Project Description

We would like to create a single interface for teams to manage our cloud governance.

We currently provide landing zones for AWS, GCP, and Azure, but in providing them, we’re becoming a central bottleneck, as most changes need to go through us. For our cloud usage to grow, we need to improve our processes, and delegate some responsibility when needed, especially in tasks where we’re not the subject-matter experts. We hope to empower everyone, including non-technical employees, to claim ownership over the processes that matter to them, and strengthen our current offerings.

Goal for this Hack Week

One of the major areas for improvement is the processes around tag maintenance. We use tags to manage account ownership, contact information, billing, alerting, and more. Because they’re a central part in our environments, we need to treat them as first-class citizens and ensure they’re always up-to-date. Our current setup setup isn't sufficient: we manage them in four separate repositories (change risk) and cannot easily allow non-technical employees to make changes.

This project was born out of our centralization efforts, a hope that we could manage our tags with care, and the desire to make a solid foundation for our governance to grow.

There is much we would like to accomplish, but here are the scoped tasks for Hack Week 21:

To collect cloud tags for cloud providers (starting with AWS).
To allow users to edit tags.
To detect tag drift (notifications when the tags aren’t what they should be).
To have Okta manage users/groups with SCIM.

In last year’s Hack Week, we experimented with a similar concept, but it covered cloud costs. This year, we took the lessons learned, and used parts of it to start our new project. You can view last year’s efforts at our GitHub project.

Resources

Project Skyscraper’s design RFC: https://github.com/suse-skyscraper/rfc/pull/2
Project Skyscraper’s server: https://github.com/suse-skyscraper/skyscraper
Project Skyscraper’s helm charts: https://github.com/suse-skyscraper/skyscraper-helm-charts

Join this project Leave this project

Looking for hackers with the skills:

kubernetes golang angular aws azure gcp

This project is part of:

Hack Week 21

Activity

almost 3 years ago: tmuntan1 joined this project.

almost 3 years ago: RicardoFelipeKlein started this project.

almost 3 years ago: RicardoFelipeKlein liked this project.

almost 3 years ago: tmuntan1 added keyword "kubernetes" to this project.

almost 3 years ago: tmuntan1 added keyword "golang" to this project.

almost 3 years ago: tmuntan1 added keyword "angular" to this project.

almost 3 years ago: tmuntan1 added keyword "aws" to this project.

almost 3 years ago: tmuntan1 added keyword "azure" to this project.

almost 3 years ago: tmuntan1 added keyword "gcp" to this project.

almost 3 years ago: tmuntan1 originated this project.

Comments

Be the first to comment!

Similar Projects

kubernetes

Harvester Packer Plugin by mrohrich

Description

Hashicorp Packer is an automation tool that allows automatic customized VM image builds - assuming the user has a virtualization tool at their disposal. To make use of Harvester as such a virtualization tool a plugin for Packer needs to be written. With this plugin users could make use of their Harvester cluster to build customized VM images, something they likely want to do if they have a Harvester cluster.

Goals

Write a Packer plugin bridging the gap between Harvester and Packer. Users should be able to create customized VM images using Packer and Harvester with no need to utilize another virtualization platform.

Resources

Hashicorp documentation for building custom plugins for Packer https://developer.hashicorp.com/packer/docs/plugins/creation/custom-builders

Source repository of the Harvester Packer plugin https://github.com/m-ildefons/harvester-packer-plugin

Install Uyuni on Kubernetes in cloud-native way by cbosdonnat

Description

For now installing Uyuni on Kubernetes requires running mgradm on a cluster node... which is not what users would do in the Kubernetes world. The idea is to implement an installation based only on helm charts and probably an operator.

Goals

Install Uyuni from Rancher UI.

Resources

mgradm code: https://github.com/uyuni-project/uyuni-tools
Uyuni operator: https://github.com/cbosdo/uyuni-operator

Metrics Server viewer for Kubernetes by bkampen

This project is finished please visit the github repo below for the tool.

Description

Build a CLI tools which can visualize Kubernetes metrics from the metrics-server, so you're able to watch these without installing Prometheus and Grafana on a cluster.

Goals

Learn more about metrics-server
Learn more about the inner workings of Kubernetes.
Learn more about Go

Resources

https://github.com/bvankampen/metrics-viewer

Integrate Backstage with Rancher Manager by nwmacd

Description

Backstage (backstage.io) is an open-source, CNCF project that allows you to create your own developer portal. There are many plugins for Backstage.

This could be a great compliment to Rancher Manager.

Goals

Learn and experiment with Backstage and look at how this could be integrated with Rancher Manager. Goal is to have some kind of integration completed in this Hack week.

Progress

Screen shot of home page at the end of Hackweek:

Day One

Got Backstage running locally, understanding configuration with HTTPs.
Got Backstage embedded in an IFRAME inside of Rancher
Added content into the software catalog (see: https://backstage.io/docs/features/techdocs/getting-started/)
Understood more about the entity model

Day Two

Connected Backstage to the Rancher local cluster and configured the Kubernetes plugin.
Created Rancher theme to make the light theme more consistent with Rancher

Days Three and Day Four

Created two backend plugins for Backstage:
1. Catalog Entity Provider - this imports users from Rancher into Backstage
2. Auth Provider - uses the proxied sign-in pattern to check the Rancher session cookie, to user that to authenticate the user with Rancher and then log them into Backstage by connecting this to the imported User entity from the catalog entity provider plugin.
With this in place, you can single-sign-on between Rancher and Backstage when it is deployed within Rancher. Note this is only when running locally for development at present

Day Five

Start to build out a production deployment for all of the above
Made some progress, but hit issues with the authentication and proxying when running proxied within Rancher, which needs further investigation

Learn enough Golang and hack on CoreDNS by jkuzilek

Description

I'm implementing a split-horizon DNS for my home Kubernetes cluster to be able to access my internal (and external) services over the local network through public domains. I managed to make a PoC with the k8s_gateway plugin for CoreDNS. However, I soon found out it responds with IPs for all Gateways assigned to HTTPRoutes, publishing public IPs as well as the internal Loadbalancer ones.

To remedy this issue, a simple filtering mechanism has to be implemented.

Goals

Learn an acceptable amount of Golang
Implement GatewayClass (and IngressClass) filtering for k8s_gateway
Deploy on homelab cluster
Profit?

Resources

EDIT: Feature mostly complete. An unfinished PR lies here. Successfully tested working on homelab cluster.

golang

Mammuthus - The NFS-Ganesha inside Kubernetes controller by vcheng

Description

As the user-space NFS provider, the NFS-Ganesha is wieldy use with serval projects. e.g. Longhorn/Rook. We want to create the Kubernetes Controller to make configuring NFS-Ganesha easy. This controller will let users configure NFS-Ganesha through different backends like VFS/CephFS.

Goals

Create NFS-Ganesha Package on OBS: nfs-ganesha5, nfs-ganesha6
Create NFS-Ganesha Container Image on OBS: Image
Create a Kubernetes controller for NFS-Ganesha and support the VFS configuration on demand. Mammuthus

Resources

NFS-Ganesha

Automate PR process by idplscalabrini

Description

This project is to streamline and enhance the pr review process by adding automation for identifying some issues like missing comments, identifying sensitive information in the PRs like credentials. etc. By leveraging GitHub Actions and golang hooks we can focus more on high-level reviews

Goals

Automate lints and code validations on Github actions
Automate code validation on hook
Implement a bot to pre-review the PRs

Resources

Golang hooks and Github actions

file-organizer: A CLI Tool for Efficient File Management by okhatavkar

Description

Create a Go-based CLI tool that helps organize files in a specified folder by sorting them into subdirectories based on defined criteria, such as file type or creation date. Users will pass a folder path as an argument, and the tool will process and organize the files within it.

Goals

Develop Go skills by building a practical command-line application.
Learn to manage and manipulate files and directories in Go using standard libraries.
Create a tool that simplifies file management, making it easier to organize and maintain directories.

Resources

Go Standard Libraries: Utilize os, filepath, and time for file operations.
CLI Development: Use flag for basic argument parsing or consider cobra for enhanced functionality.
Go Learning Material: Go by Example and The Go Programming Language Documentation.

Features

File Type Sorting: Automatically move files into subdirectories based on their extensions (e.g., documents, images, videos).
Date-Based Organization: Add an option to organize files by creation date into year/month folders.
User-Friendly CLI: Build intuitive commands and clear outputs for ease of use. This version maintains the core idea of organizing files efficiently while focusing on Go development and practical file management.

Jenny Static Site Generator by adam.pickering

Description

For my personal site I have been using hugo. It works, but I am not satisfied: every time I want to make a change (which is infrequently) I have to read through the documentation again to understand how hugo works. I don't find the documentation easy to use, and the structure of the repository that hugo requires is unintuitive/more complex than what I need. So, I have decided to write my own simple static site generator in Go. It is named Jenny, after my wife.

Goals

Pages can be written in markdown (which is automatically converted to HTML), but other file types are also allowed
Easy to understand and use
- Intuitive, simple design
- Clear documentation
- Hot reloading
- Binaries provided for download
Future maintenance is easy
- Automated releases

Resources

https://github.com/adamkpickering/jenny

Learn enough Golang and hack on CoreDNS by jkuzilek

Description

To remedy this issue, a simple filtering mechanism has to be implemented.

Goals

Learn an acceptable amount of Golang
Implement GatewayClass (and IngressClass) filtering for k8s_gateway
Deploy on homelab cluster
Profit?

Resources

EDIT: Feature mostly complete. An unfinished PR lies here. Successfully tested working on homelab cluster.

angular

Cobbler Angular Web Interface by SchoolGuy

Project Description

The old Cobbler webinterface was built into the server, leading to a huge dependency stack only required for a few people.

Goal for this Hackweek

The project should aim to finalize the first prototype of the new Angular based web interface.

A secondary goal of this hackweek is to learn a lot of Angular.

Update for Hackweek 24

The GH project received some traction since I have some vacation. As such it is my aim to get a first alpha released to close the milestone 0.0.1 (or whatever version I can release with semantic release).

Resources

aws

SUSE AI Meets the Game Board by moio

Use tabletopgames.ai’s open source TAG and PyTAG frameworks to apply Statistical Forward Planning and Deep Reinforcement Learning to two board games of our own design. On an all-green, all-open source, all-AWS stack!

Results: Infrastructure Achievements

We successfully built and automated a containerized stack to support our AI experiments. This included:

a Fully-Automated, One-Command, GPU-accelerated Kubernetes setup: we created an OpenTofu based script, tofu-tag, to deploy SUSE's RKE2 Kubernetes running on CUDA-enabled nodes in AWS, powered by openSUSE with GPU drivers and gpu-operator
Containerization of the TAG and PyTAG frameworks: TAG (Tabletop AI Games) and PyTAG were patched for seamless deployment in containerized environments. We automated the container image creation process with GitHub Actions. Our forks (PRs upstream upcoming):
- https://github.com/moio/TabletopGames/tree/hackweek24
- https://github.com/moio/PyTAG/tree/hackweek24

./deploy.sh and voilà - Kubernetes running PyTAG (k9s, above) with GPU acceleration (nvtop, below)

Results: Game Design Insights

Our project focused on modeling and analyzing two card games of our own design within the TAG framework:

Game Modeling: We implemented models for Dario's "Bamboo" and Silvio's "Totoro" and "R3" games, enabling AI agents to play thousands of games ...in minutes!
AI-driven optimization: By analyzing statistical data on moves, strategies, and outcomes, we iteratively tweaked the game mechanics and rules to achieve better balance and player engagement.
Advanced analytics: Leveraging AI agents with Monte Carlo Tree Search (MCTS) and random action selection, we compared performance metrics to identify optimal strategies and uncover opportunities for game refinement .
- more about Bamboo on Dario's site
- more about R3 on Silvio's site (italian, translation coming)
- more about Totoro on Silvio's site

A family picture of our card games in progress. From the top: Bamboo, Totoro, R3

Results: Learning, Collaboration, and Innovation

Beyond technical accomplishments, the project showcased innovative approaches to coding, learning, and teamwork:

"Trio programming" with AI assistance: Our "trio programming" approach—two developers and GitHub Copilot—was a standout success, especially in handling slightly-repetitive but not-quite-exactly-copypaste tasks. Java as a language tends to be verbose and we found it to be fitting particularly well.
AI tools for reporting and documentation: We extensively used AI chatbots to streamline writing and reporting. (Including writing this report! ...but this note was added manually during edit!)
GPU compute expertise: Overcoming challenges with CUDA drivers and cloud infrastructure deepened our understanding of GPU-accelerated workloads in the open-source ecosystem.
Game design as a learning platform: By blending AI techniques with creative game design, we learned not only about AI strategies but also about making games fun, engaging, and balanced.

Last but not least we had a lot of fun! ...and this was definitely not a chatbot generated line!

The Context: AI + Board Games