Troubleshooting a question

**How would you go about troubleshooting a server that is down?**


* Check the server logs to see if you can find anything event that might have shut down the server it.

* Reboot the server and see if that fixes the issue

* Check network connectivity by pinging another server on the network.

https://redd.it/nt8a7s
@r_devops

Automate Setting Up WordPress Server

Hey folks, my friend who I'm helping set up his Wordpress site had me do these steps three times already and I want to automate it:

1. Spin up an EC2 instance with Bitnami Wordpress as its AMI
2. Download its keypair
3. Create elastic IP and associate with EC2
4. Assign elastic IP to DNS record on Route 53
5. Get Wordpress password from EC2 system log
6. Use bncert tool on EC2 CLI to enable https on Wordpress site

Could someone please help me determine what DevOps tool should I use for each step?

https://redd.it/nsy9e6
@r_devops

Transition from Devops to Security Role

I came across a role for an Information security engineer but with Devops experience as they would be applying/evaluating security for AWS/GKE etc.

I wanted to see if anyone else made the transition and how interesting is the security role as compared to working on challenging projects in devops?

Security role entails applying security practices to teams building on AWS/GKE and wanted to get a better perspective on the role and what this means

https://redd.it/nsy6t1
@r_devops

What are some good devops course for React and Node apps?

What are some good devops course for React apps? Need some recipes I can apply to React and Node projects.

https://redd.it/nsvfqq
@r_devops

What it means to run a monolith on AWS Lambda

Over the course of 4 years I steered the DevOps culture in the company I work from EC2 to ECS + Fargate and finally to AWS Lambda, leading to better code that survives ephemeral environments, improved release practices, continuous delivery and cost reduction. I recently wrote a great piece on my experience running a monolith on AWS Lambda for the past 2 years.

https://blog.deleu.dev/what-it-means-to-run-a-monolith-on-aws-lambda/

https://redd.it/nst4iu
@r_devops

Managing Action Approvals with GitHub Actions

I'm a huge fan of GitHub Actions, after years of using every CI/CD tool under the sun, I see Actions as truly innovative and for the most part that's because of the Actions interface and ecosystem.

However, it is a whole new threat vector, I now have teams pulling in God knows what Actions that they've found online. And that is usually fine because there are tons of useful and free projects to choose from but it's a mirror of the import/dependency problem in repo source code. Everyone pulls in dependencies which in turn pull in their dependencies and it's a security nightmare.

GitHub has some security knobs in place for this but I'm just wondering if anyone here has devised a flow for vetting and allowing Actions in their teams' pipelines.

https://redd.it/nst35l
@r_devops

Bitnami Tomcat issue with the base64 enc database password

Hello All,

I am using bitnami tomcat 9.0.45 to deploy our containerized application onto kubernetes. This web app connects to a remote database, and the credentials for the same are defined as variables in the config map and the secrets, the values of these objects set in the helm values.yaml. I am deploying the containerized app through the Gitlab CI, wherein after the successful deployment I can see the DB password in the plaintext in the console logs of tomcat, whereas we have set DB password to be base 64 encoded on the GitLab CI. Not sure, upon deployment, it just shows the plain text password but not the base 64enc, which is a security issue for the organization. Please advise how to solve this?

​

Thanks

https://redd.it/nsr269
@r_devops

I'm an IRL DevOps Eng and was curious if my problem would interest you?

I thought hey- since I know there are readers of all sorts on this subreddit, from starting out to experienced vet, I thought this might be a nice idea to illustrate a fun problem I'm having to see if anyone wanted to give it some thought?

I've got a Jenkins Server running in Kubernetes. I have a Bitbucket server (internally). I am not able to connect to Stash via the"Bitbucket Server Integration" plugin... and the issue seems to be with certs as per the error raised in the plugin, however I have verified my certs are correct in the truststore for the Jenkins container inside my pod (remember, it's on kubernetes)... so, what do you think could be the issue? ;)

https://redd.it/nsmkx6
@r_devops

Goal Setting is Bullshit: Try this Instead

“Set goals and you’re set for success.”

These might be the exact words that you would hear across the internet from the millionaire gurus while you procrastinate thinking of your goals. You might even have a diary that has your goals listed and defined. But what’s lacking?

https://www.p3r.one/goal-setting-is-bullshit/

https://redd.it/ntlggy
@r_devops

Object and Block Storage: How They Differ?

The difference between block and file storage makes heads spin due to the complexity of definitions and technical jargon across the internet. Even a technical person sometimes forgets the business value and makes decision fatigue their best friend when trying to figure out the value proposition of

https://www.p3r.one/object-and-block-storage/

https://redd.it/ntld87
@r_devops

basic questions about getting into devops career...

Hi. Thanks for reading. First a little background about myself.

- Mid 30's
- 3 years exp as Software Developer mainly using JS.
- Some experience with other programming languages including Python and Java.
- Experience creating basic Docker containers, CI/CD (CircleCI), deployments on Heroku and DO.
- Just above basic linux knowledge (Fedora is my main OS)
- Previously passed CCNA (I still remember some basic networking concepts)
- Read the Phoenix Project

I was contemplating switching to a more DevOps role but had a few questions first. I've already done an extensive search for answers but would like some further clarification:

- How common are Jr/Entry level DevOps roles? Would I be considered for a junior role given my skills and experience?
- How difficult is it to learn some of the DevOps related tools such as Ansible, Kubernetes, Terraform?
- True or False: DevOps usually requires on call.
- What's the best way to practice and learn all of these DevOps tools? What should I be building and demonstrating in my projects?
- Which cloud service is best for beginners to practice out of the Big3 - Azure, GC, AWS?
- How much programming do you actually do on a day to day?
- True or False: DevOps is typically a thankless job.
- How accurate is this roadmap?
- What programming language is most useful for a DevOps role? The roadmap says Go.
- True or False: DevOps is typically more stressful/high pressure compared to Software Dev and other tech related roles.
- How much do certs matter?
- True or False: DevOps is basically Softare Dev, Systems/Network Admin, SRE all rolled into one.
- Do you feel any job satisfaction?
- Anybody want to partner up and learn all this stuff together?
- Are any of your companies in Canada looking for a jr/entry level Devops? If yes, feel free to send me a PM.

Thanks ✌️

https://redd.it/nte7d4
@r_devops

Does any one knows any free DevOps pipeline diagram generator ?

I am looking for a free DevOps pipeline diagram generator, I found digital .ai however that is asking for official email address , which I dont want them to keep sending promotions. Any one aware of any other free tools that can he used to create DevOps tools diagram?

https://redd.it/nted8a
@r_devops

What Techs Should I Use While Moving from a Monolith To Microservice Architecture?

I know there's no right answer, I'm just looking on some input to use in helping me create arguments for which techs to use. My company has developed a very large application in a monolith using an early version of Grails (2.3.11). This has caused a lot of issues, including not being able to really upgrade Grails in any way even though the current version in 2 major version ahead, and there is some HUGE reworking and additions of really nice features we've never gotten to use. That and a couple other issues have caused us to want to slowly adopt a microservice-based architecture instead (We know we'll never be able to really FULLY move the app all the way to microservices, but splitting out as much as we can will help a lot).

We've always just built (either manually or through Jenkins) the .war file and uploaded it to EBS. I'm trying to create a game plan for moving towards microservices that sets us up for success as early as possible. Right now my gameplan is to start with containerizing the current application and deploy it that way, then it becomes easy to create the "first" microservice in another container and not be doing a whole lot of building it in the main app and potentially causing issues at one time.

I wanted to know if anyone had any good articles or stories of their own on moving from a monolith to microservices that were built similarly. What opinions do you have on using EBS even with microservices? Should we move to all EC2 instances early on? Should we try something like EKS? Do you like Docker over K8s or the other way around for some reason? Open to all information.

https://redd.it/ntcmqm
@r_devops

No, you can't do it better in Python or bash (challenge)

Doing DevOps today? 99% either abuse bash or abuse a general purpose programming language.

bash does not meet any modern expectations from a programming language: syntax, error handling, data structures

General purpose languages such as Python, Ruby, etc are not domain specific enough to have the desired facilities.

Here is small example of straightforward solution to a small problem: list all CloudFormation stacks that are managed by the given CodePipeline.

Your are welcome to prove me wrong about this particular example - come up with at least as clear and as concise solution in either bash or Python. I think it can not be done.

https://redd.it/ntipck
@r_devops

Domain structure for multi-cloud, multi-environment

Are there any articles/docs that reference planning out a DNS structure for multi-cloud, multi-environment setups? I've tried searching out there using different terms that I can think of, but I'm not finding what I need. Here is the basics of what I'm looking for information:
- How to structure private and public dns structures to support multiple environments (prod,qa,uat,dev, etc), that will run between multiple providers (onPrem, <insert cloud providor here>).
- Would adding several subdomains allow for easier scaling in the future, albeit more work to setup now. Examples below would be CNAMES based on client location.
- public ex1. www.useast1.aws.prod.example.com
- public ex2. www.uswest1.aws.prod.example.com
- by using the above examples of FQDN's is that giving too much information away, with regards to security. Should there be some obfuscation in the names.

Currently, we dont have a need for this complex of a setup, but is it worth the trade off of pre-creating this structure reduce future growth.

https://redd.it/nu36fg
@r_devops

Looking to join DevOps Slack channels.

What channels would you guys suggest?

https://redd.it/nu6361
@r_devops

Any CircleCI experts able to help me? I can't access my context/environmental vars in my docker image (aws-ecr/build-and-push orb)

Hey all, as the title suggests I am trying to build & push a docker image to AWS ECR. Everything works good until the containers try and run! My app is dependent on the ENV vars, which are coming in as undefined.

Couple of notes:

1. I have no problem when I declare export environmental vars locally and test.
2. I have added the environmental vars to the CircleCI context and referenced that context (this works for other processes without problem.
3. I can see the step in CircleCI where the env vars are prepared.
4. Problem is, when I build & run, the containers are not able to access the vars. I have confirmed this with cloudwatch logs on the containers.

Here is the relevant line in my config.yml:

version: 2.1
- aws-ecr/build-and-push-image:
context: CIRCLE
requires:
- Build react app
account-url: AWSECRACCOUNTURL
aws-access-key-id: AWSACCESSKEYID
aws-secret-access-key: AWSSECRETACCESSKEY
create-repo: true
path: ./server
region: AWSREGION
repo: my-socket-app-repo
tag: "latest"

Any help is greatly appreciated! Thanks

https://redd.it/nu0w2x
@r_devops

Is there a service to handl rewriting URLs?

Hi all.

We are trying to reduce some technical debt/remove legacy applications in our ecosystem.

We've come across a simple .NET core app that a previous employee called "Domain Forwarder".

It essentially has a JSON list of hostname/hostname+path redirects and simply 301's.

For example, we have a bunch of legacy domains that have been setup with a rule to send them to a page on our website depending on what domain they are going to. If you go to abc123.com, you might 301 to ourwebsite.com/abc123.

This is setup in Azure on App Services and has all our legacy domains binded to it.

Is there a better tool/service that can handle all this for us? We want to reduce as many apps as possible so would be good if we had a service (preferably within Azure) that can handle forwarding of these domains/paths for us.

&#x200B;

Thanks

https://redd.it/nu35nm
@r_devops

Why government website don't use SSL in some websites? any idea

I saw this case in many places

https://redd.it/nu5ytk
@r_devops

I’m a software engineer that had to learn ops. I am not always sure how to set thinks properly. Any course / tutorial to follow?

Recently, my position made me implement the whole project architecture on AWS (with Terraform).

We are mostly deploying code on Lambda, but we also need to deploy some apps on EC2 instances.

I have successfully deployed an ALB with a single EC2 using docker swarm and Traefik.

However, I never managed to do zero downtime deployment with it. I had to develop a custom bash script to do blue / green deployment. (The script find the next color, deploy it, check the health of the app, switch the Traefik config to redirect traffic to the new color, check that everything is working, shutdown the previous color)

I’m using docker swarm mainly because it’s easier to deploy services, and I’m only deploying a single node app, with a single elastic search and 2 nodes of Traefik.

I feel like I’m doing something wrong, but I cannot point my finger at it.

Docker Swarm tutorial are quitte old, as I feel the majority of people are using Kubernetes.

Any help, tutorial would be awesome! I’m more than happy to share my scripts / terraform config

https://redd.it/nu99ti
@r_devops

How do you keep on top of calendar tasks such as renewing certificates?

How does your team manage calendar related tasks such as renewing certificate, app provisioning profiles etc?

We use Confluence for documentation but I don't think there's a calendar plugin with reminders.

We are thinking of using Outlook.

Wondering if anyone has any better way of managing these things?

Cheers

https://redd.it/ntyf2j
@r_devops