How to run bash commands in Jenkins and not go insane with escaping characters?

I have been trying to run some bash commands on multiple servers through JenkinsFile(s). A sequence of pipes involving awk, grep, find etc.

The problem that I have facing is escaping characters in it. While trying to find solutions I came across

https://gist.github.com/Faheetah/e11bd0315c34ed32e681616e41279ef4

This helped a bit. But the problem is when I have single quotes, double quotes, dollars or slashes I spend an inordinate amount of time trying to find the right escape sequence. And the result is hardly readable and thus hard to maintain.

I tried to create a bash file on the server through Jenkins, running it and doing cleanup. But that also had it's own set of escape character issues.

Is there a guide or some articles which delve into this problem? Something with best practices so that I don't waste time fighting escape characters? If I do so many escape characters then it would be hard to edit or understand for anyone unless they also understand the idiosynchrasies of Jenkins. Looking for some best practices which leads to maintainable code.

https://redd.it/nlglbx
@r_devops

Packer + proxmox + ubuntu 20.04.2 autoinstall woes

I have hit some kind of wall with packer builds on a proxmox system. I'm modifying working code that works on VMware locally, vcenter or directly vsphere, but simply fails on my home proxmox node.

The issue is with the autoinstall. I feed it boot commands but it's almost as if it doesn't ever hit enter at the end, and winds up going to the language selection screen.

The relevant code:

 json
      "boot_command": [
        "<enter><enter><f6><esc><wait>",
        "autoinstall ds=\"nocloud-net;seedfrom=https://{{.HTTPIP}}:{{.HTTPPort}}/\"<enter><wait>",
        "<wait><enter>"
      ],
      "boot_wait": "5s",

I've tried probably a dozen different boot command sections from various google answers, but each ends at the same screen.

I call autoinstall in the user-data as well, and like I said, the exact same user-data works find for VMware builds.

Anyone have any ideas or successful examples?

https://redd.it/nlkat8
@r_devops

#002: Weekly Towards AWS Newsletter 🚀

At Towards AWS, we are working so hard to bring quality articles to AWS builders just like you. Last week, we started a newsletter to send the best articles of the week.

Today we released issue #002. Please have a read.

https://towardsaws.com/002-weekly-towards-aws-newsletter-fdbe55d3c7b1

https://redd.it/nm474x
@r_devops

The Mysterious Gotcha of gRPC Stream Performance

At Ably, we use gRPC to streamline our messaging service. But recently, the performance of a gRPC streaming server was worse than expected, so our realtime engineering team rolled up their sleeves and went sleuthing in-house.

This is the full recap, by Paul Cruikshank, one of our Distributed Systems Engineers:

The Mysterious Gotcha of gRPC Stream Performance

https://redd.it/nlf7ip
@r_devops

Hikaru 0.5b released; now with high-level CRUD-style methods for calling Kubernetes

Hikaru's CRUD methods simplify your code and provide the ability to use top-level objects as context managers that can optionally roll back objects to a previous state upon failure. The release includes a number of other requested enhancements and bug fixes.

https://pypi.org/project/hikaru/

https://redd.it/nm5rn9
@r_devops

SOLID Design Principles: The Guide to Becoming Better Developers

Product owners don’t always understand the implications of bad software design, as the burden falls on engineers to consider the best principles of software design.

Let's dive into the 5 SOLID software development principles that will guide you to write code that’s easy to maintain, read and understand, and make it easier to extend the system with new functionality without breaking the existing ones.

Read the full article here: https://adevait.com/software/solid-design-principles-the-guide-to-becoming-better-developers

Note: This post contains a YouTube video from Laracon's EU conference in Amsterdam that goes fully into detail about this important principle. Hope you'll enjoy it and find it useful. 🙏

https://redd.it/nm73ng
@r_devops

Interesting Take: Looking at Netflix as a case study on how their culture enabled their microservices leadership

Just read this great post on the New Stack called How Culture Impacts Technology Choice: A Review of Netflix’s Use of Microservices, and thought it was a really interesting take.

Since I always like reading about Netflix comparisons and how they actually managed to get to where they are from a tech perspective, I thought other folks might feel the same way.

WDYT?

https://redd.it/nm7ozk
@r_devops

Rancher?

Is Rancher still a good option for creating and managing k8s clusters?

https://youtu.be/LK6KbAlQRIg

https://redd.it/nm9jh2
@r_devops

Deply on premise machine with Azure Pipelines, handshake error

Hi, I'm new to Devops, we're trying to deploy using Azure pipelines, but we get this error:

>\##[error\]Failed to connect to remote machine. Verify the SSH endpoint details. Failed to connect to remote machine. Verify the SSH endpoint details. Error: Timed out while waiting for handshake..

We're deploying to an on-premise machine on Azure, we've got a Service Connection in Devops with Contributor permissions.

If we use a hosted agent on other machine in our Azure, there's no problem deploying, but we want to use Azure pipelines, I did not find any prerrequisites, like installing an agent on the machine or open firewall communications, other than using a Service Connection.

We're trying to log into an SFTP server on the machine, that works fine, and we do not see logs of connection attempts, so I suspect that is a conectivity issue, but I don't know how to look for it in Azure.

Thanks in advance guys.

https://redd.it/nm7djw
@r_devops

Why do build stages need to be on different servers

Very new to DevOps so apologies for what is almost definitely a dumb question. I'm running a simple application via jenkins build, test, deploy stages that are all on different openstack instances. Why can't I just build these stages one after the other all on the same server / what are the drawback of this?

https://redd.it/nm78mz
@r_devops

Hashicorp Vault 2-tier CA

Hi guys,

I got a question concerning Hashicorp Vault and building a 2-tier CA. I know, that in a production environment i have to separate the root CA and the intermediate/issuing CA. There are some guides out there how to setup Vault as an intermediate CA, but they all say one should use an "external root CA". Is is advisable to use another Vault instance to be the root CA, turn this instance offline and build up a second Vault instance as the intermediate/issuing CA? Or should you use another piece of software for the root CA?

Thanks in advance!

https://redd.it/nm3upo
@r_devops

EKS autoscaler based on redis queue length

Looking to see what solutions people have used to achieve EKS autoscaling via something other than pod/node metrics. Does anyone have a good solution to autoscale using Elasticache Redis queue length? Another huge plus would be to have a way to detect the velocity of the queue growth, and adjust autoscaling for that as well.

Currently we autoscale based on metrics (web process scaling) and our queue length (worker process scaling). However, we get an iflux of traffic on certain days that loads up our queue quite a bit, so we have scheduled scaling for that. Now that we are moving to EKS, we need to find a solution that won't depend on scheduled scaling like we have now.

https://redd.it/nm3o5t
@r_devops

Devops Metrics

Hello Everyone,
My team has just started their Devops journey so can anybody put some light on what metrics you guys have been using in your company to evaluate its success and how are those been calculated.

Actually, We are using Microsoft Technologies(Azure boards) for task management and we see that there is no direct way to find out metrics like lead time etc.

https://redd.it/nm147p
@r_devops

Segregation of duties in DevOps teams

Hi /r/devops,


I have been looking for answer to that question on the Internet for some time, but it seems there is no one common answer to it, so i decided to ask devops community for opinion.


What are some obvious restrictions/limitations you would introduce to your team and environment to decrease the possibility of intentional/unintentional failures or misuses?


Obviously it depends a lot on environment, team structure and maturity but one thing which comes to my mind would be to limit the direct access to production servers to developers and use automated deployment and well-defined emergency access procedures instead. Another one would be to disallow developers to modify job configuration in CI tools.


Any thoughts on that?

https://redd.it/nmfscw
@r_devops

Managing pipelines (GH actions)

It's one that's baffled me for a while. Basically, we have all of our environment deployed via Terraform across separate dev and prod subscriptions. Each of our sections of the project has its own repo and GH actions to deploy to either subscription based on which branch the PR is deployed to (feature/bug>Dev>prod flow). Is there a decent way of centralising/standardising the code as most of it is cut+pasted with a few variables changes such as storage account names. It works but it's relatively annoying when something needs changing in the actions to get it working again (such as when we split from having one main subscription into separate ones for Dev and prod)

https://redd.it/nmeybm
@r_devops

Any developers work part time?

I just graduated electrical engineering and working an internship in the power industry doing protection and control. In my off-time, I like to do coding projects and practicing developing applications for android/ios as well as video editing. I started to want to do a lot as soon as i graduated. I was wondering, if there were any possibilities or if anyone knew of any opportunities to work part time in this field? I do plan on working in networks/IT after this internship for a bit before moving back to power. However, I wouldn't mind working on projects for someone and getting paid for it on my own time, It would be extra money and extra experience for me. Plus my current internship I seem to be having some downtime so no harm in working on something productive

https://redd.it/nmdmm8
@r_devops

AuthN and AuthZ for APIs

Hi Guys,

Just wanted to know how you guys develop/implement AuthN and AuthZ for APIs. Are you leveraging the modern cloud identity platforms (e.g., Azure AD, Okta, Auth0) to use OIDC/OAuth?

Which part takes most of your time when developing/implement AuthN and AuthZ for APIs?

Your inputs are much appreciated! Thanks!

Our experience: We develop our SaaS platform using Azure AD B2C. Our AuthN for APIs of our SaaS platform is based Access Token generated by Azure AD B2C. Our AuthZ is implemented in our java backend via role-based-access control. We spent a lot of time learning the Azure AD B2C platform.

https://redd.it/nme3jy
@r_devops

How do you track your services?

In house tracking tool? How do you understand who owns a service and its dependencies?

https://redd.it/nmd5pu
@r_devops

Help! Is DevOps for me?

Hi,
I recently graduated with a Bachelor of Science in Engineering (computer technology). I got a job as a DevOps engineer with a focus on monitoring the company's application and infrastructure. I haven't got any experience or knowledge of a lot (any) of the tools, systems, and technology used. I often feel a bit lost during meetings, troubleshooting, and other tasks.
I've been at the company for 3 months and now they expect me to be able to take on features and stories all by myself, but I don't feel ready for it. For how long are you new at a job? Also, I'm going to be left alone in my team for some days this summer, responsible for everything to be up and running. They have never employed someone directly from uni, and the introduction hasn't been very thorough. I've mostly been attending online courses and haven't really done much “real work” yet. Also I'm suppose to onboard developer teams, but how can I when I don't master it myself?
I have told my boss and SM about me not feeling ready for all this responsibility and also asked for a more structured introduction, but they don't listen/care. All my other coworkers have worked 15+ years, in different areas and of course, I shouldn't compare myself to them, but I do.
What should I do? Is it possible for me to learn and become a good DevOps engineer even though I've “skipped” many steps and lack experience and knowledge? Or should I look for another job?
TIA!

https://redd.it/nmbu86
@r_devops

Has anyone ever used strongDM?

strongDM basically manages and audits access to infrastructure - we use strongDM at my company, just wondering if anyone else has any experience with it, or any thoughts on the product?

https://redd.it/nmayzn
@r_devops

The glut of new tech

New to DevOps and feeling a bit dizzy with everything on my plate.

We're considering Vault and Consul and are trying to peel off as much as we can from our VSphere and run it as K8s, but I'm not all that comfortable with K8s or these two Hashicorp tools.

What's your go to setup for trying to learn stuff out? Do you always run as K8s knowing that will be the end game or will you install it locally and get the hang of it first that way?

Juggling too many new things sounds counterproductive. Additionally, going and just using the Hashicorp HELM charts and running it that way makes the process to abstract and doesn't feel great for mastering a new tech stack.

https://redd.it/nljaku
@r_devops