#office-hours (2022-09)

Meeting password: sweetops

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cpco.io/slack-office-hours

Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!

https://cpco.io/slack-office-hours

Meeting password: sweetops

2022-09-02

Azar avatar
GitHub Actions: introducing the new, larger GitHub-hosted runners beta | The GitHub Blogattachment image

Now your team can spend less time managing infrastructure and more time writing code.

2

2022-09-05

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)

Question for next time: anybody using Spacelift with CloudFormation? If yes, what was your experience?

2
2
3
Ryan Cartwright avatar
Ryan Cartwright

Hi @Vlad Ionescu (he/him) We have a few customers actively using it. I can see if a recent one will share their experience with you. They recently signed up as they have terraform, SAM, and ansible use cases.

https://docs.spacelift.io/vendors/cloudformation/integrating-with-sam.html

Do you have any questions or feedback? Our Eng team is also available to discuss.

Full disclosure: I lead sales at Spacelift.

Integrating with AWS Serverless Application Model (SAM) - Spacelift Documentation

Collaborative Infrastructure For Modern Software Teams

1
Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)

@Ryan Cartwright thank you for asking! I don’t have any concrete questions unfortunately — Spacelift with CloudFormation is on my to-try list and I haven’t yet had the time, so I was curious if anybody else tried it.

2022-09-06

Gabriel avatar
Gabriel

Question: You (Eric) mentioned AWS IC (SSO) and federation as an approach to fine grained, cross-account permission/access management. I did not quite get it

Like with IAM in the past or present, I know of users, groups, roles.

• Users belong to groups,

• Groups have permissions enforcing MFA and granting cross-account access (assume role), and the

• Other accounts have appropriate roles which users can assume based on the group they are in. This also worked nicely on the CLI. You configure .aws/credentials and .aws/config with creds and profiles once and then the CLI daily flow is:

• MFA once within the CLI and without the browser (8h or 12h duration)

• Switching the value of AWS_PROFILE (allowing for different terminal windows having different roles/accounts) How does your flow on the CLI look (also scripting)? What is the approach behind it?

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Gabriel avatar
Gabriel

Thanks for all the interesting tips

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

thanks @Gabriel! hit us up next week if you want some more concrete examples

Gabriel avatar
Gabriel

Thanks will probably do

Gabriel avatar
Gabriel

BTW, I deleted everything, reinstalled/updated and now it is working without browser interaction except initially.

Starting/generating additional sessions happens without additional browser interaction. So I something was messed up with my config.

2022-09-07

Matt Gowie avatar
Matt Gowie

Discussion topic for today: Anyone using ArgoCD-Autopilot? We were evaluating it at Masterpoint and I believe our intuition is to go in another direction to bootstrap clusters with Argo, but I would still be interested to hear others experience and if they’d recommend for or against.

https://argocd-autopilot.readthedocs.io/

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:55 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:29:16 PM

Ben Smith (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:18 PM

Allan Swanepoel has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:22 PM

Vlad Ionescu has joined Public “Office Hours”

Zoom avatar
Zoom
06:29:55 PM

Linda Pham (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:17 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:29 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:38 PM

Isaac M has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:40 PM

Antonio Rodriguez has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:31 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:37 PM

venkata mutyala has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:14 PM

Mauricio Wyler has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:30 PM

Charles Smith has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:37 PM

Patrick McDonald has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:04 PM

Roy Sprague has joined Public “Office Hours”

Zoom avatar
Zoom
06:33:19 PM

Ralf Pieper has joined Public “Office Hours”

Zoom avatar
Zoom
06:34:01 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:16 PM

Ayobami Bamigboye has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:30 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:39 PM

dag viggo lokoeen has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:52 PM

Mike Martin has joined Public “Office Hours”

Zoom avatar
Zoom
06:35:59 PM

Alexandr Vorona has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:35 PM

Allen Lyons has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:08 PM

Devendra Yadav has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:45 PM

Jonathan Poczatek has joined Public “Office Hours”

Zoom avatar
Zoom
06:37:46 PM

Gabriel has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:00 PM

Hakan Kaya has joined Public “Office Hours”

Zoom avatar
Zoom
06:38:25 PM

Bhushan Uparkar has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:03 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:33 PM

Jim Park has joined Public “Office Hours”

Zoom avatar
Zoom
06:41:02 PM

Marc Tamsky has joined Public “Office Hours”

Zoom avatar
Zoom
06:44:18 PM

Bridget Royer has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:55 PM

Antonio Rodriguez has joined Public “Office Hours”

Zoom avatar
Zoom
06:51:47 PM

Sam Caneer has joined Public “Office Hours”

Zoom avatar
Zoom
06:51:55 PM

Steven Vargas has joined Public “Office Hours”

Zoom avatar
Zoom
06:52:33 PM

Eric Berg has joined Public “Office Hours”

Zoom avatar
Zoom
06:59:32 PM

Vincent Werner has joined Public “Office Hours”

Zoom avatar
Zoom
07:01:32 PM

Vincent Werner has joined Public “Office Hours”

managedkaos avatar
managedkaos

Question: has anyone tried zeet.co? Another multi-cloud build tool new kid on the block.

Jim Park avatar
Jim Park

Fun note for MFA. Now I’d think twice to see if this even makes sense to do, but I’ve seen someone use oauthtool in github actions to answer a MFA.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Make the switch, today.attachment image

Manage your Cloud credentials locally and improve your workflow with the only open-source desktop app you’ll ever need.

SweetOps avatar
SweetOps
12:29:09 AM
Bogdan Mihaescu avatar
Bogdan Mihaescu

@Erik Osterman (Cloud Posse) upload to youtube failed again

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Heads up! we received an erroneous DMCA take down notice and are looking into it.

1

2022-09-08

2022-09-09

2022-09-13

venkata.mutyala avatar
venkata.mutyala
Drift Detection for Terraform Cloud is Now Generally Availableattachment image

Drift Detection for Terraform Cloud continuously checks infrastructure state to detect and notify operators of any changes, minimizing risk, downtime, and costs.

Matt Gowie avatar
Matt Gowie

SMH — They’re so late to the game that it’s actually astounding.

Drift Detection for Terraform Cloud is Now Generally Availableattachment image

Drift Detection for Terraform Cloud continuously checks infrastructure state to detect and notify operators of any changes, minimizing risk, downtime, and costs.

2022-09-14

Gabriel avatar
Gabriel

Question for OH: Anybody upgraded EKS to 1.23? How did it go? Any issues?

Sherif avatar

I been missing recent Office Hours but I listen to the YT Videos. You chatted about managing AWS Config files last week, I been using https://granted.dev and It is very gooood.

Main highlights:

  1. Auto Populated SSO Roles
  2. Open AWS Console in Separate Chrome Profiles
Granted

Granted - the easiest way to access your cloud.

Matt Gowie avatar
Matt Gowie

Hm — This looks pretty great. I know the Leapp folks are building some similar functionality into their tool.

Has anyone used this with Leapp? Does it play nicely?

Granted

Granted - the easiest way to access your cloud.

Sherif avatar

Unfortunately I did not try leapp

Vlad Ionescu (he/him) avatar
Vlad Ionescu (he/him)

FYI: I won’t make it to the call today Sorry!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
06:00:11 PM

@here office hours is starting in 30 minutes! Remember to post your questions here.

Zoom avatar
Zoom
06:30:24 PM

Erik Osterman (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:25 PM

Isaac M has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:26 PM

Linda Pham (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:34 PM

dag viggo lokoeen has joined Public “Office Hours”

Zoom avatar
Zoom
06:30:34 PM

Allan Mohr has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:04 PM

Patrick McDonald has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:27 PM

venkata mutyala has joined Public “Office Hours”

Zoom avatar
Zoom
06:31:30 PM

Gabriel has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:23 PM

Antonio Rodriguez has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:44 PM

Matt Calhoun has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:47 PM

Lucas Andrade has joined Public “Office Hours”

Zoom avatar
Zoom
06:32:56 PM

Charles Smith has joined Public “Office Hours”

Matt Gowie avatar
Matt Gowie

Hm… I’m getting the following when I hit the meeting link today —

Matt Gowie avatar
Matt Gowie

I had to open the Zoom app on my machine and join from there. Tried hard refresh and multiple browsers and yet I was continuing to hit that page.

FYI — @Erik Osterman (Cloud Posse) @Linda Pham (CloudPosse)

Matt Gowie avatar
Matt Gowie

I guess I’m the only one who ran into this since no one else commented on this…

Feel free to ignore me on this one I guess — Maybe some weird hiccup on my end with Zoom?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Thanks for reporting this! We had to extend the meeting occurrences. It’s fixed for next week.

1
Zoom avatar
Zoom
06:36:05 PM

Matt Gowie has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:27 PM

Isa Aguilar has joined Public “Office Hours”

Zoom avatar
Zoom
06:36:28 PM

Amaan Khan has joined Public “Office Hours”

OliverS avatar
OliverS

question i have if time: secrets are a pain to delete and recreate (say you delete a stack that has AWS secrets, and then recreate it and the secrets have same names), any tricks?

Matt Gowie avatar
Matt Gowie

Are you referring to SSM Parameter Store secrets or AWS Secrets Manager that you manage manually?

Maybe a better solution would be to use sops to check in your secrets and seed them into AWS via terraform?

Something like what I built and am upstreaming to Cloud Posse here: https://github.com/cloudposse/terraform-aws-components/pull/480

what

• Adds a new component: ssm-parameters

why

• We use this component on Masterpoint projects to manage SSM Parameter Store resources in a GitOps-ish fashion. • It enables managing secrets via sops and seeding them into SSM Params – This be useful to reduce manual operations around secrets. • It also supports managing normal SSM Params that are not secrets in the case that is useful for non-secret config.

references

• None

Zoom avatar
Zoom
06:38:55 PM

Ben Smith (Cloud Posse) has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:14 PM

Ralf Pieper has joined Public “Office Hours”

Zoom avatar
Zoom
06:39:55 PM

venkata mutyala has joined Public “Office Hours”

Zoom avatar
Zoom
06:40:08 PM

Mohammed Yahya has joined Public “Office Hours”

Zoom avatar
Zoom
06:41:35 PM

Oliver Schoenborn has joined Public “Office Hours”

Zoom avatar
Zoom
06:42:34 PM

Michael Jenkins has joined Public “Office Hours”

Zoom avatar
Zoom
06:45:21 PM

Andrew Vitko has joined Public “Office Hours”

Zoom avatar
Zoom
06:46:44 PM

Bridget Royer has joined Public “Office Hours”

Zoom avatar
Zoom
06:47:34 PM

Ralf Pieper has joined Public “Office Hours”

Zoom avatar
Zoom
06:54:04 PM

Roy Sprague has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
FairwindsOps/pluto

A cli tool to help discover deprecated apiVersions in Kubernetes

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
doitintl/kube-no-trouble

Easily check your clusters for use of deprecated APIs

Christian avatar
Christian

How do you handle updating EKS clusters? We use terraform. Is it safer to recreate everything inside the cluster in the updated version and use some kind of DNS switching? Or just update the version number in the same cluster in terraform. What do people generally do?

Zoom avatar
Zoom
07:12:50 PM

Maged Abdelmoeti has joined Public “Office Hours”

Zoom avatar
Zoom
07:13:18 PM

Life Lofranco has joined Public “Office Hours”

Zoom avatar
Zoom
07:20:09 PM

Ralf Pieper has joined Public “Office Hours”

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Thanks for reporting this! We had to extend the meeting occurrences. It’s fixed for next week.

Allan Swanepoel avatar
Allan Swanepoel

@Erik Osterman (Cloud Posse) - I couldnt make the office hours today - but wanted to ask if youhave, ot thought of doing demos on some of your tools, such as https://github.com/cloudposse/geodesic/ and https://github.com/cloudposse/atmos ?

cloudposse/geodesic
cloudposse/atmos
1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@RB (Ronak) (Cloud Posse) or @matt are you free next week to do an geodesic/atmos demo?

cloudposse/geodesic
cloudposse/atmos
RB (Ronak) (Cloud Posse) avatar
RB (Ronak) (Cloud Posse)

Yes, sure thing

    keyboard_arrow_up