Mostly Software

  • Monday

    • Tons of private work.
    • Started HBO’s Chernobyl. Radioactivity is scary.
    • Supercontest. Fixed the email-all-picks apscheduler job in production. Tested with my email then fixed to production state.
    • Daylight savings shifts look good, but I’ll confirm this week as well.
    • kex_exchange_identification: read: Connection reset by peer
      • Had to reboot the EC2 instance (and did a sudo apt upgrade while at it).
    apt apt-utils cloud-init distro-info-data fwupd grub-efi-amd64-bin grub-efi-amd64-signed gzip libapt-pkg6.0 libfwupd2 libfwupdplugin5 libnss-systemd libpam-systemd libpython3-stdlib libsystemd0 libudev1 python3
    python3-distupgrade python3-distutils python3-gdbm python3-lib2to3 python3-minimal snapd sosreport sudo systemd systemd-sysv ubuntu-advantage-tools ubuntu-release-upgrader-core udev
    • Supercontest. Worked on the cicd a bit.
    • Created a private registry in ECR (in us-west-1 still).
    • Installed the aws cli (2.8.9) on my desktop (in wsl2 ubuntu).
    • Used the supercontest IAM user since it has admin access. Created an access key and aws configure for this profile. This dumps creds/defaults to ~/.aws
    • Then you can call ecr and other commands.
    • Example: aws ecr get-login-password takes your aws iam user’s secret key, converts to a temp auth token, and then you can pipe it to docker.
    • ECR gives you a docker registry address. Mine is 377205113385.dkr.ecr.us-west-1.amazonaws.com (regardless of IAM user pushing to it, that account ID is the same because it’s the AWS mahlstedt account.
    • Don’t tag in docker-compose file, just build a generic supercontest image, then test it, then tag before pushing (if successful).
    • A lot more commands and examples and stuff on https://gitlab.com/bmahlstedt/supercontest/-/issues/165. Basically docker login, build, test, tag, push.
    • Successful push: https://us-west-1.console.aws.amazon.com/ecr/repositories/private/377205113385/supercontest
    • Local says 1.8GB, ECR says 730MB.
    • The pull is easy, just specify the ECR repo in the docker-compose file. It will grab the prod image from aws and start a container locally. Fast. No wheel builds / reinstalls / etc.
    • You get some basic image scanning for free with ECR. Ran one on the current prod image. Lots:
    • Remember you COULD switch over to AWS for the git/cicd/etc stuff too. AWS has CodeCommit (source), CodeBuild, CodeDeploy, CodePipeline. Could replace gitlab/github. This is what the aws cli does for stuff like create-deployment.
    • Could also use cloudformation (like TerraForm, IaC) to define the stack, but it’s so simple (just single EC2 running docker compose running a few containers). Can add orchestration later.