Public “Office Hours” (2021-04-14)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-04-14.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:05 Terraform 0.15 just released!!
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-rc2
– – –
00:02:39 AWS Announces OpenSearch (rebranded Elasticsearch)
https://aws.amazon.com/blogs/opensource/introducing-opensearch/
– – –
00:03:10 AWS Announces the GA of the Red Hat OpenShift Service on AWS (ROSA)
https://www.infoq.com/news/2021/04/red-hat-openshift-aws/
– – –
00:04:08 1Password Announces Secrets Automation for Infrastructure (with TF support)
https://blog.1password.com/introducing-secrets-automation/
https://registry.terraform.io/providers/1Password/onepassword/latest
– – –
00:08:45 1Password Acquires SecretHub (coincidence?)
https://techcrunch.com/2021/04/13/1password-acquires-secrethub-and-launches-new-enterprise-secrets-management-tool/
– – –
00:12:00 Cloud Posse Redshift Cluster Module Coming Soon!
https://github.com/cloudposse/terraform-aws-redshift-cluster/pull/1
– – –
00:13:40 Does anyone have feedback/experience with the new JetBrains Projector project?
– – –
00:16:39 Does anyone have a solid process for terraform state migrations in larger teams?
– – –
00:32:18 How do people approach migrating existing AWS infrastructure into Terraform for large-scale projects with many resources?
– – –
00:40:45 Should I use Lambda at Edge to remove path pre-fixes when migrating from GCP load balancers to Cloudfront?
– – –
00:43:13 Can Terraform and Serverless be redundant when used together?
– – –
00:49:34 Is anyone using any type of IPAM software dynamically in terraform or have a way you define and slice from suberblocks/supernets
– – –
00:56:10 Outro
– – –

Public “Office Hours” (2021-04-07)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-04-07.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:25 Terraform 0.15 RC2 just released
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-rc2
– – –
00:02:05 Apache Mesos probably moving to “attic”
https://lists.apache.org/x/thread.html/rab2a820507f7c846e54a847398ab20f47698ec5bce0c8e182bfe51ba%40%3Cdev.mesos.apache.org%3E
– – –
00:02:45 AWS Elasticsearch Announces “Auto-Tune”
https://www.infoq.com/news/2021/04/amazon-elasticsearch-autotune/
– – –
00:06:05 AWS Announces Serial Console Access (for your pet servers)
https://www.theregister.com/2021/04/01/aws_vm_serial_console/
– – –
00:06:55 GitHub Actions at war with Crypto Miners
https://therecord.media/github-investigating-crypto-mining-campaign-abusing-its-server-infrastructure/
– – –
00:08:57 PHP Git Repo (self-hosted) Hacked / Backdoor Installed
https://www.theregister.com/2021/03/29/php_repository_infected/
– – –
00:11:00 Sponsor Cloud Posse / SweetOps / Office Hours for $1 / mo on GitHub
https://github.com/sponsors/cloudposse
– – –
00:15:09 How to manage auto rotation of IAM User Access Keys within terraform
– – –
00:25:05 Istio upgrade vulnerability
– – –
00:26:16 Cloud Posse tutorials available
– – –
00:27:55 AWS CLI SDK copy AMI between regions
– – –
00:31:45 ChatOps engineering
– – –
00:36:10 Application custom metrics best practices
– – –
00:42:11 DevOps KPI metrics
– – –
00:58:28 Outro
– – –

Public “Office Hours” (2021-03-31)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-31.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:22​ Atmos tutorial published!
https://docs.cloudposse.com/tutorials/atmos-getting-started/
– – –
00:02:51​ Terraform modules for Cloudflare Zones and WAF published
https://github.com/cloudposse/terraform-cloudflare-zone
https://github.com/cloudposse/terraform-cloudflare-waf-rulesets/
– – –
00:04:04 Terraform 0.15 RC1 Published!
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-rc1
– – –
00:07:26​ Sponsor Cloud Posse / SweetOps / Office Hours for $1 / mo on GitHub
https://github.com/sponsors/cloudposse
– – –
00:08:20​ Using GitHubActions vs {AWS CodeBuild, CodePipeline and CodeDeploy} and want to deploy to ECS?
– – –
00:31:20​ How to migrate existing terraform configurations to a modular configuration, for example based on the Cloud Posse modules?
– – –
00:41:05 Terraformer discussion
– – –
00:51:22 Dashboards, metrics, KPIs discussion
– – –
01:01:02 Outro
– – –

Public “Office Hours” (2021-03-24)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-24.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:17 Geodesic UX improvements (thanks Jeremy!)
https://github.com/cloudposse/geodesic
– – –
00:08:18 We’re Hiring US DevOps Contractors. Apply today!
https://cloudposse.com/jobs
– – –
00:08:54 Atmos tutorial almost ready! @Matt Gowie
https://github.com/cloudposse/tutorials/pull/1
https://github.com/cloudposse/docs/pull/530
– – –
00:10:21 Kube Conform for validating kube manifests
https://github.com/yannh/kubeconform
– – –
00:11:32 Terraform modules for Cloudflare Zones and WAF imminent
– – –
00:11:55 What are opinions/tips on how a team should manage a consistently high number of PRs that require manual review?
– – –
00:29:44 How to manage long-lived-stateful-connections in an autoscaling k8s environment
– – –
00:39:18 What are the key points you consider when deciding to deploy your workloads on ECS EC2 vs ECS Fargate?
– – –
00:44:56 What would make you to pick Fargate even though it's more expensive when running the tasks 24/7?
– – –
00:46:20 Built-in Pod Security Policies vs OPA? OPA is more work, but way more flexible. How to choose between them?
– – –
00:47:30 How do you manage the users and passwords inside Amazon SSO?
– – –
00:49:48 Kubernetes Pod Security Policy (PSP) deprecation announced
– – –
00:50:36 Uncertain support for helm charts
– – –
00:54:54 S3 Lambda objects announced
– – –
00:57:22 Outro
– – –

Public “Office Hours” (2021-03-17)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-17.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00 Intro
– – –
00:01:16 Teleport just released support for MySQL and Postgres wire protocols
https://goteleport.com/blog/introducing-database-access/
– – –
00:05:18 AWS Announces ECS Exec enables “SSH-like” access for your containers
https://aws.amazon.com/blogs/containers/new-using-amazon-ecs-exec-access-your-containers-fargate-ec2/
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html
– – –
00:12:05 Terraform 0.15-beta 2 released
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-beta2
– – –
00:15:01 Checkout our jobs page
https://cloudposse.com/jobs
– – –
00:16:00 How do you manage iam user login profiles (console passwords) with a team
– – –
00:26:05 Do not use `.` as pre-fixes with your Terraform sub-modules
– – –
00:28:37 What’s the kick-off to create Cloud Posse preview environments?
– – –
00:34:18 Will everything move to the crossplane.io pattern eventually?
– – –
00:38:46 Does Spacelift work with Terragrunt?
– – –
00:41:04 How does Atlantis compare to Spacelift, Env0, Terraform Cloud?
– – –
00:44:31 How to handle database migrations using Terraform with ECS Fargate and AWS CodeDeploy?
– – –
00:52:28 Should you pick Teleport over StrongDM now that they support MySQL and Postgres?
– – –
00:54:23 How to implement a private API gateway with vanity URL only accessible from internal network?
– – –
00:58:00 Outro
– – –