an atmos terraform plan .
Finally, I also tried commenting the name_pattern from the config to test, but it won’t run without it.
Any direction would be helpful, specifically, I want to follow best practice here.
Without digging deep (on my end), your stacks should have the pattern {tenant}-{environment}-{stage} — gbl-root doesn’t follow that pattern.
In the README it specifies that the tenant label is optional. But if that’s the stack name pattern specified in atmos.yaml should be {environment}-{stage}, not '{tenant}-{environment}-{stage}.
I’m by no means saying that the README is clear or denying that it can be confusing the tenant label is still relatively new.
Well tenant, isn’t mentioned in the README at all, so looks like this is definitely under-documented
Thanks @Yonatan Koren I haven’t had too much time to dedicate to this so I apologize for the late reply, and thank you for opening up the issue. Just wanted to clairfy, the gbl-root comes from the account module.
Also Erik, thanks for the atmos channel. I’ll move my discussion there. Cheers
Slack Pro, Nice!
If Slackbot pings us all on the new plan is that considered an advertisement
this is a BIG thanks to spacelift and @Paweł Hytry - Spacelift and @marcinw!
It’s cool also because recently I’ve been struggling to find something that was definitely discussed in the past in the Archive. Two thumbs up!
Yea, very excited about unlocking the 250K+ messages
plus all the private DM history (which to be absolutely clear, we have no access to; just I have had so many great conversations )
Kudos Folks, thanks to the sponsors
Hey everyone, give a warm welcome to our newest members!
- @Nisarg Pansuria
- @Shrivatsan Narayanaswamy
- @Sylvain Pajanissamy
- @J N
Good to have you here =)
22022-02-02
I noted that you folks recently purchased a paid Pro plan of Slack? It’s a lot of expenses for company, so consider migration to opensource Matrix.org protocol from Slack, here is some short info about this: https://element.io/blog/slack-migration/ So Matrix protocol is free for public and self-hosted instances, and much cheaper as SaaS than Slack: https://element.io/enterprise/pricing - you must pay only for active users at month, not for all registered.
you can also check Mattermost (slack api compatible for hooks) as a real alternative, matrix is a a bit different so it can be confuse (even if it give more feature)
I can’t sign into this community on a new device? It now requires a Google cloudposse.com account? Was this intentional or?
Crap
That should have been disabled
I don’t know how that setting got reverted again
I’ve disabled that
please try again
Yeah, i saw it last night and thought it might just be propagation within slacks network but it persisted this morning
works now *typing from new laptop
Did you get the new M1?
Hey everyone, give a warm welcome to our newest members!
- @Justin Nemmers
- @André
- @Carlos Abreu
- @Dag Viggo Lokoeen
- @Shaun Wang
Good to have you here =)
1
Anybody know about Traefik Pilot pricing?
2022-02-03
Hello everyone, I want to know more about the project sudosh (https://github.com/cloudposse/sudosh) and the usage. Actually I want to use this on my redhat 8.4 server the purpose is to log everything type by the users on the server. I get the “sudosh_linux_amd64” from github and name it sudosh and put it on my server on /usr/bin/. I add the path /usr/bin/sudosh on the file /etc/shells and change my user Command/shell with the command “usermod -s /usr/bin/sudosh osadmin” I also add the configuration on the sudoers files as mentionned on the github. But when I connect to the server with the user osadmin and I try to watch my shell I see bash and not sudosh : [osadmin@xxxxxxxxxx ~]$ echo $SHELL /usr/bin/bash Can you help me to understand the issue and how to see the logs of commands types by the users on the server ? Thank you
Sudosh is just a clever wrapper around the sudo command and the sudo command just runs bash
Or what ever your SHELL
And that variable is populated by your shell
Ok I understand, so it’s normal
my setup is correct ?
What exactly “clever wrapper” means ? it logs events that are launched in sudo ?
sorry maybe I misunderstood the purpose of sudosh and its use…
so the deal is that sudo the command that ships with most distros automatically supports console logging, including TTYs
but sudo cannot be directly used as a login shell
so we created a very lightweight wrapper that sets up the environment so that it can be used as a login shell
The whole wrapper is just 108 lines of basic go code.
Ok I see, thank you, to make sure I understand the purpose can you tell me what is the exact purpose to use sudo as a login shell ? What we can do or see with this ? And how ?
Hello, I try sudosh it works as I hope
But a question about the sudoers, why we need to put in sudoers the user ?
In my case I put this : osadmin ALL=(osadmin) ALL
I don’t wan’t to put my user in sudoers
Do you know how I can use sudosh without giving all privilege of sudoers to my user ?
Don’t use sudosh :-)
Sudosh is built on top of sudo.
Maybe you can provide a sudo rule based on a group that says the user can sudo self. Not sure if that expression is possible.
Hey everyone, give a warm welcome to our newest members!
- @kumarova.t
- @Gavin McNair
- @Jeff McCoy
- @Jonathan Perry
- @lib
- @mostafa fOtoh
- @Ricky Holland
- @Sofiane Stamboul
Good to have you here =)
12022-02-04
Hey everyone, give a warm welcome to our newest members!
- @Walt Flores
- @sjl2024
- @Ivan Lopez
- @Rayane BELLAZAAR
- @James von Hagel
Good to have you here =)
22022-02-05
Hey everyone, give a warm welcome to our newest members!
- @Dylan Bannon
- @Samer Shami
- @whileloop
- @tennisonyu
- @Miguel Zenteno
- @Ishau
Good to have you here =)
12022-02-06
Hey everyone, give a warm welcome to our newest members!
- @Carla Pușcaș
- @James G
Good to have you here =)
12022-02-07
Hey everyone, give a warm welcome to our newest members!
- @Billy Sewell
Good to have you here =)
12022-02-08
Q: how do y’all document your APIs for developers? I’m thinking something can take OpenAPI and spit out a big web page. My colleague was hoping Redocly would work but it’s not 100% for them.
there is also RAML that is a nice format with good tools, but yes openapi is quiete nice
Hey everyone, give a warm welcome to our newest members!
- @Marton Klecska
- @Manderson Cruz
- @Brad Alexander
- @Steven Kalt
Good to have you here =)
3
hi there! I’m here o learn some Atmos usage )
1
2022-02-09
Hey everyone, give a warm welcome to our newest members!
- @Dana Thomas
- @Darrin F
Good to have you here =)
12022-02-10
Hey everyone, give a warm welcome to our newest members!
- @Christian Kreiling
- @Nung Bedell
- @Travis Priest
- @sownieadam
- @carl
- @Kirill I.
Good to have you here =)
3
thanks!
been using the cloudposse terraform modules and saw ya’ll had a Slack
welcome!
Thanks. Working on a startup that’s getting close to launch and need to clean up DevOps — one of the team recommended this space.
2022-02-11
Hey everyone, give a warm welcome to our newest members!
- @Kenney Sharpton
- @Zeph
- @el
- @Don
- @github3
- @Jon Camp
- @rafa_d
- @Tyler Jarjoura
Good to have you here =)
2
2022-02-12
Hey everyone, give a warm welcome to our newest members!
- @He Qing
- @Phil Chen
Good to have you here =)
2022-02-13
Hey everyone, give a warm welcome to our newest members!
- @maddog
- @sunkaras58
- @Francois Baligant
- @diecristher
Good to have you here =)
1
2022-02-14
Hey everyone, give a warm welcome to our newest members!
- @Nick Forte
- @Aleksei Khudiakov
Good to have you here =)
22022-02-15
Hey everyone, give a warm welcome to our newest members!
- @Lachlan Wells
- @Ravi D. Singh
- @Josh
Good to have you here =)
22022-02-16
Hey everyone, give a warm welcome to our newest members!
- @Ola Lawal
- @David DeSalvo
- @chouhanshreya17
- @Mike Shoup
Good to have you here =)
22022-02-17
Hey everyone, give a warm welcome to our newest members!
- @Antonio Gonzalez
- @kev.dodd
- @Yash Shukla
Good to have you here =)
3
2022-02-18
Hey everyone, give a warm welcome to our newest members!
- @David Pankros
- @joe g
- @Yosuke Asai
- @Jesús Heredia
- @Diogo Leal Andrade
Good to have you here =)
22022-02-19
Hey everyone, give a warm welcome to our newest members!
- @John Carter
- @Maximiliano Moretti
Good to have you here =)
12022-02-20
Hey everyone, give a warm welcome to our newest members!
- @Frank
Good to have you here =)
22022-02-21
Hey everyone, give a warm welcome to our newest members!
- @Martin Caarels
- @rosscdh
- @kp
- @hasinireddybitla2404
- @Dogers
Good to have you here =)
3
2022-02-22
Hey all thanks for the greetings, I have a few questions about 2 of the cloudposse terraform modules that seem to be misbehaving? Where is the best place to ask about them?
Also, make sure your aware with the latest aws provider 4.0 which broke many things
Hey everyone, give a warm welcome to our newest members!
- @Max Countryman
- @John-Paul Pagano
- @Eyal
Good to have you here =)
42022-02-23
Hey everyone, give a warm welcome to our newest members!
- @Kristian Kvilekval
- @A. Enes Turan
- @kinnu336
- @jayvanth wilson
- @Manolo Scardino
- @Blardo
- @Thiago
Good to have you here =)
42022-02-24
Hey everyone, give a warm welcome to our newest members!
- @Gavin Stevens
- @Chandler Forrest
- @Tyson Malchow
Good to have you here =)
12022-02-25
Hi everyone anyone have use garden.io?
Hey everyone, give a warm welcome to our newest members!
- @Arpan Rajani
- @Wilson Mar
- @sohaibahmed98
- @Rafael Felini
- @Waqar Ahmed
- @Zack Johnson
Good to have you here =)
22022-02-27
2022-02-28
Hey everyone, give a warm welcome to our newest members!
- @freddyrincones
- @kingsilemobayo
- @Luc Juggery
- @Zineb Ettahiri
- @Norbert Takács
- @Levi Figueira
- @John Dibling
- @prashanttiwari1337
- @Patrick Jones
Good to have you here =)
2
$ docker run -it –rm –privileged -e BUCKET=”picard-prov” -e AWS_ACCESS_KEY_ID=xxxxxx -e AWS_SECRET_ACCESS_KEY=yyyyy cloudposse/goofys 2022/02/28 2002.494053 s3.ERROR code=RequestError msg=send request failed, err=Head https://s3.amazonaws.com/picard-prov/ogef86g2jki80a0ywnh2ow7mfpsn0ifm: x509: certificate signed by unknown authority
2022/02/28 2002.494121 main.ERROR Unable to access ‘picard-prov’: RequestError: send request failed caused by: Head https://s3.amazonaws.com/picard-prov/ogef86g2jki80a0ywnh2ow7mfpsn0ifm: x509: certificate signed by unknown authority
How do I get past the “certificate signed by unknown authority” error?
add in /etc/docker/deamon.json file below:
{
"insecure-registries" : ["your-registry-url"]
}
if file is not present then create file at that path.
I have modified the daemon.json. I have also tried other advice so my command and errors look like:
docker run -it –rm –privileged -e DOCKER_TLS_CERTDIR=”” -e BUCKET=”picard-prov” -e AWS_ACCESS_KEY_ID=xxxxx -e AWS_SECRET_ACCESS_KEY=yyyyyy cloudposse/goofys 2022/03/01 2005.726495 s3.ERROR code=RequestError msg=send request failed, err=Head https://s3.amazonaws.com/picard-prov/y8q2s47zkx6cryhzuxzmo2oxdv2om5sf: x509: certificate signed by unknown authority
2022/03/01 2005.726588 main.ERROR Unable to access ‘picard-prov’: RequestError: send request failed caused by: Head https://s3.amazonaws.com/picard-prov/y8q2s47zkx6cryhzuxzmo2oxdv2om5sf: x509: certificate signed by unknown authority 2022/03/01 2005.726609 main.FATAL Mounting file system: Mount: initialization failed
Any thought?