Mostly Software

  • Monday

    • Private work.
    • Watched 5 more re:invent innovation talks (each an hour, 3x speed, so about 100min total – like watching a movie).
      • Amazon Inspector to scan stuff like lambdas ($0.30/mo/lambda), EC2 ($1.25/mo/instance), and ECR ($0.09/mo/image) for security vulnerabilities.
      • Talk from their new CISO. CBS -> MS -> Apple -> Capital One -> AWS.
      • Manufacturing. Remember Teamcenter from Siemens. PLM = product lifecycle management.
      • Storage optimization (lowlevel).
      • Gen AI among some aws partner companies.
      • AWS appfabric for saas interoperability.
      • Remember nitro (hypervisor) to abstract a lot of compute mgmt.
      • Firecracker is the lightweight virtualizer that backs lambda. Snapstart is the java-specific accelerator for java lambda functions.
      • Karpenter is aws’ cluster autoscaler for k8s (open source).
      • SOCI (seekable OCI) speeds up container launch by pulling and running the launch file(s) first while the rest of the image downloads.
    • 49ers now +300 favorites in superbowl futures. Loved reading everything today. Even all the generic NFL bases hating on the eagles. Getting exposed, no more ekes. Security guard up for permanent ban. Deebo backing up the trash talk. Redemption from last NFC championship. Hit on swift. Just a regular season game though, let’s get ready for playoffs.
    • It’s been 660 days (record) since >1″ snowfall in central park.
    • Thanksgiving. Good hs murder mystery ala scream, but with a pilgrim instead of ghostface (lol).
    • AWS SAM.
      • Remember it’s declarative. Define your end state.
      • It will create new resources if they don’t exist, and reuse existing resources if they’ve already been created (by SAM, by you manually, or otherwise).
      • In that sense, it abstracts the imperative actions. No changes to the template are necessary for new vs existing.
      • This also makes SAM deployments … reentrant.
      • CDK is more complicated and more capable than SAM, which is geared only to (simple) serverless apps. CDK can control all AWS resources. And you can write your stack in python/javascript (rather than yaml), so you can have all of the object-oriented benefit: dependencies, static analysis, dynamic behavior, etc. They both just compile to cloudformation templates anyway.
    • HP trivia.
    • Supercontest.
      • App is not a SPA (yet), and dynamically generates HTML app-side (EC2). I’ll leave that there. But js/css should be moved to s3, with a corresponding cicd pipeline. Created a ticket for that next.
      • Looked up some sam.yaml templates for Events section (trigger from sqs, eventbridge, etc). And some configuration parameters like timeout – all controllable from src with SAM.
      • Rather than generating an access key for an IAM user and copying that locally for aws CLIs, you can use IAM Identity Center in your IDE, like vscode.
      • Played with the vscode aws toolkit a decent amount.
      • In the vscode aws extension, there are a few roles. Builder ID gets you stuff like codecatalyst. But the bigger one, AWS Explorer (to see resources and such), is authed with IAM creds. I have one for supercontest (admin) and one for amplify-dev.
      • Installed sam on the macbook.
      • For the new sam lambdas:
        • Enabled xray tracing.
        • Did not enable cloudwatch application insights (costs extra).
        • Enabled logging in json format. This doesn’t directly cost extra, but it does make the logs a little larger, which costs a little extra.