Skip to main content

DigitalOcean droplet provisioning with Pulumi

The snowflake VM I run my experiments on has a serious flaw. I can't remember what I have installed there. It is embarrassing as some essential services to me run there.

As an enterprisey developer, my attention draws naturally towards IaC solutions for this particular memory issue. The code of the experimentations is in git, so why not the infra. Some would say it is a major overkill since we are talking literally about one domain running on the puniest DigitalOcean droplet. I say I have a weekend to spare on silly stuff.


The easiest choice is to write some Terraform. Yet come to think of it, is it still an obvious pick in 2022? I've never written anything too complex with it but having heard so much backlash against Terraform language, is it time for something new? The answer turns out to be a yes.


The IaC solution for me in 2022 is Pulumi. It has a catchy name, a base for a good dad joke for a Finn. Besides that, Pulumi has some attractive qualities to it.


  • It is declarative
  • I can write the code in TS or Go
  • I can store the state for free in their service


The actual Pulumi code is super simple in my case. I struggled somewhat with how to pass configs stored in Pulumi around. Here is a snippet of how to do that for a user data script (yes, this is old-school stuff)


Labels:

Comments

Post a Comment

Popular posts from this blog

I'm not a passionate developer

A family friend of mine is an airlane pilot. A dream job for most, right? As a child, I certainly thought so. Now that I can have grown-up talks with him, I have discovered a more accurate description of his profession. He says that the truth about the job is that it is boring. To me, that is not that surprising. Airplanes are cool and all, but when you are in the middle of the Atlantic sitting next to the colleague you have been talking to past five years, how stimulating can that be? When he says the job is boring, it is not a bad kind of boring. It is a very specific boring. The "boring" you would want as a passenger. Uneventful.  Yet, he loves his job. According to him, an experienced pilot is most pleased when each and every tiny thing in the flight plan - goes according to plan. Passengers in the cabin of an expert pilot sit in the comfort of not even noticing who is flying. As someone employed in a field where being boring is not exactly in high demand, this sounds pro...
Post a Comment
Read more

PydanticAI + evals + LiteLLM pipeline

I gave a tech talk at a Python meetup titled "Overengineering an LLM pipeline". It's based on my experiences of building production-grade stuff with LLMs I'm not sure how overengineered it actually turned out. Experimental would be a better term as it is using PydanticAI graphs library, which is in its very early stages as of writing this, although arguably already better than some of the pipeline libraries. Anyway, here is a link to it. It is a CLI poker app where you play one hand against an LLM. The LLM (theoretically) gets better with a self-correcting mechanism based on the evaluation score from another LLM. It uses the annotated past games as an additional context to potentially improve its decision-making. https://github.com/juho-y/archipylago-poker
Post a Comment
Read more

Careful with externalTrafficPolicy

On a project I am working on is hosted in an EKS cluster with the NGINX ingress controller (the one maintained by Kubernetes). It is deployed using it's official official Helm chart, which I realized, after a lengthy debugging session, was a mistake. The initial setup I aimed to improve had several flaws. Firstly, we were using the AWS Classic Load Balancer in front of the nginx ingress in the cluster, which has been deprecated for some time (years?). Continuing to use it makes little sense to us. The second issue was that we were only running one(!) nginx pod, which is quite sketchy since the exposed web services had essentially no high availability.  I switched to the Network Load Balancer (NLB), which was straightforward - I just needed to change the ingress-nginx service annotation to specify the load balancer type as NLB: service.beta.kubernetes.io/aws-load-balancer-type: nlb However, increasing the replica count turned out to be tricky. When I bumped it up to two, I began to ...
Post a Comment
Read more