Public “Office Hours” (2021-09-22)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2021-09-22.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:06] Update on AWS Proton Integration with Hashicorp Terraform
https://github.com/aws/aws-proton-public-roadmap/issues/1
[00:02:28​] Build on AWS for Startups
https://aws.amazon.com/about-aws/whats-new/2021/09/announcing-build-aws-startups/
[00:03:35​] Amazon ECR adds the ability to replicate individual repositories to other regions and accounts
https://aws.amazon.com/about-aws/whats-new/2021/09/amazon-ecr-replicate-individual-repositories-regions-accounts/
[00:04:55​] Kubernetes 1.22 Adds Support for Swap Space
https://kubernetes.io/blog/2021/08/04/kubernetes-1-22-release-announcement/#node-system-swap-support
[00:06:14​] DevTron CD UI for Kubernetes
https://github.com/devtron-labs/devtron
[00:10:04​] Is there an open-source standard for Jaeger-like remote sampling?
[00:13:05​] Anton’s topics: Testing Terraform
[00:32:15​] Difference between properly testing Terraform changes vs a pipeline that has adequate integration testing?
[00:40:25​] Has anyone used/looked at Dex? https://dexidp.io/ Just saw this and was curious about how it works.
[00:41:11​] Are Terraform provisioners useful as post-apply hookpoints?
[00:47:27​] Show and tell ideas
[00:59:40​] Outro

Public “Office Hours” (2021-09-15)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2021-09-15.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:17​] Terraform AWS EC2 Client VPN Module released
https://github.com/cloudposse/terraform-aws-ec2-client-vpn
[00:01:54​] OMIGOD! Azure RCE: “Secret” Agent Exposes To Unauthorized Code Execution
https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
[00:04:04​] New OWASP Top 10 for 2021 (Open Web Application Security Project)
https://owasp.org/Top10/
[00:04:50​] GitHub CLI now supports extensions!
https://github.blog/2021-08-24-github-cli-2-0-includes-extensions/
[00:07:20​] Custom widgets for CloudWatch dashboards
https://aws.amazon.com/about-aws/whats-new/2021/08/custom-widgets-amazon-cloudwatch-dashboards/
[00:07:46] ElastiCache for Redis now supports auto scaling
https://aws.amazon.com/about-aws/whats-new/2021/08/amazon-elasticache-redis/
[00:08:09​] AWS CloudFormation Can Retry Stack Operations from the Point of Failure
https://aws.amazon.com/blogs/aws/new-for-aws-cloudformation-quickly-retry-stack-operations-from-the-point-of-failure/
[00:08:51​] Amazon Elasticsearch Service Is Now Amazon OpenSearch Service
https://aws.amazon.com/blogs/aws/amazon-elasticsearch-service-is-now-amazon-opensearch-service-and-supports-opensearch-10/
[00:24:55​] Anyone using Stack Exchange for teams?
[00:28:35​] Terraform Cloud Alternatives?
[00:36:15​] How to implement maintenance pages and activate them?
[00:43:10​] Does anyone use a span trace viewer as a primary view into a local development environment? (e.g. honeycomb UI, Perfetto)
[00:49:15​] Any best practices for organizing your TF configs for different environments, but keeping common variable settings in just one place?
[00:52:55​] Nomad for application CD
[00:55:27​] Outro

Public “Office Hours” (2021-09-08)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2021-09-08.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:00​] HashiCorp runs low on staff, calls a halt to Terraform pull requests
https://news.google.com/articles/CAIiEKcQeCwTrl69J6SmjS5gb1AqMwgEKioIACIQyKvy0DxcsbRLQKQhOygtHCoUCAoiEMir8tA8XLG0S0CkITsoLRww7bLrBg?hl=en-US&gl=US&ceid=US%3Aen
https://github.com/hashicorp/terraform/commit/6562466c32a8750d7a71a6cc6232e6b5a28fe13a
[00:03:08​] Amazon VPC CNI plugin increases pods per node limits (16x)
https://aws.amazon.com/jp/blogs/containers/amazon-vpc-cni-increases-pods-per-node-limits/
[00:07:35​] EKS Anywhere is GA
[00:08:35​] Spacelift Webhook Receiver @alexjurkiewicz
https://github.com/alexjurkiewicz/spacelift-webhook-receiver
[00:09:58​] Upcoming Cloud Posse Terraform AWS EC2 Client VPN module
https://github.com/cloudposse/terraform-aws-ec2-client-vpn/pull/2
[00:11:56​] New to k8s and helm. Should we use Helm for our apps?
[00:29:10​] How do you all run databases these days on k8s?
[00:45:45​] Anyone here using tfexec / tfinstall?
[00:50:50] Open source project: GitHub Actions for manipulating AWS App Mesh
https://github.com/scribd/pr-preview-example
[00:58:55​] Outro

Public “Office Hours” (2021-09-01)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2021-09-01.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:21​] Huge Overhaul of our EKS Node Group (see MIGRATION doc) fixes ~12 issues
https://github.com/cloudposse/terraform-aws-eks-node-group/pull/84
[00:05:15] GitHub Actions Now Support Complex Composite Actions
https://github.blog/changelog/2021-08-25-github-actions-reduce-duplication-with-action-composition/
[00:20:37] Docker Desktop no longer free for large companies
https://www.theregister.com/2021/08/31/docker_desktop_no_longer_free/
[00:23:38] What's your strategy to size Kubernetes node_pool?
[00:29:56] Do you have any recommendation for tracking infra code git hash in resources updated by Terraform?
[00:47:17​] What are the main advantages of using Cloud Posse vs “normal” module AWS EKS?
[00:50:33​] Does anyone have an opinion of whether to have a single HA setup of ArgoCD having a 1:many relationship with dozens of clusters & different environments?
[00:54:50​] How to develop Portable AWS Modules (note the ARN format!)
[00:59:00​] Is terratest still the best way to test?
[01:02:20​] Outro

Public “Office Hours” (2021-08-25)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2021-08-25.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:05​] Null Label now supports tenants, labels_as_tags, and descriptors (very powerful!)
https://github.com/cloudposse/terraform-null-label/pull/132/files
[00:17:50​] New documentation on using Leapp instead of aws-vault
https://docs.cloudposse.com/howto/geodesic/authenticate-with-leapp/
[00:27:30​] Reference architecture cold-start docs are coming!!! (maybe next week?)
[00:29:11​] Geodesic M1 support disclaimer. Tools ecosystem not ready.
https://github.com/cloudposse/geodesic
[00:33:25​] Are the Cloud Posse modules tested using Terraform Cloud in addition to other, standard setups?
[00:35:27​] Are you guys still using your own Atlantis fork at Cloud Posse?
[00:39:33​] If anyone has used both CDK for Terraform and Pulumi I'd be interested in any impressions. I have a team of Go developers, so using HCL is actually harder for me to get adopted at this time.
[00:46:39​] Could we mention that this issue requires everyone’s thumbs up, so that AWS prioritize SAM+Terraform – https://github.com/aws/aws-sam-cli/issues/3154
[00:51:54] EKS module is the most complicated terraform-aws-modules module
[01:00:23​] Outro