undefined | Better HN

0 pointslijok2y ago0 comments

Takes 30 minutes in ours, tops. Provision a new AWS account, 10~ min, copy/paste generic service template, plug in the vars and deploy, 20~ min.

We however had the advantage of building IAC from ground up and had the time to do it properly.

0 comments

jiggawatts2y ago

There’s a huge difference between “identical clone of an existing service” and “a new service”.

My challenge at $dayjob is that it takes months to spin up a new cloud service because they’re new.

Either a new app that wasn’t on the cloud before — in which case the templates need extensive customisation.

Or, new app in the sense that the devs just cracked open Visual Studio and have no idea yet what they actually need from the cloud.

I get maybe 10-20 copies of a template (dev/tst/prd + ha/dr), and then I have to start from the beginning.

Guidance on how to maximise reusability would actually be very useful.

Unfortunately, in the real world, this seems difficult. Many small variations in requirements tends to make abstractions leaky.

For example, one vendor requires active-passive load balancing for licensing reasons. Millions of dollars worth of licensing reasons. Neither AWS nor Azure support anything but active-active in any of their load balancers. (They do in DNS, but for various reasons that won’t work for us.)

Another “new” app (industrial air quality monitoring) is actually from the stone ages and doesn’t support PaaS databases or even 3 of the 4 clustering modes available in IaaS. So a custom load balancer solution is required… just for it.

This is the issue. Everyone that loves the cloud and says it’s simple has easy mode turned on: cookie cutter clones they can stamp out for many identical customers or whatever.

Some people play the game with “big government” difficulty.

lijokOP2y ago

I could have elaborated. When I say "generic service template", I mean a service with any cloud requirements (that we've had at any point before) can be assembled from building blocks (TF modules) in 20~ min. This ofcourse doesn't work if every new service has new unique requirements.

Happy to talk through the setup we're using and some other setups I've seen work if you're interested, but it's quite extensive.

Our current setup is heavily inspired by the work Gruntwork (not affiliated) are doing. I highly recommend taking a look at how they do it and even subscribing to their service if the need is there. They provide pre-built modules for basically any usecase.

jiggawatts2y ago

References to anything public would be nice

So far I’ve struggled to get any real modularity.

The biggest issue I’ve had is that every assumption I’ve made has been violated.

So either modules must be fully generic — saving no work at all — or make assumptions and then not be reusable.

j / k navigate · click thread line to collapse