With Terraform, you can specify when you’d like a resource applied. For example, using when = destroy , the following resource will only be run when that plan is targeted for a destroy:

data "external" "create_cluster" {
program = ["python3", "${path.module}/scripts/create_cluster.py"]
query = {
du_fqdn = var.cluster_fqdn
user = var.cluster_user
pw = var.cluster_password
tenant = var.cluster_tenant
region = var.cluster_region
cluster_name = var.cluster_name
k8s_api_fqdn = metal_reserved_ip_block.cluster_ip.address
allow_workloads_on_master = var.allow_workloads_on_master
}
}
resource "null_resource" "delete_cluster" {provisioner "local-exec" {
when = destroy
command = "printf '{\"du_fqdn\": \"${var..cluster_fqdn}\", \"user\": \"${var..cluster_user}\", \"pw\": \"${var..cluster_password}\", \"tenant\": \"${var..cluster_tenant}\", \"region\": \"${var..cluster_region}\", \"cluster_uuid\": \"${lookup(data.external.create_cluster.result, "cluster_id")}\"}' | python3 ${path.module}/scripts/delete_cluster.py"
environment = {
du_fqdn = var.cluster_fqdn
user = var.cluster_user
pw = var.cluster_password
tenant = var.cluster_tenant
region = var.cluster_region
cluster_uuid = lookup(data.external.create_cluster.result, …


I began building a service recently that will, upon user request, create a container (to provide said service, not a Container-as-a-Service-style workload), and then after 1–3 hours, terminate the container (taking the user’s session and local data away with it). The process for this required that I:

  1. Retrieve the container’s StartedAt timestamp
  2. Compare that timestamp to see if it’s been more than however long I’d like to limit a session to.
  3. If a container is over that limit, it is queued for being Stopped and then ultimate the image pruned (in a separate task)

The setup for the script looks something…


A couple weeks ago, I wrote about building a tool to make browser-based called to Congress using Twilio. A feature I had not yet implemented, but a useful one now that the app is online and potentially a target for someone trying to make calls to someone other than members of Congress (which uses up valuable compute resources and Twilio funds, which can impact the experience others may have using the app!) — the ability to validate the calls are going to who they say they are.

The way the app works is that you enter your zip code, and it returns, typically, a dialer object for your two US Senators and your US House Representative. So, for example, for 33026, it return Senators Rick Scott and Marco Rubio, and Congresswoman Debbie Wasserman-Schultz. …


I recently had occasion to begin creating proper releases for a few Python packages I’ve written, and have been relying on my project’s Makefile to to things like upload the package to PyPi, or tag the release in source control, and then cut a release from that tag locally — I thought I’d share what I’m doing in this fairly common use case, if you are new to make, rather than some of the more complex things you might be able to get done using it. …


Image for post
Image for post
Your leaders should be accessible to the public

In 2015, I wanted to build an app to provide a way for administrator of public networks (school, libraries, etc.) to provide a look-up and dial tool for members of congress and have it deployable on any target (comparatively low-power machines, or on a personal laptop, or wherever phone access or this information is inaccessible for whatever reason), as well as as a platform application, which we built using these concepts.

Twilio seemed like a natural solution for this. I recently re-architectured the application, mostly to bring it into compliance with the latest Twilio JavaScript tool, and to refresh some of the clunkier parts of the original application. …


Image for post
Image for post

My team was recently tasked with releasing our Terraform provider into the Hashicorp Terraform Registry, and on my own, I’ve packaged a lot of past Terraform work into modules for the registry. It’s a very straightforward process, but one that required a little bit of setup to get right because, as with everything Hashicorp does, it is done carefully and verifiably. The requirements, in this case, were that the commits in each release be signed, but so must the releases themselves, which is what I’m going to talk about here.

Let’s say we have a module, with a structure like the following, and named using the format terraform-${provider}-${package}


Image for post
Image for post

Last year, my team took on an effort to standardize our community and proof-of-concept repos to ensure they all had certain baseline characteristics (i.e. a description, well-linted READMEs, etc.) and could expand that automated ability from there. As big fans of Drone, we elected to make this part of the .drone.yml configuration, but this can be applied to the CI of your choice (and as has now been the case, been made templatable with Github Actions, or whatever repo automation may exist for your chosen git provider).

An example of this might be if we wish to enforce 4 things:

  1. A README that passed a markdown linting. …

A very common tool for many cloud providers is the ability to use cloud-init, and likewise in Terraform, the ability to apply a cloud-init script on provision to configure a host after deployment. Cloud-init also supports shells like Windows PowerShell, which, if your cloud provider supports Windows Server, can be used to configure your Windows Server hosts as well, in the same manner that you might for Linux or other unix-like distros.

Packet supports, both, Windows Server, and cloud-init with PowerShell support, so I’ll be using the Packet Terraform provider to complete the setup of a Windows Server 2016 host and configure the node with Docker, the Chocolatey package manager, and then complete an optional reboot in order to complete the Docker setup. …


I recently began developing on, and for Windows, and while I continue to develop my skills in Powershell and C#, I rely on my go-to language for most day-to-day automation, Python. I found that there were many marked differences between the experience of writing system programs for Unix-like systems, and for Windows, most of which I won’t go into in this post, but to highlight one that recently resulted in a little bit of poking around, writing Python packages and installing executable scripts via pip on Windows required becoming a bit more familiar with this part of the Python ecosystem.

Your typical Python package has a structure…


Recently, I had occasion to make use of AWS Polly, and using the boto3 Python client, I was able to put together a quick script to ingest text, and then save to a local mp3 file.

The aws CLI tool has the ability to do this:

However, I had a use case where I wanted some additional automation, and decided to put togehter the following steps into a script I would add to this pipeline. I also wanted to output this audio stream to a local file, rather than to, for example, an S3 bucket (again, for example, I may want to do further encoding, etc. …

About

Joseph D. Marhee

Systems Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store