#office-hours (2021-09)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2021-09-01
@here office hours is starting in 30 minutes! Remember to post your questions here.
question about setting up ECS for a microservice-based app:
Is there any example that shows how to set up an app that is a collection of micro services where:
• each micro service has its own docker image/container definition
• micro services can route to other micro services w DNS names, e.g. uploads can make requests to <http://graphql.microservice>
• the ingress (ALB?) load balancer maps HTTP paths to different microservices, e.g. /home, /graphql
…I’ve been looking at these two modules and their examples:
https://github.com/cloudposse/terraform-aws-ecs-web-app/
https://github.com/cloudposse/terraform-aws-ecs-alb-service-task
…and currently thinking I may be able to get it to work with terraform-aws-ecs-alb-service-task if I add some things externally like aws_service_discovery_private_dns_namespace and add a bunch of my own target groups and rules to an alb
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Andy Miguel (Cloud Posse) has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Emile Fugulin has joined Public “Office Hours”
Yusuf has joined Public “Office Hours”
Michael Manganiello has joined Public “Office Hours”
Florain Drescher has joined Public “Office Hours”
PePe Amengual has joined Public “Office Hours”
Vlad Ionescu has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
larry kirschner has joined Public “Office Hours”
Luis Masaya has joined Public “Office Hours”
Jim Antoniou has joined Public “Office Hours”
Mauricio Wyler has joined Public “Office Hours”
Oliver Schoenborn has joined Public “Office Hours”
Eric Berg has joined Public “Office Hours”
Brandon vh has joined Public “Office Hours”
Tim Gourley has joined Public “Office Hours”
Joel Castillo has joined Public “Office Hours”
Nick James has joined Public “Office Hours”
Marc Slayton has joined Public “Office Hours”
My question today is, do you have any recommendation for tracking infra code git hash in resources updated by tf? So you only want to modify the aws tag for git hash if tf decides it has to update the resource.
On a resource level no. at the “stack” level I have a variable set: var.changecommit and set an environment:
cd $STACK
export TF_VAR_changecommit=(git log -n1 --format=%h -- .)
teraform ....
It does make plans on bigger stacks fun as every resource reports a change…
Not if you use ignore_tags in the provider config
See start and end of thread at https://sweetops.slack.com/archives/CB6GHNLG0/p1630526299064800
Kareem Shahin has joined Public “Office Hours”
Denis Baryshev has joined Public “Office Hours”
Mike Martin has joined Public “Office Hours”
Andrew Thompson has joined Public “Office Hours”
Andrew Elkins has joined Public “Office Hours”
David Hawthorne has joined Public “Office Hours”
links from today’s session:
• https://github.com/cloudposse/terraform-aws-eks-node-group/pull/84
• https://github.blog/changelog/2021-08-25-github-actions-reduce-duplication-with-action-composition/
• https://www.theregister.com/2021/08/31/docker_desktop_no_longer_free/
• https://bridgecrew.io/blog/announcing-yor-open-source-iac-tag-trace-cloud-resources/
Clayton Olley has joined Public “Office Hours”
Martin Dojcak has joined Public “Office Hours”
Arjun Venkatesh has joined Public “Office Hours”
Arthur Kushner has joined Public “Office Hours”
faithful anere has joined Public “Office Hours”
I noticed the do-not-merge tag you set in the aws-vpc repository (https://github.com/cloudposse/terraform-aws-vpc/pulls?q=is%3Apr+is%3Aopen+label%3Ado-not-merge) - do you have some flow that prevents those from being merged?
Andrew Way has joined Public “Office Hours”
Uwaila Adams has joined Public “Office Hours”
Patrick Joyce has joined Public “Office Hours”
2021-09-02
| [Can You Track Terraform Resource Changes using the Git SHA? | Cloud Posse Explains](https://www.youtube.com/watch?v=PgJu-1QabmM) |
2021-09-03
| [EKS Modules: Cloud Posse vs Terraform AWS Modules | Cloud Posse Explains](https://www.youtube.com/watch?v=nyPIG36gaVg) |
2021-09-06
| [ArgoCD Review | Cloud Posse Explains](https://www.youtube.com/watch?v=p2GNHfvapzU) |
2021-09-07
| [Why Should Golang Devs Learn Terraform? | Cloud Posse Explains](https://www.youtube.com/watch?v=O_xUTXKBsyg) |
hey you all!
Maybe a question for tomorrow but how do you all run databases these days on k8s? I have always avoided it in the past and used managed service but I am currently working on project which requires the database to be deployed inside k8s..
I would be happy to hear about the good and parts of the ways you have tried.
Out of curiosity - why is this required? Using external installs of DB is better from a performance perspective, as those deployments would be tuned for the type of work a DB normally does (I/O etc)
Lately if I’m running daily backups and can afford a little downtime I just run the postgres helm chart and call it a day and move on. Services that need to be more resilient get an RDS db
obviously there are a ton of different factors that doesn’t account for like load and sharding but it’s great for the small stuff that I used to care too much about
It is for a hobby project me and a couple of friends wanna explore how a database would run on kubernetes. And see how far we can take it when we run most of our stuff on kubernetes.
Yea that is the way also was thinking about andrew. But I also remember hearing about kubedb. Maybe even from you?
I’ve run across it a couple of times now. Still haven’t had the opportunity to use it. Maybe for my co’s next hackathon
how do you all run databases these days on k8s
we don’t
Except maybe commercial products like https://vitess.io/, but that’s still rare
However, if you still going to do it, the best way would be to go through “operator” for the engine you need. This is a higher-level concept than just Deployment, and gives more features out of the box: https://operatorhub.io/?category=Database
Well covered here https://www.youtube.com/watch?v=9vEj6rmrK8M
2021-09-08
GCP support wopwop
@here office hours is starting in 30 minutes! Remember to post your questions here.
Andy Miguel (Cloud Posse) has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Vlad Ionescu has joined Public “Office Hours”
David Hawthorne has joined Public “Office Hours”
dario erregue has joined Public “Office Hours”
Florain Drescher has joined Public “Office Hours”
Yusuf has joined Public “Office Hours”
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Luis Masaya has joined Public “Office Hours”
Clayton Olley has joined Public “Office Hours”
emem umoh has joined Public “Office Hours”
Michael Manganiello has joined Public “Office Hours”
links from today’s session:
• https://github.com/hashicorp/terraform/commit/6562466c32a8750d7a71a6cc6232e6b5a28fe13a
• https://aws.amazon.com/jp/blogs/containers/amazon-vpc-cni-increases-pods-per-node-limits/
• https://github.com/alexjurkiewicz/spacelift-webhook-receiver
• https://github.com/cloudposse/terraform-aws-ec2-client-vpn/pull/2
Patrick Joyce has joined Public “Office Hours”
Oskar Maria Grande has joined Public “Office Hours”
A V has joined Public “Office Hours”
Mike Martin has joined Public “Office Hours”
Eric Berg has joined Public “Office Hours”
Jim Park has joined Public “Office Hours”
Neil Gealy has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
Michael Holt has joined Public “Office Hours”
Yusuf has joined Public “Office Hours”
Michael Holt has joined Public “Office Hours”
Sheldon Hull has joined Public “Office Hours”
Carlos T has joined Public “Office Hours”
Nice! ArgoCD is a long way coming. I haven’t looked at it in years.
Sam C has joined Public “Office Hours”
dario erregue has joined Public “Office Hours”
My company uses terraform for github. It’s soooo slow. :*(
What part of it is slow?
The state refresh, as there are several repositories and branch protection rules. I openly wonder if there’s some missing api for defining parallelizable workflows inside terraform.
Vlad H has joined Public “Office Hours”
emem umoh has joined Public “Office Hours”
The documentation is very rough and still a WIP, but here is some example code for using App Mesh on ECS: https://github.com/scribd/pr-preview-example
2021-09-09
@Andy Miguel (Cloud Posse) was there a recording of any discussion about Nomad VS EKS?
we haven’t had a nomad demo or a comparison with eks. cc @Erik Osterman (Cloud Posse) @Taylor Dolezal
I will like to hear what people think about it
maybe for next week office hours
Oh! That’d be an interesting one! I might be able to join in November (post KubeCon) on that front
or Nomas VS Argo too
2021-09-10
2021-09-13
| [Running Databases on Kubernetes | Cloud Posse Explains](https://www.youtube.com/watch?v=9vEj6rmrK8M) |
2021-09-14
| [Should Kubernetes Beginners use Helm? | Cloud Posse Explains](https://www.youtube.com/watch?v=KSb3dEeNV-A) |
2021-09-15
@here office hours is starting in 30 minutes! Remember to post your questions here.
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
Eric Berg has joined Public “Office Hours”
Andy Miguel (Cloud Posse) has joined Public “Office Hours”
Cole Lawrence has joined Public “Office Hours”
David Hawthorne has joined Public “Office Hours”
venkata mutyala has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
Clayton Olley has joined Public “Office Hours”
Luis Masaya has joined Public “Office Hours”
Phillip Hocking has joined Public “Office Hours”
Jim Park has joined Public “Office Hours”
Amer Zec has joined Public “Office Hours”
Madhusudan Satapathy has joined Public “Office Hours”
links from today’s session:
• https://github.com/cloudposse/terraform-aws-ec2-client-vpn
• https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
• https://github.blog/2021-08-24-github-cli-2-0-includes-extensions/
• https://aws.amazon.com/about-aws/whats-new/2021/08/custom-widgets-amazon-cloudwatch-dashboards/
• https://aws.amazon.com/about-aws/whats-new/2021/08/amazon-elasticache-redis/
Geoff Weinhold has joined Public “Office Hours”
Kensie Meredith has joined Public “Office Hours”
Michael Holt has joined Public “Office Hours”
Tim Gourley has joined Public “Office Hours”
Oliver Schoenborn has joined Public “Office Hours”
EKS (with amazon deploy tools) vs Argo VS Nomad?
I’m not on the call but I will be in a minute
PePe Amengual has joined Public “Office Hours”
Blaise pabon has joined Public “Office Hours”
Maycon Santos has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Oskar Maria Grande has joined Public “Office Hours”
2021-09-16
2021-09-21
anyone experiencing downtime on udemy too
Yep. BTW you can always use this site to check https://downforeveryoneorjustme.com/udemy.com?proto=https&www=1
2021-09-22
@here office hours is starting in 30 minutes! Remember to post your questions here.
Has anyone used/looked at Dex? https://dexidp.io/ Just saw this and was curious about how it works.
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Neil Gealy has joined Public “Office Hours”
Anton Babenko has joined Public “Office Hours”
Andy Miguel (Cloud Posse) has joined Public “Office Hours”
Justin Davis has joined Public “Office Hours”
venkata mutyala has joined Public “Office Hours”
Alina B has joined Public “Office Hours”
Cole Lawrence has joined Public “Office Hours”
Ian Bartholomew has joined Public “Office Hours”
Luis Masaya has joined Public “Office Hours”
Clayton Olley has joined Public “Office Hours”
Jim Park has joined Public “Office Hours”
hmm can’t seem to join
try this link and use passcode sweetops https://cloudposse.zoom.us/j/508587304?pwd=ZUlSVEtLRktDWjZaOUN1b3k1enhQdz09
Yusuf has joined Public “Office Hours”
Eric Berg has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Nate Faerber has joined Public “Office Hours”
Florain Drescher has joined Public “Office Hours”
Geoff Weinhold has joined Public “Office Hours”
I’m getting “registration closed” when trying to use the zoom link
You can Copy the Link then open the Zoom app and Join then paste the link (Meeting ID) with password “sweetops”. I got in that way.
try this link and use passcode sweetops https://cloudposse.zoom.us/j/508587304?pwd=ZUlSVEtLRktDWjZaOUN1b3k1enhQdz09
what @Nate Faerber said
The app is not an option for me. The link above gives me the same “registration is closed” message. I can watch the youtube to catchup, thanks for the responses.
i get the same
sorry everyone!
we’ll get that fixed for next week
no worries thx Erik
i’ll also catch this on youtube
This is fixed now
Zoom introduced some new toggle that capped the number of registrants. Fortunately, we were able to disable it.
David B has joined Public “Office Hours”
Marc Tamsky has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
Alexandr Vorona has joined Public “Office Hours”
Marc Slayton has joined Public “Office Hours”
Oliver Schoenborn has joined Public “Office Hours”
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
I missed the first half today, was hoping to get it on youtube… how long does it take for the recording to become available?
2021-09-23
2021-09-27
2021-09-28
Another feature that has me saying “its about time” https://aws.amazon.com/about-aws/whats-new/2021/09/amazon-ec2-global-view-console-regions/
2021-09-29
@here office hours is starting in 30 minutes! Remember to post your questions here.
unfortunately, I can not attend, but two questions:
• (?) most matured packaging tool that can handle helm, kustomize and raw manifests and has advanced templating support, also support for loading secrets from different vaults at render time ( there is a helmfile and vals, but mumoshu is single dev… and its not actively developed, kapitan, nor tanka, nor ytt + kapp dont handle these ^… btw, would be nice to have also terraform provider, or at least datasource support to render yaml directly in terraform, useful for cluster bootstraping …)
• (?) “prepulling” images to k8s nodes, useful with autoscaler ( we are using overprovisioner and keda scheduler plus cloud autoscaler to prepare nodes for CI in certain times, there is https://github.com/openkruise/kruise, which can do a lot of other things and then there is https://github.com/senthilrch/kube-fledged , which is dedicated to prewarming images, seems that both are missing prometheus metrics support,… ) ideas? thanks
Vlad Ionescu has joined Public “Office Hours”
Justin Davis has joined Public “Office Hours”
David Hawthorne has joined Public “Office Hours”
Anton Babenko has joined Public “Office Hours”
Andy Miguel (Cloud Posse) has joined Public “Office Hours”
Manuel Morejon has joined Public “Office Hours”
Andrew Thompson has joined Public “Office Hours”
Leon Mwandiringa has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
Michael Manganiello has joined Public “Office Hours”
Evan Pitstick has joined Public “Office Hours”
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Zadkiel AHARONIAN has joined Public “Office Hours”
Ian Bartholomew has joined Public “Office Hours”
Oskar Maria Grande has joined Public “Office Hours”
Florain Drescher has joined Public “Office Hours”
Mohammed Yahya has joined Public “Office Hours”
Patrick Joyce has joined Public “Office Hours”
James Haughey has joined Public “Office Hours”
Alex Siegman has joined Public “Office Hours”
Oscar Blanco has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
David Lundgren has joined Public “Office Hours”
Jeremy Branham has joined Public “Office Hours”
John Mitchell has joined Public “Office Hours”
Alina B has joined Public “Office Hours”
Vicken Simonian has joined Public “Office Hours”
Michael Holt has joined Public “Office Hours”
Neil Gealy has joined Public “Office Hours”
Uwaila Adams has joined Public “Office Hours”
Mauricio Wyler has joined Public “Office Hours”
Mukesh Sharma has joined Public “Office Hours”
emem umoh has joined Public “Office Hours”
Blaise pabon has joined Public “Office Hours”
Florain Drescher has joined Public “Office Hours”
links from today’s session:
• https://github.com/cloudposse/atmos
• https://www.engadget.com/fastmail-1password-masked-email-110028257.html
• https://twitter.com/sebramsland/status/1443274758968258575?s=21
• https://jeffbrown.tech/terraform-taint-replace/
• https://medium.com/version-1/terraform-in-real-life-lessons-learned-2469e3fe74e6
venkata mutyala has joined Public “Office Hours”
emem umoh has joined Public “Office Hours”
Blaise pabon has joined Public “Office Hours”
emem umoh has joined Public “Office Hours”
2021-09-30
https://blog.cloudflare.com/introducing-r2-object-storage/
R2 will run across Cloudflare’s global network, which is most known for providing anti-DDoS services to its customers by absorbing and dispersing the massive amounts of traffic that accompany denial-of-service attacks on websites. It will be compatible with S3’s API, which makes it much easier to move applications already written with S3 in mind, and Cloudflare said that beyond the elimination of egress fees, the new service will be 10% cheaper to operate than S3.