Public “Office Hours” (2021-03-31)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-31.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:22​ Atmos tutorial published!
https://docs.cloudposse.com/tutorials/atmos-getting-started/
– – –
00:02:51​ Terraform modules for Cloudflare Zones and WAF published
https://github.com/cloudposse/terraform-cloudflare-zone
https://github.com/cloudposse/terraform-cloudflare-waf-rulesets/
– – –
00:04:04 Terraform 0.15 RC1 Published!
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-rc1
– – –
00:07:26​ Sponsor Cloud Posse / SweetOps / Office Hours for $1 / mo on GitHub
https://github.com/sponsors/cloudposse
– – –
00:08:20​ Using GitHubActions vs {AWS CodeBuild, CodePipeline and CodeDeploy} and want to deploy to ECS?
– – –
00:31:20​ How to migrate existing terraform configurations to a modular configuration, for example based on the Cloud Posse modules?
– – –
00:41:05 Terraformer discussion
– – –
00:51:22 Dashboards, metrics, KPIs discussion
– – –
01:01:02 Outro
– – –

Public “Office Hours” (2021-03-24)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-24.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:17 Geodesic UX improvements (thanks Jeremy!)
https://github.com/cloudposse/geodesic
– – –
00:08:18 We’re Hiring US DevOps Contractors. Apply today!
https://cloudposse.com/jobs
– – –
00:08:54 Atmos tutorial almost ready! @Matt Gowie
https://github.com/cloudposse/tutorials/pull/1
https://github.com/cloudposse/docs/pull/530
– – –
00:10:21 Kube Conform for validating kube manifests
https://github.com/yannh/kubeconform
– – –
00:11:32 Terraform modules for Cloudflare Zones and WAF imminent
– – –
00:11:55 What are opinions/tips on how a team should manage a consistently high number of PRs that require manual review?
– – –
00:29:44 How to manage long-lived-stateful-connections in an autoscaling k8s environment
– – –
00:39:18 What are the key points you consider when deciding to deploy your workloads on ECS EC2 vs ECS Fargate?
– – –
00:44:56 What would make you to pick Fargate even though it's more expensive when running the tasks 24/7?
– – –
00:46:20 Built-in Pod Security Policies vs OPA? OPA is more work, but way more flexible. How to choose between them?
– – –
00:47:30 How do you manage the users and passwords inside Amazon SSO?
– – –
00:49:48 Kubernetes Pod Security Policy (PSP) deprecation announced
– – –
00:50:36 Uncertain support for helm charts
– – –
00:54:54 S3 Lambda objects announced
– – –
00:57:22 Outro
– – –

Public “Office Hours” (2021-03-17)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-17.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00 Intro
– – –
00:01:16 Teleport just released support for MySQL and Postgres wire protocols
https://goteleport.com/blog/introducing-database-access/
– – –
00:05:18 AWS Announces ECS Exec enables “SSH-like” access for your containers
https://aws.amazon.com/blogs/containers/new-using-amazon-ecs-exec-access-your-containers-fargate-ec2/
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html
– – –
00:12:05 Terraform 0.15-beta 2 released
https://github.com/hashicorp/terraform/releases/tag/v0.15.0-beta2
– – –
00:15:01 Checkout our jobs page
https://cloudposse.com/jobs
– – –
00:16:00 How do you manage iam user login profiles (console passwords) with a team
– – –
00:26:05 Do not use `.` as pre-fixes with your Terraform sub-modules
– – –
00:28:37 What’s the kick-off to create Cloud Posse preview environments?
– – –
00:34:18 Will everything move to the crossplane.io pattern eventually?
– – –
00:38:46 Does Spacelift work with Terragrunt?
– – –
00:41:04 How does Atlantis compare to Spacelift, Env0, Terraform Cloud?
– – –
00:44:31 How to handle database migrations using Terraform with ECS Fargate and AWS CodeDeploy?
– – –
00:52:28 Should you pick Teleport over StrongDM now that they support MySQL and Postgres?
– – –
00:54:23 How to implement a private API gateway with vanity URL only accessible from internal network?
– – –
00:58:00 Outro
– – –

Public “Office Hours” (2021-03-10)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-10.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00 Intro
– – –
00:01:15 Modules for AWS RDS Proxy and AWS Code Deploy released!
https://github.com/cloudposse/terraform-aws-rds-db-proxy
https://github.com/cloudposse/terraform-aws-code-deploy/
– – –
00:03:10 Revamped Terraform AWS EC2 Bastion module → SSM Session Manager
https://github.com/cloudposse/terraform-aws-ec2-bastion-server
– – –
00:04:37 Revamped Terraform AWS Cloudtrail Cloudwatch Alarms → YAML config pattern
https://github.com/cloudposse/terraform-aws-cloudtrail-cloudwatch-alarms
– – –
00:05:51 Getting Started with Geodesic Tutorial Documentation
https://docs.cloudposse.com/tutorials/geodesic-getting-started/
– – –
00:19:36 Terraform 0.15 beta 2 (NOPE) 0.14.8 released today
https://github.com/hashicorp/terraform/releases
https://github.com/hashicorp/terraform/releases/tag/v0.14.8
– – –
00:19:53 Checkout our jobs page
https://cloudposse.com/jobs
– – –
00:20:26 Sponsor Cloud Posse / SweetOps / Office Hours for $1 / mo on GitHub
https://github.com/sponsors/cloudposse
– – –
00:20:54 Regarding Geodesic: would you ever consider adding zsh+oh-my-zsh+powerlevel10k?
– – –
00:25:42 “Features are not considered done until our customers are getting value out of them?”
– – –
00:36:26 How do you guys get around redefining the state file for each directory?
– – –
00:41:47 What are the pros and cons of using k8 over aws ECS and what are the differences when managing k8 with or without helm charts.
– – –
00:57:52 Outro
– – –

Public “Office Hours” (2021-03-03)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-03-03.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00 Intro
– – –
00:01:21 Modules for AWS RDS Proxy and AWS Code Deploy forthcoming
– – –
00:01:58 AWS Nitro Architecture to Encrypt Inter-Node Traffic in Kubernetes
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit
https://www.uptycs.com/blog/harnessing-the-aws-nitro-architecture-to-encrypt-inter-node-traffic-in-kubernetes
– – –
00:06:02 New features in terraform-docs
https://terraform-docs.io/
– – –
00:07:48 Terraform 0.15 beta 2?? =)
https://github.com/hashicorp/terraform/releases
– – –
00:08:29 Sponsor Cloud Posse / SweetOps / Office Hours for $1 / mo on GitHub
https://github.com/sponsors/cloudposse
– – –
00:09:00 Check out last week's office hours on YouTube!
https://www.youtube.com/c/cloudposse
– – –
00:09:22 Disaster recovery active-active K8S clusters at pod-level?
– – –
00:23:06 Terraform testing using LocalStack or Moto, what is your thoughts/experience?
– – –
00:31:32 Experience rolling out GuardDuty using Cloud Posse tooling?
– – –
00:43:24 How do you manage the s3 state backend configuration for multiple components?
– – –
00:53:09 Is the new HashiCorp Kubernetes Provider ready for prime time?
– – –
00:57:53 Outro
– – –