Hugo https://sanderknape.com/ en-us Sat, 09 Nov 2024 12:43:02 +0200 https://sanderknape.com/2024/11/terraform-data-source-read-during-apply-messages-fix/ Sat, 09 Nov 2024 12:43:02 +0200 https://sanderknape.com/2024/11/terraform-data-source-read-during-apply-messages-fix/ Terraform users will likely be familiar with “data source will be read during apply” messages that may appear in the plan output. These messages can be confusing and may even lead to unexpected re-creation of resources. Typically, these messages are related to using data sources in combination with Terraform modules and explicit dependencies. Data sources and modules are two powerful and essential concepts. Data sources allow you to fetch information from existing resources and pass that data to other resources. https://sanderknape.com/2022/05/measure-golden-signals-gke-managed-prometheus-nginx-ingress/ Mon, 23 May 2022 08:47:02 +0200 https://sanderknape.com/2022/05/measure-golden-signals-gke-managed-prometheus-nginx-ingress/ Getting started with setting up proper monitoring dashboards for your application and infrastructure can be challenging. Where to begin? My typical answer to such a question would be to start with the “Golden Signals”. This blog post will dive into the golden signals and share how you can get started with these signals in Google Cloud using Managed Prometheus and the nginx-ingress controller. The Golden Signals The four golden signals - coined by the Google SRE book - can be considered a guide as to what at least to monitor for your applications. https://sanderknape.com/2021/05/shift-left-aws-tag-enforcement-terraform-tfsec/ Mon, 03 May 2021 21:03:01 +0200 https://sanderknape.com/2021/05/shift-left-aws-tag-enforcement-terraform-tfsec/ There are many ways to improve the developer experience of deploying infrastructure into the Cloud. One such method is by shifting left: provide early feedback to shorten the feedback loop and speed up development. When deploying infrastructure into AWS with an infrastructure as code tool such as Terraform, you can validate that code as part of a CI/CD pipeline. A pull request can automatically receive feedback about the configuration of resources, thus enforcing the environment to stay compliant with the organization’s policies. https://sanderknape.com/2021/01/go-crazy-github-actions/ Wed, 13 Jan 2021 16:32:12 +0200 https://sanderknape.com/2021/01/go-crazy-github-actions/ GitHub Actions is a component of GitHub that allows you to create automated workflows. Through the many different events that can trigger workflows you are free to build whatever automation you want. While the most common use case is building CI/CD pipelines, the possibilities are pretty much endless. Check out this list of awesome actions to get some inspiration. Having spent quite a bit of time with GitHub Actions in the last few months I came across some features that aren’t very well documented. https://sanderknape.com/2020/12/serverless-payment-workflow-lambda-cdk/ Tue, 15 Dec 2020 17:38:12 +0200 https://sanderknape.com/2020/12/serverless-payment-workflow-lambda-cdk/ Serverless technology is getting more popular by the day. More and more people are starting to experiment with it and learn for which use cases it can add value. In this blog post I share an example of what a fully Serverless workflow can achieve. For a while now I’ve been curious how one would implement a payment workflow on a website. I was aware that platforms like Stripe, Adyen and Mollie exist, but I never knew how much work would be required to set up a fully functioning workflow. https://sanderknape.com/2020/11/nuances-around-centralized-platform-teams/ Fri, 20 Nov 2020 13:49:11 +0200 https://sanderknape.com/2020/11/nuances-around-centralized-platform-teams/ The popularity of centralized platform teams is rising. The latest Puppet State of DevOps Report shows that 63% of the respondents have at least one internal platform. Platforms are vital enablers for a more DevOps way of working as they provide self-service capabilities that development teams can autonomously utilize. The definition of a “platform” isn’t set in stone though. Many organizations still struggle to put together a platform team that is really able to add value to the development teams. https://sanderknape.com/2020/08/amazon-cognito-jwts-authenticate-amazon-http-api/ Sun, 02 Aug 2020 16:29:33 +0200 https://sanderknape.com/2020/08/amazon-cognito-jwts-authenticate-amazon-http-api/ Last year AWS released a new iteration of their API Gateway product: HTTP APIs. This new version promises lower prices, improved performance and some new features. Some features that are available in the older REST API are not (yet) available for HTTP APIs, though. The official comparison page gives a good overview of which features are available in both products. My favorite new feature available for HTTPs APIs is JWT Authorizers. https://sanderknape.com/2020/06/from-toil-self-service-automate-matters/ Mon, 22 Jun 2020 11:44:02 +0200 https://sanderknape.com/2020/06/from-toil-self-service-automate-matters/ There are a few reasons that I love my job. One of the most important ones is the variety of work. As a cloud/platform engineer, every day is different. Work goes from writing automation in some programming language, setting up a dashboard in a monitoring/logging tool, hardening Linux machines, writing Infrastructure as Code, building (standardized) CI/CD pipelines, giving workshops, analyzing costs, and more. This wide variety of work wouldn’t be possible without automation. https://sanderknape.com/2020/05/deploy-pull-requests-github-actions-deployments/ Wed, 06 May 2020 12:49:31 +0200 https://sanderknape.com/2020/05/deploy-pull-requests-github-actions-deployments/ Performing (automated) tests on pull requests is a powerful mechanism to reduce the feedback loop on code changes. Known as shift left, the idea is that the earlier you find an issue with your code, the easier it is to fix it. For one, as you wrote the code recently it’s easier to get back into it. And of course, any code issue that doesn’t hit production is another potential issue for your end-users prevented. https://sanderknape.com/2020/04/why-great-write-blog-posts/ Fri, 17 Apr 2020 06:32:55 +0200 https://sanderknape.com/2020/04/why-great-write-blog-posts/ I’ve been blogging for close to four years now. I started blogging because I wanted to pick up a new skill (writing) and challenge myself to do something new. Because I blog about what is both my work and hobby - software development and more specifically, cloud/platform engineering - it’s relatively simple to come up with new subjects and I also grow my knowledge as I write these posts. https://sanderknape.com/2020/03/self-hosted-github-actions-runner-kubernetes/ Mon, 16 Mar 2020 09:23:33 +0200 https://sanderknape.com/2020/03/self-hosted-github-actions-runner-kubernetes/ Last year November GitHub released GitHub Actions, a CI/CD solution build on top of GitHub’s Source Code Management. GitHub Actions is very convenient to use when your source code is already stored in GitHub as no additional tool is required for your CI/CD requirements. This blog is for example updated through a GitHub Actions workflow whenever I push an update to my GitHub repository (like I just did with this post). https://sanderknape.com/2020/02/building-a-static-serverless-website-using-s3-cloudfront/ Wed, 12 Feb 2020 19:25:02 +0200 https://sanderknape.com/2020/02/building-a-static-serverless-website-using-s3-cloudfront/ Hosting static websites is great. As they only contain static assets to be downloaded by the visitor’s browser - think HTML, CSS, Javascript, Fonts, images - no server-side code such as Java or PHP needs to be run. They’re therefore typically faster to load than dynamic websites, they have a smaller attack surface, and are easier to cache for even better performance. That is why some time ago I moved this blog from a Wordpress installation hosted on EC2 to a static website. https://sanderknape.com/2019/11/most-important-pre-reinvent-releases/ Mon, 25 Nov 2019 11:04:24 +0200 https://sanderknape.com/2019/11/most-important-pre-reinvent-releases/ The most exciting time of the year for AWS Enthusiasts is upon us. In exactly seven days, AWS re:Invent 2019 will kick off and everyone is excited to see what great features will be released and announced this time around. This year especially though, many new features are already released the weeks leading up to re:Invent. If you haven’t been paying attention, it was easy to much some great new announcements. https://sanderknape.com/2019/07/five-ways-enable-developer-autonomy-aws/ Tue, 23 Jul 2019 12:00:00 +0200 https://sanderknape.com/2019/07/five-ways-enable-developer-autonomy-aws/ It hasn’t been that long since it was normal to request compute capacity at some operations department within your organization. In fact, it’s probably still pretty common in some organizations. With the move to virtualization and especially the cloud, this process of course has changed dramatically for the good. Not only compute capacity for applications, but also resources such as databases, queues, load balancers and storage are now available virtually unlimited. https://sanderknape.com/2019/06/installing-private-git-repositories-npm-install-docker/ Mon, 17 Jun 2019 13:30:02 +0200 https://sanderknape.com/2019/06/installing-private-git-repositories-npm-install-docker/ How do you properly use an SSH key in a Dockerfile? There are many ways to do it, including many ways to do it wrong. What you will want to prevent is that your ssh key ends up in one of your intermediate images or layers. These are the layers that Docker creates with pretty much every command in your Dockerfile. You may think that you properly clean up your secrets later in the Dockerfile, but the secret will then still be available in one of these layers.