|
xpander posted:Thanks, that's really helpful! Right now we're pre-launch, and serverless dev environments don't exactly rack up the spend so we won't have an account manager any time soon. Very interesting re: APN as we're bootstrapping via consulting, so this might be applicable. I was kind of under the impression that these were "try out/launch your startup" credits, I didn't realize this was meant for organizations who already had significant operations. Digitalocean will generally through you some credits. Smaller clouds wanna get in on poo poo before you get big so uh exaggerate
|
# ? Mar 23, 2023 02:35 |
|
|
# ? May 15, 2024 21:14 |
|
Any suggestions for a intro level project with EKS?
|
# ? Mar 29, 2023 21:33 |
LtDan posted:Any suggestions for a intro level project with EKS? Maybe try deploying a self-hosted app that has a few different services involved, something like https://github.com/immich-app/immich/blob/main/docker/docker-compose.yml
|
|
# ? Mar 29, 2023 21:37 |
|
AWS Workshops is various publicly released workshops AWS technical people have written over the years and there are like a dozen EKS ones that might align with your use case or the rest of your tech stack at least.
|
# ? Mar 30, 2023 23:01 |
|
LtDan posted:Any suggestions for a intro level project with EKS? I recommend kubernetes the hard way for AWS, then once you have a good understanding of the yaml structure you can start throwing things into EKS. I say this because of the versioning EKS uses. When the EOL a k8s version, you need to understand the changes to the kubeapi.
|
# ? Mar 30, 2023 23:54 |
|
Is there anything special to closing an account? I had an account open for training purposes. It fulfilled it's purpose so I log in as Root -> Account -> Close Account. I receive the message saying the request to close the account has been submitted. It's been hours and I can still login to it, access services etc... I didn't see any fineprint in the documentation stating how long it would take to close. Any ideas?
|
# ? Apr 7, 2023 23:59 |
|
IIRC your account hangs around for like 90 days just in case you change your mind. Bunch of fine print here https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/close-account.html
|
# ? Apr 8, 2023 00:15 |
|
Docjowles posted:IIRC your account hangs around for like 90 days just in case you change your mind. Thanks for the link. I mainly ask because I had two accounts I closed today. The first account had no services currently being used, and I received a "Your Account Is Closed" email about 5 minutes after clicking the Close Account button. The problematic account had some items in S3. I never received a confirmation email so I went back in after a few hours and deleted all the items and buckets, and clicked the Close Account button again. Still no confirmation email. Bleh. I'll probably end up emailing support. My main concern is the security/billing risk of having an unused account just floating about for the next 90 days.
|
# ? Apr 8, 2023 00:20 |
Anybody using AWS Controllers for Kubernetes ? We're currently a terraform & k8s shop. Sure terraform has its warts but at least we've got a few years of knowledge built up and the warts are all well known at this point. What's the compelling reason to consider adopting ACK? It seems like you would also need a k8s cluster to use ACK...so what provisions that? Terraform??
|
|
# ? Apr 13, 2023 19:31 |
|
fletcher posted:Anybody using AWS Controllers for Kubernetes ? Disclaimer: I have not personally used ACK But reading the page, I think you're mistaken as to the purpose of ACK. It is not for building and managing k8s clusters. It's a way to let you manage AWS resources (RDS databases, Lambda function, S3 buckets, etc) using k8s YAML files. It defines a bunch of custom resource types. You write configs using those types and upload them into your cluster. Then the controller will go out and manage those things on your behalf the same way it works for pods and services and ingresses. I do not know who in god's name is asking for this. But if you simply must manage your entire infrastructure via k8s YAML files and nothing else then ACK's got you covered? quote:Kubernetes applications often require a number of supporting resources like databases, message queues, and object stores. AWS provides a set of managed services that you can use to provide these resources for your apps, but provisioning and integrating them with Kubernetes was complex and time consuming. ACK lets you define and consume AWS services and resources directly from a Kubernetes cluster. It gives you a unified way to manage your application and its dependencies.
|
# ? Apr 13, 2023 20:32 |
|
fletcher posted:Anybody using AWS Controllers for Kubernetes ? Don’t use ACK it’s a hacky AWS side project they barely support. Crossplane.io is much further along as far as features and has actual users, if you have to control stuff via Kubernetes control plane. That said, they only make sense if you have Kubernetes resources that need to drive AWS resources, which feels like a niche use case.
|
# ? Apr 13, 2023 20:43 |
Thanks for the replies!Docjowles posted:Disclaimer: I have not personally used ACK Yup that is my understanding, that it's for managing all those other AWS resources, not for managing the k8s clusters. Just seems like you would have to use something else at that point since it can't bootstrap a cluster itself. freeasinbeer posted:Don’t use ACK it’s a hacky AWS side project they barely support. Crossplane.io is much further along as far as features and has actual users, if you have to control stuff via Kubernetes control plane. This is good to know that it's a hacky side project, and more mature alternatives exist. Our particular use case is giving users of our product the ability to provision resources in AWS, but abstract away everything. The users would just have a button in the UI that does the provisioning - so my first thought was just have Java code shell out to terraform, since we've got plenty of institutional knowledge about those two things already. It's not perfect but it seems easy and minimizes the unknown unknowns that any alternative solution might have.
|
|
# ? Apr 13, 2023 21:13 |
|
Your usecase screams “terraform cdk/pulumi”. Both have rich support for most popular languages including Java, JavaScript/typescript, and your standard Python golang etc. It’s designed to do what you’re trying to do.
|
# ? Apr 14, 2023 00:47 |
|
I would fully migrate to pulumi before trying to shove terraform cdk into things
|
# ? Apr 14, 2023 01:06 |
|
Our cloud architect guy got all hyped up when he found out that cdktf had its GA release. He showed it to me and I didn’t understand why you would use it. Like just use CDK or use Terraform?
|
# ? Apr 14, 2023 04:42 |
|
I'm only a couple weeks into using EKS but happen to have a use case where I need a short-lived EC2 instance stood up alongside a container stack, they're co-dependent. Crossplane/ACK might solve that pretty cleanly, thanks for pointing them out.
|
# ? Apr 14, 2023 06:55 |
The Fool posted:I would fully migrate to pulumi before trying to shove terraform cdk into things It looks nice and certainly seems like the more elegant solution. I'm still leaning towards just having Java code shell out to terraform though. I think part of the reason is that this project is more of a POC and we don't expect this use case to be repeated any time soon, so it's probably not worth the trouble of bringing in some new tech into our ecosystem. Certainly if the use case expands, then it's probably time to ditch the Java/terraform hacky solution for something more purpose built.
|
|
# ? Apr 14, 2023 17:39 |
|
dads friend steve posted:Our cloud architect guy got all hyped up when he found out that cdktf had its GA release. He showed it to me and I didn’t understand why you would use it. Like just use CDK or use Terraform? You'd use cdktf to avoid the CloudFormation service and avoid writing HCL. Woodsy Owl fucked around with this message at 07:48 on Apr 15, 2023 |
# ? Apr 15, 2023 07:24 |
|
Anyone using zesty to manage reserved instances or is there a better alternative?
|
# ? Apr 19, 2023 12:21 |
|
dads friend steve posted:Our cloud architect guy got all hyped up when he found out that cdktf had its GA release. He showed it to me and I didn’t understand why you would use it. Like just use CDK or use Terraform? cdktf looks like yet another loving framework to try and fulfill the "multi-cloud" bullshit that Gartner predicted several years ago, all while ignoring the fact that no one actually went multi-cloud because of the obvious interoperability issues and misc externalities, which cdktf wants to resolve apparently. Edit: no wait, what I just described is Terraform itself. cdktf is just that but tightly-coupled. Feels like the worst of all worlds. Woodsy Owl posted:You'd use cdktf to avoid the CloudFormation service and avoid writing HCL. If you want to do that you can just write CDK. Pile Of Garbage fucked around with this message at 21:05 on Apr 19, 2023 |
# ? Apr 19, 2023 21:01 |
|
CDK still ends up emitting cloudformation. So if you really hate CFN and insist on using Terraform to do all of your provisioning, that's where CDKTF comes in. There could be good-ish reasons for that. Like an ops group was previously managing all infrastructure via Terraform and had invested a lot in training and tooling and processes. Now management wants application devs to start writing their own infrastructure code, but they only know JavaScript and can't be assed to learn HCL. CDKTF bridges the gap and nobody has to also learn CFN. This seems pretty niche, and if you google cdktf basically all the content is from HashiCorp themselves (), but I can at least understand the use case. It is also kinda cool that it lets you write CDK style code targeting Azure and GCP. I agree with you that nobody is using Terraform to effortlessly swing workloads around between clouds on a whim. That was always moronic marketing hype. But at a big enough company you will absolutely end up running something on at least 2 if not more cloud providers because some group absolutely HAS to use Google BigQuery or Azure OpenAI or whatever for $reasons. Even if AWS is your primary provider. And when that happens it's nice not to have to learn some totally new thing to manage it. fluppet posted:Anyone using zesty to manage reserved instances or is there a better alternative? no but my kids have some nice stuffed animals with their logo on them from reinvent lol Right now our management of RI's is very manual and bad so I would love to get a vendor involved but my boss feels like it will erode too much of the savings Docjowles fucked around with this message at 23:12 on Apr 19, 2023 |
# ? Apr 19, 2023 23:10 |
|
Docjowles posted:I agree with you that nobody is using Terraform to effortlessly swing workloads around between clouds on a whim. That was always moronic marketing hype. But at a big enough company you will absolutely end up running something on at least 2 if not more cloud providers because some group absolutely HAS to use Google BigQuery or Azure OpenAI or whatever for $reasons. Even if AWS is your primary provider. And when that happens it's nice not to have to learn some totally new thing to manage it. Have to admit I just did that recently for a new cloud-native environment. Put everything in Azure except for the public DNS zones which I put in AWS R53 because it was just easier.
|
# ? Apr 20, 2023 18:57 |
|
azure dns is ridiculously easy though
|
# ? Apr 27, 2023 04:15 |
|
Pile Of Garbage posted:Have to admit I just did that recently for a new cloud-native environment. Put everything in Azure except for the public DNS zones which I put in AWS R53 because it was just easier. I love poo poo like this because I know this is keeping some PM up at night going 'our data shows someone is using all Azure *except for DNS*' and he can't figure out why.
|
# ? Apr 27, 2023 04:24 |
|
Pile Of Garbage posted:Have to admit I just did that recently for a new cloud-native environment. Put everything in Azure except for the public DNS zones which I put in AWS R53 because it was just easier. This is one the most cursed takes I’ve seen in this thread
|
# ? Apr 27, 2023 04:34 |
|
Multicloud is a joke and I'm sorry your upper management got pilled by someone selling something.
|
# ? Apr 27, 2023 04:45 |
|
The most common flow in one of our applications uses AWS, azure, GCP, and on-prem stuff. All critical. Fun fun.
|
# ? Apr 27, 2023 04:53 |
|
jiffypop45 posted:Multicloud is a joke and I'm sorry your upper management got pilled by someone selling something. If you sell software licenses of basically anything to Google, they love to negotiate that as part of the deal they will pay you in GCP credits. I'm pretty sure Oracle does this as well. I can't imagine microsoft not also being on that train. It's a great idea from their standpoint.
|
# ? Apr 27, 2023 05:11 |
|
route53 is really good, i totally understand using it everywhere. maybe not for external records i guess. theyre not very price competitive
|
# ? Apr 27, 2023 06:58 |
|
I wish the Azure DNS Private Resolver was cheaper
|
# ? Apr 27, 2023 07:58 |
|
Thanks Ants posted:I wish the Azure DNS Private Resolver was cheaper We use it but I hadn't looked at the cost before, holy poo poo.
|
# ? Apr 27, 2023 20:39 |
|
It's unjustifiably expensive for what it is. It's a nice looking product though, hopefully someone else can have a go at competing (looking at you, Cloudflare). It would be nice if it didn't need a VPN link to work - I have sites where it would be very helpful to be able to chuck a couple of DNS servers into their gateway, tell the service what public IP my requests were coming from, and be able to return private DNS records along with acting as a resolver for the network with some basic malware domain filtering.
|
# ? Apr 27, 2023 21:24 |
|
It looks like they basically copy/pasted the service and pricing from AWS, lol. It's almost identical. All the cloud vendors shamelessly rip each other off constantly so this is not surprising. The cost is an oof although at the scale our bill is these days it's not even a rounding error so whatever. I prefer it to what we had to do in the Before Times where a fragile script would periodically dump every zone/record in our local BIND servers and mirror them to Route53.
|
# ? Apr 27, 2023 21:38 |
|
Pile Of Garbage posted:Have to admit I just did that recently for a new cloud-native environment. Put everything in Azure except for the public DNS zones which I put in AWS R53 because it was just easier. To explain my shameful situation, we had a handful of domains to buy and setup zones for them and R53 really is the easiest thing for that. Literally just click click done. Five domains registered of which only one we're using (The rest were just claimed for brand-protection). We'll probably port them to Azure to reduce our surface area some day idk.
|
# ? Apr 28, 2023 20:39 |
|
Azure needs to become a registrar
|
# ? Apr 28, 2023 20:44 |
|
They don't even need to become a registrar themselves. They can just partner with one or more registrars and tightly-couple their systems with the real registrar. That's what Amazon does for many ccTLDs. e.g. for .au they're partnered with Gandi. Of course if your buy your domain entirely within the R53 console you'd be none the wiser: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/au.html
|
# ? Apr 28, 2023 20:49 |
|
Pile Of Garbage posted:To explain my shameful situation, we had a handful of domains to buy and setup zones for them and R53 really is the easiest thing for that. Literally just click click done. Five domains registered of which only one we're using (The rest were just claimed for brand-protection). We'll probably port them to Azure to reduce our surface area some day idk. The number of domains my company owns for brand protection is loving staggering. Like whatever number you're imagining you probably need to add zeroes. This comes of being pretty old as internet companies go, being a global brand, and having done a lot of acquisitions, I guess. Not a concern that ever occurred to me before coming here heh. We could probably jettison a ton of them with zero harm but we're comically risk averse so instead we just pay zillions of dollars to park weird typo domains in every possible TLD Docjowles fucked around with this message at 20:54 on Apr 28, 2023 |
# ? Apr 28, 2023 20:51 |
|
Pile Of Garbage posted:They don't even need to become a registrar themselves. They can just partner with one or more registrars and tightly-couple their systems with the real registrar. That's what Amazon does for many ccTLDs. e.g. for .au they're partnered with Gandi. Of course if your buy your domain entirely within the R53 console you'd be none the wiser: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/au.html Yeah it could all go through an API to Gandi if they wanted, I just want people to be able to buy domains and have the IAM features of Azure.
|
# ? Apr 28, 2023 20:52 |
|
Docjowles posted:The number of domains my company owns for brand protection is loving staggering. Like whatever number you're imagining you probably need to add zeroes. This comes of being pretty old as internet companies go, being a global brand, and having done a lot of acquisitions, I guess. Not a concern that ever occurred to me before coming here heh. I can imagine. Brand protection and typo-squatting prevention, with new ccTLDs and gTLDs, can easily spiral into tens of thousands of domains. That's why many registrars offer it as a service. Thanks Ants posted:Yeah it could all go through an API to Gandi if they wanted, I just want people to be able to buy domains and have the IAM features of Azure. Fuckin SAME.
|
# ? Apr 28, 2023 20:56 |
|
|
# ? May 15, 2024 21:14 |
|
I'm glad that people haven't discovered the ability to buy domains straight from the console yet. I've had so many random marketing domains bought through godaddy on someone's personal card, when we have a perfectly good flow for buying them The Correct Way that just involves Jira.
|
# ? Apr 28, 2023 23:11 |