What’s a good tool to collect periodic server metrics (cpu/men/bw) and open FDs? CSV output.

Need a tool to poll those stats periodically. Open FD count would be good too. I was looking at vmstat, netstat, iostat , etc… wondering if anyone has had experience / wisdom in this area.

https://redd.it/om7pv4
@r_devops

Can you recommend me a good Terraform course on Udemy?

I'm looking to catch the promo offers they have going on in the next 2 days.

I've used Terraform a few times, but I definitely consider myself as a beginner

https://redd.it/om99b3
@r_devops

Stackoverflow Enterprise & Business Edition: Opinions?

Hi,

I'm looking for opinions on the StackOverflow Enterprise or Business licenses. The problem is the price : $12 per month, per user -- regardless of engagement. For 6000 users, that's $800k per year, every year!

Is it really worth paying that much for?

https://redd.it/omatac
@r_devops

What tools can I use to set up a Pi-Hole and Ubiquiti cloud key "containers" and VM's as a newbie

Heya, as a newbie I have been looking to get into Linux and VM's and "containerization?"

​

I have seen so many cloud posts etc I just want to start with a simple project at home that I'd be passionate about.

​

I have some experience being an IT admin and I guess the goal is to learn Linux. I have a desktop running Ubuntu now and I want to delve deeper.

​

So here's my question, I found a guide that references creating a KVM hypervisor using spacewalk however it's not around anymore what tools or guides would be best to work with here? I know this may be asked all the time but I would like some help specific to my project if there is a guide?

​

I have access to a cloud guru, Linux academy, Pluralsight, and probably some other tools but I just want to get started and find the right tools, etc.

​

Thanks in advance 🙏

​

Edit: I have an old dell i5 2500 with 16 gigs of ram that I can use on my network will this do the job?
Edit 2:Here is the reddit post I keep coming back to years later because I understand how this guy puts it.

https://redd.it/om9vpv
@r_devops

I recently lost my job. I have made a 100 days plan to learn and upskill for job opportunities in DevOps. Could you review my plan and help me improve

I recently lost my job as my company closed down. I have 8 years of experience in manual testing. I have decided to upskill myself and start looking for jobs in Junior Devops roles. I have created a study plan. Please let me know if it is feasible or an over enthusiastic plan.


I intend to study 10-12 hrs a day for next 100 days. The main area of focus would be system administration, python programming, devops tools and one cloud platform. The breakup is as follows


1) System Administration : Focused on RHCSA/RHCE -- 3hours per day
2) Python Programming: Learn enough for scripting. -- 3hours per day
3) DevOps Tools: Ansible, Docker, Kubernetes -- 3hours per day
4) Cloud: GCP -- 3hours per day


Would it be wise to learn these 4 topics in parallel or should i concentrate one one area, complete it and then move to the next one.

https://redd.it/omc324
@r_devops

Using GCP or AWS instances for remote work

Is there a way I can use a Linux instance or compute engine to pull an IP from the modem at a remote office? I want to do this in order to run security scans of the network without having to drive out to said location over 100 miles away. I have someone who will be able to log me into a laptop on site and can even provide a Zoom session, but that device wont have all of the tools I need installed in order to complete my work. Im hoping to spin up a linux box in the cloud, install the tools, and then access it via web to run all scans remotely each month when necessary.

https://redd.it/om86le
@r_devops

Kubernetes + Git Book Recommendations?

Hi All,

I'm reaching the final lessons in a Udacity SUSE scholarship program I got to be a part of. In this program we covered CI/CD and got to do some great hands on projects using GitHub, Docker, Kubernetes, building images to DockerHub. It was a great ice breaker into the world of hands on DevOps.

My issue is that my retention of the material isn't great. I really need to practice this more and need to learn more details on how to implement this in real life. I need to do more hands on exercises. I'm thinking that finding a good book or two would be a great contrast and offer some more depth.

Are there any books on the topic that you could recommend?

What methods of study have helped you get the best retention? I figure hands on at work is the trump card, but short of that...

https://redd.it/omijmb
@r_devops

Combining Terraform IaC with GitOps

How coupled is your Terraform Infra and GitOps apps (Flux/ArgoCD/whatever)?

Situation: Terraform is pretty good at creating AWS resources. We want a service owner to be able to create the IAM Role/Policy and any backend resources (Dynamo, RDS, Elasticache, etc.) as well as deploy the apps to Kubernetes. This would work best if it can take advantage of things like remote state/data look-ups from other already created Terraform resource (namely ACM, R53, and VPC resources). For example for RDS, we would want to be able to specify the subnets, etc.

The present GitOps repo is based on kustomize. The base is the service (vanilla, no per-env specifics), and overlays provide all of the "last-mile" configuration. This usually includes some sort of Ingress (with hostname), and the IAM Roles for Service Accounts (IRSA) setup in the overlay.

These are usually set once and forget it type of things for us, but to keep things consistent and hands-off, more automation is welcome. Some of the values can't be predicted at plan time (e.g. security groups when using sg for pods feature). Terraform must be applied at least once to create those identifiers. IAM Role name could be templated with envsubst or similar, so that's not a big issue.

So far, this feels like a CI problem, where we need the Terraform apply to complete, read the outputs, and then post-render the terraform outputs either directly into the overlay kustomization.yaml, or push them to one of the configmap generators in order to take advantage of the new kustomize subsitutions (the extra ConfigMap is no biggie).

This feels reasonable to manage, as a successful terraform apply can just notify the next step in the workflow to generate a new last-mile overlay and write back to git for the controllers to pick up/sync. It gets a little more strange if you try to shove both the terraform and kustomize bits into the same repo with Flux/ArgoCD, as to me it becomes less clear which workflow is supposed to be invoked when considering Terraform (via Atlantis, etc.) or ArgoCD, for example.

Blogs, ref architectures, and opinions welcome!

https://redd.it/omiiz4
@r_devops

Deployment to Digital Ocean using Circle CI

My goal is to implement a CI/CD pipeline using CircleCi to automatically ssh into a digital ocean droplet, and execute a git pull and docker-compose command. See

Circle CI YML file

version: 2

defaults:
docker:
- image: circleci/python:3.7
workingdirectory: ~/project

jobs:
pull-and-build:
docker:
- image: arvindr226/alpine-ssh
workingdirectory: ~/project
steps:
- checkout:
path: ~/project
- run:
name: Deploy
command: |
ssh -oStrictHostKeyChecking=no -v $USER@$IP
git pull origin main
docker-compose up --build

workflows:
version: 2
build-project:
jobs:
- pull-and-build

​

The digital ocean droplet was created using a putty. CircleCI doesn't recognize the .ppk in in SSH. Is there a way to add ppk public key in circle ci? Or is there another way to set up CI/CD pipeline to deploy on digital ocean?

https://redd.it/omlaf5
@r_devops

Total noob needs help.......please

Hi ladies and gents,

I have an assessment to do but don't know where to start😔
Would you be able to advise on any code editors or resources with regards to
• IaC Best Practice
• Cost
• Security
• Observability

There are some code snippets I need to do a peer review with regards to the above
I just need pointing in the right direction ☺️

Thank you in advance

https://redd.it/omn174
@r_devops

Should I buy Macbook M1 for devops?

I am planning to buy macbook m1 air, but I heard it had issues with devops software. There has already been a discussion on https://www.reddit.com/r/devops/comments/lmc986/experiences\_with\_macbook\_m1/. My question remains same.


But I would like to know how things have changed these past 5 months?

https://redd.it/omnq60
@r_devops

Question Creating kubernetes environment for painless microservice development for multiple isolated (external) development teams

Hello, this will be a long post, I will do tldr first:
I need to create a kubernetes solution for developing multiple applications by multiple teams (RBAC, policies and everything) as painlessly as possible (for the developers). The cluster will be running on vSphere with Tanzu.

Now for the whole story:
I was hired by capital city of my country as a DevOps engineer. I've been DevSecOps engineer in Azure for 3 years and have done lots of projects, but I've just scratched the surface of Kubernetes, using it only for a few months.

The city is trying to change the model of it's IT projects. In the past, everything was done by external providers for abnormally high price, and most of the apps and services aren't even owned by the city, but the providers, which causes a lock-in, and more and more money flowing in their pockets. The city now wants to create a new model, having an internal development team, plus any external provider will be working as an extra workforce managed by the city project managers, working on our infrastructure and using our tools and processes (part of the contract).

What I would like to ask, is how to make this as simple as possible for the development teams. The Kuberentes cluster will be running on Tanzu, as city already has own servers with vSphere (not to mention that they've outsourced vSphere upgrade and Tanzu installation for \~100K€ before I was hired and it's going on for over 2 months already). So best solution would be using tools and components already included in Tanzu.

My idea for RBAC (I'm open to any suggestions) is to first integrate the solution into city's AD (city has an office 365 subscription with Azure AD) for RBAC, both to internal (dev) Ingress endpoints and development tools (I'm trying to push for AzDO, because of AD integration, project and team separation and so on, but the management team is adamant on using Jira and github) so we can control access via AD groups.

To describe what will be developed: City has a huge API for all services (both internal and for citizens, over 100 of services) that's really outdated, using SOAP and mostly owned by provider (and the contract is over). I would like to refactor this into microservices, possibly even serverless functions (if possible, without dockerfiles, to make it simpler for developers, like Azure Functions for example), gradually, one by one. As I've seen, Tanzu has Knative integrated. The only problem I see is that Knative still needs dockerfiles AFAIK and Tanzu has no API gateway (only service mesh). I would like a service that creates routes for the microservices/functions and possibly has a graphql endpoint to fetch multiple things at once (all with as little configuration for the developers as possible). Also something that could make just some APIs accessible to specific roles. The developers should only specify the route for the API, and that also could possibly be scope protected by RBAC (for example team working on taxes could only create endpoints under /api/taxes/*). Also how would you do automated testing on such environment?

Another question for a different application, just for a suggestion: Other projects are city's websites, and unification of them into a single React solution with a self-hosted, headless CMS for the marketing team, probably based on Strapi (and maybe TinaCMS). Would you do the API for this solution also in the serverless way, or just have a frontend/backend containers?


I know this is a little too specific, but it's necessary from security and ease of use standpoint.

https://redd.it/omuw99
@r_devops

Aks & networking

Hi . I recently got into a DevOps role. I'm a beginner and I'm into a platform team which gives the flexibility to onboard application/Dev teams. Our work is to access images from ACR and push them into aks nodes/pods. My manager has given me a task to configure the networking segment of this and the aks cluster. We eventually are going use a jenkins with parameters to make it easy for application teams to chose their network inputs but as of now for the dry runs, we've decided to just hardcode the network into the terraform scripts. I'm learning kubernetes still. Any help regarding this or any support/reference material is highly appreciated. I actually want to know all the network components included and Thier functionality as of now. Thanks in advance.

https://redd.it/omtwr5
@r_devops

Master Rolling Updates with Ansible Serial

Hey everyone,

Below is a video I made demonstrating the "serial" feature in Ansible. Serial allows for "rolling updates," and I demonstrated this with a restart of Apache.

Its geared for newcomers to Ansible, Linux, and Automation in general.

Let me know what you think!

https://youtu.be/e5x1Alp8fao

https://redd.it/omyhf3
@r_devops

Simple Logging and Monitoring solution for dockerized microservice system?

Are there any combined out-of-the-box dockerized solution that can provide logging services like Kibana and Metrics like Grafana together? I have a very simple microservice system on a bare metal server with only 2 microservice and I would prefer not to create additional containers for kibana, grafana, zipkin, and many more than application services.

https://redd.it/omz0ln
@r_devops

Is it possible to automate a web session via the CLI?

I love to automate things and I want to automate what currently is a manual step where someone goes to a website, fills out a few forms, and presses the submit button.

Is there a tool that could help me accomplish this in some sort of linux box or container? Or is it something that can only be done on a computer with a graphical display?

https://redd.it/on0tjx
@r_devops

Angular NgRx/Store + ExpressJS Shopping Cart Series



New to angular & JavaScript in general ?

Well, I'm here to announce my new YouTube tutorial series that I started uploading recently which contains :

\-Redux Pattern Explained in details

\-JavaScript / Node basics (Express.JS)

\-SCSS styling and Basic angular component setup

\-NgRx setup for angular 11

and much more..

The tutorial Series ==> https://www.youtube.com/channel/UCF3QsixhylSFAC-s87xa-jw

I would really appreciate your support, all I'm asking is for you to check out this playlist and subscribe if you're interested It would really help me.

Thanks and have a nice day.

https://redd.it/ome33b
@r_devops

Looking for a good guide or online course for DevOps.

Hi everyone, Is there a guide or online course that have a pretty good breakdown for materials needed to study for DevOps?

I found this one here and was wondering if is worth it?

https://cloudacademy.com/library/devops-engineer/

Thanks!

\-Angel

https://redd.it/on61z4
@r_devops

Chef courses


I am starting with chef, and i want to know what are good courses.
I see this on udemy: Chef Fundamentals: A Recipe for Automating Infrastructure , i don't know if worth or there is a better option or some free courses.
Thnks in advice

https://redd.it/om3c71
@r_devops

Angular NgRx/Store Tutorial Series

Hello everyone, I'm dreevo and I'm new in the youtube community..I just wanted to share my youtube videos that I started posting about angular and ngrx if you're interested, you can check them out here :

https://www.youtube.com/watch?v=VIje9vLlQ3c&list=PLaIAlYh\_vQPWpaKUJwYt7sCjVe7nRoN8u

​

I would really appreciate some support thanks !

https://redd.it/olsax2
@r_devops

Need ideas to improve IoT infra



So I am intending to develop an ioT platform.

In the infrastructure has the following devices and its purpose

1) IoT device

2) Raspberry PI, acts as an AP to gather the data from the IoT Devices and push it to a central server every 5 IoT device, one raspberry PI

3) Central server – gathers all the data interprets it and stores it. It contains a webserver, database management system and an MQQT broker

My idea is to omit the central server totally and the PI works as both an AP and a central server

The idea is, the AP services are running in container, the central server is running on a clustered container

Is this possible?

https://redd.it/on91nu
@r_devops