Posts

Terraform: Conditional Outputs in Modules

There are several drastic HCL improvements forthcoming in version 0.12 of Terraform, but after an issue I encountered this week while creating some infrastructure with an 0.11.x version of the runtime, I wanted to cover the issue, how to remedy it in versions < 0.12, and talk about how (I believe) the issue will be remedied thanks to some of the 0.12 improvements. Basically, this type of issue will manifest itself as an error during the plan phase with this form of error message: module.

Terraform Provider Bundling

Beginning with the 0.10.x version tree of Terraform, HashiCorp decided to decouple providers from the main Terraform runtime (see the 0.10.0 CHANGELOG for details). For a lot of users, this is a seamless win as Terraform will pull down whatever providers it deduces that it needs to execute your build assuming you have network connectivity to reach their servers and grab the files. This flexible architecture allows new providers to be released, bugfixes and features to be introduced in existing providers without requiring a version increment and download of a monolithic Terraform package.

Curated Lists - My Favorite "DevOps" Tools (and Then Some)

First off, forgive the title. I fall much more on the side of “devops” as a cultural mindset than a thing we do, but when it comes to searching for and exposing things for search on the interwebs, I’m going with the status quo. Next, a few caveats: I haven’t used every single one of these to great extent (or some even at all), but they are tools that are on my radar.

One-Liners - Get AWS AZ Counts

OK, so not truly a one-liner, but a nice quick-n-dirty way to get a count of all active AZs for each region for your AWS account. echo -e "$(tput bold)Region | # AZs$(tput sgr0)" for region in $(aws ec2 describe-regions | jq -r '.Regions[].RegionName'); do num_azs=$(aws ec2 describe-availability-zones --region ${region} | jq -r '.AvailabilityZones | length') printf '%-15s | %5s\n' ${region} ${num_azs} done This requires jq and the AWS CLI to be installed.

Datadog API in Docker Containers Needs a Hostname

Lately I’ve had the good fortune of working on an app migration effort with a heavy focus on containerization, specifically a couple of batch processes which run daily. Formerly, these processes were run by an enterprise scheduling system which handled alerting. After deciding to rewrite the batch processing functions and containerize them, that left me short alerting. I decided to implement a new alerting solution using Datadog, since we’re already using it to gather metrics for the main application.

Terraform: Patterns and Anti-Patterns [Part 3] - Remote State

Remote state is (IMO) one of Terraform’s most powerful and unsung features. It’s also a feature that I notice a lot of first-time users (and unfortunately sometimes people who’ve even been using it for some time) tend to gloss over and ignore. For the first-time user, the light bulb usually goes off for the need of a solution that remote state provides when a scenario like this comes to pass:

Terraform: Patterns and Anti-Patterns [Part 2] - Account Constraints

Background In my last post, I talked about creating lean providers for maximum flexibility. As I closed out the post, I mentioned the potential peril of performing operations against the wrong account by virtue of having the AWS_PROFILE variable set for a profile matching an account other than the one you’re intending to work with (and believe me, if you work with more than a handful of accounts, this is a very easy mistake to make).

Terraform: Patterns and Anti-Patterns [Part 1] - Flexible Providers

In the last 15 months, I have become a daily user of Terraform. In that time, several things have happened in my “relationship” to the tool: I have used it to build out some complex (as well as some not-so-complex) deployments (and learned a lot of lessons the hard way) I have been particularly impressed with the growth in the tool’s capability and HashiCorp’s commitment to pushing the tool forward by expanding its capability set as well as improving core functionality.

Getting the AWS Big Data Certification

“Why am I so nervous? I haven’t felt like this since… I took the first one.” After five AWS exams (particularly the two pro exams) and a handful of other certification exams, I didn’t really expect to be nervous taking this exam. Oddly enough, this is exactly how I felt going in, during, and in that inexorable “moment” of time between clicking the Submit Exam button and actually seeing the result on the page.

Logstash 5.3.1 Conf Directory Not Read On AWS Linux

Recently I have been working on a project to provision an Elasticsearch cluster for a client. With the recent release of v5.3.1 of the ELK stack, we decided to go ahead and build to that release. Things had been proceeding fairly smoothly, up until this evening when I got hung up with Logstash. The Elasticsearch repo RPM for Logstash is very good about intelligently deciding whether your system is using Upstart, SysVInit, or systemd as an init manager and placing the appropriate startup file.