libaws VS rancher

i print the error along with file and line number every time i return it. clunky, but it works.

in fact i print file and line with every log message.

https://github.com/nathants/libaws/blob/87fb45b4cae20abd1bb1...

cloud is so good now it’s hard to justify not doing something bespoke. ec2 spot is insanely cheaper than turnkey cicd, and better in almost every way.

i’m delighted to pay 30% over infra cost for convenience, but not 500%. and it better actually be convenient, not just have a good landing page and sales team.

this month i learned localzones have even better spot prices. losangeles-1 is half the spot price of us-west-2.

for a runner, do something like this, but react to an http call instead of a s3 put[1].

for a web ui do something like this[2].

s3, lambda, and ec2 spot are a perfect fit for cicd and a lot more.

1. https://github.com/nathants/libaws/tree/91b1c27fc947e067ed46...

2. https://github.com/nathants/aws-exec/tree/e68769126b5aae0e35...

like linux, cloud is a lot to learn, but worth it.

like linux, cloud is best kept simple, or it can become brittle and confusing.

like linux, cloud has a lot of cool things like zfs, that should be appreciated but rarely used.

like linux, using go makes your life a lot easier. the aws go sdk is the documentation.

like linux, you have to learn a lot and then find the core utility you actually care about. for me it is:

https://github.com/nathants/libaws

the good new is, for the 95% of projects that can tolerate it, aws the good parts are actually both simple and easy[1].

it’s hard to find things you can’t build on s3, dynamo, lambda, and ec2.

if either compliance or a 5% project demand it, complicated solutions should be explored.

1. https://github.com/nathants/libaws

i also wanted a good cli for aws, and built one:

https://github.com/nathants/libaws

companies like fly are fantastic.

they provide a good service, and they put market pressure on aws.

cool transition and fun writeup!

for low, intermittent traffic sites, go on lambda might be a better comparison:

https://github.com/nathants/libaws/tree/master/examples/simp...

lambda + s3. add ec2 spot if you need it.

just make sure you understand how billing works. mostly it’s just egress bandwidth is expensive.

do something like this:

https://github.com/nathants/aws-gocljs

or with less opinions:

https://github.com/nathants/libaws/tree/master/examples/simp...

welcome to cloud, glhf!

aws ux for retaining both hair and sanity.

https://github.com/nathants/libaws

build and scale systems with artificial load on aws! scaling the load testing will be just as interesting as scaling the system under test.

start with low bottlenecks, ie a cluster of c6i.large ec2 spot. how fast can you do this? have fast can you scale that? ec2 and s3 is all you need to build anything.

use ec2 spot, avoid network egress, avoid cross region/zone traffic, create and destroy ec2 instances as needed instead of letting them sit idle. you could grow system scaling intution for the price of your streaming subscriptions.

start with something like this:

https://github.com/nathants/libaws/tree/master/examples/comp...

maybe mess around with public datasets on aws, just make sure to be in the correct region to avoid data egress.

welcome systems friend. one accurate measurement is worth a thousand expert opinions. scaling is fun!

aws has too many knobs, presumably to satisfy the union of the needs of all the enterprise customers. that said, lambda+s3+dynamodb+ec2 are pretty good once you tape over all the knobs that aren't needed. i work with them like this[1].

these days i build on aws and r2. aws for the nuts and bolts, r2 for high bandwidth egress. it's a perfect match.

1. https://github.com/nathants/libaws

Did something happen to the Apache 2 rancher? https://github.com/rancher/rancher/blob/v2.7.5/LICENSE RKE2 is similarly Apache 2: https://github.com/rancher/rke2/blob/v1.26.7%2Brke2r1/LICENS...

I follow the 4 ABCD steps bellow, but the first pod deployment never ends. What's wrong in it? Logs and result screens are at the end. Detailed configuration can be found here.

CVE-2023-22651 is rated 9.9/10 : https://github.com/rancher/rancher/security/advisories/GHSA-6m9f-pj6w-w87g

Depends. When I came into my last company I immediately noticed the lack of reproducible environments. Brought this up a few times and was met with some resistance because "we didn't have the capacity"... Until prod went down and it took us 23 hours to bring it back up due to spaghetti terraform.

For the latest releases of rancher: https://github.com/rancher/rancher/releases When is Rancher 2.7.1 going to be released? The Rancher support matrix for 2.7.1 shows k8s v1.24.6 as the highest supported version and Azure will drop AKS v1.24 in a few months... Should this be a concern for us? What could happen if we create our cluster with Rancher for an unsupported K8s version? 1.25 for example. - Rancher 2.7.2 just got released including support for 1.25. I have however tested running unsupported versions before, unless there is major deprecations in the kubernetes API it is fine in my experience. If we move to AKS imported clusters, in case we add node pools, and upgrade the cluster, will those changes be reflected in the Rancher Platform? - Yep! If we face some issues by running an unsupported K8s version on Rancher Launched K8s clusters, is it possible to remove it from Rancher, do the stuff we need, and then import it into the platform? - Yes, however be careful and do testing before doing in prod. From top of mind: Remove cluster from rancher (if imported), if rancher created you might want to revoke ranchers SA key for the cluster first (so it can't remove it). Delete the cattle-system namespace, and any other cattle-* namespaces you don't want to keep. And do your thing. It looks like AKS is faster than Rancher regarding supported Kubernetes versions... We would like to know if Rancher will always be on track with AKS regarding the removal of K8s version support and new versions. - In my experience yes. (Been using rancher on all three clouds for a 4 years now). What are exactly the big differences between imported AKS and Rancher-launched AKS? What should we look at, and what issues can we face when using one or another? - The main difference is that rancher will not be able to upgrade the cluster for you. You will have to do that yourself.

variable "rancher" { type = object({ namespace = string version = string branch = string chart_set = list(object({ name = string value = string })) }) default = { namespace = "cattle-system" # There is a bug with destroying the cloud credentials in version 2.6.9 until 2.7.1 and will be fixed in next release 2.7.2. # See https://github.com/rancher/rancher/issues/39300 version = "2.7.0" branch = "stable" chart_set = [ { name = "replicas" value = 3 }, { name = "ingress.ingressClassName" value = "nginx-external" }, { name = "ingress.tls.source" value = "rancher" }, # There is a bug with the uninstallation of Rancher due to missing priorityClassName of rancher-webhook # The priorityClassName need to be set # See https://github.com/rancher/rancher/issues/40935 { name = "priorityClassName" value = "system-node-critical" } ] } description = "Rancher Helm chart properties." }

When I searched DuckDuckGo instead, the 12th link actually had the real answer. It's in this issue on Rancher's GitHub. Turns out the Rancher admin needs to be in all of the Keycloak groups they want to have show up in the auto-populated picklist in Rancher. Being a Keycloak admin and even creating the groups isn't good enough. Frustratingly, the "caveat" note the Rancher guy is pointing to that says this is only present in the guide to setting up Keycloak for SAML, but apparently this is also true for OIDC.

Explicitly set TLS 1.3 in Rancher, though it could be a bug in Rancher: https://github.com/rancher/rancher/issues/35654

Thanks. Yeah looks like this might work: https://github.com/rancher/rancher/releases/tag/v2.7.2-rc3