SRE

by cb on Cloud, DevOps, SRE, VMware

Broadcom Does it Again

If you’re using any Bitnami images you need to be aware of the changes Bitnami is making to their community offering (and no, I’m not talking about the stunt they pulled last year to block so called unsecure images in their Helm charts coupled with the pull rate changes). On August 28th, 2025 you will only be able to pull images with the latest tag unless you subscribe to Bitnami Secure Images or switch to the bitnamilegacy repository (which will not receive updates and has no announced sunset date).

You can read more about the change here: https://github.com/bitnami/charts/issues/35164

Additionally, I asked ChatGPT deep research to do some digging on alternatives and migration strategies available here: https://chatgpt.com/s/dr_68835b1ba2e48191bd7f212dc55d5d91

I think the short is that unless your organization has the resources to fork Bitnami’s chart and container repositories and start maintaining these internally, you’d better switch to bitnamilegacy to prevent image pull issues that break your environments then pray the community steps in and forks these.

 
by cb on Automation, DevOps, Process Improvement, SRE, Terraform

Using Terraform to Manage DigitalOcean Resources

I am a fan of DigitalOcean. What they lack in breath of services they more than make up for with the ease of use, documentation, and tutorials. Last year, I overhauled this website to be driven by Ansible. This year, I want to take this automation to the next level. There are capability gaps using Ansible to create infrastructure that I’ve had to work around by doing some tasks manually or by writing custom scripts.

An example of this comes when trying to create a managed database cluster. Ansible cannot do this so I wrote a Python script to handle database management.

https://github.com/seaburr/WordPressOnDigitalOcean/tree/master/roles/database-server

I do not feel DigitalOcean should fill the gaps either. Why? Because Ansible is a configuration management tool that ensures resources are configured in a desired state. Infrastructure creation is not Ansible’s job. There are specific tools for infrastructure creation… Enter Terraform.

Terraform is a tool for defining providers (like DigitalOcean or AWS) and the resources (like droplets, load balancers, etc.) that your environment requires. Terraforms intent is to compare your infrastructure to your desired state and make corrections to bring your resources into compliance. It is a different concern from HOW the infrastructure is configured.

Over the next few months, I’m going to migrate infrastructure concerns out of Ansible and into Terraform. In fact, I’ve already got a POC to share.

https://github.com/seaburr/Terraform-On-DO

This repository defines the new standard for infrastructure that I am aiming for.

Here’s a simple mockup of the goal:

I did try to use the built-in graph functionality of Terraform to show this but it came out looking like this:

I’ve got boxes full of Pepe!

Anyways, it’s a work in progress. I’ve run into what I believe is a bug with the DigitalOcean Terraform provider and I’ve already raised a ticket with them to get resolved.

Next time, let’s actually learn something and dig into a resource and the provider configuration.