cfgmgmtcamp 2020 - Slides

At cfgmgmtcamp 2020, I gave a talk entitled “Terraform Without The Mess”, in which we looked at how the history of features in Terraform affect the way we structure and write our Terraform configuration today, and make opinionated recommendations about how to structure modern Terraform code in a way which makes changes simple, predictable and safe.

[Read More]

HashiConf EU 2019 - CloudInit: The Good Parts

At the 2019 edition of HashiConf EU in Amsterdam, I gave a talk entitled “CloudInit: The Good Parts” - a surprisingly long talk given the subject matter! I’ve had a number of requests for the slide deck, which I’m posting here along with the video from the event.

[Read More]

HashiDays Amsterdam 2018 - systemd: The Good Parts

At HashiDays Amsterdam 2018, I gave a talk entitled “systemd: The Good Parts”, in which I tried to focus on how to use systemd, aimed at practitioners who are committed to a Linux distribution which uses the controversial init system. The talk was recorded, so I’m posting both the video and the slide deck here. Video Slides As ever, thanks to the HashiCorp team for putting together a fantastic event at a great venue in Amsterdam, and for posting a transcription of the talk! [Read More]

Windows AMIs With Even Fewer Tears

Some recent image building work I was doing required images based on Windows Server. One of my more popular posts, Windows AMIs Without the Tears, detailed the fraught endeavor of making the WinRM management system work for this purpose, but since then Microsoft have substantially improved the situation by committing engineering effort to porting OpenSSH to Windows.

[Read More]

Building ZFS Root Ubuntu AMIs With Packer

For all applications of importance or significance, we recommend using ZFS. On bare metal servers, ZFS is king of the hill, but on AWS and Linux it is still gaining traction. Data integrity guarantees as well as features such as “instantaneous” snapshots, compression, quotas, and the ability to send/receive datasets make ZFS very compelling. In this post, we’re going to demonstrate how to build from-scratch AMIs booting Ubuntu Linux with a ZFS root file system.

[Read More]
zfs  aws  packer 

Managing IAM Policies in HCL With Terraform

IAM Policy Documents are ubiquitous in AWS - they are used not only for standalone policies you might attach to users or roles, but also for S3 bucket policies, SNS topic policies and more. Unfortunately, the JSON syntax can be error prone to hand write, and the default mechanism for creating policies in many configuration management tools is template rendering.

[Read More]
terraform  aws  iam 

Configuring AWS AutoScaling Event Notifications in Slack

One of the easiest ways of building resilience into a system running in AWS is to use an autoscaling group. Generally speaking, I use one for any service which is required to self-heal - even when aiming to maintain a steady number of instances, as is desirable when running servers for Consul and Nomad, as well as a whole host of other clustered systems. Unhealthy instances can simply be replaced, usually without operator intervention, and launch configurations can be used to simplify upgrading clustered software one instance at a time.

[Read More]

Cloud-Init Configuration Merging

Part of the boot process for Linux instances across many cloud systems (including AWS and OpenStack) is the Cloud-Init system, part of the Ubuntu project. It describes itself as “the defacto multi-distribution package that handles early initialization of a cloud instance”. It has a wide range of capabilities, and is an important yet under-used piece of infrastructure.

[Read More]