#office-hours (2021-09)

Meeting password: sweetops

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Meeting password: sweetops

2021-09-16

2021-09-15

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:38 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:29:11 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:21 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:06 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:08 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:15 PM

Cole Lawrence has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:41 PM

David Hawthorne has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:50 PM

venkata mutyala has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:15 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:35 PM

Clayton Olley has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:38 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:41 PM

Phillip Hocking has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:04 PM

Jim Park has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:06 PM

Amer Zec has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:46 PM

Madhusudan Satapathy has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:05 PM

Geoff Weinhold has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:11 PM

Kensie Meredith has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:24 PM

Michael Holt has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:25 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:42:15 PM

Oliver Schoenborn has joined Public “Office Hours”

jose.amengual avatar
jose.amengual

EKS (with amazon deploy tools) vs Argo VS Nomad?

jose.amengual avatar
jose.amengual

I’m not on the call but I will be in a minute

Zoom avatar
Zoom
06:46:21 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:51:33 PM

Blaise pabon has joined Public “Office Hours”

Zoom avatar
Zoom
07:01:37 PM

Maycon Santos has joined Public “Office Hours”

Zoom avatar
Zoom
07:04:36 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
07:08:51 PM

Oskar Maria Grande has joined Public “Office Hours”

matt avatar
Introduction to Nomad Cluster Operation - CircleCI

The documentation site for CircleCI, the fastest testing platform on the Internet.

2021-09-14

SweetOps avatar
SweetOps
07:19:32 PM
[Should Kubernetes Beginners use Helm? Cloud Posse Explains](https://www.youtube.com/watch?v=KSb3dEeNV-A)

2021-09-13

SweetOps avatar
SweetOps
03:31:15 AM
[Running Databases on Kubernetes Cloud Posse Explains](https://www.youtube.com/watch?v=9vEj6rmrK8M)

2021-09-10

2021-09-09

jose.amengual avatar
jose.amengual

@Andy Miguel (Cloud Posse) was there a recording of any discussion about Nomad VS EKS?

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)

we haven’t had a nomad demo or a comparison with eks. cc @Erik Osterman (Cloud Posse) @Taylor Dolezal

jose.amengual avatar
jose.amengual

I will like to hear what people think about it

jose.amengual avatar
jose.amengual

maybe for next week office hours

Taylor Dolezal avatar
Taylor Dolezal

Oh! That’d be an interesting one! I might be able to join in November (post KubeCon) on that front

jose.amengual avatar
jose.amengual

or Nomas VS Argo too

2021-09-08

sytten avatar
sytten
Multi-cloud drift detection on AWS, Azure and GCP attachment image

Announcing initial support for Azure and GCP after AWS. Driftctl is going multi-cloud and soon multi-IaC with CloudFormation.

sytten avatar
sytten

GCP support wopwop

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:49 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:29:11 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:26 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:31 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:35 PM

David Hawthorne has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:14 PM

dario erregue has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:28 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:41 PM

Yusuf has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:54 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:54 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:58 PM

Clayton Olley has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:59 PM

emem umoh has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:26 PM

Michael Manganiello has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:18 PM

Patrick Joyce has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:35 PM

Oskar Maria Grande has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:03 PM
Zoom avatar
Zoom
06:33:54 PM

Mike Martin has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:59 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:04 PM

Jim Park has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:11 PM

Neil Gealy has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:12 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:42 PM

Michael Holt has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:58 PM

Yusuf has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:37 PM

Michael Holt has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:39 PM

Sheldon Hull has joined Public “Office Hours”

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)
Amazon EKS Anywhere – Now Generally Available to Create and Manage Kubernetes Clusters on Premises | Amazon Web Services attachment image

At AWS re:Invent 2020, we preannounced new deployment options of Amazon Elastic Container Service (Amazon ECS) Anywhere and Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere in your own data center. Today, I am happy to announce the general availability of Amazon EKS Anywhere, a deployment option for Amazon EKS that enables you to easily create […]

Zoom avatar
Zoom
06:40:47 PM

Carlos T has joined Public “Office Hours”

Jim Park avatar
Jim Park

Nice! ArgoCD is a long way coming. I haven’t looked at it in years.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
GitHub - argoproj-labs/argocd-autopilot: Argo-CD Autopilot attachment image

Argo-CD Autopilot. Contribute to argoproj-labs/argocd-autopilot development by creating an account on GitHub.

Zoom avatar
Zoom
06:58:24 PM

Sam C has joined Public “Office Hours”

Zoom avatar
Zoom
06:59:13 PM

dario erregue has joined Public “Office Hours”

Jim Park avatar
Jim Park

My company uses terraform for github. It’s soooo slow. :*(

Yoni Leitersdorf (Indeni Cloudrail) avatar
Yoni Leitersdorf (Indeni Cloudrail)

What part of it is slow?

Jim Park avatar
Jim Park

The state refresh, as there are several repositories and branch protection rules. I openly wonder if there’s some missing api for defining parallelizable workflows inside terraform.

Zoom avatar
Zoom
07:10:42 PM

Vlad H has joined Public “Office Hours”

Zoom avatar
Zoom
07:16:51 PM

emem umoh has joined Public “Office Hours”

Jim Park avatar
Jim Park

The documentation is very rough and still a WIP, but here is some example code for using App Mesh on ECS: https://github.com/scribd/pr-preview-example

GitHub - scribd/pr-preview-example: Pull Request Previews with Github Actions, AWS App Mesh, and ECS attachment image

Pull Request Previews with Github Actions, AWS App Mesh, and ECS - GitHub - scribd/pr-preview-example: Pull Request Previews with Github Actions, AWS App Mesh, and ECS

2021-09-07

SweetOps avatar
SweetOps
07:00:47 PM
[Why Should Golang Devs Learn Terraform? Cloud Posse Explains](https://www.youtube.com/watch?v=O_xUTXKBsyg)
Pierre Humberdroz avatar
Pierre Humberdroz

hey you all!

Maybe a question for tomorrow but how do you all run databases these days on k8s? I have always avoided it in the past and used managed service but I am currently working on project which requires the database to be deployed inside k8s..

I would be happy to hear about the good and parts of the ways you have tried.

1
Yoni Leitersdorf (Indeni Cloudrail) avatar
Yoni Leitersdorf (Indeni Cloudrail)

Out of curiosity - why is this required? Using external installs of DB is better from a performance perspective, as those deployments would be tuned for the type of work a DB normally does (I/O etc)

roth.andy avatar
roth.andy

Lately if I’m running daily backups and can afford a little downtime I just run the postgres helm chart and call it a day and move on. Services that need to be more resilient get an RDS db

roth.andy avatar
roth.andy

obviously there are a ton of different factors that doesn’t account for like load and sharding but it’s great for the small stuff that I used to care too much about

Pierre Humberdroz avatar
Pierre Humberdroz

It is for a hobby project me and a couple of friends wanna explore how a database would run on kubernetes. And see how far we can take it when we run most of our stuff on kubernetes.

Pierre Humberdroz avatar
Pierre Humberdroz

Yea that is the way also was thinking about andrew. But I also remember hearing about kubedb. Maybe even from you?

roth.andy avatar
roth.andy

I’ve run across it a couple of times now. Still haven’t had the opportunity to use it. Maybe for my co’s next hackathon

Max Lobur (Cloud Posse) avatar
Max Lobur (Cloud Posse)


how do you all run databases these days on k8s
we don’t

Max Lobur (Cloud Posse) avatar
Max Lobur (Cloud Posse)

Except maybe commercial products like https://vitess.io/, but that’s still rare

Max Lobur (Cloud Posse) avatar
Max Lobur (Cloud Posse)

However, if you still going to do it, the best way would be to go through “operator” for the engine you need. This is a higher-level concept than just Deployment, and gives more features out of the box: https://operatorhub.io/?category=Database

OperatorHub.io | The registry for Kubernetes Operators

The registry for Kubernetes Operators

2

2021-09-06

SweetOps avatar
SweetOps
07:00:51 PM
[ArgoCD Review Cloud Posse Explains](https://www.youtube.com/watch?v=p2GNHfvapzU)

2021-09-03

SweetOps avatar
SweetOps
07:01:25 PM
[EKS Modules: Cloud Posse vs Terraform AWS Modules Cloud Posse Explains](https://www.youtube.com/watch?v=nyPIG36gaVg)

2021-09-02

SweetOps avatar
SweetOps
11:26:45 PM
[Can You Track Terraform Resource Changes using the Git SHA? Cloud Posse Explains](https://www.youtube.com/watch?v=PgJu-1QabmM)

2021-09-01

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:43 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

larry kirschner avatar
larry kirschner

question about setting up ECS for a microservice-based app:

Is there any example that shows how to set up an app that is a collection of micro services where:

• each micro service has its own docker image/container definition • micro services can route to other micro services w DNS names, e.g. uploads can make requests to <http://graphql.microservice> • the ingress (ALB?) load balancer maps HTTP paths to different microservices, e.g. /home, /graphql

…I’ve been looking at these two modules and their examples:

https://github.com/cloudposse/terraform-aws-ecs-web-app/

https://github.com/cloudposse/terraform-aws-ecs-alb-service-task

…and currently thinking I may be able to get it to work with terraform-aws-ecs-alb-service-task if I add some things externally like aws_service_discovery_private_dns_namespace and add a bunch of my own target groups and rules to an alb

GitHub - cloudposse/terraform-aws-ecs-web-app: Terraform module that implements a web app on ECS and supports autoscaling, CI/CD, monitoring, ALB integration, and much more. attachment image

Terraform module that implements a web app on ECS and supports autoscaling, CI/CD, monitoring, ALB integration, and much more. - GitHub - cloudposse/terraform-aws-ecs-web-app: Terraform module that…

GitHub - cloudposse/terraform-aws-ecs-alb-service-task: Terraform module which implements an ECS service which exposes a web service via ALB. attachment image

Terraform module which implements an ECS service which exposes a web service via ALB. - GitHub - cloudposse/terraform-aws-ecs-alb-service-task: Terraform module which implements an ECS service whic…

Zoom avatar
Zoom
06:28:19 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:20 PM

Andy Miguel (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:25 PM

Vicken Simonian has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:33 PM

Emile Fugulin has joined Public “Office Hours”

Zoom avatar
Zoom
06:28:35 PM

Yusuf has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:23 PM

Michael Manganiello has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:51 PM

Florain Drescher has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:51 PM

PePe Amengual has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:52 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:57 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:04 PM

larry kirschner has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:12 PM

Luis Masaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:26 PM

Jim Antoniou has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:28 PM

Mauricio Wyler has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:29 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:32 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:47 PM

Brandon vh has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:56 PM

Tim Gourley has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:25 PM

Joel Castillo has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:34 PM

Nick James has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:41 PM

Marc Slayton has joined Public “Office Hours”

OliverS avatar
OliverS

My question today is, do you have any recommendation for tracking infra code git hash in resources updated by tf? So you only want to modify the aws tag for git hash if tf decides it has to update the resource.

tim.j.birkett avatar
tim.j.birkett

On a resource level no. at the “stack” level I have a variable set: var.changecommit and set an environment:

cd $STACK
export TF_VAR_changecommit=(git log -n1 --format=%h -- .)
teraform .... 
tim.j.birkett avatar
tim.j.birkett

It does make plans on bigger stacks fun as every resource reports a change…

OliverS avatar
OliverS

Not if you use ignore_tags in the provider config

OliverS avatar
OliverS

On the topic of version tracking of iac, such that only resources in plan get new tag, I found, amazingly, it should be possible to do with https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/resource-tagging#ignoring-changes-in-all-resources. I’m going to try this:

locals {
  iac_version = ...get git short hash...
}

provider "aws" {
  ...
  default_tags {
    tags = {
      IAC_Version = local.iac_version
    }
  }
  ignore_tags {
    keys = ["IAC_Version"]
  }
}
Zoom avatar
Zoom
06:33:26 PM

Kareem Shahin has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:26 PM

Denis Baryshev has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:10 PM

Mike Martin has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:25 PM

Andrew Thompson has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:27 PM

Andrew Elkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:50 PM

David Hawthorne has joined Public “Office Hours”

Andy Miguel (Cloud Posse) avatar
Andy Miguel (Cloud Posse)
Overhaul by Nuru · Pull Request #84 · cloudposse/terraform-aws-eks-node-group attachment image

what Major overhaul. See MIGRATION.md for details. Update to new Cloud Posse security group module and variable naming standards Incorporate features from all open PRs. Supersedes and closes #51 …

GitHub Actions: Reduce duplication with action composition attachment image

GitHub Actions: Reduce duplication with action composition

Docker Desktop no longer free for large companies: New 'Business' subscription is here attachment image

Search for sustainable business model continues, but most usage will still be free

Announcing our latest open-source project, Yor: Automated IaC tag and trace | Bridgecrew Blog attachment image

Yor is an automated IaC tag and trace tool that automatically adds attribution and trace tags to lower MTTR and simplify access control and cost allocation.

GitHub - reviewdog/action-suggester: Suggests any code changes based on diff through GitHub Multi-line code suggestions by using reviewdog attachment image

Suggests any code changes based on diff through GitHub Multi-line code suggestions by using reviewdog - GitHub - reviewdog/action-suggester: Suggests any code changes based on diff through Gi…

Zoom avatar
Zoom
06:35:37 PM

Clayton Olley has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:01 PM

Martin Dojcak has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:14 PM

Arjun Venkatesh has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:41 PM

Arthur Kushner has joined Public “Office Hours”

Zoom avatar
Zoom
06:43:35 PM

faithful anere has joined Public “Office Hours”

Mike Martin avatar
Mike Martin

I noticed the do-not-merge tag you set in the aws-vpc repository (https://github.com/cloudposse/terraform-aws-vpc/pulls?q=is%3Apr+is%3Aopen+label%3Ado-not-merge) - do you have some flow that prevents those from being merged?

Pull requests · cloudposse/terraform-aws-vpc attachment image

Terraform Module that defines a VPC with public/private subnets across multiple AZs with Internet Gateways - Pull requests · cloudposse/terraform-aws-vpc

Zoom avatar
Zoom
06:47:13 PM

Andrew Way has joined Public “Office Hours”

Zoom avatar
Zoom
06:52:55 PM

Uwaila Adams has joined Public “Office Hours”

Zoom avatar
Zoom
07:04:12 PM

Patrick Joyce has joined Public “Office Hours”

    keyboard_arrow_up