harbormaster VS aws-cdk

I use an HP ProLiant Microserver with four drives in a ZFS RAIDZ array and an SSD for the OS. For software, I mostly run it in Docker using a very small container orchestration program I wrote:

https://gitlab.com/stavros/harbormaster

I needed something that would restart containers automatically when I pushed to a branch, so I wrote a few lines of code to do it:

https://gitlab.com/stavros/harbormaster

As far as PaaSes go, it's probably the simplest, and works really well.

I was in the same boat as you and built something simple that I really like:

https://gitlab.com/stavros/harbormaster

It'll just pull some repos, make sure the containers are up, and make your configuration simple and discoverable. It really works great at that.

I do this for our services, it works great and we can easily put SSO in front of them with CF Access. I publish a Docker container that you can use as a sidecar for your Compose deployments:

https://gitlab.com/stavros/docker-cloudflared

I use this with Harbormaster (https://gitlab.com/stavros/harbormaster) so I can expose containerized stuff without ever forwarding any ports outside of Docker.

I use Dokku for that (I can share my Bitwarden repo if you want, the entire thing is four lines or something). I also made https://gitlab.com/stavros/harbormaster for things that weren't so "web server -> app -> database" and love it.

I had the same problem and didn't want to manage things by hand, so I wrote Harbormaster:

https://gitlab.com/stavros/harbormaster

It basically pulls Compose apps from the git repositories you specify, builds the containers and makes sure they're running. Pretty simple and works really well for me.

(This post should read "Argo tunnel" instead of just "Argo")

I did the same to enable secure access to services via SSO at work. I used Harbormaster[1] to deploy Compose files, but it's otherwise the same setup.

One of the big advantages this has is that the services can't be accessed any other way (not even from the same host, as they only listen inside the Docker network). That makes it hard to forget some port exposed because you listened to 0.0.0.0 instead of localhost.

Cloudflare access is very easy to set up SSO with, as well. I'd recommend this setup if you need it, though for home usage I usually just set up Caddy as a reverse proxy with basic auth, as I'll be the only person using this and I don't want Cloudflare MITMing my personal stuff.

[1]: https://gitlab.com/stavros/harbormaster

Something like harbormaster? https://gitlab.com/stavros/harbormaster

environment: Specifies the environment variable that will be available to our Lambda function. In this case I wrote an environment for RDS Database. Anyway, later I will write about AWS CDK using Python for creating database clusters, etc.

Today, I will show you how to build Amazon Location Service, which allows you to build location-based applications within your AWS environment using AWS Cloud Development Kit (AWS CDK) and AWS CloudFormation. I will also show examples of the recently popular CDK Migrate and AWS CloudFormation IaC generator.

AWS Cloud Development Kit (CDK): is an open-source software development framework to define your cloud application resources using familiar programming languages.

I am not one to build programming languages on a whim. In fact, I've spent the last five years building the AWS CDK, which is a multi-language library that addresses some of the challenges I am talking about by allowing developers to define cloud infrastructure using their favorite programming language.

I recently started exploring SST as an alternative to my favorite full-stack set consisting of Projen, AWS CDK, and React. I have been thoroughly impressed with the experience so far. In this article, I will demonstrate how to create a Next.js App Router S3 Picture Uploader using SST.

AWS CDK

For KMS 🔑, Each key is ~$1/mo, and with CDK, keys are generated on a massive scale, if not centralized.

Here is a github repository containing the code and instructions on how to automate this whole setup using AWS CDK.

Now that you have a working smart contract event listener, we'll deploy the resources to AWS using AWS CDK, which is an Infrastructure as Code (IaC) tool. AWS CDK allows you to configure, deploy, and manage AWS cloud resources using popular programming languages such as TypeScript.

✨ Synthesis time: 14.44s CdkScheduledReportingStack: start: Building f3a91fb0ff1605e49b4b00aa223098d7a9a5307e98027f77aecc36bc05a4c3e7:current_account-current_region CdkScheduledReportingStack: success: Built f3a91fb0ff1605e49b4b00aa223098d7a9a5307e98027f77aecc36bc05a4c3e7:current_account-current_region CdkScheduledReportingStack: start: Publishing f3a91fb0ff1605e49b4b00aa223098d7a9a5307e98027f77aecc36bc05a4c3e7:current_account-current_region CdkScheduledReportingStack: start: Building 517f907ce2318aa1a929b43bc1a0247ed509c92576c23a0a8aadfe1677f2ebd7:current_account-current_region CdkScheduledReportingStack: success: Built 517f907ce2318aa1a929b43bc1a0247ed509c92576c23a0a8aadfe1677f2ebd7:current_account-current_region CdkScheduledReportingStack: start: Publishing 517f907ce2318aa1a929b43bc1a0247ed509c92576c23a0a8aadfe1677f2ebd7:current_account-current_region CdkScheduledReportingStack: success: Published 517f907ce2318aa1a929b43bc1a0247ed509c92576c23a0a8aadfe1677f2ebd7:current_account-current_region CdkScheduledReportingStack: success: Published f3a91fb0ff1605e49b4b00aa223098d7a9a5307e98027f77aecc36bc05a4c3e7:current_account-current_region This deployment will make potentially sensitive changes according to your current security approval level (--require-approval broadening). Please confirm you intend to make the following modifications: IAM Statement Changes ┌───┬────────────────────────────────────────┬────────┬───────────────────────┬────────────────────────────────────────┬───────────────────────────────────────────────┐ │ │ Resource │ Effect │ Action │ Principal │ Condition │ ├───┼────────────────────────────────────────┼────────┼───────────────────────┼────────────────────────────────────────┼───────────────────────────────────────────────┤ │ + │ ${SalesReportFunction.Arn} │ Allow │ lambda:InvokeFunction │ Service:events.amazonaws.com │ "ArnLike": { │ │ │ │ │ │ │ "AWS:SourceArn": "${Rule.Arn}" │ │ │ │ │ │ │ } │ ├───┼────────────────────────────────────────┼────────┼───────────────────────┼────────────────────────────────────────┼───────────────────────────────────────────────┤ │ + │ ${SalesReportFunction/ServiceRole.Arn} │ Allow │ sts:AssumeRole │ Service:lambda.amazonaws.com │ │ ├───┼────────────────────────────────────────┼────────┼───────────────────────┼────────────────────────────────────────┼───────────────────────────────────────────────┤ │ + │ ${SalesReportTopic} │ Allow │ sns:Publish │ AWS:${SalesReportFunction/ServiceRole} │ │ └───┴────────────────────────────────────────┴────────┴───────────────────────┴────────────────────────────────────────┴───────────────────────────────────────────────┘ IAM Policy Changes ┌───┬────────────────────────────────────┬────────────────────────────────────────────────────────────────────────────────┐ │ │ Resource │ Managed Policy ARN │ ├───┼────────────────────────────────────┼────────────────────────────────────────────────────────────────────────────────┤ │ + │ ${SalesReportFunction/ServiceRole} │ arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole │ └───┴────────────────────────────────────┴────────────────────────────────────────────────────────────────────────────────┘ (NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299) Do you wish to deploy these changes (y/n)?