#office-hours (2023-01)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2023-01-03
Hello everyone, i would like to ask about deployment of AWS Config in AWS Organizations. From what i can see in documentation, YouTube, and in Google’s results overall - there are a lot of examples of deployment using CloudFormation StackSet’s. But in our company we’re using Terraform (and not using CloudFormation).
Question: did anyone tried to deploy AWS Config in AWS Organizations (i.e. multi-region + multi-account) features as Conformance Packs and overall enforcing 1 rule to all AWS Org member accounts (and selected regions)? Is there any caveats or limitations / features (compared to deploying same setup, but with CloudFormation StackSet’s)?
(PS. Maybe i asked question in wrong chat, I’m new here )
Would love to offer suggestions but I don’t understand your question clearly
I’d say you should go with terraform for provisioning as one of the major points it has for it as against cloudformation is the avoidance of vendor lock-in
In short: could it be done (deploying AWS Config in AWS organizations, across multiple accounts & multiple regions) via Terraform (while almost all if not all examples that i’ve seen so far are CloudFormation StackSets)?
Yes, can be done with terraform using the right providers and resources
here are some helpful links
Hope these help
@Erik Osterman (Cloud Posse), re deploying ingress controller crds, where are those examples of deploying multi-doc yaml manifests, using the kubernetes_manifest resources instead of kubectl_manifest?
2023-01-04
@here office hours is starting in 30 minutes! Remember to post your questions here.
Reposting from above, I got missed a few weeks ago ha.
Q: What are some good ways to update an application in argo with the new docker tag?
Some options…
• image updater sounds great and it’s on the roadmap to be added to argocd
• eventbridge watching docker pushes which triggering lambda container with a git library doing the replacement on values.yaml?
• CI mechanism building images does the replacement in values.yaml and makes a commit?
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Omry Hay has joined Public “Office Hours”
Andy Roth has joined Public “Office Hours”
Brian Pauley has joined Public “Office Hours”
Ralf Pieper has joined Public “Office Hours”
Linda Pham (Cloud Posse) has joined Public “Office Hours”
Sean Turner has joined Public “Office Hours”
Maura Rowell has joined Public “Office Hours”
Andrew Vitko has joined Public “Office Hours”
Andy Wortman has joined Public “Office Hours”
Luis Masaya has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
Joe Caulfield has joined Public “Office Hours”
Charles Smith has joined Public “Office Hours”
Stevan Arychuk has joined Public “Office Hours”
Roy Sprague has joined Public “Office Hours”
dag viggo lokoeen has joined Public “Office Hours”
Guillermo Gutierrez has joined Public “Office Hours”
Ozzy has joined Public “Office Hours”
Steven Vargas has joined Public “Office Hours”
Harold Sphinx has joined Public “Office Hours”
Guelor Emanuel has joined Public “Office Hours”
Isa Aguilar has joined Public “Office Hours”
Mazin Ahmed has joined Public “Office Hours”
Isaac M has joined Public “Office Hours”
Peter L has joined Public “Office Hours”
Oliver Schoenborn has joined Public “Office Hours”
Sergei Valevka has joined Public “Office Hours”
Paul Bullock has joined Public “Office Hours”
Salvador Montiel has joined Public “Office Hours”
David Ekpo has joined Public “Office Hours”
Links from today’s call: https://cloud.google.com/docs/terraform/best-practices-for-terraform https://github.com/docker/bake-action https://github.com/docker/bake-action/blob/master/docker-bake.hcl https://argocd-image-updater.readthedocs.io/en/stable/ https://argocd-image-updater.readthedocs.io/en/stable/basics/update-methods/#method-git https://github.com/gofireflyio/aiac
2023-01-05
2023-01-11
@here office hours is starting in 30 minutes! Remember to post your questions here.
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Brian Pauley has joined Public “Office Hours”
Oliver Schoenborn has joined Public “Office Hours”
Vlad Ionescu has joined Public “Office Hours”
Linda Pham (Cloud Posse) has joined Public “Office Hours”
Isaac M has joined Public “Office Hours”
Jeremy White has joined Public “Office Hours”
Andrew Vitko has joined Public “Office Hours”
Trina King has joined Public “Office Hours”
Bryan Dady has joined Public “Office Hours”
Eric Berg has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
Sumeet Agarwal has joined Public “Office Hours”
Greg Bouwens has joined Public “Office Hours”
Jim Park has joined Public “Office Hours”
Arthur Dent has joined Public “Office Hours”
Ashley Delbridge has joined Public “Office Hours”
Salvador Montiel has joined Public “Office Hours”
Yusuf has joined Public “Office Hours”
Andy Roth has joined Public “Office Hours”
Harold Sphinx has joined Public “Office Hours”
Igor M has joined Public “Office Hours”
Alex Siegman has joined Public “Office Hours”
Paul Marcelin has joined Public “Office Hours”
Roy Sprague has joined Public “Office Hours”
Ashwin Jacob has joined Public “Office Hours”
Joe Perez has joined Public “Office Hours”
Paul Bullock has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
Brad Curfman has joined Public “Office Hours”
Roy Sprague has joined Public “Office Hours”
Michael Sew has joined Public “Office Hours”
Martin Mazurik has joined Public “Office Hours”
David Ekpo has joined Public “Office Hours”
PePe Amengual has joined Public “Office Hours”
Links from today’s call: https://atmos.tools/category/quick-start/ https://atmos.tools/core-concepts/components/remote-state/ https://atmos.tools/cli/cheatsheet/ https://atmos.tools/core-concepts/workflows/ https://aws.amazon.com/blogs/aws/amazon-s3-encrypts-new-objects-by-default/ https://thenextweb.com/news/evernote-acquired-how-new-owner-can-fix-it https://www.reuters.com/technology/twitter-hacked-200-million-user-email-addresses-leaked-researcher-says-2023-01-05/ https://github.com/valentindeaconu/terralist https://github.com/lensapp/lens/issues/6823 https://www.producthunt.com/posts/kubernetes-chatgpt-bot https://til.simonwillison.net/clickhouse/github-explorer https://circleci.com/blog/january-4-2023-security-alert/ https://docs.aws.amazon.com/AmazonECR/latest/userguide/push-oci-artifact.html https://webauthn.io
2023-01-18
@here office hours is starting in 30 minutes! Remember to post your questions here.
11
For autogenerating Helm chart README.md’s what do you folks use? I came across the following options, does anyone have another recommendation?
@Igor Rodionov
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Marc Tamsky has joined Public “Office Hours”
Jonathan Poczatek has joined Public “Office Hours”
Brad Curfman has joined Public “Office Hours”
Peter Luknar has joined Public “Office Hours”
Linda Pham (Cloud Posse) has joined Public “Office Hours”
Paul Marcelin has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
venkata mutyala has joined Public “Office Hours”
Brian Pauley has joined Public “Office Hours”
Geordan Liban has joined Public “Office Hours”
Maura Rowell has joined Public “Office Hours”
deniz gokcin has joined Public “Office Hours”
Alex Atkinson has joined Public “Office Hours”
Matt Reggler has joined Public “Office Hours”
Isa Aguilar has joined Public “Office Hours”
tyler has joined Public “Office Hours”
Paul Bullock has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
last minute question:
We are on GitHub Teams plan and I was wondering how are the folks here handling shared-actions. I have some workflows that are identical in all repos and I have some workfows that have minor differences in different repos. Although I am using dependabot to handle version bumps, it started to be super painful to update 30+ repos whenever I think of an enhancement. Any tips??
We swapped from gitlab to github and now use reusable workflows.
Our shared actions repo: https://github.com/scientist-softserv/actions
Caller workflow example: https://github.com/scientist-softserv/palni-palci/blob/main/.github/workflows/build-test-lint.yaml
Jim Park has joined Public “Office Hours”
Ashwin Jacob has joined Public “Office Hours”
Soren Jensen has joined Public “Office Hours”
Andrew Vitko has joined Public “Office Hours”
Ashwin Jacob has joined Public “Office Hours”
Isaac M has joined Public “Office Hours”
Harold Sphinx has joined Public “Office Hours”
Christopher Pieper has joined Public “Office Hours”
Matt Ouellette has joined Public “Office Hours”
Harold Sphinx has joined Public “Office Hours”
Matt Ouellette has joined Public “Office Hours”
PePe Amengual has joined Public “Office Hours”
Links from today’s call: https://starship.rs/ https://medium.com/chick-fil-atech/enterprise-restaurant-compute-f5e2fd63d20f https://dev.37signals.com/our-cloud-spend-in-2022/ https://github.com/hashicorp/terraform-provider-aws/issues/23288 https://www.reddit.com/r/Terraform/comments/10dtwjk/send_physical_mail_using_terraform/ https://www.apple.com/newsroom/2023/01/apple-unveils-macbook-pro-featuring-m2-pro-and-m2-max/
2023-01-21
Hello guys, Is there a tool that i can search and list versions of docker image on dockerhub ? docker search searches for versions but do not list available image versions/tags
#!/bin/bash
set -e
# User to search for
UNAME=${1}
# get token to be able to talk to Docker Hub
TOKEN=dckr_pat_XXXXXXXXXXXXXXXXXXXXXXXx
#TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d '{"username": "'${UNAME}'", "password": "'${UPASS}'"}' <https://hub.docker.com/v2/users/login/> | jq -r .token)
# get list of namespaces accessible by user (not in use right now)
#NAMESPACES=$(curl -s -H "Authorization: JWT ${TOKEN}" <https://hub.docker.com/v2/repositories/namespaces/> | jq -r '.namespaces|.[]')
# get list of repos for that user account
REPO_LIST=$(curl -s -H "Authorization: JWT ${TOKEN}" <https://hub.docker.com/v2/repositories/${UNAME}/?page_size=10000> | jq -r '.results|.[]|.name')
# build a list of all images & tags
for i in ${REPO_LIST}
do
# get tags for repo
IMAGE_TAGS=$(curl -s -H "Authorization: JWT ${TOKEN}" <https://hub.docker.com/v2/repositories/${UNAME}/${i}/tags/?page_size=10000> | jq -r '.results|.[]|.name')
# build a list of images from tags
for j in ${IMAGE_TAGS}
do
# add each tag to list
FULL_IMAGE_LIST="${FULL_IMAGE_LIST} ${UNAME}/${i}:${j}"
done
done
# output list of all docker images
for i in ${FULL_IMAGE_LIST}
do
echo ${i}
done
2023-01-22
Interesting looking tool for simulating k8s clusters… https://kwok.sigs.k8s.io/
2023-01-23
Jesus… that’s gonna be the next step to containers… now they arent even “real”
it’s virtualization on top of virtualization on top of virtualization -> simulation aka the matrix LOOOOOL
1
And here’s another one. some sort of Vault-competitor, secrets management tool: https://infisical.com/ https://github.com/Infisical/infisical
2023-01-25
Resharing from another user group: https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF
@here office hours is starting in 30 minutes! Remember to post your questions here.
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
Brian Pauley has joined Public “Office Hours”
Allan Mohr has joined Public “Office Hours”
Linda Pham (Cloud Posse) has joined Public “Office Hours”
Nenna Salinas has joined Public “Office Hours”
Ralf Pieper has joined Public “Office Hours”
Michael Jenkins has joined Public “Office Hours”
Roy Sprague has joined Public “Office Hours”
Harold Sphinx has joined Public “Office Hours”
Matt Calhoun has joined Public “Office Hours”
Andy Wortman has joined Public “Office Hours”
Jim Park has joined Public “Office Hours”
Gabriel Tam has joined Public “Office Hours”
Isaac M has joined Public “Office Hours”
Dave Lundgren has joined Public “Office Hours”
Michael Pursifull has joined Public “Office Hours”
dag viggo lokoeen has joined Public “Office Hours”
Matt Gowie has joined Public “Office Hours”
David Ekpo has joined Public “Office Hours”
Paul Marcelin has joined Public “Office Hours”
Soren Jensen has joined Public “Office Hours”
Azar AKB has joined Public “Office Hours”
Marc Tamsky has joined Public “Office Hours”
Links from today’s call: https://blog.thinkst.com/2023/01/swipe-right-on-our-new-credit-card-tokens.html https://keda.sh/ https://zura.wiki/post/never-write-a-commit-message-again-with-the-help-of-gpt-3/ https://media.defense.gov/2023/Jan/18/2003145994/-1/-1/0/CSI_IPV6_SECURITY_GUIDANCE.PDF https://github.com/Infisical/infisical https://kwok.sigs.k8s.io/ https://www.hashicorp.com/blog/terraform-cloud-adds-projects-to-organize-workspaces-at-scale https://github.com/rootsami/terradrift https://github.com/PacoVK/tapir https://gist.github.com/tobischw/937def6638edd8f1be218dcb272e17e1 https://infisical.com/docs/self-hosting/deployments/kubernetes https://www.doppler.com/
regarding the question yesterday about communication between (micro)services, maybe this article and the idea can help https://martinfowler.com/bliki/ParallelChange.html
“The API expand-contract pattern, sometimes called parallel change, will be familiar to many, especially when used with databases or code; however, we only see low levels of adoption with APIs. Specifically, we’re seeing complex versioning schemes and breaking changes used in scenarios where a simple expand and then contract would suffice. For example, first adding to an API while deprecating an existing element, and then only later removing the deprecated elements once consumers are switched to the newer schema. This approach does require some coordination and visibility of the API consumers, perhaps through a technique such as consumer-driven contract testing.” Thoughtworks