How to decommission resources from your cloud environment to keep it clean? What to do when a resource is created without being in the infrastructure code? Andrey is going through a checklist he uses to delete resources and the utility serverless functions he wrote. Argo CD is a project that does GitOps and automatically deletes resources in Kubernetes namespaces if they are not defined. We talked about the different layers of abstraction for infrastructure as code and where it makes sense to have a Terraform controller in a Kubernetes cluster to manage the application dependencies.

Discuss the episode or ask us anything on LinkedIn

Initially, we planned this episode as a discussion about HashiCorp Nomad and invited Jacob Lärfors. He recently published a great article about his experience working with Nomad (see link in the show notes). However, because of a few postponements, and with HashiConf that happened just a week ago, we decided to extend the podcast’s scope to go over all of the announcements that they did during the conference. So here it is — HashiConf special: all you need to know about everything that HashiCorp announced during the conference plus a discussion about Nomad!

Discuss the episode or ask us anything on LinkedIn

This is the first episode in the new format — 30 minutes short and crisp episodes, i.e., less water and side discussions, focusing on the topic, duration under (well, almost under) 30 minutes. We hope you like it!

The topic of this episode is building Docker images — automation, security, best practices.

In this episode, we discuss: saving money with T3a family, building Docker images locally and in CI, setting up daemonless Docker builds for CI and k8s, using multistage builds to keep your images nice and clean as well as encapsulate the build environment and make it portable, passing secrets to Docker build and inspecting image layers for secrets (ssh-agent and many more), keeping Docker images updated with dependencies and updates, scanning Docker images for vulnerabilities, Docker image layers caching — doing it right, DockerHub is to delete old images stored for free and GitHub is ready to host them for you, Docker image naming so you can find all you need to debug quickly.

Some of the information overlaps with episode #3 but greatly extends the information provided before.

Discuss the episode or ask us anything on LinkedIn

In this episode, we discuss options for splitting your deployment stages. We hear people coming up with all possible types of environments — dev, test/QA, integration, stage, prod, etc. How many do you actually need? What is the reason for having all those stages? Maybe you need less? Why not deploy directly to production using some fancy technique? Put it simply — stage or not to stage?

Discuss the episode or ask us anything on LinkedIn

Let’s talk about security in the era of remote work. Most of us have experienced a flaky VPN connection. What are the alternatives? SSH certificates? Yubikey? We discussed various topics around security inside a cluster and outside.

Discuss the episode or ask us anything on LinkedIn

This time, we are joined by Henrik Høegh who shares his unique perspective on applying the theory of constraint to IT transformation as well as how it applies in the world of Cloud Native. We go back to the origin of DevOps, discussing the various problems companies are facing when transforming their organizations and adopting cultural changes.

Discuss the episode or ask us anything on LinkedIn

Mattias wants to set up HashiCorp Vault and quizzes Andrey on how to do that. We cover a lot of ground — from basic Vault concepts to setting it up and hardening.

Discuss the episode or ask us anything on LinkedIn

Julien and Andrey got together to define the scale and ways to automate the scaling of your infrastructure in response to changes in load patterns. What are the prerequisites for implementing scaling? What is cooling down, warm up, horizontal and vertical scaling, scale-up, and scale in? What are the metrics that could be useful for making scaling decisions? And last but not least, the very unexpected spin that Julien gives to the conversation.

Discuss the episode or ask us anything on LinkedIn

This time we are discussing the white paper by Summit Route — AWS Security Maturity Roadmap 2020. Tune in to learn more about the white paper and recommendations that we pile up on top of it.

Discuss the episode or ask us anything on LinkedIn

Our guest speaker is Anton Babenko, he is a DevSecOps Talks podcast fan, AWS Community Hero, Terraform fanatic, HashiCorp Ambassador and a prolific open source contributor. After listening to episode #9 Terraform in CI and #1 Infrastructure as Code, Anton decided that enough is enough and volunteered to give his point of view on Terragrunt since he thought that we are missing a few important points. In this episode, we are discussing the use cases of Terragrunt, a wrapper around Terraform for working with multiple environments and modules.

Discuss the episode or ask us anything on LinkedIn