<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: rmayore</title>
    <description>The latest articles on DEV Community by rmayore (@rmayore).</description>
    <link>https://dev.to/rmayore</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1012725%2F6cd4da17-76b5-483b-8d17-9cb7319f8e3f.jpg</url>
      <title>DEV Community: rmayore</title>
      <link>https://dev.to/rmayore</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/rmayore"/>
    <language>en</language>
    <item>
      <title>05: Setup Email Microservice</title>
      <dc:creator>rmayore</dc:creator>
      <pubDate>Tue, 14 Feb 2023 03:00:51 +0000</pubDate>
      <link>https://dev.to/rmayore/05-setup-email-microservice-426k</link>
      <guid>https://dev.to/rmayore/05-setup-email-microservice-426k</guid>
      <description>&lt;p&gt;This felt like a natural starting point, with this being the most independent out of all the microservices. It can be built and deployed without other services running.&lt;/p&gt;

&lt;p&gt;I'm intending to use Spring &lt;a href="https://spring.io/batch/"&gt;Batch&lt;/a&gt; for this service paired with a &lt;a href="https://redis.io/"&gt;Redis&lt;/a&gt; db. &lt;/p&gt;

&lt;p&gt;For sending emails, I'll make use of Amazon Simple Email Service (SES). Later on, I'll also hook this up with our messaging solution of choice (Kafka, RabbitMQ).&lt;/p&gt;

&lt;p&gt;I'll be adding more info to this as I build the service.&lt;/p&gt;

</description>
      <category>spring</category>
      <category>redis</category>
    </item>
    <item>
      <title>04: Set Up Test Docker Registry</title>
      <dc:creator>rmayore</dc:creator>
      <pubDate>Sat, 11 Feb 2023 15:46:28 +0000</pubDate>
      <link>https://dev.to/rmayore/04-set-up-test-docker-registry-4a2m</link>
      <guid>https://dev.to/rmayore/04-set-up-test-docker-registry-4a2m</guid>
      <description>&lt;p&gt;The aim of this step is to set up a test container registry, so that when I start the dev work I have little to worry on the IAC side.&lt;/p&gt;

&lt;h2&gt;
  
  
  ✅ Create IAM Roles for ECR Access - &lt;a href="https://github.com/rmayore/FakeST-DevOps/pull/2" rel="noopener noreferrer"&gt;PR 2&lt;/a&gt;
&lt;/h2&gt;

&lt;p&gt;A Read Access role to be used by any application that will be pulling the images, with the below permissions:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;- ecr:GetAuthorizationToken,
- ecr:BatchCheckLayerAvailability,
- ecr:GetDownloadUrlForLayer,
- ecr:GetRepositoryPolicy,
- ecr:DescribeRepositories,
- ecr:ListImages,
- ecr:DescribeImages,
- ecr:BatchGetImage,
- ecr:GetLifecyclePolicy,
- ecr:GetLifecyclePolicyPreview,
- ecr:ListTagsForResource,
- ecr:DescribeImageScanFindings
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;A Read &amp;amp; Write role to be used by whatever agent that will be building the images, with the permissions:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;- ecr:GetAuthorizationToken,
- ecr:BatchCheckLayerAvailability,
- ecr:GetDownloadUrlForLayer,
- ecr:GetRepositoryPolicy,
- ecr:DescribeRepositories,
- ecr:ListImages,
- ecr:DescribeImages,
- ecr:BatchGetImage,
- ecr:GetLifecyclePolicy,
- ecr:GetLifecyclePolicyPreview,
- ecr:ListTagsForResource,
- ecr:DescribeImageScanFindings,
- ecr:PutImage,
- ecr:InitiateLayerUpload,
- ecr:UploadLayerPart,
- ecr:CompleteLayerUpload,
- ecr:DeleteRepository,
- ecr:BatchDeleteImage,
- ecr:SetRepositoryPolicy,
- ecr:DeleteRepositoryPolicy
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;I set these 2 roles with Pricipals as a wildcard (*) to be as permissive as possible, then later I'll figure out further restrictions.&lt;/p&gt;

&lt;h2&gt;
  
  
  ✅ Create a Test ECR Repo - &lt;a href="https://github.com/rmayore/FakeST-DevOps/pull/3" rel="noopener noreferrer"&gt;PR 3&lt;/a&gt;
&lt;/h2&gt;

&lt;p&gt;This proved a challenge as it's my first time working with Terragrunt, but I was able to get the dependencies (on the above roles) working for this module.&lt;/p&gt;

&lt;p&gt;I also checked on S3 and confirmed that out terragrunt remote state is working fine!&lt;/p&gt;

</description>
    </item>
    <item>
      <title>03: Setup...</title>
      <dc:creator>rmayore</dc:creator>
      <pubDate>Tue, 24 Jan 2023 03:38:10 +0000</pubDate>
      <link>https://dev.to/rmayore/03-setup-4075</link>
      <guid>https://dev.to/rmayore/03-setup-4075</guid>
      <description>&lt;h2&gt;
  
  
  ✅ Setup project on Clickup - &lt;a href="https://app.clickup.com/37389717/v/s/90090076933" rel="noopener noreferrer"&gt;link&lt;/a&gt;
&lt;/h2&gt;

&lt;p&gt;No trouble here.&lt;/p&gt;

&lt;h2&gt;
  
  
  ✅ Create AWS IAM account For project
&lt;/h2&gt;

&lt;p&gt;For this I created 2 Users;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;An Admin account with &lt;code&gt;AdministratorAccess&lt;/code&gt; permission, who will manage everything else (didn't wanna use the root account).&lt;/li&gt;
&lt;li&gt;A Terragrunt user that will provision all the resources, with the following permissions (for a start):

&lt;ol&gt;
&lt;li&gt;&lt;code&gt;AmazonS3FullAccess&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;AmazonEC2FullAccess&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;IAMFullAccess&lt;/code&gt;&lt;/li&gt;
&lt;/ol&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  ✅ Register Route53 domain for project
&lt;/h2&gt;

&lt;p&gt;No trouble here, though for this I had to message AWS customer care to enable my account to register a domain.&lt;/p&gt;

&lt;h2&gt;
  
  
  ✅ Set up Terragrunt for managing terraform remote state
&lt;/h2&gt;

&lt;p&gt;For now, we'll just add the &lt;code&gt;remote_state&lt;/code&gt; setting in our &lt;strong&gt;terragrunt.hcl&lt;/strong&gt; file: Link: &lt;a href="https://github.com/rmayore/FakeST-DevOps/pull/1" rel="noopener noreferrer"&gt;PR&lt;/a&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;remote_state {
  backend = "s3"
  config = {
    bucket  = "fake-st-terraform-state"
    key     = "${path_relative_to_include()}.tfstate"
    region  = "af-south-1"
    encrypt = true
  }
}
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



</description>
      <category>discuss</category>
    </item>
    <item>
      <title>02: The Product...</title>
      <dc:creator>rmayore</dc:creator>
      <pubDate>Sun, 22 Jan 2023 12:46:47 +0000</pubDate>
      <link>https://dev.to/rmayore/01-the-product-51m1</link>
      <guid>https://dev.to/rmayore/01-the-product-51m1</guid>
      <description>&lt;p&gt;We'll build an eShop for startup 'FakeST' that sells T-shirts with bespoke designs. So we are looking at a couple of services.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Client mobile app (android)&lt;/li&gt;
&lt;li&gt;Client web app (react, time permitting)&lt;/li&gt;
&lt;li&gt;API gateway (spring boot; web)&lt;/li&gt;
&lt;li&gt;Identity microservice (postgres, spring boot)&lt;/li&gt;
&lt;li&gt;Catalog microservice (postgres, spring boot)&lt;/li&gt;
&lt;li&gt;Ordering microservice(postgres, spring boot)&lt;/li&gt;
&lt;li&gt;Cart microservice(redis, spring boot)&lt;/li&gt;
&lt;li&gt;Payment microservice(postgres, spring boot)&lt;/li&gt;
&lt;li&gt;Email microservice (redis, spring boot; batch)&lt;/li&gt;
&lt;li&gt;Design Service (postgres, spring boot, S3)&lt;/li&gt;
&lt;li&gt;Event bus (RabbitMQ)&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;And on the OPs side,&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Gitops&lt;/li&gt;
&lt;li&gt;Image Registry&lt;/li&gt;
&lt;li&gt;Kubernetes&lt;/li&gt;
&lt;li&gt;Helm&lt;/li&gt;
&lt;li&gt;Istio&lt;/li&gt;
&lt;li&gt;Grafana &lt;/li&gt;
&lt;li&gt;Prometheus&lt;/li&gt;
&lt;li&gt;Loki&lt;/li&gt;
&lt;li&gt;Zipkin&lt;/li&gt;
&lt;li&gt;Backups&lt;/li&gt;
&lt;/ul&gt;

</description>
    </item>
    <item>
      <title>01: Build Tech For A Startup</title>
      <dc:creator>rmayore</dc:creator>
      <pubDate>Sun, 22 Jan 2023 11:20:01 +0000</pubDate>
      <link>https://dev.to/rmayore/build-tech-for-a-startup-35ep</link>
      <guid>https://dev.to/rmayore/build-tech-for-a-startup-35ep</guid>
      <description>&lt;p&gt;Not a real one though. For my first project of 2023, I will imagine a fake startup that builds a certain product, and build their whole infra from the ground up.&lt;/p&gt;

&lt;p&gt;I'll start with a micro-service backend and deploy everything to K8S clusters, in addition to supporting services such as build systems, databases, security, metrics, logging, tracing and alerting.&lt;/p&gt;

&lt;p&gt;My primary tools will be Github, Spring and AWS. I'll update with more as I progress.&lt;/p&gt;

</description>
    </item>
  </channel>
</rss>
