A colleague said to me that she had issues with deploying aws_appflow_flow, a Terraform resource for AWS. She told me that every time she ran it, Terraform showed that all the task blocks were being modified, even though they hadn’t changed. She showed me a truncated Terraform plan (due to terminal history size) but said it would take 15 minutes to run another plan — this was odd! I took a cut-down version of her resource and started trying to replicate it.
Blog - MattBits
last update:Dad The phrase “inquisitive mind” has (or will) be used several times throughout what’s being said today. I’m not sure I even like the phrase, but it’s stuck with me — and the more I think about it, the more it seems to describe my dad perfectly. When I think about my dad, my memories fall into two categories — those of our shared experiences, and those of simply observing who he was as a person.
History Whilst at school and college, I loved running servers and bits and pieces. During this time, to host anything, I needed a domain name. Since I was also having fun minimicing services I had been working with during college (whilst working part-time at my old school), I decided to create more a brand-name rather than a personal-esque domain name. After various iterations (including maplehat, mhsolutions and others), as I left college, I had settled on dockstudios.
For a while, I’ve been trying to get away from my previous VPN - OpenVPN. It was clunky and, somewhat, unreliable. I’d start it up, give it a username, password, OTP and it would connect after about 30 seconds. Then I’d leave my laptop for 2 seconds, the screen would go blank and as soon as I shake the mouse, OpenVPN would have disconnected, removed my routes and be asking for re-authentication.
History In my homelab setup, the way services are run are not the simplest of approaches and I often find this bites me - but every challenge is an opening for learning, which is always great (unless I just want something to work). The challenge I’m talking about today is client identification with NAT outside of HTTP. What I mean is, in the world of HTTP, load balancers are often used.
The Problem! I’ve ocassionally found Terraform providers that take an attribute and manipulate it in a way that.. isn’t favourable. This means that, following runs see a change in the attribute (compared) to the attribute passed and want to modify it. For example!… The Docker Terraform provider (by kreuzwerker :D https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs) manipulates the “image” attribute to the SHA digest of the image… This means, that if I create: resource "docker_container" "my_important_container" { .
Dymamic Terraform Provider I wanted to create a proof-of-concept simple method of storing and retrieving data. User X --push--> Database --read--> User Y This would be used as a sort of dictionary for users to query information being published by others. The exact nature and source of the data made Terraform an obvious choice for this. I explored the most basic option: A basic boiler-plated http call: data "http" "example" { url = "https://my-db.
For Christmas last year, I wanted to make a present for my Mum. My parents had recently had solar panels installed with a battery. The system worked, so I was told, that the solar power would: primarily power the house; then charge the battery; once filled heat water for the hot water tank She wanted to be more energy efficient, but knowing when to use the dishwasher and when to have a shower could be complex.
Traefik’s ConsulCatalog plugin provides a defaultRule parameter, which is applied by default to exposed services. The example from the docs (https://doc.traefik.io/traefik/providers/consul-catalog/#defaultrule), suggests: For a given service, if no routing rule was defined by a tag, it is defined by this defaultRule instead. The defaultRule must be set to a valid Go template, and can include sprig template functions. The service name can be accessed with the Name identifier, and the template has access to all the labels (i.
Whilst implementing basic end-to-end tests for, an open source Terraform-cloud alternative, Terrarun (https://github.com/matthewJohn/terrarun), I need to deploy the Hashicorp Terraform cloud agent. The agent (as well as the Terraform-cloud Terraform provider) require a trusted SSL certificate to correctly interact with the server. I’ve deployed various solutions in the past, such as automated distribution of Letsencrypt certificates and Hashicorp Vault for generating complex PKI setups, but not had to deal with generating CA certs and server certificates in a fully automated method.