#random (2018-07)

Non-work banter and water cooler conversation

A place for non-work-related flimflam, faffing, hodge-podge or jibber-jabber you’d prefer to keep out of more focused work-related channels. Archive: https://archive.sweetops.com/random/

2018-07-31

maarten avatar
maarten

Hi Fellas, I’m in the process of discovery / audit with a new customer. 12factor is a great reference here, but I’m wondering if there are other reference materials which can be used to audit.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

AWS Well-Architected Framework

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

CIS Foundations Framework

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Dockerfile Best Practices (by docker)

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
12:30:31 AM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

(slack “All Unreads”)

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

“Sorted scientifically” must be the best sort order label I’ve seen. Gave me a good laugh.

2018-07-30

johntellsall avatar
johntellsall

Hi all! Let me introduce myself. I’m super interested in the intersection of Dev, Devops, and Quality. I’m a proponent of containers, Kubernetes, Terraform, and feedback loops. I worked with Erik briefly a couple years back, thanks for inviting me! I twit err tweet at johntellsall ; blog at <http://johntellsall.com>

3
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Welcome @johntellsall! Glad to have you onboard

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Dependabot - Automated Dependency Updates

Automated dependency updates. Dependabot creates pull requests to keep your Ruby, Python, JavaScript, PHP, .NET, Go, Elixir, Rust and Java dependencies up-to-date.

:--1:1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Too bad not terraform modules!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

But it does support submodules and docker!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Max Moon pretty cool way to keep your geodesic account modules up to date

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
09:18:39 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
cloudposse/prod.cloudposse.co

prod.cloudposse.co - Example Terraform/Kubernetes Reference Infrastructure for Cloud Posse Production Organization in AWS

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Support for HCL (Terraform Modules and Providers) · Issue #118 · dependabot/feedback

what Open PRs against terraform repos when terraform modules have new releases Open PRs against terraform repos when terraform providers have new releases why It&#39;s an extremely diverse ecosyste…

loren avatar
loren

yaaaaaassssss!

Support for HCL (Terraform Modules and Providers) · Issue #118 · dependabot/feedback

what Open PRs against terraform repos when terraform modules have new releases Open PRs against terraform repos when terraform providers have new releases why It&#39;s an extremely diverse ecosyste…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Upvote!

michal.matyjek avatar
michal.matyjek

I highly recommend dependabot - the dev is also super responsive, and overall seems like a great person

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

sweet

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I’m really liking it so far.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
cjbassi/gotop

gotop - A terminal based graphical activity monitor inspired by gtop and vtop

krogebry avatar
krogebry

That’s some sexy ascii work right there

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Yea, seriously

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
aksakalli/gtop

gtop - System monitoring dashboard for terminal

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I want this for kube

fernando avatar
fernando

Hey everyone! I’m a DevOps enthusiast from Chile, looking to learn/improve as a SRE and hopefully contribute as well. Nice to be here, and thanks for the invite @Erik Osterman (Cloud Posse)

1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

welcome @fernando! thanks for the contributions to our projects

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I’m here to unblock you, so let me know how we can help.

:--1:1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Moving to #terraform

2018-07-27

dave.yu avatar
dave.yu

the SRE book is also free to read online right now https://landing.google.com/sre/book.html

krogebry avatar
krogebry

Is that “y’all suck so bad we’re giving this to you free” or “we love the community so much we want to help make it better” ?

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

i think it’s Attention Deficit Disorder - nobody will read a 500-page book these days

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Lol it’s good stuff, but pretty dense

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Btw, we have our own former Google SRE here @tamsky

krogebry avatar
krogebry

ohh nice

krogebry avatar
krogebry

I read the book

krogebry avatar
krogebry

Had some dry parts for sure, but plenty of usable snippets to pull out as justification for removing the gun from a clients own foot

2018-07-26

krogebry avatar
krogebry

@Andriy Knysh (Cloud Posse) tl;dr is that covering orgs?

krogebry avatar
krogebry

Orgs are probably my favorite feature right now

krogebry avatar
krogebry

Quality lesson about security happening with LifeLock right now

krogebry avatar
krogebry

If you haven’t caught the news, I’m sure it’ll be coming up soon.

krogebry avatar
krogebry

Lesson learned: you can have the most bad ass cloud security, but things still happen.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Oh wow

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Reading about it now

krogebry avatar
krogebry

yeah, leanring more about it today

krogebry avatar
krogebry

Apparently the guy told us, we dropped that part of the site ( yeah for microservices ) pushed a patch and fixed the problem

krogebry avatar
krogebry

IMHO, that’s about the best outcome you could ask for

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

yea, it’s bad for LifeLock

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

what I learned some time ago is that using integers on URLs as IDs is a very bad idea

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

you can enumerate them very easily

2
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

use GUIDs

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

@krogebry Org is just metadata on top of the root account. The article confirms what we’ve been doing - use separate AWS accounts for more security and control

krogebry avatar
krogebry

Used orgs with a client with something like 5 accounts for security, like you say

krogebry avatar
krogebry

The neat thing was that we could just switch between accounts without having to relog

krogebry avatar
krogebry

super handy!!

:--1:1
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

i agree

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

it’s more complicated to setup and provision, but you get a lot of benefits from it

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Goodbye HipChat: Slack and Atlassian Team Up on Chat Software

Stewart Butterfield’s startup will subsume Atlassian’s corporate chat tools to take on Microsoft.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

R.I.P. stride

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I am elated that I won’t have to join anymore Hipchat or stride teams

Max Moon avatar
Max Moon

lol

jonathan.olson avatar
jonathan.olson

hipchat left a lot to be desired. do not miss it.

jonathan.olson avatar
jonathan.olson

never tried stride.

krogebry avatar
krogebry

Seriously thought that was an onion article at first

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

HAHA yea, me too. I had to reread it to make sure it said what I thought it said.

:--1:1
rohit.verma avatar
rohit.verma
jenkins-x/jx

jx is a command line tool for working with Jenkins X: automated CI/CD for Kubernetes

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

This is the 2018 followup based on the original Google SRE book

2018-07-25

jamie avatar
jamie

One of my clients wants to hire me, but I’m moving out of London in 5 months plus I’m employed. So it won’t work. If there are any freelancers that are aws skilled, Terraform, dev team management background peeps on here in London… let me know and I’ll put you forward. :)

:--1:3
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

interesting article about using separate AWS accounts https://hackernoon.com/managing-seperate-aws-accounts-iam-deployments-e7e3ca038d53

Managing seperate AWS Accounts :last_quarter_moon: IAM & Deployments attachment image

Seperate AWS Accounts is a great way of managing different environments. Get started today with IAM, Security & Deployments.

2018-07-20

jamie avatar
jamie

I need to have more of us know about this app: https://github.com/nvbn/thefuck/blob/master/README.md

nvbn/thefuck

thefuck - Magnificent app which corrects your previous console command.

jamie avatar
jamie

Also, this tool for ecs deployments. https://getmu.io/ which i would like to test and compare to doing it all in terraform.

sarkis avatar
sarkis

oh ya i use to use thefuck lol

sarkis avatar
sarkis

now i do more screensharing with clients though

sarkis avatar
sarkis

maybe i could start again and alias it lol

jamie avatar
jamie

hehe

jamie avatar
jamie

change it to “please”

jamie avatar
jamie

Also, has anyone used weaveworks?

jamie avatar
jamie
Using Weave to Network Containerized Microservices on Amazon ECS

Amazon EC2 Container Service (ECS) is a Docker container management service, part of Amazon Web Services (AWS) cloud. By using Weave Net, a software-defined networking solution, you can deploy containers onto ECS more easily, without…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

it’s one of the standard network drivers for kubernetes

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

but haven’t considered it for ECS

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@jamie what’s the driver for you?

jamie avatar
jamie

As in what motivates me? Or what network mesh am I currently using? Or why am I looking at weave for ecs?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

what problem are you looking to solve by adding weave into the mix?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

mu looks pretty would like a primer on how to best leverage it in combination with terraform

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)


Weave Net simplifies by handling service discovery and load balancing for you.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

not problems we are currently facing

jamie avatar
jamie

I haven’t had a need or a problem to use weave for. But I wanted to get on to using it as my project scopes are becoming larger

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)


Weave Net supports other use cases, which include transparent cross-region connectivity, cross-cloud, and multicast.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

sounds more interesting

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

but no project scope large enough

jamie avatar
jamie

I had thought in the past it might be the bridge between onsite development environments and the hosted resources

jamie avatar
jamie

That could be used in a way as if they were local

jamie avatar
jamie

Sandboxes dev environments with debugging and tracing capacity that allow high pace of change and testing locally without having to push to git or start a pipeline is a common requirement

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

kuberentes has this: https://www.telepresence.io/

Home - Telepresence

Telepresence: a local development environment for a remote Kubernetes cluster

jamie avatar
jamie

And sometimes you can just use offline versions of technologies, like dynamodb and sns etc

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

which is kind of like what you say

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

have you seen this project? it’s sweet

jamie avatar
jamie

Oh that’s nice

jamie avatar
jamie

I haven’t

jamie avatar
jamie

I am wanting something for serverless dev too

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

you deploy a service in your cluster that identifies itself as the service you need

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

but then it creates a reverse proxy tunnel back to your laptop

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

that way you can develop locally, but other services in the cluster talk to it as though it were natively running in kubernetes

:--1:1
jamie avatar
jamie

Do we (the cloudposse massive) have an awesome-xyz style key reading/tools/reference page?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Kind of

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Sec

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
cloudposse/docs

Cloud Posse Developer Hub. Complete documentation for the Cloud Posse solution. https://docs.cloudposse.com

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Also, not sure if you’ve seen our massive glossary. https://github.com/cloudposse/docs/tree/master/content/glossary

cloudposse/docs

Cloud Posse Developer Hub. Complete documentation for the Cloud Posse solution. https://docs.cloudposse.com

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

This automatically highlights terms across the site

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Our tools page is currently focused on what we use. We could add a page like awesome though

Cristin avatar
Cristin

Hi all! What’s the best channel to post a question about an issue I have with one of your modules? Thank you!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

hey! thanks for asking

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

let’s move that to #terraform

:--1:2

2018-07-13

maarten avatar
maarten
Virus in eslint-scope? · Issue #39 · eslint/eslint-scope

Updated blog post: https://eslint.org/blog/2018/07/postmortem-for-malicious-package-publishes Update from the maintainers Incident status report from npm Please follow the comment by @platinumazure…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Postmortem for Malicious Packages Published on July 12th, 2018

A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)


On July 12th, 2018, an attacker compromised the npm account of an ESLint maintainer and published malicious versions of the eslint-scope and eslint-config-eslint packages to the npm registry. On installation, the malicious packages downloaded and executed code from pastebin.com> which sent the contents of the user’s .npmrc file to the attacker. An .npmrc file typically contains access tokens for publishing to npm.</span

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Scope of this could be much, much larger

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

As many npm module repos could now be compromised

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Scary

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)


npm has revoked all access tokens issued before 2018-07-12 12:30 UTC. As a result, all access tokens compromised by this attack should no longer be usable.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Thank god

maarten avatar
maarten
Pull request reminders for Slack attachment image

Dev teams at 400+ companies like Pivotal, Instacart, and Trivago use Pull Reminders to stay on top of code reviews and ship new features faster.

:--1:3
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I signed our cloudposse team up for it! Thanks for sharing.

Pull request reminders for Slack attachment image

Dev teams at 400+ companies like Pivotal, Instacart, and Trivago use Pull Reminders to stay on top of code reviews and ship new features faster.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Daren @dave.yu @Max Moon @Jeremy (Cloud Posse) check this out!

Daren avatar
Daren

On neat

Daren avatar
Daren
Trailer.app

Accelerate your GitHub workflow. Never miss a comment again. Track pull requests and issues across repositories, directly in your Notification Center or on any device.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Hah! Was just about to share

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I end up drowning in trailer. Also, doesn’t work as well if you use 2 laptops (home and work)

Max Moon avatar
Max Moon

nice!

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
Trailer.app

Accelerate your GitHub workflow. Never miss a comment again. Track pull requests and issues across repositories, directly in your Notification Center or on any device.

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

These PR stats in “pullreminder” are nice

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
11:11:35 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
11:11:50 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
11:12:03 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
11:13:20 PM
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@Daren :point_up: you don’t get this with trailer

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
11:14:48 PM
    keyboard_arrow_up