Category Archives: Uncategorized

CloudFormation’s Update-CfnStack and “No Updates Are To Be Performed”

If you use Cloudformation with Powershell – and I do – you’ve probably run into this error message more than once.

If you’re like me, you’ll have tried to suppress it in several ways. You’ve tried to check your own template for changes, avoiding the call if there are none. And you’ve probably fallen foul of tiny, insignificant differences that CloudFormation doesn’t care about. You’ve probably done the same with your parameters and hit similar problems.

You might even have taken to adding a timestamp to a harmless field of your template so that at least something has updated. At an unnamed previous company, we’d just add a comment to the end of a launchconfiguration’s powershell script, which was enough to force an update and suppress the error. You might even be fine with just ignoring the rain of red text.

In my current project, we can’t just ignore it, as we’re driving our templates out of Octopus Deploy. “No updates are to be performed” throws and aborts our pipeline, which is annoying. But we want to catch other, genuine error messages from Update-CfnStack.

So what to do?

Well, turns out this is an object lesson in correct use of try/catch.

Continue reading →

Introducing StatusCakeDSC

I recently published a new open source PowerShell project for creating StatusCake checks and contact groups, called – logically enough – StatusCakeDSC.

If you use StatusCake, and you do Infrastructure as Code, then you may be thankful for a nice declarative way to define and manage your checks and groups. For PowerShell users like myself, that declarative syntax is generally DSC.

I happen to use StatusCake for my personal projects, which I’ve been modernising a little of late, and I figured I should just build and publish a nice little DSC resource to do what I need done. The syntax of it is pretty simple, it’s like pretty much every other DSC resource you’ve ever seen. Look

configuration StatusCakeExample
{
    Import-DscResource -ModuleName StatusCakeDSC
    node(hostname)
    {
        StatusCakeTest MyTest
        {
            Name = "D.Evops.co"
            Ensure = "Present"
            URL = "http://d.evops.co/"
            Paused = $true
            CheckRate = 50
        }

        StatusCakeContactGroup MyGroup
        {
            Ensure = "Present"
            GroupName = "My simple Contact Group"
            Email = @("test@test.com", "test2@test.com")
            PingUrl = "http://d.evops.co/ping"
        }
    }
}

StatusCakeExample -outputpath $env:tmp\StatusCake

Start-DscConfiguration -Path $env:tmp\StatusCake -Verbose -Wait -Force

That example creates a test and a contact group. There are more examples over at the repo. There’s also a simple install script, and a little further down the line there’ll be an Octopus Deploy step template and maybe some other goodies.

It’s not production-perfect, but it certainly does the basics. I’ll probably declare it ready in a week or two, at which point I’ll publish it as a package and maybe even wrap it in Chocolatey or PowerShellGet to make it even easier to install. Do feel free to let me know if it’s useful, and drop in PRs if you spot bugs or gaps.

Getting Docker up and running on Windows (the long way round)

OK, So Docker Native is available for Windows, and in the wake of NDC Sydney I figured it was about time I got properly started with it. But getting it up and running wasn’t easy.

The installation, actually, was a breeze, with a reboot or two to get Hyper-V working on my laptop. But come time to run hello-world, there were problems.

Network timed out while trying to connect to https://index.docker.io/v1/repositories/library/hello-world/images. You may want to check your internet connection or if you are behind a proxy.

OK, that’s bad. It suggests networking is broken. So, after a cursory inspection of my Hyper-V settings (everything looked OK), it was off to the internet. I found this article, which talks through setting up the beta version. Pretty good, but no dice.

Continue reading →

Using PowerShell to extract and report on AWS CloudWatch Metrics

Here at Planet Domain we have a lot of day to day challenges in performance and cost management.

We built a fantastic CD pipeline that allows our developers to rapidly spin up new infrastructure, enabling them to quickly build, test and deploy new features with minimal assistance from the Ops team.

Unfortunately, it also allows our developers to rapidly spin up new infrastructure than then lays idle for the greater part of the day, sucking money out of budget that could otherwise be used on beer, pizza and Xbox accessories.

Now, Cloudwatch is great, but it does tend to involve a lot of clicky-clicky mouse-movey, clicky-clicky stuff in the AWS console. And once you’ve got a lot of points to monitor, the graphs become unreadable. And the filtering options are sometimes finnicky, and it’s not easy to automate things like CloudWatch Dashboards using CloudFormation.

So to get a report on average CPU utilization across our AWS Autoscaling Groups, I turned to PowerShell. Continue reading →

NDC Sydney and other various things

I almost forgot to mention. I’ll be speaking at NDC Sydney in August 2016 on the topic of Windows Automation, Continuous Delivery, PowerShell, Robots and World Domination.

The speaker line-up is kind of stellar and this will, I guess, be the highest profile tech conference at which I’ve spoken thus far. I promise to rehearse deeply and not get distracted about trivia such as which idiom in which one should code.

I will be sharing the stage with Fabien Ruffin, who is also speaking at the Sydney AWS Summit on the topic of New Relic. I will be an wandering around that conference and asking people awkward questions while probably sporting a purple hair-dye job and generally making a nuisance of myself while people try to extract sensible answers about Windows workloads in the AWS Cloud.

I will also be around the Sydney DevOps and Cloud meetup scene a bit in the next few months, discussing Windows, Cloud and Automation stuff in-between moments of objectionable surliness and plugging my NDC session.

You have been warned.

.NET Deployment Strategies: The good, the bad, and the ugly

Damian Brady did this excellent talk at NDC London a while ago. It’s a bloody excellent talk in general, and it obliquely mentions some little classifieds company from Sydney who do some things with Continuous Deployment and Teh Cloud and stuff. I thoroughly recommend this. All of it.

.NET Deployment Strategies: the Good, the Bad, and the Ugly – Damian Brady from NDC Conferences on Vimeo.

Introducing xScheduledTaskDSC

So I was hunting round on the web the other day, trying to find a DSC resource which can create and manage Scheduled Tasks on Windows Server 2012. Unfortunately, my searching came up blank. There seemed to be no way of easily managing Scheduled Tasks and Jobs using Desired State Configuration.

So I wrote one.

ScheduledTaskDSC is a public project on GitHub. At the moment, it contains one resource, xScheduledTaskDSC, which can create simple Task Scheduler items, detect and correct configuration drift* and remove unwanted tasks.

At the moment, it’s just good enough for my use case (which is creating simple tasks on transient cloud instances via Octopus Deploy), but I want to expand it significantly to support more scenarios, and maybe add resources for Actions and Triggers, allowing for more complex task creation and management, as well as finishing off some Pester tests on it. But that’s for the future.

For now, feel free to take a look, have a play around with it, suggest or write improvements and send me pull requests. All PRs are considered. Have at it, kids.

 

* drift correction is limited at the time of writing. It detects a subset of drift, and will simply kill broken tasks and recreate them with correct parameters. I’m currently working on more subtle drift correction.

Note: 7 Feb 2016: Carbon includes a Scheduled Task DSC resource, however you need to pass in a chunk of XML. I have been a bit vocal about XML in the past, but Carbon may well do the job for you if you have an XML chunk from, say, schtasks.exe. 

My favourite Cmdlet of the moment: Get-IAMAccountAlias

In common with many AWS Users at large organisations, I work across a number of AWS Accounts. We silo our “sandbox” experimental environments from our gold production environment by putting them in different accounts. We silo different parts of the business into separate accounts. I also have my own personal account registered in Powershell using AWS Stored Credentials, and we just opened two new accounts for a new business unit we’re about to onboard and migrate.

So I have a lot of accounts to work with. So it can be useful to know which one you’re authenticating to at any given time. And that’s why my favourite Cmdlet this week is

Get-IAMAccountAlias

All our accounts have easy to remember aliases, and I use them when I store credentials using Set-AWSCredentials. If I happen to forget which powershell session is running against what acccount, I just hit up Get-IAMAccountAlias, and doubt is dispelled (and, occasionally, I save myself from provisioning or deleting resources in the wrong account).

If you have multiple AWS accounts, you need to know about this one.

October 19th Blog Update

I’ve put out some more Pester content, this time over at the Domain Tech Blog, on how we continuously test our PowerShell code using Pester and OctopusDeploy.

If you’re reading this blog post, then obviously you know that the Domain Name has changed. Formerly on devops.fixt.co, we’re now on d.evops.co – which is a cooler name, if anything.

The Sydney PowerShell User Group is having our first meeting, at Domain’s Office, 55 Pyrmont Street, in late November. RSVP via Meetup.com. I’ll be talking about Pester, m’colleague Kirk will likely be talking about git and why ops guys need it, and Ben Hodge will be talking about DSC.

I’ll be speaking on Domain’s experiences with DevOps at the Sydney DevOps meetup. TBC, but I think November

I’m currently moving house, so my tweets and posts might be a bit sporadic. Of course, when aren’t they? More will follow once I have a little downtime.

 

Devops.fixt.co is MOVING

This blog is moving, imminently. Yes, Short notice, but that’s how the Devops world works. We move fast and we’re not afraid to break shit.

From now on, this blog will be on http://d.evops.co/

If you subscribe to this blog, update your feed reader. The new owners of fixt.co have kindly agreed to put in a redirect for a while, so existing links should get here, but that may not last for ever. Do look out for these guys, they’re doing innovative things in their space.