Categories
CICD Puppet Snippets

GitLab spot runners & Puppet

We are on AWS with GitLab. For ease of use, and because our build hosts degenerate for some reason (network issues), we decided to use spot instances with GitLab. The journey was all but easy. Here’s why. GitLab Runner configuration complaints First: The process To configure GitLab runner, you have to … install GitLab, write […]

Categories
Snippets

jq makes AWS “describe-instances” actually useful

Just so I don’t forget 🙂 aws ec2 describe-instances | \ jq ‘.Reservations[].Instances[] | {IP: .PrivateIpAddress, ID: .InstanceId, Name: .Tags[] | select(.Key==”Name”).Value}’  

Categories
Docker Infrastructure Snippets

Elastic Beanstalk with Docker using Terraform

I just investigate AWS Elastic Beanstalk. And I want to use terraform for this. This is what I’ve done, and how I’ve got it running. I basically do this because the docs for this are either super-long (and are still missing critical points) or super-short (and are also missing critical points), at least what I’ve […]

Categories
Snippets

Rancher IAM role

Rancher can create instances on EC2. If you want to define a dedicated IAM user for this, refer to the Amazon docs for the a profile template. Unfortunately the first thing you get when using those permissions in rancher is “You are not authorized”. Great. I’ll update this when I know the correct permissions. (Source: […]

Categories
Snippets

VPC with NAT to internet on AWS

… and other TLAs. Anyways, as far as I remember OpenStack does not need this, so I thought I document it here. I at least was surprised. Situation: You want a private network sement in the cloud (in my case an Amazon VPC), and you don’t want all hosts to be accessible from the internet. […]

Categories
Longer things

My take at a CI infrastructure, Pt.1

… so far. It might be crappy, but I’ll share it, cause it’s working. (Well, today it started doing this 😉 ). But enough preamble, let’s jump in. The Situation I am in a new project. Those people have nothing but a deadline, and when I say nothing I mean it. Not even code. They […]

Categories
Docker

Docker registry, S3 and permissions

There are a couple of bazillion blog posts saying “yah just did my docker registry on S3”. It’s not so easy, though. Cause what if you want to limit access to a certain IAM user? Yup, you need to go deep (well, a bit) into the policy thing of Amazon. Which sounds simple, but isn’t. […]