#office-hours (2021-05)

Meeting password: sweetops

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Meeting password: sweetops

2021-05-26

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:50 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:27:49 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:50 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:17 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:42 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:33 PM

Michael Sew has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:48 PM

Gilberto Michishita Junior has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)
Why system backups no longer shield against ransomware attachment image

Backups no longer provide the protection against ransomware that they once did

AWS Launches EC2 Auto Scaling Warm Pools  attachment image

AWS recently released Warm Pools for EC2 Auto Scaling, which reduces the time and cost to scale out (aka horizontal scaling) applications by maintaining a pool of pre-initialized instances.

HashiCorp attachment image

The Terraform AWS provider now supports predictive scaling policy, a machine learning based scaling mechanism of Amazon EC2 Auto Scaling.

Zoom avatar
Zoom
06:31:19 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:23 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:28 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:44 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:11 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:23 PM

Brian Ojeda has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:28 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:51 PM

Wilson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:32 PM

Amelia Graycen has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:05 PM

Mohammed Yahya has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

looks like my connection died again

Zoom avatar
Zoom
06:34:29 PM

Andrey Nazarov has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:30 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
In the Works – AWS Region in the United Arab Emirates (UAE) | Amazon Web Services attachment image

We are currently building AWS regions in Australia, Indonesia, Spain, India, and Switzerland. UAE in the Works I am happy to announce that the AWS Middle East (UAE) Region is in the works and will open in the first half of 2022. The new region is an extension of our existing investment, which already includes […]

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
  • AWS Container Day @ DockerCon!
Zoom avatar
Zoom
06:35:48 PM

Stan M has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:05 PM

Hao Wang has joined Public “Office Hours”

Andrey Nazarov avatar
Andrey Nazarov

DockerCon’21 is starting tomorrow:)) https://docker.events.cube365.net/dockercon-live/2021

DockerCon 2021 attachment image

Attend DockerCon 2021 to see how Docker helps make it easy for you to focus more of your time on coding the next great application: from code to cloud. Submit your registration now to attend DockerCon 2021– designed for developers by developers.

Zoom avatar
Zoom
06:37:33 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:14 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:41:19 PM

Mazin Ahmed has joined Public “Office Hours”

Zoom avatar
Zoom
06:42:22 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:26 PM

Rajiv Ranjan has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:28 PM

Joe Hosteny has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:33 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:19 PM

imran.hussain has joined Public “Office Hours”

Zoom avatar
Zoom
06:47:03 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:47:13 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:48:36 PM

ASIS SETHI has joined Public “Office Hours”

Zoom avatar
Zoom
06:50:00 PM

ASIS SETHI has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)

Older presentation video/review for copilot video: https://www.youtube.com/watch?v=Ay8iUFWzF4U. There was a new Copilot video today at AWS Container Day. It should be up on YouTube tomorrow

Zoom avatar
Zoom
06:50:41 PM

Jailson Silva has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:02 PM

Andy Roth has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
aws/copilot-cli attachment image

The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner, Amazon ECS, and AWS Fargate. - aws/copilot-cli

Eric Berg avatar
Eric Berg

Anybody have experience restoring RDS snapshots, using Terraform? I’m just starting to look into this and I’m wondering how subsequent TF applies are impacted by setting snapshot_identifier , but what about subsequent applies? I saw some comments about setting ignore_changes for snapshot_identifier , whcih I’m thinking I should include as a variable for the TF, to manage it that way, rather than the data aws_db_snapshot source

Hao Wang avatar
Hao Wang

I did before and it always recreated the RDS instance no matter what snapshot_identifier is used

Hao Wang avatar
Hao Wang

it should be a bug

Zoom avatar
Zoom
06:54:37 PM

David Lozano has joined Public “Office Hours”

Zoom avatar
Zoom
06:55:47 PM

Blaise Pabon has joined Public “Office Hours”

Zoom avatar
Zoom
06:55:51 PM
Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)
Catch Infrastructure Drift attachment image

driftctl is a free and open-source CLI that warns of infrastructure drift and fills in the missing piece in your DevSecOps toolbox.

Hao Wang avatar
Hao Wang

question 1, how to use for_each with TF?

robwdux_sweetops avatar
robwdux_sweetops
Manage Similar Resources with For Each | Terraform - HashiCorp Learn attachment image

Provision similar infrastructure components by iterating over a data structure with the for_each argument. Duplicate an entire VPC including a load balancer and multiple EC2 instances for each project defined in a map.

Hao Wang avatar
Hao Wang

I learned a lot from Cloudposse’s amazing codes

2
Zoom avatar
Zoom
07:11:49 PM

uwaila adams has joined Public “Office Hours”

2021-05-19

kev avatar

Hi guys, I can’t make it this week. See you next. K

2
Luis Masaya avatar
Luis Masaya

I see that Hashicorp has v0.2 of Boundary (https://www.boundaryproject.io/). Maybe worth discussing in office hours and see if anyone has used it.

Boundary by HashiCorp attachment image

Boundary is an open source solution that automates a secure identity-based user access to hosts and services across environments.

1
managedkaos avatar
managedkaos

I’m definitely interested in app runner. reminds me of GCP Cloud Run which is a super simple way to get a container image running in no time flat (in my experience).

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:55 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

managedkaos avatar
managedkaos

:question: : what is the best practice to get Terraform to pick up changes to modules? I am finding that unless I remove the .terraform/modules/x` directory where the module is installed to force a new download/install, TF may or may not pick up changes to an unpinned module.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

did you try terraform get -update?

managedkaos avatar
managedkaos

nope! TIL!

managedkaos avatar
managedkaos

thanks

Zoom avatar
Zoom
06:29:46 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:08 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:26 PM

Mike Marseglia has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:18 PM

Michael Londeen has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:12 PM

Joe Hosteny has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:35 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:51 PM

Jeff Lanza has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:11 PM

Brandon vh has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Restrict Plan or Apply to Github Teams or Github Users · Issue #308 · runatlantis/atlantis attachment image

what Allow operator to define a list of permitted users who can trigger atlantis commands why Currently, the only way to restrict access is by adding/revoking users from a repository altogether. We…

Zoom avatar
Zoom
06:44:45 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:48 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:52 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:56 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:57 PM

Scott Mathson has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:00 PM

Anton Babenko has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:01 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:06 PM

Mike Marseglia has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:10 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:22 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:23 PM

Michael Londeen has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:25 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:27 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:31 PM

Jacob Evans has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:31 PM

Joaquin Menchaca has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:32 PM

Nick James has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:35 PM

Igor Bronovskyi has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:35 PM

Steven Hopkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:36 PM

Steven Hopkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:44 PM

Jeff Lanza has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:48 PM

Alex Siegman has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:51 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:51 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:56 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:05 PM

Michael Padgett has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:12 PM

Joe Hosteny has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:19 PM

Prasanna Venkataraman has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:26 PM

David Lozano has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:27 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:33 PM

Rashid has joined Public “Office Hours”

Zoom avatar
Zoom
06:47:49 PM

Eric Berg has joined Public “Office Hours”

Joaquin Menchaca avatar
Joaquin Menchaca

Terraform question, you upgrade new minor version of terraform, and suddenly, when doing terraform apply, it wasn’t to recreate your VPC, EKS, etc. Will this ever be fixed? Example, v0.12.30 to v0.12.31.

Zoom avatar
Zoom
06:58:37 PM

Hao Wang has joined Public “Office Hours”

Zoom avatar
Zoom
07:02:06 PM

Emile Fugulin has joined Public “Office Hours”

Joaquin Menchaca avatar
Joaquin Menchaca

Reverse Proxy web caching looks interesting, can work with nginx, apache, traefik… https://github.com/Darkweak/Souin

Darkweak/Souin attachment image

A cache system built on top of different reverse-proxy to cache data easily and save precious ms compatible with @traefik, @caddyserver, @nginx and @apache - Darkweak/Souin

sytten avatar
sytten

Pasted that a few days ago, https://github.com/cloudskiff/driftctl wanted to know if people used it on large production system

matt avatar
aws-cloudformation/cloudformation-guard attachment image

Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans…

David Lozano avatar
David Lozano

would like to hear some thoughts on AWS ECS copilot if anyone has given it a try

Overview - AWS Copilot CLI

Develop, Release and Operate Container Apps on AWS.

2021-05-18

2021-05-12

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:42 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:30:21 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:22 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:22 PM

Scott Mathson has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:27 PM

Jacob Evans has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:28 PM

Emile Fugulin has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:33 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:38 PM

Kevin Ryan has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:43 PM

Andrew Grube has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:45 PM

Steven Hopkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:59 PM

Harold R has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:14 PM

Dave Hill has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:18 PM

mb Branski has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:25 PM

Nate Selzer has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:33 PM

Leo Zavala has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:35 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:18 PM

katrina walker has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:21 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:24 PM

Gilberto Michishita Junior has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:50 PM
Zoom avatar
Zoom
06:32:57 PM

Venkata Mutyala has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)
Atlassian Open DevOps Integrates Jira with Tools Like GitHub and Datadog attachment image

Atlassian has released Open DevOps, their new platform offering integrating Atlassian products and partner offerings. Open DevOps integrates Jira Software, Confluence, Bitbucket, and Opsgenie into a single project. It is possible to integrate with other tools, such as GitHub and Datadog, with minimal integration.

Resolve IT Incidents Faster with Incident Manager, a New Capability of AWS Systems Manager | Amazon Web Services

IT engineers pride themselves on the skill and care they put into building applications and infrastructure. However, as much as we all hate to admit it, there is no such thing as 100% uptime. Everything will fail at some point, often at the worst possible time, leading to many a ruined evening, birthday party, or […]

HIP for Helm 4 planning and development process by technosophos · Pull Request #179 · helm/community attachment image

This is a draft proposal for how Helm 4 development can proceed. Signed-off-by: Matt Butcher [email protected]

Add `templatestring` function by nitrocode · Pull Request #28686 · hashicorp/terraform attachment image

Closes #26838 This allows us to fully deprecate the template provider by allowing us to templatize a string. ✗ go install . ✗ ~/go/bin/terraform console > templatestring("Hello, $${name}!&q…

Zoom avatar
Zoom
06:33:20 PM

John Mitchell has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:34 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:42 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:05 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:34 PM

Alex Siegman has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:35 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:21 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:32 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:35 PM

David Lozano has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:53 PM

Andrew Way has joined Public “Office Hours”

Zoom avatar
Zoom
06:48:41 PM

Igor Bronovskyi has joined Public “Office Hours”

Zoom avatar
Zoom
06:51:40 PM

mb Branski has joined Public “Office Hours”

Zoom avatar
Zoom
06:52:23 PM

Michael Londeen has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:43 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
06:55:10 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:56:03 PM

mb Branski has joined Public “Office Hours”

Zoom avatar
Zoom
06:57:36 PM

Eric Berg has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Building a Private Terraform Registry

In this essay I go through a few steps that describe how to implement a read-only private Terraform registry, serving custom providers privately to be used with Terraform, using Python and Flask.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

anthology - Private Terraform registry implementation as an alternative to the official registry.

citizen - Private Terraform Module Registry

terraform-simple-registry - Simple implementation of the Terraform registry protocols.

erikvanbrakel/anthology attachment image

A private Terraform registry implementation as an alternative to the official registry. - erikvanbrakel/anthology

outsideris/citizen attachment image

A Private Terraform Module Registry. Contribute to outsideris/citizen development by creating an account on GitHub.

apparentlymart/terraform-simple-registry attachment image

Contribute to apparentlymart/terraform-simple-registry development by creating an account on GitHub.

Zoom avatar
Zoom
07:03:44 PM

uwaila adams has joined Public “Office Hours”

Zoom avatar
Zoom
07:05:25 PM

Andy Roth has joined Public “Office Hours”

David Lozano avatar
David Lozano

would like to hear some thoughts on AWS ECS copilot if anyone has given it a try

Overview - AWS Copilot CLI

Develop, Release and Operate Container Apps on AWS.

Zoom avatar
Zoom
07:13:35 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
07:14:08 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
07:14:28 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
07:17:16 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
07:26:43 PM

Andrew Thompson has joined Public “Office Hours”

roth.andy avatar
roth.andy

Here’s the beginning of the thread on Twitter about the different levels of answers for the same interview question that I mentioned:

https://twitter.com/QuinnyPig/status/1390802669321658369

Here’s the one I was talking about:

https://twitter.com/QuinnyPig/status/1390815715939078145

This is a terrific question that deserves a thread of its own. https://twitter.com/santi1524/status/1390746069643022339

[@QuinnyPig> @DuckbillGroup <https://twitter.com/awscloud @awscloud](https://twitter.com/QuinnyPig) Are you folks planning to hire junior level in the future?

Let me give an example of an interview question we used when filling our Principal Cloud Economist role:

“You’ve got $1m/mo in spend for a large Kubernetes cluster. What do you do to find ways to decrease the cost?”

I will pause here; hit reply and tell me your answers.

Blaise Pabon avatar
Blaise Pabon

, I’m a fan of Corey Quinn also. I’ve been away for a few weeks, has @Erik Osterman (Cloud Posse): re-surfaced the discussion about k8s resource usage accounting?

This is a terrific question that deserves a thread of its own. https://twitter.com/santi1524/status/1390746069643022339

[@QuinnyPig> @DuckbillGroup <https://twitter.com/awscloud @awscloud](https://twitter.com/QuinnyPig) Are you folks planning to hire junior level in the future?

Let me give an example of an interview question we used when filling our Principal Cloud Economist role:

“You’ve got $1m/mo in spend for a large Kubernetes cluster. What do you do to find ways to decrease the cost?”

I will pause here; hit reply and tell me your answers.

sytten avatar
sytten

The founder of cloudskiff contacted for feedback on driftctl (infra drift detection tool), https://github.com/cloudskiff/driftctl

cloudskiff/driftctl attachment image

Detect, track and alert on infrastructure drift. Contribute to cloudskiff/driftctl development by creating an account on GitHub.

1
Gerald avatar
Gerald

Hi folks I’m part of the team. Happy to jump in whenever you discuss it

cloudskiff/driftctl attachment image

Detect, track and alert on infrastructure drift. Contribute to cloudskiff/driftctl development by creating an account on GitHub.

sytten avatar
sytten

Just putting it out here if people want to try it and we can discuss it next office hour

2021-05-05

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:47 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Eric Berg avatar
Eric Berg

How do I keep a failed pod from being terminated, so we can do forensic evals? can I set/remove labels to do that?

1
Zoom avatar
Zoom
06:30:16 PM

Kerri Rist (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:19 PM

Dhaval Dedhia has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:27 PM

Parthasarathi S has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:27 PM

Robert Jackson has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:29 PM

Venkata Mutyala has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:33 PM

Sam C has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:37 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:39 PM

Ian Bartholomew has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:42 PM

Colton Wrisner has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:42 PM

Tim Davis has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:45 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:47 PM

Jeremy (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:48 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:50 PM

Ayrton Araújo has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:55 PM

Kristopher Flint has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:04 PM

Lionel LONKAP has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:25 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:25 PM

Hao Wang has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:42 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:43 PM

Leia Renée has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:01 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:10 PM

Scott Mathson has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:13 PM

Mohammed Yahya has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:16 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:16 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:29 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:32 PM

Ray Myers has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:34 PM

Michael Padgett has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:18 PM

Joaquin Menchaca has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:23 PM

Gonzalo Acosta has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:10 PM

David Lozano has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:31 PM

Stan M has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:45 PM

Jeremy Parker has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:05 PM

Jeff Lanza has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:54 PM

Jeff Vier has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:22 PM

Michael Londeen has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
Introducing CloudFront Functions – Run Your Code at the Edge with Low Latency at Any Scale | Amazon Web Services attachment image

With Amazon CloudFront, you can securely deliver data, videos, applications, and APIs to your customers globally with low latency and high transfer speeds. To offer a customized experience and the lowest possible latency, many modern applications execute some form of logic at the edge. The use cases for applying logic at the edge can be […]

Zoom avatar
Zoom
06:41:24 PM

Gabriel Boie has joined Public “Office Hours”

Leia Renée avatar
Leia Renée

Question: ELK or Prometheus? Or Both where Prometheus is used for metrics and ELK is used for log collection and analysis? What is the suitable approach for central alerting?

Dylan Humphreys avatar
Dylan Humphreys

They are two different things. Elasticsearch is first and foremost an indexer, while prometheus is a time series database.

Dylan Humphreys avatar
Dylan Humphreys

We have both. ELK for logs, Prometheus for metrics, then Grafana which aggregates data from Prometheus and ElasticSearch

Andrey Nazarov avatar
Andrey Nazarov

Loki might be considered as an alternative for logging

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
SIGs to TAGs by amye · Pull Request #654 · cncf/toc attachment image
SIGs have changed names to TAGs as of 5/5/2021, this should resolve all of that in this repo. Changes proposed to the rest of the TAGs today. Also need to rename the repos below: SIG Security L…
Zoom avatar
Zoom
06:43:05 PM

tamsky has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:26 PM

uwaila adams has joined Public “Office Hours”

Jeremy (Cloud Posse) avatar
Jeremy (Cloud Posse)

EphemeralContainers is an alpha Feature Gate (default false) available starting with 1.16 and according to the latest docs still alpha and defaulting to false through the current 1.21

Feature Gates

This page contains an overview of the various feature gates an administrator can specify on different Kubernetes components. See feature stages for an explanation of the stages for a feature. Overview Feature gates are a set of key=value pairs that describe Kubernetes features. You can turn these features on or off using the –feature-gates command line flag on each Kubernetes component. Each Kubernetes component lets you enable or disable a set of feature gates that are relevant to that component.

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
New Relic open sources Pixie, its Kubernetes-native in-cluster observability platform | ZDNet attachment image

Want to know what’s really going on in your Kubernetes cluster? Pixie, which just became a Cloud Native Computing Foundation program, can help.

Zoom avatar
Zoom
06:51:23 PM

Steven Hopkins has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
eBPF - Introduction, Tutorials & Community Resources attachment image

eBPF is a revolutionary technology that can run sandboxed programs in the Linux kernel without changing kernel source code or loading a kernel module.

Zoom avatar
Zoom
06:53:19 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:38 PM

Andy Roth has joined Public “Office Hours”

Jeremy (Cloud Posse) avatar
Jeremy (Cloud Posse)
EKSworkshop.com attachment image

Amazon EKS Workshop

Zoom avatar
Zoom
06:55:55 PM

jason thomas has joined Public “Office Hours”

Zoom avatar
Zoom
06:56:17 PM

Jason Valencia has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Linux Observability with BPF

Build your expertise in the BPF virtual machine in the Linux kernel with this practical guide for systems engineers. You’ll not only dive into the BPF program lifecycle but also … - Selection from Linux Observability with BPF [Book]

Joaquin Menchaca avatar
Joaquin Menchaca

Links around eBPF (with pretty pictures):

• Falco: https://sysdig.com/blog/sysdig-and-falco-now-powered-by-ebpf/

• Pixie home page: https://pixielabs.ai/

• Cillium Home page: https://cilium.io/

• Article of diff solutions: https://cilium.io/

Hao Wang avatar
Hao Wang

we may need a new channel for this revolutionary technology

Leia Renée avatar
Leia Renée

A nice article about philosoby of Alerting by Rob Ewaschuk, based on his observations while he was a Site Reliability Engineer at Google https://docs.google.com/document/d/199PqyG3UsyXlwieHaqbGiWVa8eMWi8zzAn0YfcApr8Q/edit#

2
David Lozano avatar
David Lozano
AZ IDs for your AWS resources - AWS Resource Access Manager

To ensure that resources are distributed across the Availability Zones for a Region, we independently map Availability Zones to names for each account. For example, the Availability Zone us-east-1a for your AWS account might not have the same location as

Joaquin Menchaca avatar
Joaquin Menchaca

shu-ha-ri 守破離

• 守 protect, obey - traditional wisdom - learning fundamentals, techniques, heuristics, proverbs

• 破 detach, digress - breaking with tradition - breaking with tradition—detachment from the illusions of self

• 離 leave, separate - transcendence - there are no techniques or proverbs, all moves are natural, becoming one with spirit alone without clinging to forms; transcending the physical

2
Hao Wang avatar
Hao Wang
bliki: ShuHaRi

The way people learn skills changes as their ability in the skill grows.

Joaquin Menchaca avatar
Joaquin Menchaca
Scaling Scrum at Lufthansa and ScrumDay Stuttgart May 2017 - Scrum Inc attachment image

In May I attended the Lufthansa Project Management Workshop near Frankfurt and then ScrumDay in Stuttgart. My keynote for both conferences was on the Shu, Ha, Ri of Scaling Scrum. At the Scrum Gathering in San Diego, I gave an earlier version of this presentation and polled the audience of over 1000 people. Two-thirds of […]

Jeremy (Cloud Posse) avatar
Jeremy (Cloud Posse)
Survivors of Tsunami Live on Close Terms With Sea

Community of about 200 Moken sea gypsies on Thailand’s South Surin Island lost most of their boats and all of their homes to tsunami, but people themselves escaped virtually unharmed to hills when tsunami barreled through Thailand’s South Surin Island on way to mainland; elders taught chief Salama Klathalay to expect tsunami whenever tide receded far and fast, and he raised alarm when he witnessed such a low tide; one disabled man who could not run was drowned; Moken will rebuild on different spot to avoid bad luck; map; photos (M)

Sea Gypsies Saw Signs In The Waves attachment image

How Moken People In Asia Saved Themselves From Deadly Tsunami

Zoom avatar
Zoom
07:23:39 PM

Gabriel Boie has joined Public “Office Hours”

Leia Renée avatar
Leia Renée

Agility is Inefficient … Klaus Bucka-Lassen Closing Keynote GOTOpia Chicago April 20th, 2021 https://files.gotocon.com/uploads/slides/conference_44/1765/original/Agility%20is%20inefficient%20%28GOTOpia%29%20-%20Handout.pdf

Scott Mathson avatar
Scott Mathson

https://www.harbott.com/why-squads-and-tribes-probably-wont-work/ Key quote:

"Even at the time we wrote it, we weren't doing it. It was part ambition, part approximation. People have really struggled to copy something that didn't really exist."

Joakim Sundén, agile coach at Spotify 2011–2017
Spotify Agile Model | Why Copying Spotify's Squads and Tribes Model Probably Won’t Work for You ? attachment image

Unless you are a Swedish streaming company, founded in 2006, the Spotify squads and tribes is unlikely to work for your company’s unique context and culture.

matt avatar
johanhaleby/kubetail attachment image

Bash script to tail Kubernetes logs from multiple pods at the same time - johanhaleby/kubetail

2021-05-04

venkata.mutyala avatar
venkata.mutyala

Is terraform FIPS complaint?

jose.amengual avatar
jose.amengual

terraform cloud?

Stan M avatar
Stan M

FIPS compliance is usually required to in the context of encryption libraries. as far as I understand, the terraform binary itself is written in GO and you would have find providers that use FIPS compliant libraries, which aren’t used by default.

Stan M avatar
Stan M

looks like some providers like oracle, have implemented fips encryption libraries at provider level: https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/fips_compatible_terraform_provider.htm#fips_compatible_terraform_provider

Enabling FIPS Compatiblity

This topic describes how to use the Oracle Cloud Infrastructure Terraform provider and maintain FIPS compliance.

Stan M avatar
Stan M

looks like there is at least one AWS provider has FIPS encryption option: https://registry.terraform.io/modules/terraform-aws-modules/redshift/aws/latest#input_use_fips_ssl

It is maintained by @antonbabenko so he is probably the best person to ask on the topic.

venkata.mutyala avatar
venkata.mutyala

Thank you both! We are doing stuff that requires FIPS compliance in Azure and GCP, what you mentioned above sounds aligned with what I have on googled online over the past few hours.

1
venkata.mutyala avatar
venkata.mutyala
It appears compliance is as simple as saying it’s compliant but validation requires a full end to end review and then getting list [here> . During my search I found that the AWS provider promotes FIPS but it’s <https://github.com/hashicorp/terraform-provider-aws/blob/main/docs/DEVELOPMENT.md build process](https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search) doesn’t seem to use a validated library. From what I can gather online, golang by default doesn’t have any validated libraries so an option is to use a drop in compiler replacement for the crypto libraries. One option is go-toolset from redhat and another is BoringCrypto from google. So if “compliance” requires a validated library then I don’t even thing the AWS provider is fully compliant.
Search - Cryptographic Module Validation Program | CSRC | CSRC attachment image

Use this form to search for information on validated cryptographic modules.  Select the basic search type to search modules on the active validation list.  Select the advanced search type to to search modules on the historical and revoked module lists.

hashicorp/terraform-provider-aws attachment image

Terraform AWS provider. Contribute to hashicorp/terraform-provider-aws development by creating an account on GitHub.

2021-05-03

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
Take the 2021 DORA State of DevOps survey | Google Cloud Blog attachment image

Help us shape the future of DevOps and make your voice heard by completing the 2021 State of DevOps survey before June 11, 2021.

1
    keyboard_arrow_up