pull down to refresh
397 sats \ 5 replies \ @k00b 21 Jun 2023 \ on: What are you working on this week? bitcoin
I'm currently trying to deploy a booger cluster. I always dread deployments. I'm currently attempting to use AWS Copilot which deploys to fargate and is "serverless." Afaict it's not serverless in a short lived process type of way.
If I had the bandwidth, I'd probably learn how to use terraform so that deploying would feel skillable.
I'm a devops/infrastructure engineer by trade so maybe I'm just jaded but I do not like Terraform. Perhaps it's the best IaC tool (it's certainly better than cloud formation, ARM, etc), but it still isn't very good. Here are a few pain points I don't like about it.
- State, having to store state, reconcile state when someone makes a manual change or the backend api changes is a pain in the ass.
- HCL is a declarative language but Hashicorp has added a lot of features (for_each, for loop, locals, etc) that allows engineers to write really complex code that is difficult to understand. However at the end of the day it's annoying that you can't just use a more powerful language.
I tried to use the AWS CDK once with go and the docs were missing a ton of info. Pulumi is another one I'd like to look into though.
I also recently started using crossplane with k8s to deploy infra but it's very new and the docs are lacking a lot. I hope something like crossplane/Pulumi/some CDK is the future though.
Good luck with your deployment, feel free to DM me with any questions.
reply
Thanks for chiming in! It sounds like even a pro can be unsatisfied with the current solutions and that makes me feel better because they all look like hacks from my noob perspective.
State, having to store state, reconcile state when someone makes a manual change or the backend api changes is a pain in the ass.
Statists strike again.
reply
We used terraform at my previous company and I had some touch points with it. We also used it to deploy and share secrets like AWS access keys, database creds etc.
I didn't do much with it (only to retrieve the occasional secret instead of clicking through the AWS GUI or update environmental variables) but it was definitely cool to see infrastructure as code in action :)
reply
It's definitely overkill for SN as is. But having deployments written in cloud agnostic code would be soothing.
reply
Terraform is only cloud agnostic because it's in HCL. The Terraform provider for GCP, AWS, GCP, etc are all different enough that if you wanted to deploy a VM to AWS and then move it to another cloud you would have to re-write a lot of the HCL.
reply