December 2021 – Cloud Posse

Public “Office Hours” (2021-12-29)

Erik OstermanDecember 29, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-12-29.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00] Intro
[00:01:18] Happy New Years!
[00:01:57] What is the current best practice for a cold start?
[00:10:44] How to organize Terraform modules in a large enterprise?
[00:21:22] Do we have a demo?
[00:25:14] Should I write my own providers?
[00:34:44] Call for proposals for HashiTalks 2022 is open
[00:40:52] Outro

Public “Office Hours” (2021-12-22)

Erik OstermanDecember 22, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-12-22.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

[00:00:00] Intro
[00:01:25] Lambda@Edge support for S3 CDN Module (inline Lambdas!)
https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/pull/204
[00:04:45] MWAA Airflow Module Coming Soon
https://github.com/cloudposse/terraform-aws-mwaa/pull/3
[00:06:03] Atmos Help (and README coming soon)
https://github.com/cloudposse/atmos/pull/94
[00:07:23] Atlantis adds GH allowlist support (after 3 years!)
https://github.com/cloudposse/atlantis/releases/tag/0.8.0
[00:11:45] YAAO!!! (Yet Another AWS Outage)
https://status.aws.amazon.com/
https://www.datacenterdynamics.com/en/news/aws-has-another-east-coast-cloud-outage/
[00:12:21] PSA If you are using Terraform CLI v1.1.0 or v1.1.1, please upgrade to this new version as soon as possible
https://github.com/hashicorp/terraform/releases/tag/v1.1.2
[00:14:21] We’re looking for a service to check DNS registration expiration and SSL certs, across registrars and CAs, for only about a dozen domains. Any recommendations?
[00:20:19] Has anyone played with Control Tower Customizations?
[00:21:17] Start a discussion regarding various Ingress Controllers
[00:36:46] How are people running spark on kubernetes?
[00:37:25] I have 3 different resource-usage profiles among the K8s services and jobs that I run. I want to isolate the pods with erratic resource usage from the front-end pods, and also run jobs on spot instances. Should I use node groups to do this? Should resource limits be enough to manage this?
[00:51:23] Is there any way you can restrict IO for each pod?
[00:55:03] Outro

Public “Office Hours” (2021-12-15)

Erik OstermanDecember 17, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-12-17.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

[00:00:00] Intro
[00:01:35] Terraform v1.1.0 released (with state migrations)
https://github.com/hashicorp/terraform/releases/tag/v1.1.0
[00:04:07] Terraform Provider for ArgoCD (anyone use it?)
https://github.com/oboukili/terraform-provider-argocd
[00:05:15] GitHub Stars Organized by Category
[00:05:42] Apple debuts new Open Source website here https://opensource.apple.com/
https://appleinsider.com/articles/21/12/08/apple-debuts-new-open-source-website-will-release-projects-on-github
[00:06:25] Summary of the AWS Service Event in the Northern Virginia (US-EAST-1) Region
https://aws.amazon.com/message/12721/
[00:07:22] AWS postmortem: Internal ops teams' own monitoring tools went down, had to comb through logs
https://news.google.com/articles/CAIiEABlFVLsTs1vNb3RZcT9Q3YqMwgEKioIACIQyKvy0DxcsbRLQKQhOygtHCoUCAoiEMir8tA8XLG0S0CkITsoLRww7bLrBg?uo=CAUiANIBAA&hl=en-US&gl=US&ceid=US%3Aen
[00:11:13] The Log4j bug exposes a bigger issue: Open-source funding
https://twitter.com/GovCERT_CH/status/1470097783407398928/photo/1
https://news.google.com/articles/CAIiEE6zlfaKB0ztQmVBFP97U44qFggEKg0IACoGCAow8KsBMMBFMOzkzwU?hl=en-US&gl=US&ceid=US%3Aen
[00:18:00] The USB kill cord for your laptop
https://www.buskill.in/
[00:18:53] GitHub Projects for Open Source Roadmaps (Example)
https://github.com/orgs/github/projects/4247/views/2?filterQuery=label%3Aactions
[00:20:32] Has anyone had any success in configuring Persistent Storage when running EKS on Fargate? @Michael Holt
[00:22:37] Are environment variables inferior to config files in Kubernetes? @sheldonh
[00:34:25] How turn key is EC2 Image Builder with Terraform? @erik
[00:40:22] Maintain all the boilerplate for packaging and building projects separate from the code
https://github.com/cruft/cruft
[00:48:06] Where does Concourse CI fit in with flux/argo cd and GHA, etc.? @DaniC
[00:58:18] Any thoughts/opinions on kitchen-terraform? @jonjitsu
[01:03:15] Outro

Public “Office Hours” (2021-12-08)

Erik OstermanDecember 8, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-12-08.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

[00:00:00] Intro
[00:01:31] AWS outage =) What’s your theory?
https://aws.amazon.com/premiumsupport/technology/pes/
[00:04:00] AWS WAF adds support for CloudWatch Log and logging directly to S3 bucket
https://aws.amazon.com/about-aws/whats-new/2021/12/awf-waf-cloudwatch-log-s3-bucket/
[00:04:30] AWS announces Construct Hub general availability
https://aws.amazon.com/about-aws/whats-new/2021/12/aws-construct-hub-availability/
[00:08:28] Amazon DevOps Guru for RDS Aurora to Detect, Diagnose, and Resolve Issues
https://aws.amazon.com/blogs/aws/new-amazon-devops-guru-for-rds-to-detect-diagnose-and-resolve-amazon-aurora-related-issues-using-ml/
[00:10:48] Summary of re:Invent Announcements and this one, and security announcements
https://acloudguru.com/blog/engineering/aws-reinvent-2021-the-biggest-announcements
https://aws.amazon.com/blogs/aws/top-announcements-of-aws-reinvent-2021/
https://venturebeat.com/2021/12/03/the-top-12-security-announcements-at-aws-reinvent-2021/
[00:17:50] Cloud Posse API Gateway Module and AWS Airflow WIP
https://github.com/cloudposse/terraform-aws-api-gateway
https://github.com/cloudposse/terraform-aws-mwaa
[00:00:00] Service Mesh options?
[00:36:24] AWS AppSync service — gotchas, pitfalls, etc.
[00:39:18] Pain using Terraform to apply helm charts instead of helmfile
[00:46:15] Outro

Public “Office Hours” (2021-12-01)

Erik OstermanDecember 1, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-12-01.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

[00:00:00] Intro
[00:04:00] AWS Proton Adds Terraform for infrastructure provisioning
https://aws.amazon.com/about-aws/whats-new/2021/11/aws-proton-terraform-infrastructure/
[00:05:55] AWS Proton introduces Git management of infrastructure as code templates
https://aws.amazon.com/about-aws/whats-new/2021/11/aws-proton-git-infrastructure-code-templates/
[00:10:43] Amazon Linux 2022
https://aws.amazon.com/linux/amazon-linux-2022/?amazon-linux-whats-new.sort-by=item.additionalFields.postDateTime&amazon-linux-whats-new.sort-order=desc
[00:12:11] Announcing Pull Through Cache Repositories for ECR and terraform provider support coming
https://aws.amazon.com/blogs/aws/announcing-pull-through-cache-repositories-for-amazon-elastic-container-registry/
https://github.com/hashicorp/terraform-provider-aws/issues/21951
[00:17:10] AWS EMR Serverless in preview
https://aws.amazon.com/about-aws/whats-new/2021/11/amazon-emr-serverless-preview/
[00:19:06] AWS Control Tower introduces Terraform account provisioning and customization (with weird modules)
https://aws.amazon.com/about-aws/whats-new/2021/11/aws-control-tower-terraform/
https://github.com/aws-ia/terraform-aws-control_tower_account_factory
[00:23:58] AWS Karpenter v0.5 Now Generally Available
https://aws.amazon.com/about-aws/whats-new/2021/11/aws-karpenter-v0-5/
[00:28:45] AWS WAF adds support for Captcha (e.g. like Cloudflare)
https://aws.amazon.com/about-aws/whats-new/2021/11/aws-waf-captcha-support/
[00:33:45] Has anyone migrated an existing organisation into control tower? How did it go? @Alex Jurkiewicz
[00:34:45] I wanna open a discussion regarding tagging/labeling conventions that are used company wide. And what tags do you guys use ? @Sherif Abdel-Naby
[00:48:06] I have some nested providers that I’m moving to the root module. My approach is to replace the nested providers in the state file, with the root-level providers, which seems to be working. Any advice, suggestions? @Eric Berg
[00:52:17] Outro