6 messages
General Discussions
E
erik10 months ago
Just a friendly reminder that per our code of conduct, unsolicited DMs aren’t allowed. If you’re ever unsure about what’s okay or how to engage, feel free to message me — happy to help clarify or guide you. 😊
Slackbot9 months ago
This message was deleted.
akhan4u9 months ago
Hey Folks, wanting to know if someone is using airflow ironbank images? Ref
I want to deploy a near-zero vulnerability airflow image on AWS EKS. Let me know if this is the right channel/forum to ask. Thanks!
I want to deploy a near-zero vulnerability airflow image on AWS EKS. Let me know if this is the right channel/forum to ask. Thanks!
Erik Osterman (Cloud Posse)9 months ago
Akshay9 months ago
Hi everyone,
We're a small product-based company running a full DevOps pipeline and would love to get feedback or suggestions on how we can improve our practices. We're particularly curious how other product-focused teams manage their DevOps stack, especially in on-prem Kubernetes environments where cost optimization is limited.
Here’s our current stack:
1. Kubernetes (on-prem): Used for both production and staging clusters – no cloud cost to optimize here.
2. GitHub Advanced Security (GHAS): For code scanning and secret detection.
3. Trivy: Used for container image scanning.
4. Azure Key Vault & Azure Artifact: Secret management and dependency storage.
5. DigitalOcean Container Registry: Used for Docker image storage.
6. GitHub Actions: CI pipeline (triggers on code push → runs tests, scans, and builds Docker artifacts).
7. Argo CD: GitOps-based continuous deployment for both staging and production.
8. Kustomize: For managing Kubernetes manifests with reusable overlays.
9. Velero: Handles backup and restore of workloads/data.
10. Telepresence & Dev Containers: For streamlined local development.
11. Prometheus: Metrics collection (with custom labels and annotations).
12. Loki + Promtail: Log aggregation (also enriched with labels and annotations).
13. OpenTelemetry + Tempo: For distributed tracing.
14. Pyroscope: For continuous profiling (integrated with labels and annotations).
15. Grafana: Unified dashboard and alerting (across metrics, logs, traces, and profiling).
We’re trying to keep everything observable and auditable, and we’re quite happy with the GitOps + observability stack. That said, we’re always open to hearing what other teams are doing better or differently.
Some questions we’d love input on:
• Are there best practices or tooling we’re missing that could help us improve developer experience, security, or observability?
• Any thoughts on consolidating tools or improving efficiency without compromising transparency?
• Are there areas where others have successfully introduced automation, QA gates, or feedback loops in a similar setup?
We're a small product-based company running a full DevOps pipeline and would love to get feedback or suggestions on how we can improve our practices. We're particularly curious how other product-focused teams manage their DevOps stack, especially in on-prem Kubernetes environments where cost optimization is limited.
Here’s our current stack:
1. Kubernetes (on-prem): Used for both production and staging clusters – no cloud cost to optimize here.
2. GitHub Advanced Security (GHAS): For code scanning and secret detection.
3. Trivy: Used for container image scanning.
4. Azure Key Vault & Azure Artifact: Secret management and dependency storage.
5. DigitalOcean Container Registry: Used for Docker image storage.
6. GitHub Actions: CI pipeline (triggers on code push → runs tests, scans, and builds Docker artifacts).
7. Argo CD: GitOps-based continuous deployment for both staging and production.
8. Kustomize: For managing Kubernetes manifests with reusable overlays.
9. Velero: Handles backup and restore of workloads/data.
10. Telepresence & Dev Containers: For streamlined local development.
11. Prometheus: Metrics collection (with custom labels and annotations).
12. Loki + Promtail: Log aggregation (also enriched with labels and annotations).
13. OpenTelemetry + Tempo: For distributed tracing.
14. Pyroscope: For continuous profiling (integrated with labels and annotations).
15. Grafana: Unified dashboard and alerting (across metrics, logs, traces, and profiling).
We’re trying to keep everything observable and auditable, and we’re quite happy with the GitOps + observability stack. That said, we’re always open to hearing what other teams are doing better or differently.
Some questions we’d love input on:
• Are there best practices or tooling we’re missing that could help us improve developer experience, security, or observability?
• Any thoughts on consolidating tools or improving efficiency without compromising transparency?
• Are there areas where others have successfully introduced automation, QA gates, or feedback loops in a similar setup?
Slackbot9 months ago
This message was deleted.