What deployment orchestration tool would one use in such a case? Is it just plain systemd/docker compose and a shell script? I surely want zero downtime for my deployments. Do I then need multiple instances of the app running on the server and do something like blue/green? In that case I also need some load balancer config management during my deployment.

How do you guys do it? Curious, because I only ever lived in the k8s/cloud native world.

I drop kubernetes on such cases, usually k3s.

I drop in some "standard" parts like load balancer, ingress controller, monitoring, storage automation (both for persistent volumes and database with CNPG), let's encrypt, DNS auto registering.

On top of that then I can easily deploy project/customer/workload specific things while caring less about implementation for common traits like "I need application's port 80 to show on public internet as app.foo.quux/API and I need an SQL database for it".

Usually there's also SSO and few "Dev happiness" elements like simple dashboard to access relevant applications if you stumble on the root domain.

It might sound like a lot of work, but it's mostly single time investment (especially when you haven't done some bits before) that is remarkably little interaction on later, and definitely takes less time than fiddling with terraform or others only to then have manual (or so custom only one person in the world knows them) she'll scripts on the server.

Yep, systemd with additional scripts to automates interactions with it.

Blue/green with systemd is not a magic (speaking for uncontainerized Go, I doubt that Go in docker/podman will be a blocker).

Hey folks, I built flynnt, a provider-independent Kubernetes-as-a-Service product. Flynnt hosts your k8s control plane and makes it easy to add compute nodes from anywhere. The compute nodes can be hosted in a public cloud or on-premises, and are owned by you.

Currently, when planning to use kubernetes for your infrastructure, the choices you have are either self-hosting and operating your clusters or using one of the many managed public cloud offerings. Both options come with trade-offs. Be it vendor lock-in, high operational overhead or data privacy concerns.

Flynnt tries to be another option with different trade-offs.

How does flynnt compare to EKS, AKS, GKE, etc? In general, most hosted k8s service providers force you to use their compute service offering and don't allow adding arbitrary nodes from outside. So, flynnt is best compared to "EKS Anywhere", "GKE Anthos" or similar.

Privacy: We are a european company and will be 100% GDPR-compliant on launch. Our service is currently hosted in germany. Your data does not need to be moved into a cloud just for using higher-tier abstractions like kubernetes.

Pricing: Pricing will be fixed per cluster. As you can use whatever hosting provider you want, just choose the provider that fits your pocket. You can also mix different providers for your compute nodes. Just be aware of latency for inter-node communication.

My name is Phil and I am looking for users for the Closed Beta. If you are interested to give this a shot, just fill out the form on the website or shoot me an email (in profile).

Thanks for reading, your feedback is welcome, happy to answer questions.

SAP was the first to adopt this pattern with it's SAP Gardener. There's currently an open source project working towards making this pattern possible for vanilla K8s named "Kamaji". Redhat started lately this approach with hypershift.

Looks promicing, wish u lot of success with the product.

This is not the case for us. Support is automatically enabled for all the accounts we create in our Organization. Not sure if this depends on company size though

I don't agree that this simple query wouldn't be as nice with boto3. But combining different services is definitely a nice feature, if you have the use case for it.

the fun part of that query is that it'll search across all regions that you have configured steampipe to use. If you did that in Python, you at the very least have to manually iterate over each region, handle pagination yourself and combine the results.

It gets much more convenient when you want to ask more complicated questions like "What is the most used instance type per region" or "How much EBS capacity do instances use across all regions, grouped by environment tag and disk type?"

I had great success with unit testing the lambda code and mocking external/aws services.

For serious software you want a proper local/unit test setup anyway. Using this in your dev cycles is just the natural next step. Instead of waiting for the cdk/cfn deploy to finish, which really is way too slow, you just execute 'jest' or whatever test framework you have.

Sure, figuring out how to mock everything takes some upfront time, but it pays off in the long run.

That is really not my experience at all. Every professional smaller team I worked with "usually" had this figured out and set up. In times of home office, no one wants to be at the office for just pressing a single button on some server.

Oh well, I guess experiences differ.

My experiences for ops is all pre-2012 and with teams numbering less than 3 for the whole org. So I’m sure things have changed or gotten cheaper? I can’t see a team of 3-4 having the budget to get something that allows them to be “lazy”, especially when that budget can go towards something useful. But I guess the pandemic probably changed things there?

Serial connections will only cost you a Raspberry Pi (there's probably some really cheap console servers on eBay too).

I don't think the issue is so much cost but more this kind of systems administration is becoming a forgotten art because 99% of the time modern tooling removes the need for it. So younger sysadmins are never taught how to do these kinds things. However when I started out, I worked in a few small companies that had their physical hosts connected to a console server (which was a Cisco device like a network switch) via serial cables and you'd then connect to that console server remotely.

Depends on the infra and how it’s set up.

If you can afford to have something down for an extended period then fine. But even with a small team some services are built such that certain device outages cannot be tolerated, at least for an extended period.

So out-of-band/console servers or whatever still make a lot of sense and a relatively high priority.

This sounds like a company I would never want to work for.

No one is positive and happy all the time and having to fake it "as a job requirement" sounds wrong on so many levels.

I don't know anything about coinbase, but you're taking the least-generous possible interpretation of this. A really simple re-statement is that your bearing has consequences for other people, and if you're having a shit day and feeling miserable, you can either conduct yourself in a manner that poisons everyone around you, or you can try to keep yourself together. "Positive energy" is, I'm guessing, one way to get at this idea, though it's not how I would frame it myself.

As an aside: I assume that you know this from your own life, and appreciate when people behave in a manner that cares for the emotional commons of wherever you are. Is your objection to it here the fact that it's a giant stupid company ostensibly trying to curate your feelings, and that's annoying and (probably) hypocritical? Or do you really object to the premise?

I’m sure you already know this, but don’t ever do sales.

Strong disagree, I did sales (I would like to think successfully) for a long time as someone who struggled with depression and anxiety, there's far more to it than just having a fake smile plastered on; people like those who can empathize with them, understand their needs, etc. and sometimes a no-bs straightforward approach talking pros and cons directly instead of a fake used-car salesmanesque over the top approach is far more effective.

I did non-commission sales for a while as well, and made no effort to appear more happy than I was. People appreciated my candor and knowledge, rather than being won over by my charm. I sold a lot of stuff, and there was even a time that a customer found out I wasn't in that day and decided to come back another day instead of dealing with anyone else, even knowing there were no commissions.

My proof that I did well at it was that management constantly told me I need to upsell more and tried to scare me into it, but at no point did they ever actually move to take me off the sales floor. They knew I did really well, even without their extra BS items to push.

The most successful salesperson I know has a pretty flat affect but knows her product super well and is excellent at needs analysis. There’s definitely a lot more to sales than glad handing people with a smile.

I was a successful retail and enterprise salesperson earlier in my career. I also suffer from lifelong depression.

I did not fake "happy happy joy joy," but I also did not allow self absorption to inject my mood into my business. My model is that sales is a career that involves having structured communications.

That was a lifesaver for me when feeling depressed, because I could focus on the structure of what needed to be accomplished rather than the unstructured touchy-feely business of "getting along with people."

I suggest that "YMMV." Salespeople are not all the same, and some break preconceptions and stereotypes hard while being successful at what they do.

That's something I find so fascinating. The "cloud" will almost always be more expensive and "not worth it" if you are only using the IaaS services. I mean, look at the numbers, everyone sees that.

Cloud only ever is worth it when one uses the higher-tier services, like AWS Lambda and the likes. Even running Kubernetes in the cloud is only semi worth it, because it's not high enough in the stack and still touches too many low-level IaaS services.

Of course, higher tier means more vendor lock-in and more knowledge required and all that. But if you are not willing to pay that price, then OVH, Hetzner and the likes will have better offerings for you.

the problem as many have already pointed out around this thread, is that, in an enterprise env. you cant really do that too much anymore. And as a result that starts being felt by non-enterprise shops too.

And you cant really do that because people dont really wanna deal with on-prem shit and server hostings

Tehnically speaking, i am rhcsa certified, i know how to do all of this on-prem, hybrid things. I dont even bother looking at job offers from companies that arent cloud based (even if i would get a 10-15% increase, or more if coming from the financial sector) because, i genuinely cant be arsed to deal with all that bullshit again.

I'm done with caring about disk space, and hw firewalls and configuring bs in linux. Fuck iptables, let me manage everything from a (network) security group. Fuck Traefik and F5 and all this bs, let me just plop an Application Gatway in Azure or API gateway in AWS. Fuck database clusters. At this point, i havent even configured an apache/nginx server in a couple of years. WebApps in Azure are more than fine; and for the rest K8s.

As a result, good "classic" sysadmins are a dying breed even at enterprise level. So they're even more rare and accessible for small/medium sized business. If i go to my IT dept. right now, i can guarantee 80% of them would be completely lost to setup and use an AD, AAD is just too convenient.

That basically leaves you with: move to cloud, or learn how to do all of these things by yourself. And those things take time (to learn and to manage)

It's like deciding to make apps with Perl. Can you do it? sure. But you'll probably have to do it on your own.

I guess there are more things to consider when choosing a software product then poor security defaults and that it feels expensive.

You are not the only one. Anecdotal, but I have seen far more unmaintainable, half-assed, 1000-line build.sh scripts than Ansible scripts.