This message was deleted.
# platform-toolboxs
Slackbot
06/27/2023, 3:19 PMThis message was deleted.
a
Andrew Fong
06/27/2023, 3:49 PMthis resonates. We looked at crossplane as a building block and nix’ed immediately for many of the reasons outlined.
a
Adarsh Shah
06/27/2023, 4:22 PMGreat writeup Matt. I also really like the Plan, Approve, Apply flow of Terraform specially in cases where some of the resources get recreated. I would consider “not being able see the Plan before the changes get applied for infrastructure” as one of the challenges with Crossplane. I know auto reconcile is what is appealing about k8s but it should have an option to see the plan before the changes get applied in case of infra.
a
Andrew Fong
06/27/2023, 4:25 PMwe are building plan approve apply deploy code into a single workflow at prodvana.io - ie manage your infra and deploy in a single workflow
m
Matt Gowie
06/27/2023, 4:51 PMYeah, it is interesting because in a lot of cases, we want to skip the plan/approve/apply workflow because it is not necessary and we want true GitOps CD. But for critical infra like databases and similar, we still find value in the plan/approve/apply. It's sadly another situation where "It depends" is the answer.
Matt Gowie
06/27/2023, 4:51 PMDidn't know Prodvana was building infra management! Good to know, will be excited to see that launch and check it out when it's live @Andrew Fong 👍
a
Adarsh Shah
06/27/2023, 6:03 PMAndrew, Glad to know you are building a solution for that. We built an open source solution for that too.
Adarsh Shah
06/27/2023, 6:03 PMMatt, Yup agreed. It depends but there should be an option.
Adarsh Shah
06/27/2023, 6:05 PMOur open source solution brings the best of both worlds (TF & k8s) and has the optional plan, approve, apply flow. Here is our architecture. https://docs.cloudknit.io/concepts/architectural_overview/
a
Andrés Botero
06/27/2023, 8:14 PMWe tried ACK, but it was still missing things. We had been working with Flux for 2+ years, and we had everything else with Terraform, so the natural step for us was to use Weaveworks Terraform Controller. So we now have both things with GitOps
r
Romaric Philogène
06/28/2023, 7:56 AMcc @Pierre Mavro
m
Matt Gowie
06/28/2023, 10:46 PM@Andrés Botero mind sharing more on your TF-Controller usage? How are you liking it? Are you running infra in production with it? Any downsides or big features you're looking into?
We're actively building on it now and I'm still very interested in hearing about other's usage and what they're running into.
a
Andrés Botero
07/11/2023, 1:41 AMMy apologies. I could have sworn I had already answered this.
To answer your inquiries, @Matt Gowie:
• We're liking it thus far.
• Yes, we are running some infrastructure in Production. We haven't fully migrated everything to use the Controller. So far with it we handle DynamoDB, SQS, API Gateways, Lambdas, ECR, Elasticache, S3, OpenSearch and I think that's it. We still do not handle our RDS with it; I'm still a bit scared of losing it all. Other stuff we can recreate.
• Downsides? Still haven't had truly unmanageable case, so not sure. I'm scared of RDS getting deleted without backup on whatever error, so instructed the team to not migrate that to the Controller just yet.
• Features? Not really. We use Terraform to handle other things like PostgreSQL user permissions or Kafka topics, so this Controller helped us consolidate our GitOps plans even better.
I think that's it. Let me know if something else intrigues you.
m
Matt Gowie
07/14/2023, 3:54 AM@Andrés Botero awesome — thanks for the info! I will be sure to follow up if anything else comes to mind!
16 Views