#office-hours (2021-06)

Meeting password: sweetops

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Meeting password: sweetops

2021-06-30

Andrea Cavagna avatar
Andrea Cavagna

Hi everyone! Since a month ago a great discussion about Leapp has started in this community, I want to announce that today we are releasing a new version of the App, with a mayor update: support to AWS Named-profiles, has requested by @Jeremy (Cloud Posse) : Go check it out! And let me know what you think, any feedback is appreciated: https://twitter.com/a_cava94/status/1410219443846799360

ANNOUNCEMENT :

Leapp now supports multiple AWS accounts via Named-Profile!

Use multiple temporary AWS credentials simultaneously and secure other information in the System Vault.

Visit the repo!

https://github.com/Noovolari/leapp

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

(announced on office hours)

ANNOUNCEMENT :

Leapp now supports multiple AWS accounts via Named-Profile!

Use multiple temporary AWS credentials simultaneously and secure other information in the System Vault.

Visit the repo!

https://github.com/Noovolari/leapp

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Jeremy (Cloud Posse) is going to check this out

Andrea Cavagna avatar
Andrea Cavagna

Awesome! I missed this Office Hour but definitely want to partecipate on the next one!

Thanks a lot

Andrea Cavagna avatar
Andrea Cavagna

Awesome! I missed this Office Hour but definitely want to partecipate on the next one!

Thanks a lot

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:58 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Jeff Lanza avatar
Jeff Lanza

Question: Has anyone worked with declarative config for AWS Control Tower? The official TF provider for AWS has resources for the various components (Config, Organizations, Security Hub, etc.) but I don’t see anything listed for Control Tower itself. TL;DR, I’m looking for a way to use Terraform to bootstrap a deployment of AWS Control Tower.

Zoom avatar
Zoom
06:29:57 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:12 PM

Jeff Lanza has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:17 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:17 PM

Daniel Agans has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:21 PM

ASIS SETHI has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:21 PM

Thayne Trevenen has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:24 PM

Emile Fugulin has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:25 PM

David Hawthorne has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:37 PM

Yusuf Adeyemo has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:38 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:09 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:11 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:13 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:23 PM

Winson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:37 PM

Neil Gealy has joined Public “Office Hours”

Charles Sperbeck avatar
Charles Sperbeck

New to CloudPosse, we are looking to utilize your open-source modules and provide a simplified format for developers to use using the Terraform CDK with TypeScript. Didn’t know if there was any thoughts or advice on using your modules with the CDK

example:

new Instance("my-instance",{});
Zoom avatar
Zoom
06:31:41 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:56 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:02 PM

Jason Sowa has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:27 PM

Oscar Blanco has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:55 PM

Charles Sperbeck has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:14 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:17 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:37 PM

Ossie Botu has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:23 PM

Yuri Lima has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:56 PM

Pepe Amengual (CloudPosse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:09 PM

Stan M has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:09 PM

Michael Holt has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:06 PM
Zoom avatar
Zoom
06:36:18 PM

Scott Mathson has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:42 PM

Yuri Lima has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:54 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:32 PM
Zoom avatar
Zoom
06:40:44 PM

imran.hussain has joined Public “Office Hours”

Zoom avatar
Zoom
06:41:18 PM

Jeremy (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:32 PM

Mahmoud Dolah has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:32 PM

Agnello Dsouza has joined Public “Office Hours”

Zoom avatar
Zoom
06:50:37 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:01 PM

Mazin Ahmed has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:11 PM

ASIS SETHI has joined Public “Office Hours”

Zoom avatar
Zoom
06:53:39 PM

Justin Sencion has joined Public “Office Hours”

Zoom avatar
Zoom
06:54:50 PM

Blaise Pabon has joined Public “Office Hours”

Zoom avatar
Zoom
07:04:02 PM

Oscar Blanco has joined Public “Office Hours”

Zoom avatar
Zoom
07:06:44 PM

Charles Sperbeck has joined Public “Office Hours”

managedkaos avatar
managedkaos

I have a question about Customer Managed KMS Keys if there is time…

Zoom avatar
Zoom
07:11:11 PM

Thomas Mundt has joined Public “Office Hours”

Zoom avatar
Zoom
07:16:54 PM

imran.hussain has joined Public “Office Hours”

Zoom avatar
Zoom
07:28:28 PM

Charles Sperbeck has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

@here another special edition of Office Hours is in the works for July 21st! @Taylor Dolezal will be returning to the show and will be demoing HashiCorp’s Waypoint project for us. Please queue up your questions here and hope to see you there

1
1
Zoom avatar
Zoom
02:10:03 AM

Anere Faithful has joined Public “Office Hours”

2021-06-29

Joaquin Menchaca avatar
Joaquin Menchaca

I came across this tool, looks way way way cool, GitHub actions locally.

https://github.com/nektos/act

nektos/act attachment image

Run your GitHub Actions locally . Contribute to nektos/act development by creating an account on GitHub.

3

2021-06-25

SweetOps avatar
SweetOps
05:31:05 PM
[How to Serve a Static Maintenance Page Through an ALB Cloud Posse Explains](https://www.youtube.com/watch?v=3VGYlKfljWA)
1

2021-06-24

Thayne Trevenen avatar
Thayne Trevenen

I have asked this in #packer as well, but I think it would make a good topic to discuss via office hours. Hey Packer Peeps, I have been using packer for a year at an old company and it worked flawlessly however I am at a new company with restrictions on AWS security groups and any SG created with wide open access is automagically deleted. Therefore when packer try’s to do anything via ssh over port 22 and the temp SG [0.0.0.0\0] packer times out waiting for ssh access. Does anyone know of a way to specify something other than [0.0.0.0\0] in the packer file? (The things we should discuss imho, is how to use terraform to set up blocking 0.0.0.0\0 and then the fix for packer of course seeing as my google fu is failing me today.)

managedkaos avatar
managedkaos

We have the same scenario. basically, the work around is to create an SG that is compliant and then using that in your packer run. You can create the SG well ahead of time and use that in future packer runs. I will share some code in a bit…

1
Avenia avatar
Avenia
Avenia avatar
Avenia
"builders": [{
    "type": "amazon-ebs",
    "region": "us-east-1",
    "vpc_id": "VPC YOU MAKE HERE",
    "subnet_id": "SUBNET ID IN THAT VPC",
    "associate_public_ip_address": "true",
Avenia avatar
Avenia

then pass in the sec group

Thayne Trevenen avatar
Thayne Trevenen

perfect thanks

Avenia avatar
Avenia
security_group_id (string) - The ID (not the name) of the security group to assign to the instance. By default this is not set and Packer will automatically create a new temporary security group to allow SSH access. Note that if this is specified, you must be sure the security group allows access to the ssh_port given below.
managedkaos avatar
managedkaos
06:22:20 PM
SweetOps avatar
SweetOps
07:04:15 PM
[Store Terraform Generated SSH Key Pairs in SSM Cloud Posse Explains](https://www.youtube.com/watch?v=8JCwEBkDe_s)

2021-06-23

managedkaos avatar
managedkaos
05:03:38 PM

Sharing for office hours as well as in #aws….

Question: Is there a way to serve a static HTML page from S3 through an ALB?

TLDR: On occasion I use maintenance pages for long deployments or changes. I do this by creating a /* rule in the ALB listener that reads a local html file for the response content:

resource "aws_lb_listener_rule" "maintenance_page" {
  listener_arn = aws_lb_listener.alb.arn

  action {
    type = "fixed-response"

    fixed_response {
      content_type = "text/html"
      message_body = file("${path.module}/maintenance_page.html")
      status_code  = "200"
    }
  }

  condition {
    path_pattern {
      values = ["/*"]
    }
  }
}

Unfortunately, this method only allows for content that is less than or equal to 1024 bytes. So the page is minimally styled. I’d like to add richer content with CSS and images (well, not me but the developers! ) but I know that will require more bytes. I’m thinking maybe the CSS could come from a link but even then, depending on how much is added to make the maintenance page look like the app, it will take more than 1024 bytes.

So I’m thinking we could store the page in S3 and then serve it from there. I’d prefer not to do any DNS dancing with the app endpoint and instead just update what the app is serving from the ALB. Any thoughts or ideas?

Matt Gowie avatar
Matt Gowie

Can you do a 302 redirect using a listener rule to the S3 website instead of serving the content directly from the ALB?

Question: Is there a way to serve a static HTML page from S3 through an ALB?

TLDR: On occasion I use maintenance pages for long deployments or changes. I do this by creating a /* rule in the ALB listener that reads a local html file for the response content:

resource "aws_lb_listener_rule" "maintenance_page" {
  listener_arn = aws_lb_listener.alb.arn

  action {
    type = "fixed-response"

    fixed_response {
      content_type = "text/html"
      message_body = file("${path.module}/maintenance_page.html")
      status_code  = "200"
    }
  }

  condition {
    path_pattern {
      values = ["/*"]
    }
  }
}

Unfortunately, this method only allows for content that is less than or equal to 1024 bytes. So the page is minimally styled. I’d like to add richer content with CSS and images (well, not me but the developers! ) but I know that will require more bytes. I’m thinking maybe the CSS could come from a link but even then, depending on how much is added to make the maintenance page look like the app, it will take more than 1024 bytes.

So I’m thinking we could store the page in S3 and then serve it from there. I’d prefer not to do any DNS dancing with the app endpoint and instead just update what the app is serving from the ALB. Any thoughts or ideas?

Matt Gowie avatar
Matt Gowie

I’ve run into this problem before but it was a couple years ago… I forget what I did exactly, but the 302 is how I would look into now.

Mohammed Yahya avatar
Mohammed Yahya

Are you trying to avoid cloudfront? I’m not sure why you need the ALB here, keep it simple and use ecs frontend (nginx image) behind the ALB instead of s3

managedkaos avatar
managedkaos

This environment has no cloudfront but not necessarily trying to avoid it. yep, a route to a maint page image/container could also work. I do appreciate the simplicity of keeping the routing in the ALB listener vs having to maintain another target group+attachment, but yeah that’s a good approach.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:32 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:29:35 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:42 PM

Alex Siegman has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:44 PM

David Hawthorne has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:50 PM

Jeff Lanza has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:57 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:58 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:03 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:03 PM

Oscar Blanco has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:24 PM

Fernando Castillo has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:35 PM

chonan tsai has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:36 PM

Thayne Trevenen has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:40 PM

Kristopher Flint has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:40 PM

Mohammed Yahya has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:51 PM

Mo Battah has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:59 PM

Sumit Murari has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:09 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:09 PM

Cody Halovich has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:16 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:17 PM

Benjamin Smith has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:32 PM

Mikael Fridh has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:29 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:46 PM

Winson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:44 PM

Neil Gealy has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:56 PM

Catalin Costraș has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:14 PM

Dirk-Jan Steltenpool has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:30 PM

Michael Padgett has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:52 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:37 PM

Aleksandr Fofanov has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:09 PM

Andrew Way has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:52 PM

Maycon Santos has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:55 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:14 PM

Scott Mathson has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:44 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:48:16 PM

Ossie Botu has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
Provider Metadata - Terraform by HashiCorp

For advanced use cases, modules can provide some pre-defined metadata for providers.

Zoom avatar
Zoom
06:52:58 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:54:35 PM

Stan M has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)

This might help with the community management too: “I swear I am not deleting any outputshttps://github.blog/changelog/2021-06-23-issues-forms-beta-for-public-repositories/

Issues forms beta for public repositories | GitHub Changelog attachment image

Issues forms beta for public repositories

Zoom avatar
Zoom
07:00:36 PM

Jeremy CloudPosse has joined Public “Office Hours”

Zoom avatar
Zoom
07:01:21 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
07:08:29 PM

Omry Hay has joined Public “Office Hours”

David Hawthorne avatar
David Hawthorne

Azure environment here - that’d be great! Azure publishes their own reference architectures for cloud here: https://docs.microsoft.com/en-us/azure/architecture/. I may be out of my element here though as I’m not leveraging Terraform (yet).

Azure Architecture Center - Azure Architecture Center

The Azure Architecture Center provides best practices for running your workloads on Azure.

Zoom avatar
Zoom
07:09:43 PM

Joaquin Menchaca has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
New – Attribute-Based Access Control with AWS Single Sign-On | Amazon Web Services attachment image

Starting today, you can pass user attributes in the AWS session when your workforce sign-in into the cloud using AWS Single Sign-On. This gives you the centralized account access management of AWS Single Sign-On and ABAC, with the flexibility to use AWS SSO, Active Directory, or an external identity provider as your identity source. To […]

1
Joaquin Menchaca avatar
Joaquin Menchaca
Secrets Management: Doppler or HashiCorp Vault? - The New Stack attachment image

A “secrets manager” is a centralized system for storing sensitive information, such as API keys, database credentials, or even files (e.g. certificates and private keys). This post focuses on comparing two secrets managers, Doppler and Hashicorp Vault.

Mohammed Yahya avatar
Mohammed Yahya
localstack/localstack attachment image

A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline! - localstack/localstack

1

2021-06-22

SweetOps avatar
SweetOps
05:32:29 PM
[Terraform and Polycloud Cloud Posse Guest Speaker: Taylor Dolezal](https://www.youtube.com/watch?v=DMtwoDjUefg)

2021-06-16

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:46 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

sunnybook8 avatar
sunnybook8

Just want to get some feedback from everyone.

  1. we have a python backend and a react front. currently everything is in aws. my architect recommended this setup. What do you think? Is this an easy task to do in aws?
  2. Does anyone have experience with Trend Micro Cloud Conformity. Do you recommend it or not?
  3. For SCA and SAST tools, what would be good libraries or tools for python and react code base?
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I don’t think we’ll get to this today because we have another special edition with @Taylor Dolezal, Developer Advocate of HashiCorp joining us

Just want to get some feedback from everyone.

  1. we have a python backend and a react front. currently everything is in aws. my architect recommended this setup. What do you think? Is this an easy task to do in aws?
  2. Does anyone have experience with Trend Micro Cloud Conformity. Do you recommend it or not?
  3. For SCA and SAST tools, what would be good libraries or tools for python and react code base?
2
sunnybook8 avatar
sunnybook8

no worries. next time

1
Zoom avatar
Zoom
06:28:09 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:17 PM

Niraj Palecha has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:21 PM

Taylor Dolezal has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:33 PM

Victor Xu has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:45 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:55 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:12 PM

Frank Scalzo has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:57 PM

Andrew Way has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:57 PM

Eric Barb has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:13 PM

Kyle Johnson has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:22 PM

chonan tsai has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:30 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:33 PM

Jaz Ark has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:56 PM

Phil Sautter has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:07 PM

Thayne Trevenen has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:09 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:33 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:40 PM

Zaven Boni has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:54 PM

Rizky Ramadhan has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

links from today’s session:

https://github.com/hashicorp/terraform/releases/tag/v1.1.0-alpha20210616

• HashiTalks Build: https://events.hashicorp.com/hashitalksbuild

• Community Office Hours: https://www.hashicorp.com/community/office-hours 

• HashiCast: https://hashicast.com (podcast by the HashiCorp Developer Advocate team)

• HashiCorp’s Learn site just got a GIANT update and it’d be great to have people check this out! https://learn.hashicorp.com/

Release v1.1.0-alpha20210616 · hashicorp/terraform attachment image

1.1.0 (Unreleased) NEW FEATURES: lang/funcs: add a new type() function, only available in terraform console (#28501) ENHANCEMENTS: configs: Terraform now checks the syntax of and normalizes modu…

HashiTalks: Build

 Stay tuned! We will be releasing the schedule in early February. Thank you to all that submitted. 

HashiCorp Community Office Hours attachment image

Technical experts from our engineering, product, customer success, solution engineering, and developer relations teams are available to support our community and customers, regardless if you are using open source or enterprise versions of our products.

HashiCorp attachment image

Resources to better understand and use HashiCorp products.

HashiCorp Learn attachment image

Explore our tutorials to automate your workflows

Zoom avatar
Zoom
06:34:11 PM

Stan M has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:24 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:24 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:56 PM

Alex Siegman has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:10 PM

Winson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:12 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:55 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:00 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:16 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:47 PM

Thayne Trevenen has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:59 PM

Andy Roth has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:32 PM

Jignesh Doshi has joined Public “Office Hours”

Matt Gowie avatar
Matt Gowie

Question for Taylor: Do you ever see HashiCorp creating a layer above Terraform to orchestrate many root modules / deal with that DAG? I believe a lot of us in the terraform community run into that problem once you’ve been in terraform for a while, so I’m interested if there is any thoughts there?

Zoom avatar
Zoom
06:47:43 PM

Marc Slayton has joined Public “Office Hours”

Zoom avatar
Zoom
06:48:38 PM

Rodrigo Quezada has joined Public “Office Hours”

Zoom avatar
Zoom
06:49:09 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:51:34 PM

Michael Holt has joined Public “Office Hours”

Zoom avatar
Zoom
06:52:18 PM

Hao Wang has joined Public “Office Hours”

roth.andy avatar
roth.andy

Question for Taylor: As someone who builds demos for a living, can you talk a little bit about your approach to maintaining demos long term? I’ve found that demos, both in OSS and in my own company, frequently get outdated and sometimes even cause more confusion due to people being led down a path that isn’t necessarily current any more.

Zoom avatar
Zoom
06:54:42 PM

Winson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:56:43 PM

shreenu kumar has joined Public “Office Hours”

Zoom avatar
Zoom
06:57:41 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
07:27:17 PM

David B has joined Public “Office Hours”

Taylor Dolezal avatar
Taylor Dolezal

Howdy, team! :wave: Thank you for such a fun session! I’m stoked to return in the future and wanted to address two questions we got asked that we didn’t have time for on the call.
How difficult is it to perform a terraform import vs. building resources from scratch ?
Terraform import is helpful for importing the state of infrastructure that already exists, which can be helpful in onboarding your stack to your Terraform workflows. I think that’s the best option when you aren’t able to easily work with your infrastructure or application stack in its current form. If the stack is easily converted to HCL or infrastructure as code, then it might be better off to start from scratch. But the thing that counts most is if you have any important state that would be destroyed or lost if you start from scratch would be my concern!
Do you feel Kubernetes operators like the AWS Operator is a “threat” to Terraform, considering in theory we could use pure Kubernetes API to manage AWS resources?
Personally, I see this as an interesting and useful example of what the community wants to see, and how they want to structure their infrastructure as code. I don’t think it’s a threat so much as it is a good example for helping shape projects like the Terraform Cloud Operator for Kubernetes (https://github.com/hashicorp/terraform-k8s)

hashicorp/terraform-k8s attachment image

Terraform Cloud Operator for Kubernetes. Contribute to hashicorp/terraform-k8s development by creating an account on GitHub.

2021-06-15

venkata.mutyala avatar
venkata.mutyala

Does anyone here run kubernetes in a FedRAMP environment? If so, what do you use for backups? I was looking at Valero but it doesn’t appear to have FIPS approved libraries.

2021-06-10

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

@here we have another special edition of Office Hours next week Wednesday June 16th!

@Taylor Dolezal will be joining us! Taylor is a Senior Developer Advocate at HashiCorp and we’ll be talking to him about an array of topics including: his role, what’s it like to be a developer at HashiCorp, what we can expect next for Terraform, Nomad vs Kubernetes, security considerations with custom providers, and answering live Q&A from anyone who joins! Hope to see you there

2
4
2
Taylor Dolezal avatar
Taylor Dolezal
12:30:35 AM

@Taylor Dolezal has joined the channel

2
Steven Hopkins (Cloud Posse) avatar
Steven Hopkins (Cloud Posse)

@Taylor Dolezal, welcome brother

2
Taylor Dolezal avatar
Taylor Dolezal

Hola, compadre! Long time, no see!

Steven Hopkins (Cloud Posse) avatar
Steven Hopkins (Cloud Posse)

Looking forward to your talk

Taylor Dolezal avatar
Taylor Dolezal

I can’t wait!

2021-06-09

bober2000 avatar
bober2000
02:41:15 PM

@bober2000 has joined the channel

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:57 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

sheldonh avatar
sheldonh

Question: I’d like further discussion on what’s a general good practice for dealing with local developer vs cloud first experience. See details on that thread. Posting a question right now to summarize for easier review

Threaded Discussion: https://sweetops.slack.com/archives/CHDR1EWNA/p1622659071049000

Here’s one for discussion if we have time. I’ve been thinking through “Cloud Native” development vs “Local Development -> To Cloud”.

Question: If “adopting cloud first” accelerates by fully using AWS services solves much reengineering, then how/should you balance local containerization/development? IE, building an ECS Service, but then maintaining a docker compose stack for local development as well.

Examples:

  • Using environment variables in containers vs loading directly from ssm, secrets manager
  • Building for ECS but then reinventing with local docker stack + mysql instead of RDS.
  • Using RDS, but then in local docker having postgresql/mysql
Zoom avatar
Zoom
06:31:30 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:34 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:51 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:53 PM
Zoom avatar
Zoom
06:31:56 PM

Phil Sautter has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:57 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:00 PM

Andrew Way has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:00 PM

Matt has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:02 PM

Gilberto Michishita Junior has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:20 PM

Yoni Leitersdorf has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:29 PM

Karim Othman has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:50 PM

Robin Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:57 PM

Sheldon Hull has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:38 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:46 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:51 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:14 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:46 PM

Andrew Thompson has joined Public “Office Hours”

sheldonh avatar
sheldonh

:tada: WOW. Never thought 1.0 would happen. That’s fun

Zoom avatar
Zoom
06:35:40 PM

Colton Wrisner has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

links from today’s office hours:

https://www.hashicorp.com/blog/announcing-hashicorp-terraform-1-0-general-availability

• Signup to Cloudrail: https://web.cloudrail.app/

• Sample TF test cases to test Cloudrail against: https://github.com/indeni/cloudrail-demo

Announcing HashiCorp Terraform 1.0 General Availability attachment image

Terraform 1.0 — now generally available — marks a major milestone for interoperability, ease of upgrades, and maintenance for your automation workflows.

indeni/cloudrail-demo attachment image

This repository contains the instructions for how to use Cloudrail, as well as specific scenarios to test Cloudrail with. - indeni/cloudrail-demo

Zoom avatar
Zoom
06:36:25 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:41 PM

Rashid has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:17 PM

Nick James has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:07 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:33 PM

Pepe Amengual (CloudPosse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:41:27 PM

Mohammed Yahya has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:07 PM

Brice Zakra has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:08 PM

Winson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:38 PM

Pepe Amengual (CloudPosse) has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
KICS

Open source solution for static code analysis of Infrastructure as Code. Finding security vulnerabilities, compliance issues, and infrastructure misconfigurations during project development cycle.

Zoom avatar
Zoom
06:55:52 PM

Pepe Amengual (CloudPosse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:57:45 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:59:17 PM

Gabriel Boie has joined Public “Office Hours”

Zoom avatar
Zoom
07:03:11 PM

James Haughey has joined Public “Office Hours”

Zoom avatar
Zoom
07:04:27 PM

Joaquin Menchaca has joined Public “Office Hours”

Zoom avatar
Zoom
07:07:23 PM

Blaise Pabon has joined Public “Office Hours”

Zoom avatar
Zoom
07:08:36 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
07:17:23 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@ shared with me the following link  https://www.terraform.io/docs/language/v1-compatibility-promises.html
In short, we aim to make upgrades between v1.x releases straightforward, requiring no changes to your configuration, no extra commands to run upgrade steps, and no changes to any automation you’ve set up around Terraform.
So basically, 1.x should be pretty smooth, but 1.x → 2.x might be 0.110.12 all over again

Terraform v1.0 Compatibility Promises - Terraform by HashiCorp

From Terraform v1.0 onwards the Terraform team promises to preserve backward compatibility for most of the Terraform language and the primary CLI workflow, until the next major release.

1

2021-06-06

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)
Network Security & Cloud Native Security Infrastructure Automation | Indeni

Indeni provides security infrastructure automation with unprecedented visibility that’s ready to go in minutes so you can focus on mission-critical projects.

3
2

2021-06-04

2021-06-03

Henry Course avatar
Henry Course

ciao everyone, where’s the best place to post contribution PRs?

Brian Ojeda avatar
Brian Ojeda

I believe that would be #pr-reviews

4

2021-06-02

Mohammed Yahya avatar
Mohammed Yahya

A Cloud Guru has signed a definitive agreement to be acquired by Pluralsight

managedkaos avatar
managedkaos
Pluralsight to Acquire A Cloud Guru to Accelerate Solving the Single Biggest Challenge in IT Today: The Growing Cloud Skills Gap attachment image

/PRNewswire/ – Pluralsight, Inc., the technology workforce development company, today announced that it has entered into a definitive agreement to acquire A…

Mo Battah avatar
Mo Battah

this is terrible nwes

Pluralsight to Acquire A Cloud Guru to Accelerate Solving the Single Biggest Challenge in IT Today: The Growing Cloud Skills Gap attachment image

/PRNewswire/ – Pluralsight, Inc., the technology workforce development company, today announced that it has entered into a definitive agreement to acquire A…

Mo Battah avatar
Mo Battah

news*

Mo Battah avatar
Mo Battah

ACG went downhill after purchasing LA. LA was much better in my opinion.

Mo Battah avatar
Mo Battah

This is coming from someone who actually likes Kroonenberg. ACG cheapened the value of AWS certs.

Mohammed Yahya avatar
Mohammed Yahya
New Apply User Interface for Terraform Cloud attachment image

The redesigned interface for HashiCorp Terraform Cloud brings clarity to how your resources, state, and infrastructure operations are represented during a Terraform run.

Mohammed Yahya avatar
Mohammed Yahya

@Matt Gowie this is for you

New Apply User Interface for Terraform Cloud attachment image

The redesigned interface for HashiCorp Terraform Cloud brings clarity to how your resources, state, and infrastructure operations are represented during a Terraform run.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

anyone try it out yet

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

?

Mohammed Yahya avatar
Mohammed Yahya
05:44:48 PM
Mohammed Yahya avatar
Mohammed Yahya
05:56:35 PM
Matt Gowie avatar
Matt Gowie

@ Ah cool. I saw that flag the other day actually but didn’t know they posted something about it. I’m switching away from TFC though… can’t deal with that price tag for a larger customer.

Matt Gowie avatar
Matt Gowie

Have not tried this. The requirement to be on 0.15.2 means I can’t easily make the switch.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:31 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:27:07 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:27:32 PM

test has joined Public “Office Hours”

Zoom avatar
Zoom
06:27:45 PM

Leia Renée has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:22 PM

Dae Choi has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:22 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:38 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:52 PM

Karim Othman has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:11 PM

Sheldon Hull has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:33 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:46 PM

Vlad Ionescu has joined Public “Office Hours”

sheldonh avatar
sheldonh

@Erik Osterman (Cloud Posse) Wicked cool room to stream from. Love it.

Zoom avatar
Zoom
06:30:56 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:59 PM

Michael Martin has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:59 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:28 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:35 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:31 PM

Stevan Arychuk has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:02 PM

Mykola Lev has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:21 PM

Andrey Nazarov has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:41 PM

Hao Wang has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:50 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:52 PM

Sam C has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:03 PM

Steven Hopkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:53 PM

Amelia Graycen has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:08 PM

Oscar Blanco has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:33 PM

Neil Gealy has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:05 PM

Dirk-Jan Steltenpool has joined Public “Office Hours”

sheldonh avatar
sheldonh

Here’s one for discussion if we have time. I’ve been thinking through “Cloud Native” development vs “Local Development -> To Cloud”.

Question: If “adopting cloud first” accelerates by fully using AWS services solves much reengineering, then how/should you balance local containerization/development? IE, building an ECS Service, but then maintaining a docker compose stack for local development as well.

Examples:

  • Using environment variables in containers vs loading directly from ssm, secrets manager
  • Building for ECS but then reinventing with local docker stack + mysql instead of RDS.
  • Using RDS, but then in local docker having postgresql/mysql
managedkaos avatar
managedkaos

I’m going to follow this disuccsion. I’m in a similar situation where i have apps that are migrating to containerization and i’m starting with building the image locally and running the stack with compose + containerized postgresql. it works great. downstream from that i push the image to ECR and deploy from there into ECS.

So perhaps I am going the opposite direction than what you shared?

In any case, dealing with env parameters and other inputs is something my team is still working on. for simple apps that just need a DB its not an issue. for others that need API keys, etc, its a bit more of a pain to run and test locally.

managedkaos avatar
managedkaos


how/should you balance local containerization/development?
There is also the ECS integration for docker compose which ideally would allow you to use your compose definition to deploy to ECS. I haven’t had much luck with this one though. I’d also be interested in seeing how this ties into services like RDS and base infra like VPCs, subnets, security groups, etc.

sheldonh avatar
sheldonh

Good stuff. Yeah I’m not interested in the docker ecs integration as I feel it’s too much like Amplify, good for a prebuilt stack but not great for full control when I can just use terraform.

I’m thinking local dev can be painful if it’s all ecs but at the same time if infra as code does the stack for them and they can have their own sandbox (timeboxed) then at that point maybe what’s the point of redoing the stack locally when multiple services required. At that point maybe my focus should be on self-service dev environment on demand using all the cloud services. Just build for AWS from ground zero and not worry about env variables vs ssm parameters if the whole stack is contained in AWS anyway

sheldonh avatar
sheldonh

Posting gist of question for more compact review during office hours….

sheldonh avatar
sheldonh

I am building a mix of containers + some services that in production will be on ec2, but still mostly able to be containerized.

Where do we draw the balance between full leveraging of AWS tools and eco system vs local docker experience?

  • Example 1: SSM Parameters as source of config vs env variables? Mix and match, more logic to build?
  • Example 2: docker compose with reverse proxy, much more complicated to run locally with SSL and not even same code necessarily in production for final configuration. Do we eliminate trying to spin all this up locally and rely on ecs task only?
  • Example 3: web app + backend + database (mySQL)… now a compose stack that needs to talk to another compose stack. Reproduce all this in local docker compose stacks despite eventually going to RDS + ECS Fargate?
sheldonh avatar
sheldonh

other related links of interest for those thinking through this

Threaded Discussion:

Twitter Thread: Economics and general discussion of building with cloud native approach vs building your own https://twitter.com/zackkanter/status/1399013516107948037 Dev.To> Debate on Serverless side (ties into container stuff too): <https://dev.to/garethmcc/why-local-development-for-serverless-is-an-anti-pattern-1d9b

Excellent financial analysis of using commoditized cloud infrastructure (vanilla servers). It misses: i) the (long-term devastating) cultural cost of recruiting world-class engineers to do undifferentiated heavy lifting; ii) it’s unfeasible to recreate noncommodity infra. 1/n https://twitter.com/martin_casado/status/1397989124682903554

[NewPost] Sure, Cloud is great. But we show it hurts share price of public companies on the order of hundreds of billions

… and they can economically justify almost any level of work (including repatriation) in order to lower costs (w/ @sarahdingwang)

https://a16z.com/2021/05/27/cost-of-cloud-paradox-market-cap-cloud-lifecycle-scale-growth-repatriation-optimization/

Why local development for serverless is an anti-pattern attachment image

Developing locally when building a serverless application is not only tiresome and hard to do its actually bad for you

Hao Wang avatar
Hao Wang

I used Pluralsight a few years ago and it got good trainings on it

Hao Wang avatar
Hao Wang

seems some trainers got rich by teaching on it lol

sheldonh avatar
sheldonh

Amplify is similar to Netlify with being a more plug and play with less effort it seems

Hao Wang avatar
Hao Wang

a new version of beanstalk?

Hao Wang avatar
Hao Wang

sorry, they are definitely 2 products, looks to me they are trying to solve the same issue from different angles

1
Matt Gowie avatar
Matt Gowie

A simpler, more powerful beanstalk IMO. Still not a good use-case for a lot of scenarios but good for lots of simpler use-cases like simple static sites.

1
sheldonh avatar
sheldonh

Have you used Netlify and can you compare the experience? Netlify has been fantastic to make CICD for my blog super easy and lots of perks. AWS has little control with budgets so I’m leary of using them for anything personal

Hao Wang avatar
Hao Wang

no, heard of it

Hao Wang avatar
Hao Wang

got it

Matt Gowie avatar
Matt Gowie

I haven’t used Netlify, but If you’re already on Netlify then I’d probably just stay on it. Likely not worth the switch for something that already exists.

sheldonh avatar
sheldonh

Netlify focuses on static site CICD and simple serverless functions. It’s very targeted so all design is focused purely on static website process, automatic branch previews etc.

Zoom avatar
Zoom
06:43:06 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:44 PM

Wilson Chan has joined Public “Office Hours”

Zoom avatar
Zoom
06:47:14 PM

Marc Slayton has joined Public “Office Hours”

Zoom avatar
Zoom
06:49:09 PM

Nick James has joined Public “Office Hours”

Zoom avatar
Zoom
06:49:39 PM

Jignesh Doshi has joined Public “Office Hours”

Zoom avatar
Zoom
06:50:01 PM

Andy Roth has joined Public “Office Hours”

Zoom avatar
Zoom
06:50:43 PM

Mykola Lev has joined Public “Office Hours”

Hao Wang avatar
Hao Wang

I love yaml, it is a language between English and Chinese lol

1
sheldonh avatar
sheldonh

toml is growing on me more as much as I love yaml compared to json

2
Hao Wang avatar
Hao Wang

that I can understand

Matt Gowie avatar
Matt Gowie
Feature Ignore Paths by joelholmes · Pull Request #64 · vmware-tanzu/carvel-vendir attachment image

Issue: #37 Created a function that will copy existing files listed in the destination directory to the staging area prior to deletion preserving the content. I felt that pulling the content into th…

1
Zoom avatar
Zoom
06:56:09 PM

Mohammed Yahya has joined Public “Office Hours”

Zoom avatar
Zoom
07:01:27 PM

tamsky has joined Public “Office Hours”

Mohammed Yahya avatar
Mohammed Yahya
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

cc: @Andy Miguel (Cloud Posse)

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

neat!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Leapp - One step away from your Cloud attachment image

Leapp is the tool to access your cloud. It securely stores your access information and generates temporary credential sets to access AWS and Azure Cloud envi…

3
1
CedricT avatar
CedricT

I’m a big, big fan of Leapp. It became an must to have tool on my mac.

Leapp - One step away from your Cloud attachment image

Leapp is the tool to access your cloud. It securely stores your access information and generates temporary credential sets to access AWS and Azure Cloud envi…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Noovolari/leapp attachment image

Leapp is the tool to access your cloud; It securely stores your access information and generates temporary credential sets to access your cloud ecosystem from your local machine. - Noovolari/leapp

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Jeremy (Cloud Posse)

Andrew Nazarov avatar
Andrew Nazarov

Thanks for sharing!

sheldonh avatar
sheldonh

Started discussion here based on your thoughts to get that dialogue started.

https://github.com/Noovolari/leapp/discussions/120

4
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Sweet, I responded

Mohammed Yahya avatar
Mohammed Yahya

support sso and ssm

Mohammed Yahya avatar
Mohammed Yahya
07:43:55 PM
Mohammed Yahya avatar
Mohammed Yahya
07:44:14 PM
Jeremy (Cloud Posse) avatar
Jeremy (Cloud Posse)

@Erik Osterman (Cloud Posse) Might be good for our client’s developers. Definitely far underpowered for me to use.

Andrea Cavagna avatar
Andrea Cavagna

Hi everyone I’m Andrea, one of the maintainer of the Leapp project. Thanks for mentioning our project and for opening a discussion on it! Tomorrow i will give you a detailed response on all your questions, and i will be open on discussing all the ideas on the app, based on your needs! I really enjoy speaking about cloud access.

Sadly since tomorrow I will be busy, because on tomorrow I have the DevOps Professional certification on AWS!

1
3
3
cool-doge1
1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Cool - maybe we can have you on an upcoming office hours too

Andrea Cavagna avatar
Andrea Cavagna

absolutely! will be a pleasure to me!

Zoom avatar
Zoom
07:20:09 PM

Gilberto has joined Public “Office Hours”

roth.andy avatar
roth.andy

https://itnext.io/managing-kubernetes-secrets-securely-with-gitops-b8174b4f4d30 looks like a decent read about the SOPS stuff. Haven’t finished getting through it yet

Managing Kubernetes Secrets Securely with GitOps attachment image

You can manage secrets with GitOps and you should. Using GitOps you can do it securely, you can do it at scale, and it’s automated!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
13:51:48 From Vlad Ionescu to Everyone : XML
14:01:07 From Patrick Joyce to Everyone : I want to use eco anywhere on Digital ocean droplets, it'll be like inception
14:01:47 From Vlad Ionescu to Everyone : Plaid does the same thing: they work on APIs so to apply to them you must do an API call
14:01:51 From Vlad Ionescu to Everyone : <https://plaid.com/careers/>
14:01:52 From Mohammed Yahya to Everyone : <https://registry.terraform.io/providers/playgroundtech/playgroundtech/latest/docs/resources/application?pollNotifications=true>
14:03:21 From Oliver Schoenborn to Everyone : Hilarious
14:05:33 From Hao Wang to Everyone : lol
14:06:00 From Hao Wang to Everyone : Starcraft: "show me the money"
14:07:01 From Hao Wang to Everyone : Seems not related but idk why I recalled it
14:07:07 From Stevan Arychuk to Everyone : Really waiting for this feature to come back to Leapp: <https://github.com/Noovolari/leapp/pull/90>
14:07:45 From Stevan Arychuk to Everyone : I generally really like Leapp, it's been a bit annoying for some of our Devs (we do have SSO setup)
14:08:31 From Mohammed Yahya to Everyone : Big fan also.
14:13:33 From Marc Slayton to Everyone : You mentioned ssm integration -- how about RDS IAM integration?  Anything there?
14:17:02 From Stevan Arychuk to Everyone : +1 to their dev team being super responsive
14:17:11 From tamsky to Everyone : How about avoiding credentials files alltogether - load  ssh-agent with TPM-stored certificates ?
14:27:44 From Sheldon Hull to Everyone : I had posted in office-hours about cloudfirst development approach. Would be nice to have some discussion on this after call if anyone has thoughts. It changes software design quite a bit
14:29:54 From Sheldon Hull to Everyone : you all are awesome
3
Blaise Pabon avatar
Blaise Pabon

Hi @sheldonh: I’m dealing with that at the moment because I want to create a portfolio site, and the content of the site is meant to serve as a skaffold for anyone who might want to build their own portfolio site.

sheldonh avatar
sheldonh

sorry, content of what site? Are you talking about netlify/static sites or something else?

Blaise Pabon avatar
Blaise Pabon

Oops, sorry @sheldonh I meant: https://vitrina.readthedocs.io/

2021-06-01

    keyboard_arrow_up