|
helm charts have the same smells/problems as puppet modules from the forge, chef cookbooks from the supermarket, and ansible collections from the galaxy. each is a killer abstraction to use within an organization, but very few orgs can actually use that published $whatever without having to alter it to their needs. instead of maintaining simple internal whatever that describes just the organization's needs, they end up maintaining a fork of a complex whatever that tries to do everything for everyone.
|
# ¿ Aug 30, 2022 17:48 |
|
|
# ¿ Apr 27, 2024 11:12 |
|
Progressive JPEG posted:tfstate management is of course an exercise left to the reader as usual but everything else (templating, secrets management, one-off passwords for things, not leaving random old poo poo lying around as the deployment evolves, structure in general) is waaay nicer i've seen this used as an argument against tf in other places, but honestly tfstate management seems trivial if you have any cloud provider or hosted database service. i've been trying out a pattern of storing it in git with git-crypt, and for one-admin personal infrastructure it's pretty slick.
|
# ¿ Sep 8, 2022 19:20 |
|
is argocd still the only gitops tooling with commit signature verification? how is this not a standard feature by now? does everyone doing gitops just blindly trust that github will never get owned?
|
# ¿ Sep 11, 2022 22:06 |
|
Nomnom Cookie posted:the way to do this is use docker or venvs... nine times out of ten that I see python in docker, they're still using a venv inside the docker container
|
# ¿ Sep 12, 2022 05:19 |
|
Jonny 290 posted:dont nest virtualization or containers unless you have a specific reason to, basically venv really isn't virtualization or containerization in any meaningful way. it's just a wapper for configuring the PYTHONHOME environment variable to look for your dependencies in an application specific path instead of system paths. unless you want to use only system python package or you're comfortable with pip replacing your system python packages, you want something like venv managing where your application dependencies live. edit: too early, typed PYTHONPATH instead of PYTHONHOME edit again after actually looking at the script: all it does these days is set your PATH env var -- I'd have sworn in the past there was a python specific env var that was also set. either way, nothing to do with virtualization or containerization outhole surfer fucked around with this message at 17:13 on Sep 12, 2022 |
# ¿ Sep 12, 2022 16:19 |
|
we wrap pretty much all our terraform resources up in modules, then have a directory for each "environment" where those shared modules are called
|
# ¿ Nov 15, 2022 20:10 |
|
i destroyed an eks cluster today. replaced it with old school ec2 instances in an an asg behind an alb with fully prebaked ami for deployment. felt loving nice doing that where i could, even if i cant do it everywhere.
|
# ¿ Dec 2, 2022 02:50 |
|
|
# ¿ Apr 27, 2024 11:12 |
|
Corla Plankun posted:how does eks + kubectl work? the eks control plane isn't inside your vpc, only the nodes are. the control plane has an external api endpoint of something.region.eks.amazonaws.com. take a look at your .kubectl/config
|
# ¿ Dec 14, 2022 16:27 |