Claude Code for Infrastructure

Posted by aspectrr 5 hours ago

Claude Code for Infrastructure(www.fluid.sh)

86 points | 76 commentspage 2

tobi_bsf 4 hours ago||

Whats wrong with just using claude code for infrastructure? Works great tbh.

aspectrr 2 hours ago|

I wish, for my work it would be a safety nightmare. I left a comment on this topic. https://news.ycombinator.com/reply?id=46889704&goto=item%3Fi...

esafak 3 hours ago||

An infrastructure tool's primary installation method should NOT be curl | sh

charcircuit 2 hours ago|

It should be. This is the least friction way to do so as server Linux operating systems still have not agreed on a common application format / package manager.

esafak 2 hours ago||

> It should be. This is the least friction way to do so as server Linux operating systems still have not agreed on a common application format / package manager.

Nowhere in your response did you mention security.

lijok 4 hours ago|

FUCK NO. Who in their right mind would let an LLM connect to prod?

xyzzy123 3 hours ago||

Many places have "dev", "test" "prod"... but IMHO you need "sandpit" as well.

From an ops point of view as orgs get big enough, dev wraps around to being prod-like... in the sense that it has the property that there's going to be a lot of annoyed people whose time you're wasting if you break things.

You can take the approach of having more guard rails and controls to stop people breaking things but personally I prefer the "sandpit" approach, where you have accounts / environments where anything goes. Like, if anyone is allowed to complain it's broken, it's not sandpit anymore. That makes them an ok place to let agents loose for "whole system" work.

I see tools like this as a sort of alternative / workaround.

raw_anon_1111 31 minutes ago|||

Account vending machines where every dev can spin up there own account is a thing still under the control of some type of guardrails.

thenewnewguy 3 hours ago||||

Sandpit should be a personal (often local, if possible) dev environment. The reason people get mad about dev being broken for long periods of time is that they cannot use dev to test their changes if your code (that they depend on) is broken in dev for long periods of time.

xyzzy123 2 hours ago||

Agreed on all points. Local loops are faster and safer wherever possible.

But particularly for devops / systems focused work, you lose too much "test fidelity" if you're not integrating against real services / cloud.

lijok 1 hour ago|||

There’s no sandpit, only prod and dev, and you’re not allowed to break prod. Your developers work in partitions of prod. Dev is used for DR and other infra testing.

raw_anon_1111 31 minutes ago||

Well that’s just - dumb

locusofself 4 hours ago|||

Maybe at a greenfield startup. Where I work this idea wouldn't be entertained for a millisecond.

qudat 3 hours ago|||

I think you would be very surprised at a) how useful it would be and b) how lax prod can be depending on the company culture and stakes.

aspectrr 2 hours ago|||

Hey, I get it. I don't want LLMs on prod at all. I made this to let agents connect to production cloned sandboxes, not production itself. I hope this helps your concerns, but I understand either way. Lmk with any other questions.

lijok 1 hour ago||

What’s a production cloned sandbox? Take my comment as feedback that the landing page is anaemic

jhickok 4 hours ago||

why does it have to connect to prod in order to be useful?