EKS autoscaler based on redis queue length

Looking to see what solutions people have used to achieve EKS autoscaling via something other than pod/node metrics. Does anyone have a good solution to autoscale using Elasticache Redis queue length? Another huge plus would be to have a way to detect the velocity of the queue growth, and adjust autoscaling for that as well.

Currently we autoscale based on metrics (web process scaling) and our queue length (worker process scaling). However, we get an iflux of traffic on certain days that loads up our queue quite a bit, so we have scheduled scaling for that. Now that we are moving to EKS, we need to find a solution that won't depend on scheduled scaling like we have now.

https://redd.it/nm3o5t
@r_devops

Devops Metrics

Hello Everyone,
My team has just started their Devops journey so can anybody put some light on what metrics you guys have been using in your company to evaluate its success and how are those been calculated.

Actually, We are using Microsoft Technologies(Azure boards) for task management and we see that there is no direct way to find out metrics like lead time etc.

https://redd.it/nm147p
@r_devops

Segregation of duties in DevOps teams

Hi /r/devops,


I have been looking for answer to that question on the Internet for some time, but it seems there is no one common answer to it, so i decided to ask devops community for opinion.


What are some obvious restrictions/limitations you would introduce to your team and environment to decrease the possibility of intentional/unintentional failures or misuses?


Obviously it depends a lot on environment, team structure and maturity but one thing which comes to my mind would be to limit the direct access to production servers to developers and use automated deployment and well-defined emergency access procedures instead. Another one would be to disallow developers to modify job configuration in CI tools.


Any thoughts on that?

https://redd.it/nmfscw
@r_devops

Managing pipelines (GH actions)

It's one that's baffled me for a while. Basically, we have all of our environment deployed via Terraform across separate dev and prod subscriptions. Each of our sections of the project has its own repo and GH actions to deploy to either subscription based on which branch the PR is deployed to (feature/bug>Dev>prod flow). Is there a decent way of centralising/standardising the code as most of it is cut+pasted with a few variables changes such as storage account names. It works but it's relatively annoying when something needs changing in the actions to get it working again (such as when we split from having one main subscription into separate ones for Dev and prod)

https://redd.it/nmeybm
@r_devops

Any developers work part time?

I just graduated electrical engineering and working an internship in the power industry doing protection and control. In my off-time, I like to do coding projects and practicing developing applications for android/ios as well as video editing. I started to want to do a lot as soon as i graduated. I was wondering, if there were any possibilities or if anyone knew of any opportunities to work part time in this field? I do plan on working in networks/IT after this internship for a bit before moving back to power. However, I wouldn't mind working on projects for someone and getting paid for it on my own time, It would be extra money and extra experience for me. Plus my current internship I seem to be having some downtime so no harm in working on something productive

https://redd.it/nmdmm8
@r_devops

AuthN and AuthZ for APIs

Hi Guys,

Just wanted to know how you guys develop/implement AuthN and AuthZ for APIs. Are you leveraging the modern cloud identity platforms (e.g., Azure AD, Okta, Auth0) to use OIDC/OAuth?

Which part takes most of your time when developing/implement AuthN and AuthZ for APIs?

Your inputs are much appreciated! Thanks!

Our experience: We develop our SaaS platform using Azure AD B2C. Our AuthN for APIs of our SaaS platform is based Access Token generated by Azure AD B2C. Our AuthZ is implemented in our java backend via role-based-access control. We spent a lot of time learning the Azure AD B2C platform.

https://redd.it/nme3jy
@r_devops

How do you track your services?

In house tracking tool? How do you understand who owns a service and its dependencies?

https://redd.it/nmd5pu
@r_devops

Help! Is DevOps for me?

Hi,
I recently graduated with a Bachelor of Science in Engineering (computer technology). I got a job as a DevOps engineer with a focus on monitoring the company's application and infrastructure. I haven't got any experience or knowledge of a lot (any) of the tools, systems, and technology used. I often feel a bit lost during meetings, troubleshooting, and other tasks.
I've been at the company for 3 months and now they expect me to be able to take on features and stories all by myself, but I don't feel ready for it. For how long are you new at a job? Also, I'm going to be left alone in my team for some days this summer, responsible for everything to be up and running. They have never employed someone directly from uni, and the introduction hasn't been very thorough. I've mostly been attending online courses and haven't really done much “real work” yet. Also I'm suppose to onboard developer teams, but how can I when I don't master it myself?
I have told my boss and SM about me not feeling ready for all this responsibility and also asked for a more structured introduction, but they don't listen/care. All my other coworkers have worked 15+ years, in different areas and of course, I shouldn't compare myself to them, but I do.
What should I do? Is it possible for me to learn and become a good DevOps engineer even though I've “skipped” many steps and lack experience and knowledge? Or should I look for another job?
TIA!

https://redd.it/nmbu86
@r_devops

Has anyone ever used strongDM?

strongDM basically manages and audits access to infrastructure - we use strongDM at my company, just wondering if anyone else has any experience with it, or any thoughts on the product?

https://redd.it/nmayzn
@r_devops

The glut of new tech

New to DevOps and feeling a bit dizzy with everything on my plate.

We're considering Vault and Consul and are trying to peel off as much as we can from our VSphere and run it as K8s, but I'm not all that comfortable with K8s or these two Hashicorp tools.

What's your go to setup for trying to learn stuff out? Do you always run as K8s knowing that will be the end game or will you install it locally and get the hang of it first that way?

Juggling too many new things sounds counterproductive. Additionally, going and just using the Hashicorp HELM charts and running it that way makes the process to abstract and doesn't feel great for mastering a new tech stack.

https://redd.it/nljaku
@r_devops

Devops first steps

Hello Everyone!

Im working as a sys admin for almost a year, and worked as a network engineer for 3.
Any suggestions on how to enter the devops world? Courses? python?is my knowledge really relevant?

Please help me with some tips for a beginner, who wants to better understand what is devops and how to get the knowledge that would allow me to enter this world.


Thanks!!

https://redd.it/nmorve
@r_devops

Install logging agent (auditbeat) on multiple servers using a Rundeck job

Im looking for the most secure option to create a job that will install auditbeat (logging agent) on any server in my environment. My environment consists of windows and linux vms. Theres a couple of options im thinking of. For windows, Im using AD for auth so a powershell script should do the trick. For linux, would you recommend:

a. installing the rundeck server's ssh key on all vms? This way I can just run a simple bash script to install. This means i have to setup the node config in rundeck for about 30 vms. Seems very tedious

b. using ansible to communicate with all linux vms? I could create a hosts file but am not sure if this is the securest option.

​

Would you recommend any of these approaches or would you recommend something else and why?

https://redd.it/nmm6b0
@r_devops

No module named requests.exceptions - ansible / python error - job application tech test

Hi guys,

I hope all of you are doing very well!!

I was given a devops test for a devops position I applied for. It was a total of three tasks as follow:

\- Redis cluster.- RabbitMQ cluster.- MySQL cluster.

All of them over vagrant porvisioned with ansible.

I end up with this: https://github.com/rrodolfos/rrmd\_cluster, you could find all details, requirements and software versions that I used in the repo README.

Also I had it tested by a couple of friends. They tested in linux and one of them dares to try in Windows 7 (Yes, you did read right "seven"). The good thing was that everything runs smoothly and flawsless for them and for me.

The bad thing it apparently didn't work for the company I was applying for. They told me it wasn't a clean test and send me the following error:

TASK [rabbitmq_cluster : [rabbitmg_cluster role] Startingdocker_compose rabbitmq nodes] ***
fatal: [rabbitmq.cluster]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (Docker SDK for Python: dockerabove 5.0.@ (Python >= 3.6) or docker before 5.0.0 (Python 2.7) ordocker-py (Python 2.6) on rabbitmq's Python /usr/bin/python. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter, for example via ‘pip install docker‘(Python >= 3.6) or ‘pip install docker==4.4.4‘ (Python 2.7) or ‘pipinstall docker-py’ (Python 2.6). The error was: No module namedrequests.exceptions"}

PLAY RECAP
*******************************************************************
rabbitmq.cluster : ok=10 changed=8 unreachable=0failed=1 skipped=0 rescued=0 ignored=0

Ansible failed to complete successfully. Any error output should bevisible above. Please fix these errors and try again.

The ugly thing is I was given no more information, that was it. Because I have no access to their environment I don't know which software versions they do have, which OS they were using, etc. I asked for that but I got no reply. I mean, I can't troubleshooting it and I really want to know what happened, what went wrong with the vagrant/ansible solution.

So I'm asking you guys if you could please clone that repo an just run those vagrant up and let me know your thoughts either way it works or it does not work. Maybe you can see the mistake I wasn't able to see. I really appreciate it if you take some time for this.

Thank you in advance, have a good day all of you and happy hacking!!!

RS

https://redd.it/nmlr23
@r_devops

Fluentd vs Logstash

Hi all, I'm currently doing some research on the logging solutions for our containerised applications. I came across Fluentd and Logstash. Some of the blogs suggests Fluentd to be lighter and thus better. Can I get some input on this topic please, if you have any kind of experience and if there are better solutions that I should be looking up on.

https://redd.it/nmk4zb
@r_devops

deploying python script output to AWS

Hi,

​

I currently have a python script that saves audio files locally in .mov format.

​

Desired outcome:

​

- I want to be able to store these files in a s3 bucket through my pyscript.
- I then want to take some data from the files and store it in AWS RDS database.
- If I can, I would like to make this all an API using API Gateway.


Is this possible? If so can anyone share some resources or tell me how to get started?

https://redd.it/nlie0b
@r_devops

Best Devops team to join in Sydney

I get a lot of messages from recruiters in LinkedIn - Devops is a really hot topic. I am also considering changing my job soon. Well paid at the current job, but lack meaningful work, tired of politics and not a healthy vibe in the team :(

So, I was wondering if Sydney Devops lads could brag about their job, their teammates and overall satisfaction from work.

I’d rather focus on getting the job I want than going through dozens of interviews and trying to guess if the interviewer hide unpleasant sides of the work.

https://redd.it/nldigv
@r_devops

My experience using AWS CDK #1

Hi Everyone,

Let me share with you my first experience using AWS CDK:

https://medium.com/@eilon.lotem/aws-cdk-route53-apigateway-lambda-cloudfront-flask-and-nuxt-a34f1ffdae80

Thank you!

https://redd.it/nlliza
@r_devops

New to cloud learning, a lot going over my head.

Hey all. I'm a graduate software developer trying to expand my cloud knowledge. I've passed the AZ900 exam and that was fairly straightforward. I have done a course for AZ204 (not done the exam) and despite learning a lot, a lot went over my head quite easily.

Does anyone have any good material for reading over/watching, for someone in my position? Any projects I could crack on with?

I do feel like a lot of it would come with experience based on a lot of people in the course being actual cloud engineers whereas I'm just trying to learn for now.

https://redd.it/nlewij
@r_devops

Top Back-End Frameworks to Explore in 2021

Some of the most popular backend frameworks of 2021.

I must say I wasn't totally wrong back in 2017.

https://hellboundbloggers.com/top-back-end-frameworks-to-explore/

https://redd.it/nlo4n5
@r_devops

DevOps in Production with Windows Workloads

Interested in hearing how you have moved traditional Enterprise environments to DevOps practices.

My organisation relies on software from a multitude of third parties which run on Windows with the usual .Net and MSSQL server stack.

While we don’t have the Development component of DevOps I do want to embrace IaaC and the other elements.

Containers aren’t on any of the supported environment lists. Terraform and Packer can probably get us a fair way forward (What about backups?) but keen to hear thoughts or experiences from others.

Note: Im using the AWS CDK for edge cases where we are doing Development or something new, it’s fantastic but sadly an edge case.

https://redd.it/nlcvfw
@r_devops

AWS DevOps Teacher

I am tired of online courses that are showing you always the default things and not related to real problems. I am a junior AWS engineer trying to learn more and more but its really hard sometimes. So i am looking for someone with Experience in AWS to teach me some stuff. Of course not for free. Please if you are really interested , DM .

Thanks in advance

https://redd.it/nmzi4d
@r_devops