2 min read
Here's the recording from our DevOps “Office Hours” session on 2022-04-27.
We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.
These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.
Register here: cloudposse.com/office-hours
Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.
[00:00:00] Intro
[00:01:29] Git.io shutting down 2022-04-29 (GitHub provides 4 days notice!!!)
https://github.blog/changelog/2022-04-25-git-io-deprecation/
[00:02:53] Cloud Posse build-harness: update links to cloudposse.tools/build-harness
https://github.com/cloudposse/build-harness/issues/314
[00:04:34] Google donates the Istio service mesh to the CNCF
https://techcrunch.com/2022/04/25/google-donates-the-istio-service-mesh-to-the-cloud-native-computing-foundation/
[00:05:05] AWS's Log4j patches blew holes in its own security
https://www.theregister.com/AMP/2022/04/20/aws_log4j_patches/
[00:05:42] Fairwinds Helmfile Alternative: declaratively manage multiple Helm chart releases
https://github.com/FairwindsOps/reckoner
[00:06:48] [2018] Kubernetes Edge Computing at Chick-fil-A
https://medium.com/@cfatechblog/edge-computing-at-chick-fil-a-7d67242675e2
[00:08:17] Finally, a terraform-registry-proxy for “airgapped” environments
https://github.com/jasonwbarnett/terraform-registry-proxy
[00:22:00] Aurora Serverless v1 is GA
[00:23:26] Use IAM to control access to a resource based on the account, OU or organization that contains the resource
https://aws.amazon.com/about-aws/whats-new/2022/04/iam-access-resource-organization/
[00:24:36] Karpenter workload consolidation/defragmentation
https://github.com/aws/karpenter/issues/1091
[00:29:37] How have folks automated AWS IAM Access Key + Secret Key rotation policies
[00:34:23] Opinions and thoughts on K8s ingress controllers for high volume deployments.
[00:42:25] What advice do you have for how to communicate expectations when people decide to use something brand new that is still super beta/rough, are having problems, and are annoyed that things aren't working?
[00:52:30] Are you doomed without a tool like Spacelift?
[01:00:23] Outro
Author Details
CEO
Erik Osterman is a technical evangelist and insanely passionate DevOps guru with over a decade of hands-on experience architecting systems for AWS. After leading major cloud initiatives at CBS Interactive as the Director of Cloud Architecture, he founded Cloud Posse, a DevOps Accelerator that helps high-growth Startups and Fortune 500 Companies own their infrastructure in record time by building it together with customers and showing them the ropes.