The outline of the discussion, along with some of the responses, is given below. Note that: RS = Rahul Subramaniam, SB = Stephen Barr, NP = Nathan Peck.
- What is CDK in a nutshell?
- Why build CDK on top of CloudFormation?
Why not directly target the APIs themselves (e.g. like boto3)?- NP: Declarative vs Imperative
- RS: Why not base the imperative stuff on CloudFormation?
- NP: CDK is already a huge project, without needing to re-write CloudFormation as well as CDK
- Is it good practice to modify the CloudFormation generated by CDK?
- How can CDK help with container-based deployments?
- The CDK can, for example:
- CDK can build a container
- Manage the ECR repository
- Ship the container to AWS Fargate
- RS: A possible downside of this approach is that it is one more tool to manage.
- The CDK can, for example:
- Are there best practices for organizing your code to handle one more tool, e.g. cdk?
- NP: Use Docker, and have that be the layer of abstraction. Then, Docker is responsible for packaging the app, and CDK is responsible for sending it to the cloud
- RS: This makes sense, but brings along another concern, namely managing the versioning of cdk.
- CDK iterates quickly. Will a CDK-based deployment work 6 months from now? Highlight from AWS Made Easy AUA Ep 9
- NP: Containerize it! This can pin the version of CDK and all its dependencies at a particular point in time.
- NP: Package-rot is an issue in the node ecosystem, but note that CDK should never be production facing. The artifact which gets generated by CDK is a CloudFormation template, and this should happen on a CI/CD system.
- What are the best practices for using CDK across multiple accounts with shared resources?
- Looking at CDK as a resource lifecycle management tool, how does it compare to Kubernetes’ approach?
- Is there anything we can do to make CDK / CloudFormation deploy faster?
- NP: Use more, smaller stacks
- RS: How does this work with the “monorepo” philosophy?
- NP: There is some custom tooling necessary to get this to work, that can basically detect what parts of a repo have changed and then run the CI on just these subdirectories within the repo.