#random (2021-06)

Non-work banter and water cooler conversation

A place for non-work-related flimflam, faffing, hodge-podge or jibber-jabber you’d prefer to keep out of more focused work-related channels. Archive: https://archive.sweetops.com/random/

2021-06-11

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
How Hackers Used Slack to Break into EA Games attachment image

A representative for the hackers explained to Motherboard how the group stole a wealth of data from the game publishing giant.

2021-06-10

Gerald avatar
Gerald

Hi people, any Infrastructure as Code practitioners here? I’d need to pick your brain for a second please, to help us prioritize items on an OSS tool roadmap  If you look at your setup (or your customer’s), would you say that:

 You only use a single IaC solution (ex: CloudFormation only, Terraform only, Pulumi only…)  You use multiple IaC solutions on purpose for different resources/use cases (ex: CloudFormation + Terraform or ARM+Terraform and/or the serverless framework)  You use multiple solutions today but plan to migrate to a single solution (ex migrating from a mix of CloudFormation + Terraform to Terraform only)

Many thanks for your feedback, it really helps

3
7
1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Use terraform for the foundational infrastructure capable of supporting most tools. Use what ever other tool developers want for their applications. Serverless, CDK, CFT, etc

1
Gerald avatar
Gerald

very interesting, thanks @Erik Osterman (Cloud Posse)

Andrey Nazarov avatar
Andrey Nazarov

A second ago I answered it somewhere else)))

1
Gerald avatar
Gerald

thanks a lot. Really appreciate.

MattyB avatar
MattyB

We prefer Terraform over the others due to CloudPosse’s secure by default, context.tf, other good practices, and helpful community. We’ve also used AWS SAM and CDK for certain things like lambdas, apigw, or when developers prefer not to learn another language.

Gerald avatar
Gerald

Okay, I get it. So it’s a bit like for Erik. Your basis is on TF, but there’s an open door for what developers might want/need on top of that. Thanks a lot for sharing

2

2021-06-09

Pipo avatar

Hey guys, I am considering changing from terraform cloud to another service. Have anyone used CircleCi or Scalr or any other service? The main issue with Terraform Cloud is that having too many concurrent runs and the total runs per month is expensive, and I need to run over 5K runs per month.

AWay avatar

Have you seen the CloudPosse video comparing the different “TACoS” providers?

AWay avatar

(disclaimer: I’m from env0)

AWay avatar

we offer unlimited concurrency

Pipo avatar

Nope, I didn’t, thank you! I have something to see at lunch haha

1
ms16 avatar

TF cloud why you so expensive

1
1
Matt Gowie avatar
Matt Gowie

This question comes up all the time — The video helps. Good alternatives to TFC are:

  1. Scalr
  2. Spacelift
  3. Env0 (though unfortunately doesn’t have a Terraform provider which is the killer for me) I just completed a migration from TFC to Spacelift and I’m a big fan.
omry avatar

@Matt Gowie we actually have a Terraform provider - https://registry.terraform.io/providers/env0/env0/latest

(I am the co-founder and CTO of env0)

1
Matt Gowie avatar
Matt Gowie

@ Ah glad to see it launched! Ya’ll are now in the running in my mind. I’ll be sure to check out the provider and hit ya’ll up for a demo sometime.

omry avatar

Sure thing @Matt Gowie, we’ll be happy to give you a demo and show you the product

2021-06-08

rei avatar

Apparently fastly broke the Internet https://downdetector.com/

Status overview attachment image

Realtime overview of issues and outages with all kinds of services. Having issues? We help you find out what is wrong.

rei avatar
News about fastly on Twitter

10m ago @AP tweeted: “Numerous websites were unavailable on Tu..” - read what others are saying and join the conversation.

DevOpsGuy avatar
DevOpsGuy

Can anyone have (best) suggestions on below question?? This is for Kubernetes Micro-services. Cloud: AWS (But, we manage the cluster)

  1. What is the best open source Service Mesh?
  2. What is the best open source API Gateway?
  3. Is it ok to have both Service Mesh and API Gateway? If so, what is the best combination of both?
roth.andy avatar
roth.andy

It’s hard to answer what is “best” since different things are “best” in different situations. Can you talk a bit about what your situation is and what outcomes you are looking for?

For example, in my team, we were looking for the ability to abstract Zero Trust and centralized logging away from the application development efforts and into the platform, so we chose Istio

William Morgan avatar
William Morgan

To partially answer #3, yes, having both is a common pattern

William Morgan avatar
William Morgan

For the others… what problem are you trying to solve?

William Morgan avatar
William Morgan

E.g. I work on Linkerd and our focus is on minimalism, performance, and “feeling” like the rest of K8s. If that’s important to you then IMO it’s a good choice. If you have other goals (especially around integrating non-K8s components into your mesh) then you might look at other options.

Balazs Varga avatar
Balazs Varga

We use kops to setup cluster and use traefik for control gateway. For app gateway and for mesh we use istio

bp avatar

@antonbabenko did a ‘weekly dose of terraform’ a few weeks back talking about a eks boilerplate that you could have a look at? https://www.youtube.com/watch?v=giVShrQHf8E

2021-06-06

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
The SaaS CTO Security Checklist Redux - Gold Fig — Peace of mind for infrastructure teams attachment image

Learn how to protect your SaaS applications with the SaaS CTO security checklist. Doing the basics goes a long way in keeping your company and product secure.

Nicolò Marchesi avatar
Nicolò Marchesi

This is golden! Bookmarked

The SaaS CTO Security Checklist Redux - Gold Fig — Peace of mind for infrastructure teams attachment image

Learn how to protect your SaaS applications with the SaaS CTO security checklist. Doing the basics goes a long way in keeping your company and product secure.

1

2021-06-03

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

@kelseyhightower Ranchers don’t have cattle as their pet project. Cattle is their business! So in this analogy (which I’ve always loved), you become the Rancher and you have to run it as a full on business. That means financials, (internal) sales, marketing wins, R&D, etc

2021-06-02

David avatar
David

Is it a bad idea to open up a graphql playground publically? All of our routes that need it have auth requirements, so it would mostly be just exposing the public schema

Chris Wahl avatar
Chris Wahl

It seems fairly common to encounter playgrounds / GraphiQL setups in the wild, such as with [GitLab>. Not sure if that’s bad or not. </i](https://gitlab.com/-/graphql-explorer)

bradym avatar
bradym

We’ve locked ours down by IP. I think it depends on whether you have a public api or not. If you do, it could be a useful tool for people using your api. We don’t have a public api, so locking it down made the most sense to us.

Harry avatar
Harry

Anyone can run graphql playground, graphiql, altair or a similar tool locally and just put in your actual API URL if you don’t host one for them.

    keyboard_arrow_up