Tara Report - do you use it?

What are your thoughts on it. This is what I have so far:

1) https://www.portshift.io/blog/what-is-the-tara-report-and-why-should-devops-pay-attention-to-it/

2) https://www.mitre.org/sites/default/files/pdf/11\_4982.pdf

3) https://www.ciscotechblog.com/blog/what-is-the-tara-report/what-is-the-tara-report-1\_hu4d3eee6b3a92e7a5966b23adb743e7fa\_71006\_960x0\_resize\_box\_2.png

Anything else to add? Have you used it?

https://redd.it/oerl15
@r_devops

Invalid Parameter Combination when creating a new Elasticache Redis Instance using Cloudformation.

I am trying to create a Redis instance from scratch using elasticache service, I keep getting the following error:

>Cannot use the given parameters when creating new replication group in an existing global replication group. (Service: AmazonElastiCache; Status Code: 400; Error Code: InvalidParameterCombination;

​

I am new to using elasticache within cloudformation, I would appreciate any help to solve this issue or understand the valid parameter combination, and excuse me if there are any beginners mistakes.

I am using the following snippet:

cachesubnet:
Type: AWS::ElastiCache::SubnetGroup
Properties:
CacheSubnetGroupName: !Join "-" , ["rb", !Ref Environment, "redis-subnet-group"]
Description: subnet group for redis
SubnetIds:
- !Ref private1a
- !Ref private1b
Tags:
- Key: environment
Value: !Ref Environment
redis2:
Type: AWS::ElastiCache::ReplicationGroup
Properties:
AtRestEncryptionEnabled: True
AutomaticFailoverEnabled: True
AutoMinorVersionUpgrade: True
CacheNodeType: cache.m5.large
CacheParameterGroupName: default.redis5.0
CacheSubnetGroupName: !Ref cachesubnet
Engine: redis
EngineVersion: 5.0.6
NumNodeGroups: 1
GlobalReplicationGroupId: !Join "-" , ["rb-horizon", !Ref Environment]
MultiAZEnabled: True
NodeGroupConfiguration:
- PrimaryAvailabilityZone: us-east-1a
- ReplicaAvailabilityZones:
- us-east-1b
- ReplicaCount: 1
PreferredCacheClusterAZs:
- !Ref private1a
- !Ref private1b
PreferredMaintenanceWindow: mon:06:30-mon:07:30
ReplicationGroupDescription: Horizon for env
ReplicationGroupId: !Join "-" , ["rb-horizon", !Ref Environment, rgi]
SecurityGroupIds:
- !GetAtt mainSecGroup.GroupId
Tags:
- Key: environment
Value: !Ref Environment

https://redd.it/oeseey
@r_devops

How to allow external applications to write on a ceph rook volume used by pods?

Hello, I have a kubernetes cluster with a ceph rook cluster that works.

Now I need that external applications can write on the volume shared by pods, but I do not find how to setup a fixed mount point to be sure that a file placed there(e.g. in /shared/volume1) is uploaded in the volume.

How can I do? Thank you

https://redd.it/oeu8yg
@r_devops

Day to Day life - Public Sector DevOps

Day to day life - Public Sector DevOps

Hi All, long time reader first time poster. Seeing as there’s often lots of “how do I get into DevOps” type question on here I thought it would be useful to give an overview of a typical day of a DevOps engineer for a public sector company. I’ve tried to add a bit of humour in too.

0730 - You wake from your slumber. Having told yourself you’d get an early night you stayed up till 1am gaming. The light stings your eyes with the power of 1000 suns. You power on as it’s Friday and the last day of the week!

0800 - having showered and eaten you grab your bag and leave the house. You jump in your car. You begin to reverse out and then realise you’ve left your building pass inside and have to run in and get it. During your drive you try to remember if you pushed the changes for an ansible playbook a rather grumpy project manager requested yesterday to be ready for last week.

0830 - you arrive at the office and find there’s no space in the on site car park because for some reason people get in an hour early. You’re forced to the parking annexe which is a half mile walk away.

0845 - You arrive at your desk and stick the terrible laptop issued to you in its dock. Someone had adjusted your chair thinking they’re funny. You say morning to the rest of your team.

0900 - You open your emails for the first time today. You discover that no, you didn’t push the changes and now the project manager had escalated it to your boss.

0930 - Stand up. You enter the meeting room and chat with your colleagues. Your scrum master then turns up 10 mins late and says
“Before we start, we’ve been asked to write a Python script for key business project. They need this by the end of the day. Any volunteers?” The room goes silent. He gives you an awkward look “ed11e?” He’s just ruined your Friday in one blow. Gilbert and Sullivan’s sound of silence starts playing in your head. It’s always you.

1010 - Standup overran as usual and you didn’t listen to anyone’s updates because you’re still salty from being given the Python task. You speak with your scrum master and find the contact for the script.

1015 - You grab a coffee and return to your desk. You setup a call with the requester for the Python script. They decline the invite and propose a new time of 1500 on a Friday. “Can’t be that urgent then” you exclaim. Some of your colleagues laugh. Why do some people not understand productivity is at its lowest on a Friday afternoon. This has ruined your second Friday in a row after last weeks production incident on your source control system which kept you up till 11pm resolving and meant you didn’t go to the pub.

1030 - Your asked to complete a Pull request review for a colleagues Jenkinsfile. It’s really long so you sit with them to talk you through it. You give them some feedback and they are grateful. Your day is looking up!

1100 - The big monitoring board turns red with an alert. Jenkins has decided to fall over and now no one in the company can build or do any deployments. Your boss comes over and says that this is now the number 1 priority to fix as it’s blocking production deployments. Your team has requested people stop doing production deployments on Friday afternoons for months. No one listens.

1110 - Having confirmed no one can SSH into the server you raise an incident with the infrastructure team. They say the server is down because of some patching work no one told you about. You mention to them that your Jenkins system is listed as a production server and should be patched out of hours. They say “oh yes, it is, we’re sorry, it will be done in 2 hours”. You send an announcement out to users advising them and get lots of angry replies.

1200 - Deciding that no work can be done until Jenkins is fixed you decide to go to the canteen for lunch. You’re team is accosted by a product manager for eating when they “should be fixing Jenkins”. It takes all your strength not to punch him in the balls. You explain to him that it’s not your fault. He walks off

with a “it’s not good enough”. You mutter “jog on” under your breath and hope he doesn’t hear it.

1300 - You return to your desk. Jenkins is still dead. You phone the infrastructure team and ask for an update. They say the patching has been completed but the server won’t start. You escalate to the infrastructure manager.

1315 - Jenkins is alive again. The server couldn’t start because of a data centre issue.

1330 - The build queue on Jenkins is ridiculous. People start complaining they can’t deploy. You polite tell them to be patient.

1400 - A developer comes over and says the source control system isn’t working. It is, he just hasn’t pulled the latest changed in. You send them a link to the git documentation. They won’t read it.

1430 - A developer raises an incident saying Jenkins is broken as their build is failing. You look through the stack trace and see a test has failed. You send them a dump of the error. They ask why the test is failing. They don’t know. You tell them to talk to the rest of their team who wrote the tests as you don’t know how they work.

1445 - Another failed build incident raised. This time for a genuine incident. There’s a bug with the pipeline and a docker image needs a few tweaks. It’s a 10 min job and will save lots of pain but you can’t do it as your scrum master will get upset you’ve messed his JIRA reports up. You raise a ticket in the backlog and tell your scrum master it needs fixing urgently. He acknowledges it. This means it will be fixed in 2 weeks because he doesn’t want to fill the sprint up.

1500 - Python script call. You join the call and find out that the product manager has said it’s key to the business to get it through. It isn’t key to the business.

1530 - You throw the script together in such a way that would make the PEP8 maintainers cry. You don’t care. If they want it done quickly they can’t expect good practices and you just want rid of them.

1630 - The Python script is finished and you hand it over. They seem happy with it. You say you’ll tidy it up another time. You won’t.

1700 - a colleague suggests going for a beer after work. You contemplate resigning immediately so you can go for one, but you’re stuck sorting out the mess from the Jenkins incident earlier.

1800 - build queue cleared and all the incidents are closed. Result! You can meet your colleagues in the pub. You move your car from the annexe to the main car park as you’re intending to leave the car overnight so you can de-stress.

1830 - you arrive at the pub and the product manager from earlier is in there. He gives you a look of complete destain. You don’t care, you’re here to get drunk.

TLDR: standup, meetings, production incidents, lunch, late requests, users who don’t know what they’re doing.

https://redd.it/oevta7
@r_devops

Writing my report (College) and getting lost/confused between Devops is a methodology and Devops is a culture.

I am writing my report for Programming "POE" and, upon my research, i am getting conflicted between Devops is a methodology or Devops is a culture. Is it both, one or the other?

https://redd.it/oev4ob
@r_devops

Someone please save me from GCP's god awful billing

I've been an AWS fan for obvious reasons but their granular billing flies under the radar. You can see what service used how much and the relevant amount that you were charged for it.

Google on the other hand, wants me to export the damned billing data to BigQuery and analyze it there. Why?! Why can't I see how long I ran the type of VMs for? Or how much Cloud storage I'm using?

Why can't I just see what you've so graciously tracked and slapped onto the credit card?

https://redd.it/oexmis
@r_devops

ICYMI: Phabricator is no longer actively maintained

Phabricator is no longer actively maintained as of June 2021. The company that back this product (Phacility) is winding down operations.

https://redd.it/oexmvu
@r_devops

Rundeck on K8s - has the industry moved on?

My team is working on upgrading our Rundeck deployment on EKS. We have an older helm chart and were considering just moving to the latest maintained one, but when we went to search for one, we noticed that most helm charts for Rundeck were depricated around early 2020. Did Rundeck lose it's niche while we weren't looking? If so, what are people who operate in K8s and AWS environments tending to move toward? If not, can anyone point me at a well maintained Rundeck helm chart? Thanks!

https://redd.it/oexde3
@r_devops

Angular vs React: Which js framework to pick for your project in 2021!

https://arohi-adhyaru.medium.com/angular-vs-react-which-js-framework-to-pick-for-your-project-6f57ef8cda39

https://redd.it/of1wl5
@r_devops

Transitioning to DevOps - what do I need to know?

I'll cut to the chase. I've had a fantastic opportunity arise for an internal role change. Going from IT Guy to DevOps. My intended career path was to end up doing DevOps/ SRE in come capacity, so not completely blind to the field. Somewhat pooing myself though, as I have a elementary knowledge of Unix, and can only write basic scripts in Posh. Rest of my exp. is desktop supp. & MS365 w/ some server work.

Oh, and I need to be up to speed in about 3 months. Well, at least able to produce work of some value. I know I won't be an expert.

In terms of tools and languages, my main priorities are Unix command line, Python and GCP (what we use). I've had some exposure to GCP, so that's not so scary. The role is in the biotech sphere so also need to learn more about computational biology some time.

All very exciting and an opportunity I absolutely need to crush.

So, what's next?

I need to learn:

DevOps Methodology
Python - have a live Pluralsight membership so going to get started there.
Unix/ Bash - as above
GCP - Get stuck in with their CI/CD tools, adding Docker and Kubernetes under this learning umbrella

My questions:

Any recommended reading or learning sources you have found useful in your journey?
I plan to read the Phoenix Project but have also started reading the Linux SysAd Handbook
Any useful Python libraries you wish you had known about or find useful day-to-day?
Any encouraging stories from people who have made a similar jump (please god)?

Of course, I will be checking in with the team as to what they think I need to know and in what order as soon as I can, to avoid wasting any time.

https://redd.it/of11cw
@r_devops

what is your advice for a student that want to break into devops after graduate?

All my classes for the past one year are online. Didn't really get much chances to talk to peers or tutor. Just want to get some advice from here:

How do you demonstrate your skills to employer when you apply for a jobs? All i have now is just building a web app that using the tools i learnt such as

1. Jenkins
2. AWS (ec2, route53, cloudformation)
3. Ansible
4. Docker
5. Ubuntu
6. Apache
7. Django

I wasn't sure if this is suffice. Appreciate for any advice.

Thank you.

https://redd.it/oetyfb
@r_devops

Images as a docker layers in Nexus3 OSS

Greetings!

Our community also stores our helm, docker, maven, etc. images on Nexus3 OSS. However, after some time, our number of images has reached a maximum, which creates a problem for us in terms of space.

We want to change the format of our docker images a bit.

Let all the images appear on an empty busybox, and the layer needed in each new build should simply be added as a layer on top of this busybox image.

For example, I don't want to write FROM section a "From tomcat, openjdk: 11.0.3-jdk-slim-stretch, etc.". take java 11 image template from somewhere and add it as a layer in busybox. For example, do you need java 8 version? At this point, download the java 8 version image template from somewhere and add it to busybox as just a layer.

Do you think this is possible?

https://redd.it/oeyqgi
@r_devops

Technical Interview Questions

I have my first Technical Interview on Thursday. The position is DevOps Engineer with focus on Terraform, Containers, K8s, and AWS.

I am just curious what can be expected as far as this hour and a half technical interview. What kind of experiences have you had with this part of the job search process? Any advice?

Thank you all for getting me this far!

https://redd.it/of6onm
@r_devops

Running Terraform scripts WITHOUT a Terraform environment in Direktiv

G'day DevOps,

Something more technical and definitely something we considered more "fun and challenging" to implement!

You can now run Terraform scripts as part of a Direktiv workflow. The workflow will pull the Terraform container, pass it the main.tf (or similar file) and execute it using the latest Terraform. It will also store the state output for use in other workflows as internal Direktiv variables.

We wrote a blog post on it here:

https://blog.direktiv.io/direktiv-building-a-machine-on-aws-using-terraform-without-a-terraform-environment-def24fe3221d

And the plugin for Direktiv is available here:

https://github.com/vorteil/direktiv-apps/tree/master/terraform

As always - let us know what you think about it!

https://redd.it/of8huh
@r_devops

I feel like I'm struggling to make the transition into DevOps

I'm currently in the process of trying to learn DevOps and I feel like I'm struggling. I feel like I have the 10,000 foot view of what everything does.

The issue is when I try to apply what I learn, I have some difficulties.

I also feel like I'm dealing with some burnout as well.

Does anyone have any tips/suggestions on what I can use as a learning resource? I'm trying to learn AWS/Docker/Kubernetes/Terraform.

Do you have any suggestions on a learning approach? maybe I have a bad learning approach.

https://redd.it/ofb1yf
@r_devops

Kubernetes Chaos Engineering Meetup

Hello people! 

This last Saturday of July, the LitmusChaos community is glad to invite you to the Kubernetes Chaos Engineering meeting where our community members discuss everything about Kubernetes, LitmusChaos as a project & Chaos Engineering. The updates, the use-cases, suggestions & queries! Mark your calendars for:

31st July 2021, 11 AM IST

To get your calendar invite, please fill in the Google form: https://forms.gle/FX9WLhGdhyaeNGFa9

RSVP here to join the meetup: https://www.meetup.com/Kubernetes-Chaos-Engineering-Meetup-Group/events/277895650/

To join our Slack community: https://slack.litmuschaos.io/

#kubernetes #chaosengineering #cloudnative #meetup

https://redd.it/ofihg1
@r_devops

Which online training platform is better

After Linux Academy taken over by A cloud guru and now news floating around that Pluralsight will take over Cloud Guru, can someone suggest based on their personal experience which platform is good to learn Cloud and DevOps tools.
There are many options like Cloud Guru, Udemy, Pluralsight, Cloud Academy, CBT Nuggets, INE, Coursera and many others but which one is up to date as per market standards.

https://redd.it/ofi9rv
@r_devops

Can anyone help me with how to set the correlation protocol as W3C default using powershell and also disable log client ip in Azure apim

Can anyone help me with how to set the correlation protocol as W3C default using powershell and also disable log client ip in Azure apim

https://redd.it/ofjlcn
@r_devops

Jenkins Username and Password

I installed Jenkins few days back on Amazon Linux virtual box. But now o forgot my Jenkins password or username. Is there any way, so i can get it back?

https://redd.it/ofcci4
@r_devops

Azure Linux VM, how to auto-shutdown when idling?

Hi guys,
I hope this is the subreddit where is reasonable to ask this question.

Let's suppose I'm hosting RH linux VMs on Azure, to be used as a developer environment.
I need it to shutdown if is idling for x minutes/hours and after a certain hour of the day.

What is currently the "state of the art" and less custom way to obtain this behavior?

Many thanks!

https://redd.it/ofoy1a
@r_devops