This last week has been a crash course in new stuff for me. I’m helping with the scripts that manage the infrastructure around a project – freeing up the developer to work on user stories, I’m taking care (or trying to take care) of the deployment aspects of it. In a way, its a big catch-up to other folks who have been charging ahead into newer technologies – so its not like I’m having to discover things on my own. On the other hand, everything is already evolved to N+2, and I’m at N-1, so its a bit of a firehose.
Here goes though, stuff I’ve picked up this week:
- Teamcity build calling a powershell script to do deployment stuff.
- New to me: I didn’t know PSPROJ was a thing – that I could step debug through powershell in Visual Studio now. Come a long way since Powershell 1.0.
- Dotnet lambda package, zipping, sending to S3… Somebody else whose first name rhymes with “Miss” and last name rhymes with “Aye Lee” wrote this part for something else, I get to adapt it for the current project.
- AWS API Gateway => AWS Lambda => C# NetCore1.0 => MVC chain
- Got to learn about the “Version Hell” that happens in NetCore1.0. It will probably be much nicer by the time we get to 2.0 or better.. just the 1.0 to 1.1 is pretty rough at the moment. Get the intersection of the bleeding edge of NetCore as it was 7 months ago with the bleeding edge of where AWS is taking their Amazon Linux. We had to do a deviation and host some stuff via EB rather than Lambda.
- I’ll be playing more with this on Monday as I try to debug something into not giving me a 500 internal server error.
- Terraform as a way of deploying AWS Resources
- Modules, and Variables, and Data sources, oh my.
- Debugging Terraform – I found the GET/POST requests.. the problem was a Content/Type for a resource in an S3 bucket. Can’t get .body that way, so couldn’t get the hash value.
- Partial apply’s because sometimes you don’t recognize a change and don’t want to mess up somebody else’s experimentation
- I got to copy what Miss Aye Lee did, nice job Dude.
- Rewrapping my brain around Build Configurations
- Thanks to previous training, Build Config = Debug (PDB) vs Release, but also = XSLT Config Transforms to get configuration values per environment.
- Now, Build Config = just Debug vs Release for “how debuggable do you want this”
- There’s another avenue for “which settings do you want to use” which is completely different.
- More playing with this on Monday.
- AWS Security stuff
- IAM User’s for local access from visual studio while developing
- Roles for when running in Lambda, EC2, etc. (Built by Terraform)
- Policy documents describing what access available to what (built by Terraform), shared by the IAM and Role.
- All the stuff that was actually built by Terraform using a Terraform runner credential
- The Terraform Runner’s policy that allows it to create all the things
- All running in another account that we cross-account assume roles into.
- Somebody whose first name does not sound like XML and whose last name might have to do with Whiskey is a good teacher and dreamer.
The end result:
- If starting from scratch – done by human.
- cd env-shared; terraform plan & apply to create shared resources, like S3 buckets, VPC’s, RDS’s, etc
- Any further environment changes, also applied by human via script file. No clicky the mouse.
- New environment – like QA1 or QA2 or other – done by human
- cd env-qa1 (or mkdir, if starting new)
- copy and edit a file that says what the environment name is
- terraform plan and apply to create all the things
- DynamoDB tables
- Queues
- Every build to be deployed – automated, not done by human.
- powershell to get stuff up to S3
- powershell to call terraform to deploy
- Lambda
- API Gateway hangs out with this.
Pretty powerful stuff. Glad I’m learning it. It will feel better end of next week when I actually have something completely checked in that completely works.
