Managing Multiple Environments Effectively

I have started working on automating some of the infrastructure deployment at work for our Azure PaaS offering to customers. I currently deploy customers' infrastructure using Terraform and VM images I build through Packer for the backend servers. For the "frontend" that is presented to our customers, they are given VMs via VMWare Horizon Cloud on Azure.

​

I am easily able to automate away all of the VM/Azure provisioning but then anything in Horizon requires either manual work or me to wrap their API into something usable. What are some options for handling all of this? I can store all the infrastructure states on Terraform Cloud or other software but if I need to run one-off scripts against an API or something, how can I best handle this?

​

Cheers

https://redd.it/nuyy3x
@r_devops

DevOps is getting code released faster than ever. But security is lagging behind

https://planetstoryline.com/devops-is-getting-code-released-faster-than-ever-but-security-is-lagging-behind/

https://redd.it/nuyy0d
@r_devops

LitmusChaos for beginners

Hello folks!

As a beginner, I have been thrilled by working as a Developer Advocate at LitmusChaos. The community strongly believes in its visions of delivering resiliency, smooth complex workflow management, providing an easy beginner-friendly interface with a navigable experiments dashboard to start with, and much more.

Kickstart your learning here by checking out the LitmusChaos repository: https://github.com/litmuschaos/litmus

Resources for better understanding (for beginners): https://github.com/litmuschaos/litmus/tree/master/resources

https://redd.it/nuk6a9
@r_devops

Model tier in trunk based development

Hi guys,

I'm wondering how is the best way to put a MVC monolitic in a trunk based devopment. I might use feature flags in View and controller tiers, but, what about the model tier? How can I allow multiples teams work together without starting a war?

Thanks!!

https://redd.it/nuk0rx
@r_devops

Terraform finally hits v1.0.0

> Terraform v1.0 is an unusual release in that its primary focus is on stability, and it represents the culmination of several years of work in previous major releases to make sure that the Terraform language and internal architecture will be a suitable foundation for forthcoming additions that will remain backward compatible.

>
>Terraform v1.0.0 intentionally has no significant changes compared to Terraform v0.15.5. You can consider the v1.0 series as a direct continuation of the v0.15 series; we do not intend to issue any further releases in the v0.15 series, because all of the v1.0 releases will be only minor updates to address bugs.

>
>For all future minor releases with major version 1, we intend to preserve backward compatibility as described in detail in the Terraform v1.0 Compatibility Promises. The later Terraform v1.1.0 will, therefore, be the first minor release with new features that we will implement with consideration of those promises.

​

https://github.com/hashicorp/terraform/releases/tag/v1.0.0

https://redd.it/nv2mdk
@r_devops

Career change from Network administrator to DevOps

Hi everyone 👋,

Since few months I'm thinking of changing my career towards devops. This culture interesting me very hard and I'm already doing some self practice with the tools that I got already (cicd GitHub actions, docker, powershell and linux scripting etc..)
I'm still busy with my research in this domain to know and practice more as much as i can.
I would like to know what kind of challenges i may expect in real world, which tools i should manage and what should be starting point of someone who wants to become a "devops engineer".
I know that the tools and technology used are highly dependent from the organization business for which I'll be working but any ideas, examples, and suggestions will be appreciated
Thank you in advance,

https://redd.it/nu8qkp
@r_devops

First CICD pipeline

Hey all, I am creating my first CICD pipeline and wanted to run by you guys to see if I am missing anything or doing any bad practices.

Stack: Python+Flask app, GitHub Repo, GCR, Cloud Build (CICD) and GKE

I have separated my project in two GitHub repositories:

* One repo for the application
* One repo for the k8s manifests

I've got two triggers pipeline

1. Any commits to main branch (application)

* Run unit tests
* Run a docker build and tag my image to $SHORT\_SHA
* Push docker image to GCR
* Clone repo (k8s manifests) / checkout production branch
* Modify the tag in my k8s manifest to point to the latest $SHORT\_SHA using sed
$ sed -i "s/COMMIT\_ID/${SHORT\_SHA}/" manifests/deployment.yaml
* Run the kubectl apply -f manifests/deployment.yaml

​

2) Second trigger is to the manifests repo - Any commits to main branch

* Run the kubectl apply -f manifests/deployment.yaml

I understand CICD can be done in a different ways and it depends on my needs but this is a personal project I am working on to practice CICD skills so I wanted to check if you would change/add any stage as I mentioned above.

Appreciate the help in advance.

https://redd.it/nv43ud
@r_devops

HAProxy mysql check with query

Hi guys!

​

I have 3 mysql galera nodes and 2 haproxy for load-balancing.

I have a simple mysql check in my haproxy config:

# MySQL Cluster BE configuration
backend pxc-cluster_backend
mode tcp
balance leastconn
option mysql-check user haproxy
server galera1 10.x.x.x:3306 check weight 1
server galera2 10.x.x.x:3306 check weight 1
server galera3 10.x.x.x:3306 check weight 1

If i know right this mysql check just make a login into the db and done.

Is it possible to make the check with a simple select? I think if on galera1 can i make a select from any db is ok, if no it's bad and make it down in the config.

I need this to avoid any network issue.

Have you any advice?

https://redd.it/nv4az9
@r_devops

Rancher and Helm charts

I was wondering if Rancher and Helm charts are widely used in the industry?
What are your experience with these tools

https://redd.it/nv6m5w
@r_devops

For those in DevOps/SRE roles in the gaming industry, what's your typical day like?

I'd like to learn about DevOps and SRE in the context of gaming such as:

* The sorts of challenges you encounter
* The tools you use that may be specific to the industry
* The variety of teams that you collaborate with, hopefully as close to the product as possible

Thanks!

https://redd.it/nv75wh
@r_devops

Did anyone else notice various alexified smart things like light bulbs and power strips stopped working last night during the fastly.com outage?

I crashed around 2am, but when I did so, I had to manually turn off several "smart" bulbs as well as several things plugged into certain "smart" plugs (including an Amazon plug). (Elsewhere, while Prime Video worked, the images served to its X-Ray feature were broken, and other non-alexified smart devices were also offline) This morning, everything was working as usual, which is to say, Alexa is taking the wrong action about 30% of the time.

I am pretty sure most of that is related to fastly being down, I have to admit, I dumbly did not anticipate my apartment breaking because some third rate idiot devop at some company I've never heard of was jerking off to furry porn instead of feeding the goddamned hamsters, his one fucking job.

https://redd.it/nv98rp
@r_devops

Stuck in Tutorial Hell!

I've been studying DevOps tools and practices for the past 6 months and I am stuck in an endless loop of learning. I am a Certified AWS CCP and SA Associate and I am also currently learning Terraform and Containers. I also have knowledge of Linux(Ubuntu to be specific) and BASH. I am a CS graduate and I've been looking for a job in Devops for the past few weeks but the jobs that I come across require people with 2+ years of experience. How can I get a job easily because learning without applying the information you learn makes you forget real quick. I'd like to take Developer then DevOps AWS exam but I also need a job/experience to back up my certifications.

https://redd.it/nv6goj
@r_devops

Anyone used MetricBeat to scrape Prometheus metrics from Kubernetes pods, instead of Prometheus?

If so, how did the experience go? Any gotchas or takeaways?

https://redd.it/nv69m6
@r_devops

What certificate that you guys suggest for a beginner in wanting to dwelve into devops/sre?

As the title says any veterans in devops/sre can suggest me their go to cert to have to develop my knowledge on devops/sre and get acknowledge my skill with certificate, what certificate is the best for beginners to have?

https://redd.it/nvex54
@r_devops

I'm Hiring

Looking for someone to join our team at PACCAR to help build and administer our MLOps platform and processes.

https://jobs.paccar.com/job/Renton-Analyticts-Operations-Engineer-Job-WA-98055/676030101/?feedId=100&campaignId=3&utm_campaign=google_jobs_apply&utm_source=google_jobs_apply&utm_medium=organic

https://redd.it/nvehca
@r_devops

Is it realistic to use some sort of VPN cluster for permissioning?

My company has been experimenting with the idea of using a VPN for a sort of permissioning. For example, users in like an "admin" group would have their request routed to a server inside whatever AWS VPC they are requesting, and have it routed out by an IP block everything has whitelisted, but a "Developer" role would go through the server and sent through the VPC with a different IP block that's only whitelisted for certain dev tools.

We currently have an OpenVPN instance running in AWS so that's what I'm familiar with, can it be done with it or is there another tool to do this with? Is it even worth it?

https://redd.it/nvhn1w
@r_devops

Need advice on setting up CI/CD

I work for a startup and we're at this stage where CI/CD would be massively helpful and we have the resources to focus on it.

- We keep most of our code on GitHub, and PRs have lint/test run in a GitHub action.
- Currently our android/iOS deploys are done via a manually triggered GitHub actions that runs on the CTOs computer.
- Web deploys are automatic through netlify
- AWS deploys are triggered manually through the AWS cli.

We've talked about the following strategies:
-moving everything to a cloud system (e.g. Circle CI)
- moving to a fully local solution such as a self hosted macOS server running Jenkins.
- moving to a hybrid model where GitHub actions handle CI (certain tests would be run on a local macOS server) while CD is handled by a cloud provider

Any thoughts or advice for somebody setting up a CI/CD solution for the first time?

https://redd.it/nve73j
@r_devops

DevOps AWS Kubernetes observability platform for root cause analysis

We are looking for people to help us prove our technology helps identify RCA. Contact me for a free trial.

https://redd.it/nvjmwt
@r_devops

Terraform v1.0.0

https://github.com/hashicorp/terraform/releases/tag/v1.0.0

Excuse if this had been posted already. Just wanted to share the excitement.

https://redd.it/nv2l91
@r_devops

Transfering Wordpress to k8s

Transfering wordpress site

Hello there, as I want to be prepared for the future I created my own K8s cluster for my business projects (sites or webapps for clients) but in the past I used just basic wordpress app.

Do u guys have any idea how to transform a already present wp site into a docker-container and deploying to kubernetes.

Thanks :)

https://redd.it/nuyu4d
@r_devops

Hands off, cloud based config management

Looking for something simple to handle basics - patching mostly. Want to have everything in IAC of some form.

This particular use case is for labbing with the most "production" aspect being Plex.

I've been looking at azure Automation but it seems a bit heavy handed.


On top I'm planning to run some other cicd product (devops agent, Argo, not sure yet) if there's maybe something open source that has both config management and deployment all in one?

It seems from my research that there's nothing quite simple and plug and play in the config management space yet.

https://redd.it/nvmjnb
@r_devops