August 2020

IaC Newsletter Blast-9.png

What’s New?

Github Actions

We now support the setup of Github Actions as a CI/CD provider (in addition to CircleCI, Travis CI, and AWS CodePipeline). Github Actions has several awesome features worth being aware of.

  • It’s incredibly inexpensive. If you already have a Github subscription, your organization already has 3,000 free build minutes per month. Additional minutes (past 3,000/month) are billed at a rate of $0.008/minute, or in more relatable terms, 1,000 extra build minutes for little more than the price of a beer.

  • You can manually trigger deployments or rollbacks through the Github API. Unlike other CI providers, you can elect to manually deploy any commit or branch to an environment through the use of a CLI script provided by Stack.io.

  • Centralized management of build secrets. Like CircleCI, Github Actions allows setting secrets at an organizational level - no more needing to update AWS keys in 20 different places or fighting your CI provider’s web UI to add multiline secrets like SSH keys.

  • Better integration with Github and tracking of deployed releases. Stack.io’s Github Actions workflow enables a special “Deployments” dashboard on Github with the deployment history for all of your environments (production, staging, test, etc.) including which commit or branch is deployed to each environment, as well as links to the corresponding Github Actions deployment log. Even better, pull requests will show when, and if, they have been deployed, making it easy for reviewers to see if a particular feature has actually been tested in a staging environment before approving changes.

Combined with its incredibly reasonable pricing, the increased flexibility in when and how workflows are triggered makes Github Actions our preferred choice of CI/CD provider when starting new projects. You can read more about Github Actions here.

EC2-Based Deployments & Workflows

We now have a “platform free” EC2 offering for organizations and projects that aren’t quite ready to make the leap to containers, or require database technologies that aren’t supported using AWS managed services.

Specifically, Stack.io now supports:

  • Running databases like RethinkDB, Solr, and Couchbase for which no AWS managed service exists on EC2. This includes data migration, backups, and automation for other common sysadmin tasks.

  • Running monitoring and alerting infrastructure like Prometheus and Grafana directly on EC2 instances, with notifications to email, Slack, Pagerduty, and others.

  • Centralized logging for all applications, databases, load balancers, etc. to logging tools like Elasticsearch + Kibana and LogDNA.

  • Multiple load balancers and automated certificate renewals with HAProxy and Let’s Encrypt. It’s easy to take application instances in and out of HAProxy load balancers, and you can now have as many load balancers as you want. Never pay for certificates again with Let’s Encrypt.

  • Rolling application deployments to EC2 from public CI/CD providers like Github Actions and CircleCI. Deploying an application to EC2 is now just as fast and easy as deploying to Kubernetes.

  • Encrypted storage, management, and provisioning of run-time, build-time, and infrastructure secrets. 

  • Simplified management of EC2 infrastructure using Terraform and Ansible. No complicated or custom tooling is required to work with or provision EC2 instances - just install Terraform and Ansible and get started managing your setup.

Kubernetes on Azure

Many teams may prefer to use Azure for new projects or migrations. We can now set up our full Kubernetes stack on Azure.

  • Managed Kubernetes on Azure using Azure AKS

  • Monitoring and alerting using Prometheus and Grafana

  • Centralized logging and log visualization with Elasticsearch, Fluentd, and Kibana

  • Application performance monitoring with New Relic, DataDog, or Elastic APM

  • Deployments to Azure using CircleCI, Github Actions, and Travis CI

  • Databases using Azure managed services

  • Easy and reliable infrastructure provisioning using Terraform and Terraform Cloud

Fun and Useful

AWS: Third ca-central-1 Availability Zone

Announcing AWS’s third ca-central-1 availability zone and a detailed explanation of what an availability zone actually is. https://aws.amazon.com/blogs/aws/now-open-third-availability-zone-in-the-aws-canada-central-region/ 

 
aws_regions-1-1024x520.png
 

The SELinux Colouring Book

The SELinux colouring book. Don’t give this to your kids unless you want them to be sysadmins when they grow up: https://people.redhat.com/duffy/selinux/selinux-coloring-book_A4-Stapled.pdf

Screen Shot 2020-08-25 at 3.25.05 PM.png

stack.io

We are the Ops Side of DevOps…

…because nothing ever just works. See what our team can do to give you modern, reliable, open source solutions to help take your business to the next level