what are you trying to accomplish

Question

< straight guitar 55156> what are you trying to accomplish

straight-guitar-55156 · Answer

Patching software updating software versions That would involve getting list of the hosts and what versions are running on them for the least

busy-umbrella-36067 · Answer

ok is this software running on ec2 or containers

straight-guitar-55156 · Answer

Mainly ec2

busy-umbrella-36067 · Answer

are these ec2 instances ephemeral

straight-guitar-55156 · Answer

There are bunch of software that are running on ec2 instances across multiple regions and accounts So I would wanna first get the list of all those hosts and list of all the software application kernel etc running on them and do software patching security updates Similar to dynamic inventory with Ansible

straight-guitar-55156 · Answer

Most of them aren t ephemeral a few of them are though

busy-umbrella-36067 · Answer

pulumi is more geared for ephemeral workloads thats how it lets you manage everything via code everything can be destroyed at anytime and recreated

busy-umbrella-36067 · Answer

a tool like `ansible` would be more suited to this usecase

busy-umbrella-36067 · Answer

you could write code that scans aws for ec2 instances and generates an inventory file

busy-umbrella-36067 · Answer

then have ansible consume that inventory file and perform update logic if necessary

busy-umbrella-36067 · Answer

edit I guess you could use pulumi to get the list of ec2 instances But then you still couldn t use it to check kernels and system resources Unless that stuff is tagged in AWS

straight-guitar-55156 · Answer

That s what we have currently in our system But as I was reading about Pulumi serving as Infrastructure as Code I was wondering if it also manages software upgrades or not We have a quite a number of ec2 instances that are ephemeral but about 50 aren t

busy-umbrella-36067 · Answer

Once you move to an architecture where you can just destroy the instance and replace it with a new AMI then pulumi would come in

busy-umbrella-36067 · Answer

or switch userdata to get ansible to pull a different git commit

straight-guitar-55156 · Answer

In that case how would it get me software version

straight-guitar-55156 · Answer

^ for ephemeral systems

busy-umbrella-36067 · Answer

it cant

busy-umbrella-36067 · Answer

pulumi cant ssh onto the ec2 box

busy-umbrella-36067 · Answer

if the ec2 instance is tagged with the application name or version it could do that

busy-umbrella-36067 · Answer

but that would imply those tags already exist which I assume they aren t

straight-guitar-55156 · Answer

Thank you so much < busy umbrella 36067> slightly smiling face