https://pulumi.com logo
c

creamy-potato-29402

09/02/2018, 6:22 PM
@boundless-monkey-50243 FWIW I worry about that too, which is why the first rev of the k8s Helm/YAML classes were actually pure functions. @white-balloon-205 then yelled at me for this ( 🙂 ) and now we have classes.
b

boundless-monkey-50243

09/02/2018, 6:47 PM
(Objects, poor man's closures, closures, poor man's objects, etc)
I think there's a good argument for internal resources to be classes, even if it's a little weird (I haven't looked at the code yet but I'm guessing it'll make me a middle nervous). I mostly worry about it from a "me" perspective, building external/compositional resources out of base resources.
c

creamy-potato-29402

09/02/2018, 6:48 PM
The thing that makes me nervous is I still don’t really understand how to use classes. 🙂
most of our external-facing aggregated classes extend
ComponentResource
which is a class meant to be a semantically link a bunch of custom resource.
For example
k8s.helm.Chart
is a component resource, combining all resources found in a Kubernetes chart.
b

boundless-monkey-50243

09/02/2018, 6:59 PM
I should look at that in depth. I haven't done more than skim the internals.
c

creamy-potato-29402

09/02/2018, 7:01 PM
@boundless-monkey-50243 the main advantage is that they are rendered in the CLI like this: https://asciinema.org/a/199188?speed=7&loop=1&autoplay=1
which is nice.
i.e., nested
b

boundless-monkey-50243

09/02/2018, 7:03 PM
That makes sense
I come from a developer background, but I've been a DevOps consultant long enough to be extremely worried about giving ops types something too code-ish. But, at that same time, I go literally insane writing Terraform, so there is tension there
c

creamy-potato-29402

09/02/2018, 7:04 PM
@boundless-monkey-50243 say more! I have been thinking of writing a set of babel extensions that restricts JS to a TF-like subset.
Then, if you want to switch to JS later, you can just flip the switch.
What do you think of that idea?
b

boundless-monkey-50243

09/02/2018, 7:05 PM
Hmm. My initial thought is "that makes me nervous." I mean, I think the real answer is "people who can't code can't do this job anymore".
Which is hard but I think it is probably true
c

creamy-potato-29402

09/02/2018, 7:06 PM
What makes you nervous about it?
I was thinking it might a nice compromise. Give the ops team the pure subset of javascript, use JS for yourself.
b

boundless-monkey-50243

09/02/2018, 7:07 PM
I tend to think that folks who can't code are already going to write bad Terraform/restricted-JS.
c

creamy-potato-29402

09/02/2018, 7:07 PM
you’re probably right.
b

boundless-monkey-50243

09/02/2018, 7:07 PM
Example: your restricted subset probably should have something like lodash.range
How does that get explained/surfaced? That sort of thing.
c

creamy-potato-29402

09/02/2018, 7:08 PM
It could be configurable
it’s just a set of extensions that disable various features
b

boundless-monkey-50243

09/02/2018, 7:09 PM
I get that - it's more that, like, Terraform tried to restrict people and they are furiously backpedaling. "HCL is fine but we're going to just...fix...these things that we made endemic to using HCL over a programming language..."
I think you end up having to ask questions like "does restricted-JS allow...well...
if
?
c

creamy-potato-29402

09/02/2018, 7:10 PM
That’s true, but that’s why I like the subset approach. If you get annoyed just turn off the extension and it turns into JS.
Unlike HCL which now has the highly unenviable task of becoming a real language.
b

boundless-monkey-50243

09/02/2018, 7:11 PM
I think you then get arguments between people like me and people who, tbh, probably lack the skill set needed to do this stuff in a modern environment (and that Pulumi probably won't get traction in legacy ones).
Are you a C++ programmer, by any chance?
'Cause now I'm remembering The Fights About Templates. ;)
c

creamy-potato-29402

09/02/2018, 7:12 PM
The only experience I have with C++ is that I wrote about 80% of the code to make Mesos work on Windows
I feel like I don’t really know anything about C++ lol
b

boundless-monkey-50243

09/02/2018, 7:13 PM
Mesos. Woof
c

creamy-potato-29402

09/02/2018, 7:13 PM
Once it was the new hotness.
b

boundless-monkey-50243

09/02/2018, 7:13 PM
I know. I got a book offer because I wrote two blog posts about standing it up in Vagrant
That was when I knew that...hmm...maybe a little bit rocky...
c

creamy-potato-29402

09/02/2018, 7:14 PM
People used to go down the top contrib list and ask people on it to write books.
b

boundless-monkey-50243

09/02/2018, 7:14 PM
But yeah, when you make a configurable language, I think you just create arguments about what flags go on
I don't and won't use Babel for that reason
c

creamy-potato-29402

09/02/2018, 7:15 PM
I still think that if your problem looks like an honest-to-god scheduling problem, like you need to schedule so that you don’t thrash your disk, you don’t really have another choice but Mesos. K8s certainly is not there.
Yeah, that makes sense.
b

boundless-monkey-50243

09/02/2018, 7:15 PM
TypeScript, strict mode, no arguments, done.
c

creamy-potato-29402

09/02/2018, 7:15 PM
yeah me too pretty much
but then, I would also never use naked JS if I had a choice. 😉
b

boundless-monkey-50243

09/02/2018, 7:16 PM
S A M E
I wrote https://edboxes.com/tasktbotjs.html and it pained me that a bunch of people were like "but what about JavaScript?"
c

creamy-potato-29402

09/02/2018, 7:17 PM
this is why we auto-load TS. People can write JS and not even know they’re using TS lol
b

boundless-monkey-50243

09/02/2018, 7:17 PM
"Remove all the types and you're done"
c

creamy-potato-29402

09/02/2018, 7:18 PM
well anyway thanks for the feedback
you imght be right that we should focus on the growth area of developers who ops
b

boundless-monkey-50243

09/02/2018, 7:21 PM
IMO that is the growth area.
Until I took a FT job a couple weeks ago I ran a consultancy
There are two groups of people I have run into in my travels
The first are effectively clicky sysadmins pressganged into "the cloud"
(Aside: Azure seems designed for this audience. We use Azure. Cue sigh.)
The second are either old-school Perl-slingers or developers who fell into automaton and "devops"
c

creamy-potato-29402

09/02/2018, 7:25 PM
hmmmm interesting.
b

boundless-monkey-50243

09/02/2018, 7:25 PM
The former are...in a way it reminds me of, like, late-2000s .net (disclaimer: former Mono guy) - if it's not from The Provider it is suspicious and wrong. Even Terraform has trouble getting into those shops. They're still hand-writing JSON.
c

creamy-potato-29402

09/02/2018, 7:29 PM
That’s interesting. I will be curious to see how that audience changes as Kubernetes continues to take hold.
b

boundless-monkey-50243

09/02/2018, 7:30 PM
I think k8s is gonna hit the HCL problem, tbh
c

creamy-potato-29402

09/02/2018, 7:30 PM
which problem?
b

boundless-monkey-50243

09/02/2018, 7:30 PM
YAML Ain't Mcomplex Lenough
I regularly want better interpolation or a for loop when generating k8s YAML
c

creamy-potato-29402

09/02/2018, 7:31 PM
It already has. I come from a company called Heptio, which was founded by the founders of Kubernetes. One of the things that drew me to Pulumi is that I think the community tends to focus on very complex features when the vast majority of users trip over extremely simple things.
b

boundless-monkey-50243

09/02/2018, 7:32 PM
Yeah, totally.
c

creamy-potato-29402

09/02/2018, 7:32 PM
So like, you update your nginx config, and update
ConfigMap
. You’d expect all `Deployment`s referencing that to do a rollout. But they don’t. They just sit ther.e
Stuff like: literally how do I know if my rollout succeeded.
b

boundless-monkey-50243

09/02/2018, 7:33 PM
My beefs with Terraform are at the high and the low. At the high end, I don't trust how they build software. At the low, I just want a bleeping for loop
Which is weird, it's usually one or the other
c

creamy-potato-29402

09/02/2018, 7:33 PM
lol
They care about workflows
I respect that. I don’t want it in my workflow though.
b

boundless-monkey-50243

09/02/2018, 7:36 PM
They care about prescribing workflows, imo
The best thing they ever did was Vagrant and (as a partially reconstructed Ruby snob) being able to do literally a million things with Vagrant is why
c

creamy-potato-29402

09/02/2018, 7:37 PM
Vault!
I like vault.
b

boundless-monkey-50243

09/02/2018, 7:39 PM
I don't trust the way Hashicorp develops software enough to run Vault if I can at all avoid it.
AWS Parameter Store or Azure Key Vault + Teleport basically take care of things for me
c

creamy-potato-29402

09/02/2018, 7:39 PM
Hmm, interesting, say more
can take to DM if you want, I’m just curious as an engineer.
I’ve always had an image of HC as being canny, shrewd engineers with good taste.
whose opinions I very much disagree with. 🙂
b

boundless-monkey-50243

09/02/2018, 7:43 PM
I mean, I've said it publicly elsewhere before. Mitchell has read it. I like him as a person a lot
My ops philosophy is "you can not have features but you must never break"
Terraform has had, like, replicable race conditions that would frag your state
c

creamy-potato-29402

09/02/2018, 7:44 PM
terrifying.
what were they
b

boundless-monkey-50243

09/02/2018, 7:44 PM
You would just have resources erased from your state if a resource that took too long to create failed late
(SNS topics, among others)
c

creamy-potato-29402

09/02/2018, 7:45 PM
I wrote our Kubernetes provider from scratch, and these are issues I am utterly, utterly terrified of
so you think they’re not careful?
b

boundless-monkey-50243

09/02/2018, 7:46 PM
Or like...in a patch release, they changed a validator for an AWS security group name in such a way that 1) was incorrect as per AWS, but 2) rendered invalid existing states
You literally could not read an existing state.
I think they're not careful and I think they don't ask the right questions. Knowing Cyrus directly and Matt and Joe by reputation, I do not have the same concerns here. ;)
c

creamy-potato-29402

09/02/2018, 7:47 PM
ah.
yes they are the real deal
b

boundless-monkey-50243

09/02/2018, 7:50 PM
Yeah - I feel very good using Pulumi so far
Usually there is a least-bad argument but the stuff I've filed issues about are minor
c

creamy-potato-29402

09/02/2018, 7:50 PM
we will screw things up though, at some point… for example the kubernetes stuff is just now emerging from nascency
but we do try to be careful
b

boundless-monkey-50243

09/02/2018, 7:51 PM
I'm sure - everyone does
c

creamy-potato-29402

09/02/2018, 7:51 PM
hopefully nothing like that, though… that’s terrifying.
b

boundless-monkey-50243

09/02/2018, 7:51 PM
It's mostly how you recover imo
I have a reasonably high level of confidence that I will not find three separate companies who invented a profane portmeanteau about what Pulumi does to their state