|
I'm in the middle of a bit of a minefield. My company had some consultants build up this customer facing system on AWS, and then everyone involved in the project left. Now I, with my background in embedded C and FPGAs, am maintaining it. It's pretty neat and fun to learn about, but now the Amplify build system is having dependency issues, possibly centered around eslint. I tried reproducing the issue locally, but I'm getting different errors and probably using different versions of NVM or whatever, a tool I've only vaguely been aware of before today. Any general tips or resources for resolving this kind of dependency or Amplify issue?
|
#
?
Apr 29, 2023 22:17
|
|
|
|
| # ? May 15, 2024 21:04 |
|
|
Last time I tried to use amplify it was broken AF and most of my issues were bugs (memory leaks were a big one) that the dev discord (your only way of interacting with them) was not interested in fixing. At the time the only way I got engagement was by harassing the oncall via slack internally. So I wouldn't recommend that product at all however if you're stuck with it that's something else entirely.
|
|
#
?
Apr 30, 2023 05:55
|
|
|
All we're doing is using Amplify to grab our repo from GitHub, run npm and do some basic database setup. The issue is probably more of a JavaScript thing that something happened since September and now our dependencies are bad. But I have no way to run this locally or get more info than some cryptic error messages, because of course our logs don't include package-lock.json.
|
|
#
?
May 1, 2023 02:00
|
|
|
Is there a proper way to assume a users identity when running shell commands using SSM agent via Step Functions call? On a Linux host by default your session starts as root, and commands to temporarily act as another valid user such as “su - <username>” does not actually work, even if it does as root in a normal session. “runuser - <username> -c “<some command>”” works but I’m trying to run a multiline shell script that uses variables gathered by an upstream Lambda to invoke a legacy executable that can’t (won’t) be Docker-ized. It might be possible to modify the default agent user, but instance admins want it as root to use it for maintenance/installs.
|
|
#
?
May 3, 2023 21:24
|
|
|
Is there any sort of 'community' around Redshift? I can't find any discords/slack channels/user groups/bloggers etc... Maybe the SQL Server and Postgres communities have spoiled me. Where do all the Redshifters hang out?
|
|
#
?
May 6, 2023 03:34
|
|
|
Hughmoris posted:Is there any sort of 'community' around Redshift? I can't find any discords/slack channels/user groups/bloggers etc... Maybe the SQL Server and Postgres communities have spoiled me. Maybe they hang out on whatever is hosting those Google results that always have a solving my exact problem but I can't view the solution because I don't have a license??
|
|
#
?
May 6, 2023 06:20
|
|
|
Not sure this is the right thread for this. I’m interested in email SaaS architecture, but this seems to be one of those things that’s difficult to Google for. As in, how Sendgrid, Mailchimp, Mailgun, Amazon SES, etc work. Im guessing there’s a DNS part, scalable vms hosting SMTP (just guessing) part, and an orchestration part. Among other more general saas things (api, auth services, whatever) Anyways any insights (general or implementation specific) would be appreciated. Again, I’m finding it hard to do basic research on this so any info is appreciated. Orbis Tertius fucked around with this message at 05:00 on May 18, 2023 |
|
#
?
May 18, 2023 04:55
|
|
|
Orbis Tertius posted:Not sure this is the right thread for this. Are you trying to roll your own? Curious what your use case for this is as I imagine the arch is probably not going to be super public necessarily as I work at one of the 4 you listed presently and worked at another previously.
|
|
#
?
May 18, 2023 05:37
|
|
|
jiffypop45 posted:Are you trying to roll your own? Curious what your use case for this is as I imagine the arch is probably not going to be super public necessarily as I work at one of the 4 you listed presently and worked at another previously. The business concept is a transactional-only email service that has restrictions and limits in place to make it non-viable for marketing (or spam) email, and by being such dispose with the rigamarole and bullshit you usually have to go through to use such SaaS services. I have some ideas what those ‘limitations’ might be to make that actually work, but without some way forward (basic info) on architecting the thing I’m kind of at a loss. I have enough experience with cloud poo poo, generally speaking, to do this (or come up with a spec at least), I just need more specifics about the specific domain (cloud based email) absent any direction I was planning on just deep diving SMTP (which I’m only superficially familiar with) and seeing where that goes (this will be necessary regardless so not a bad starting point) Orbis Tertius fucked around with this message at 06:50 on May 18, 2023 |
|
#
?
May 18, 2023 06:01
|
|
|
Godspeed. Dealing with email is to operations as dealing with printers is to IT support. Every company I've worked for that decided to send their own bulk email vs use a SaaS, it's consumed an insane percentage of my time. A lot of it just comes down to all the reputation management stuff you need to do to ensure your IP's aren't getting blacklisted, despite your users' best efforts to send mega spammy poo poo (and then come yell at you to ask why their mega spammy poo poo is being flagged as spam). Also the configuration files for whatever underlying MTA you select (exim, postfix, etc) are abominations that are basically their own general purpose programming language. I am extremely glad I don't have to work with bulk email much in my current role. edit: SMTP itself is a very simple protocol. Which is actually the problem; it was built for a time when everyone on the internet knew each other personally cause there were like 100 users and they were all at universities and government labs. Similar to BGP. So more and more protocols and standards have been tacked on over time, all of which you also need to deeply understand to run a modern email infrastructure that isn't firing every message directly into spam folders, or accidentally being left open as a relay for spammers to abuse. Docjowles fucked around with this message at 17:12 on May 18, 2023 |
|
#
?
May 18, 2023 17:08
|
|
|
Docjowles posted:Godspeed. Dealing with email is to operations as dealing with printers is to IT support. Every company I've worked for that decided to send their own bulk email vs use a SaaS, it's consumed an insane percentage of my time. A lot of it just comes down to all the reputation management stuff you need to do to ensure your IP's aren't getting blacklisted, despite your users' best efforts to send mega spammy poo poo (and then come yell at you to ask why their mega spammy poo poo is being flagged as spam). Also the configuration files for whatever underlying MTA you select (exim, postfix, etc) are abominations that are basically their own general purpose programming language. I am extremely glad I don't have to work with bulk email much in my current role. AWS will shut you down so loving fast if your sender reputation is even slightly questionable.
|
|
#
?
May 18, 2023 17:12
|
|
|
Orbis Tertius posted:Not sure this is the right thread for this. You're forgetting that the infrastructure to handle e-mail is very, very, very stateful and oftentimes requires long-lived TCP connections with a Wild West of crazy SMTP servers on the other end along with systems like Spamhaus and IP reputation systems shared across everywhere. Also add in verification systems to your domain such as DKIM, SPF, and DMARC standards for starters that can be a pain if you're not extremely vigilant about your DNS records. So unless your infrastructure is able to hand off TCP connections and their flow states across machines you're not going to get anything resembling stateless deployments for this kind of software or you're going to do some funky things to perform load balancing and packet routing within your infrastructure. You can send e-mails at volume (more than n thousand / month I think?) with AWS if you sign an agreement with AWS that you're an actual e-mail vendor of some sort and that you'll be vigilant about spam reports at a legal level.
|
|
#
?
May 18, 2023 18:47
|
|
|
necrobobsledder posted:You can send e-mails at volume (more than n thousand / month I think?) with AWS if you sign an agreement with AWS that you're an actual e-mail vendor of some sort and that you'll be vigilant about spam reports at a legal level. Oh yeah this reminds me that you will start getting actual death threats from unhinged lunatics to your abuse@ address if they ever receive something they perceive as spam, lol
|
|
#
?
May 18, 2023 18:55
|
|
|
Docjowles posted:Oh yeah this reminds me that you will start getting actual death threats from unhinged lunatics to your abuse@ address if they ever receive something they perceive as spam, lol A lot of us remember Docjowles posted:when everyone on the internet knew each other personally cause there were like 100 users and they were all at universities and government labs It's been a harrowing few decades
|
|
#
?
May 18, 2023 20:44
|
|
|
On the other hand, it's super cool in a CS class to see your professor open a telnet session to an SMTP server and execute the commands to send an email, and the poof an email shows up in your inbox.
|
|
#
?
May 18, 2023 21:10
|
|
|
email is a genuine nightmare and i am glad other companies maintain these sewers
|
|
#
?
May 18, 2023 22:09
|
|
|
I think it's hilarious how it's like 'hey I want to send an email from server x to email address y in the same domain' 'Oh that's pretty easy, just boop beep telnet and you're good!' 'Oh great! I want to send that email to a hundred people on gmail now'. 'You'll need a multinational corporation and two ritualistic sacrifices'
|
|
#
?
May 21, 2023 18:38
|
|
|
Is Azure allowed in here? The boss wants monitoring for certain 4xx HTTP errors in Azure App Services The only options in the documentation are: quote:Http 401 The count of requests resulting in HTTP 401 status code. We are looking for other errors that start with 4 but aren't these ones, I.E errors with a specific numbers but not these ones. Having a count of all errors starting with 4 is not useful either.
|
|
#
?
Jun 2, 2023 06:22
|
|
|
turn on application insights, you can do custom queries and alerts on built in logs, set up instrumentation in your app, build sli/slo's, the whole 9 it's slow and clunky, but it's the native azure solution
|
|
#
?
Jun 2, 2023 08:13
|
|
|
for your use case you can write a custom query for the error code you want, then alert on it
|
|
#
?
Jun 2, 2023 08:14
|
|
|
https://learn.microsoft.com/en-us/azure/azure-monitor/app/api-custom-events-metrics Do you mean this?
|
|
#
?
Jun 2, 2023 08:39
|
|
|
That's for creating custom events from your application, http status codes should be logged automatically. You would use log analytics to make a custom query, then alert from that if needed.
|
|
#
?
Jun 2, 2023 14:29
|
|
|
What are best practices for replaying failed Step Function executions?
|
|
#
?
Jun 6, 2023 22:09
|
|
|
lazerwolf posted:What are best practices for replaying failed Step Function executions? Are you looking at a specific scenario or in general? In general it’s a good idea to look at your possible/actual failures and set IntervalSeconds (wait time before starting a retry), MaxAttempts and BackoffRate. You can also use a Catch to handle known errors in a specific way. If you’re using Lambda’s it’s best to handle your exceptions there instead of in the SF.
|
|
#
?
Jun 10, 2023 22:47
|
|
|
LochNessMonster posted:Are you looking at a specific scenario or in general? Yeah let me elaborate a bit. I have a Step Function pipeline set up that triggers off of s3 Create Object and ultimately interacts with a third party API. I have Retry for each lambda involved set up and I am catching any error with the third party api and am sending the caught messages to an SQS acting like a DLQ. My question is about retrying caught SF executions. I'm picturing a scenario that maybe some aspect of the third party api changed and I need to update my code to handle it. Then I want to be able to replay some of the failed executions to process through the new code.
|
|
#
?
Jun 11, 2023 05:02
|
|
|
Do you need SF here? Sounds like a perfect use case for SQS + DLQ with a Lambda trigger off the queue. Then you get the redrive functionality for free.
|
|
#
?
Jun 11, 2023 05:54
|
|
|
Adhemar posted:Do you need SF here? Sounds like a perfect use case for SQS + DLQ with a Lambda trigger off the queue. Then you get the redrive functionality for free. Agree, the use case almost sounds like a text book example. s3 event on object creation -> sqs -> trigger processing lambda. You can manage error handling on the lambda and use a DLQ for permanent failures. Setup a cloudwatch alarm that informs you on failures (or trigger another lambda to do stuff with the events)
|
|
#
?
Jun 11, 2023 10:50
|
|
|
LochNessMonster posted:Agree, the use case almost sounds like a text book example. What is the benefit from sending the event to SQS first rather than triggering Lambda directly? I could probably refactor my business logic to fit into one lambda function, I am trying to keep my logic into smaller lambdas orchestrated with SF rather than one larger lambda. I failed to mention this but I am using Eventbridge rules to trigger the SF. The data flow is: s3 Object Creation -> Eventbridge Rule -> SF Would this be what you both are suggesting? s3 Object Creation -> Eventbridge Rule -> SQS -> Lambda/SF lazerwolf fucked around with this message at 18:23 on Jun 13, 2023 |
|
#
?
Jun 13, 2023 18:20
|
|
|
I would go S3 -> SNS -> SQS -> Lambda. Adding SNS is optional but provides decoupling and allows you to do add some other processing later if you want. SQS (with DLQ) gives you great error recovery and let’s you absorb bursts nicely.
|
|
#
?
Jun 13, 2023 19:09
|
|
|
Does anyone know what will happen to existing ec2 instances running server2012 when that goes eol? Do they just get marked for deletion by AWS? Trying to come up with good sticks to scare folks into upgrading or migrating their poo poo before October.
|
|
#
?
Jun 13, 2023 19:29
|
|
|
iirc if you go s3 -> sns you only ever get 1 sns topic per notification config, something to be aware of in case you might need more destinations later you can mix queues and topics though to my recollection so it's not a big deal
|
|
#
?
Jun 13, 2023 20:30
|
|
|
Another question, for Lambdas that require external dependencies, what is the best way to handle this. I found you could install the dependencies locally and zip up the entire folder with app code. Build a layer from the dependencies directory or build a docker image of your app and deploy that.
|
|
#
?
Jun 15, 2023 16:19
|
|
|
not lambda but for azure functions we used to zip everything up but now we do the container
|
|
#
?
Jun 15, 2023 16:23
|
|
|
I think either approach is ok. Personally I would put it in a lambda layer if you like lambda for this use case and intentionally want to use it. Otherwise put it in a container and use a more traditional container environment like ECS or k8s that doesn’t subject you to the various structures and limits of lambda.
|
|
#
?
Jun 15, 2023 16:53
|
|
|
just uploading a zip puts less requirements on the uploader which is good because uploaders tend to change over time and janitoring an uploader is all toil for no benefit
|
|
#
?
Jun 15, 2023 17:06
|
|
|
I don't know about lambda, but azure functions support pulling from an acr natively, so we use the same container build and publish process across our whole environment
|
|
#
?
Jun 15, 2023 17:14
|
|
|
Do you all worry about cold start times for containers vs zip?
|
|
#
?
Jun 15, 2023 21:15
|
|
|
They both go off like firecrackers. 
|
|
#
?
Jun 15, 2023 21:19
|
|
|
BaseballPCHiker posted:Does anyone know what will happen to existing ec2 instances running server2012 when that goes eol? Do they just get marked for deletion by AWS? AWS is exceptionally good about backward compatibility so this may not be a good stick. See https://aws.amazon.com/windows/faq/#eos-3 quote:Q. How does EOS affect my existing instances on Amazon Web Services (AWS)? In fact, you can still run Windows Server 2003! quote:
As for scaring people, all of the news about ransomware seems like it would be scary enough for the C suite to want to act.
|
|
#
?
Jun 17, 2023 02:06
|
|
|
|
| # ? May 15, 2024 21:04 |
|
|
mondomole posted:AWS is exceptionally good about backward compatibility so this may not be a good stick. Yeah, for the most part your EC2 instance getting ransomware'd isn't Amazon's problem, that's your problem. But uh...it is a problem. Go find some particularly juicy ransomware stories and start trotting it out every time someone balks at migration plans.
|
|
#
?
Jun 17, 2023 08:08
|
|