Heroku and DevOps

A new client is intent on hosting production on Heroku. Is this as impractical as it sounds to me and do any of you have anything good or confidence building to say about it?

I'm worried about scaling and being tied into a PaaS that seems to be extremely heavy handed at config.

Seems like setting up CI/CD is pretty easy.

https://redd.it/oyir58
@r_devops

Fortify Thoughts

Just curious, what is everyones thoughts on Fortify?

https://redd.it/oyhxf8
@r_devops

GitLab Commit 2021 - DevSecOps - Upgrade your development workflow with interactive code maps

Earlier this week, I gave a talk at GitLab Commit 2021 about how we can build our understanding of code, share that knowledge with other people, and use new tools for guidance and navigation as we create, fix and improve code. If you weren’t able to attend the event, I’m going to recap my talk here. If you prefer to watch vs. read, scroll down for a 14 minute video of my talk.

Here’s the problem I outlined:

> Acquiring knowledge about code is hard. And communicating it across teams is even harder.

So when we make structural changes to code, I think it’s important to pause for a minute and confirm our assumptions before we start changing things. Getting extra context and getting oriented is really important when making performance changes, refactoring or fixing tough bugs -- because navigation of code becomes less apparent when we make these types of complex changes.

This is particularly relevant in DevSecOps, because security has specific skill sets and values. Bringing security into DevSecOps requires everyone to learn more about people in adjacent roles, and learn a bit of their language and value system in order to collaborate and share context efficiently.

Here’s the example I shared:

Take the lifecycle of a bug fix, a basic communication process that happens every day between 3 different people in different roles. You’ve got:
1. The person reporting the bug (e.g. another developer, a QA tester or security tester)
2. The developer fixing the bug
3. The code reviewer

There are 2 handoff stages here: from the bug finder to the developer, and from the developer to the reviewer. At each stage, a knowledge transfer needs to happen between people with very different experience levels with the code in question. In fact, it’s possible that none of these 3 people really know this particular area of the codebase that well. But they all need to work together to get a code change written, reviewed and approved.

The bug finder knows that the dev team wants as much descriptive information about the bug as possible -- what the tester was doing, what they typed in, what buttons they pushed, what they saw, etc. This description can be accompanied by some screenshots and for UI bugs, this works great. But what about bugs in application behavior, where it’s the backend that’s misbehaving? Maybe the user is presented with inaccurate information or data belonging to someone else! Or they expect to go to page X but end up on page Y. What then?

Here’s the solution I proposed:

As a developer, wouldn’t it be great if the bug finder could send you the equivalent of a screenshot, but of the backend internals? How about a map of code paths, including all the dynamic and complex stuff like HTTP requests, caching, user session interactions, security and SQL?

This is all possible with code maps. And by code maps, I mean a visual presentation of code (other than the code as text) that makes a design aspect of the code easier to understand.

Making code maps is possible with AppMap, a free, open source tool that makes runtime recordings of code. AppMap works equally well with large and small projects, web applications, and microservices. It captures all the information I described above, and bundles it into a portable JSON format. It’s also easy to write programs that process, analyze and display AppMap data.

> Quick sidebar: Last week we released a GitLab integration for AppMap! Now you can upload AppMaps to the AppMap Cloud and log in with your GitLab account. You can also attach links to AppMaps stored in AppMap Cloud to your GitLab merge requests. Here’s a short demo video if you’d like to see this in action.

Here’s the demo I gave:

In my talk, I showed how to use AppMaps to transfer information about bugs from testers to developers, and from developers to code reviewers. Start

watching at the 5:00 mark in the video to watch the demo.

Next steps you can take:

If you’d like to try using code maps to accelerate code understanding and improve communication with your team, you’ll need to:

[Install AppMap](https://appland.com/docs/quickstart/) for VSCode or JetBrains
Install and configure the AppMap client agent for Ruby, Python, or Java
Show your dev team or pen testers how to run the app with AppMap enabled, and use the AppMap browser extension to [record what they see and do](https://appland.com/docs/reference/remote-recording.html)
Show everyone how to upload and download AppMaps - from your own internal repository, or from AppMap Cloud

Presentation video

https://www.youtube.com/watch?v=iC0NrcqhStI

Any comments or questions? Come find us on our Discord server or on Twitter. I’d love to hear from you!

https://redd.it/oyh2qg
@r_devops

A Makefile for docker monorepos

We have open sourced today an opinionated Makefile that eases the handling of monorepositories.

Any question, feedback, contribution are more than welcome!

https://github.com/enspirit/makefile-for-monorepos

https://redd.it/oymsdz
@r_devops

AWS: Connect to EC2 instances using Systems Manager (SSM)

Hey everyone,

I'm sharing this video to show you how to securely access your AWS EC2 instances other than SSH. This option is great for those instances that need to have a public IP attached or need to be placed in a public-facing subnet for one reason or another.

Also, the Systems Manager may not be all that well known, but it might be depending on how you are using AWS. Lastly, there are pre-requisites to getting this working, but bounce around this video, it's for you anyway! :)

https://www.youtube.com/watch?v=jrmctZ5CmPk

Let me know what you think, and thanks again!

Cheers!

https://redd.it/oynq7v
@r_devops

SolarWinds GO/NO GO

I am part of a team looking into possibly moving to SolarWinds for DPA, DPM, APM, NPM, NPA, and maybe a few more. Primarily we're wanting to consolidate all of our different solutions into "one package." We are using solutions from a wide variety of companies. Feel free to include in the comments what you use, has worked, or has completely failed with SolarWinds and/or other solutions.

View Poll

https://redd.it/oynozz
@r_devops

Bash Hell

I just picked up an MR review from a team member and it's a multi-file bash script, over 1500 lines. I'm just curious what other opinions are in using bash to this extent?

I personally would try to keep a bash or PoSH script under 100-150 lines and if I got into a situation like the submitter I would use a more equipped programming language, but I'm also not a senior dev and don't have enough experience to really have a good reason on why not to use bash like this. It just feels wrong if that makes sense.

https://redd.it/oyn1wc
@r_devops

Bringing devops home with my homelab. Quick overview of what I plan on working with and currently struggling with.

Decided to start vlogging my homelab struggles as it's quicker and easier to film. I plan on getting a complex devops ecosystem setup between my on premise and aws resources.

Give it a watch on this cringy intro

https://youtu.be/lYiEvFv2KOg

https://redd.it/oyry2h
@r_devops

Feedback wanted! Koncrete: Cloud-hosted CD for Kubernetes

Hey Devops reddit! We are David, Scott, and Tian - we've been working on a cloud-hosted CD service for k8s called Koncrete that we would love some feedback on.

# What is this thing?

Koncrete is cloud-hosted continuous delivery for Kubernetes, powered by ArgoCD. It's a super quick and simple way to get started with Gitops. In minutes you get ArgoCD with a few handy integrations pre-configured - like Authentication, Github webhooks, and Slack notifications. You can test it out for free here, it should really only take a couple of minutes to setup.

While setting up Argo itself is not particularly difficult, configuring integrations and hosting can be a distraction for those getting started with Gitops. Getting started with Koncrete is as easy as connecting a gitops ready repo (or our example repo) and a Kubernetes cluster*.*

# Background

We are the team behind Kalm, an open source k8s toolset we built during the W21 YC batch. While building Kalm, we had the experience of learning GitOps for the first time, and thought it was weird that the bulk of the tutorials we found were all about "How to Install Flux/Argo", and very little about GitOps best practices. We joked that it was as if we were searching for "How to Write Better Blogs" and all we were getting back were "How to Self-Host Wordpress" results.

So we decided to create a one click GitOps service for people want to focus more on setting up well crafted GitOps projects, and less on configuring and maintaining GitOps operators.

We're leveraging a lot of great open source projects (like ArgoCD) to make this happen. We plan to open source core libraries along the way.

# How to try it!

We're looking for help! We really need feedback from Kubernetes enthusiasts! Specifically:

Run through our [getting started demo](https://docs.koncrete.dev/Getting-Started-0e835a43c944493ea5a591dea5dc804d) (free). Any and all feedback would be amazing.
If you have experience with GitOps - do you think something like this is useful? Why / why not?

We offer a free tier that is sufficient for hobbyist projects and small production clusters, so there's no cost to test :)

Thanks all!

Website - https://koncrete.dev

Documentation - https://docs.koncrete.dev

https://redd.it/oyry02
@r_devops

YAML in vscode not being validated with YAML extension

So I'm trying to setup YAML validation in VSCode for a myriad of YAML files my team is working with. I'm a little hung up on what is supposed to be done to set it up on windows. I installed the YAML extension and put in the \`settings.json\` where my yaml schema and files are located, i.e.:

"yaml.schemas": {
".\\path\\to\\schema.yaml": "*.yaml",
}

But when I go to my yaml files, no validation is happening. No redlines or nothing. Is there something else I need to do? The stuff I've looked at on the interwebs for help have been less than helpful...

https://redd.it/oyrfma
@r_devops

Heroku?

New client is intent on hosting production on Heroku. Is this as impractical as it sounds to me and do any of you have anything good or confidence building to say about it?

I'm worried about scaling.

https://redd.it/oyimkx
@r_devops

Bird – An Alternative to InSpec and Goss, Written on Raku.

Hi! I've created the Bird - https://github.com/melezhik/bird - Linux servers verification tool written on Raku ( former Perl6 ) and with Raku API. With recent changes with Opscode Chef and also if you want a programmatic API ( not YAML coding like in Goss ) you might want to take a look at the Bird. The project is still in alpha, but I am open for suggestions.

I've dropped an asccinema if someone wants to see a real example of work - https://asciinema.org/a/428954

https://redd.it/oywf4s
@r_devops

Advice on how to pass technical interviews

Tltr: 4-5 as a DevOps engineer, rejected a lot after the technical part of the interview, trying to go for senior positions.
wanted to learn from Your experience, what websites are good? company's that helps with technical interviews?

https://redd.it/oyf007
@r_devops

mOVING TO A devops workflow riddled with *probably* silly questions

Hi,


The place I work at is an old software house that uses old technology that wants to move into the devops approach. I'm working on an greenfield project that already has a base and we tend to work in a waterfall model approach. Here are the current tools we use:

- TortoiseSVN
- AngularJS Frontend
- Standard PHP backend
- SQL Server on a Microsoft dev server



So the project directory typically looks like this:

- /pages
- /js
- /php
- /configs


The pages would be using the set javascript files for each of the single page. JS files sends GET/POST requests to the PHP files. The PHP files uses the configs to basically communicate with the SQL server, performs the SQL Queries and returns to it to the JS to be used. So an example would be like:

- /pages/user.html
- /js/user.js
- /php/get_users.php

User.html would be a page that lists the users on the application, in the JS of that, it runs a HTTP GET request to get_users.php to essentially get the users. We would access the page via the server url so like `<devserver/projectname/pages/user.html>' so you see whatever changes you make. We also have a live server which contains a similar environment and how we usually deploy to live is just copy and paste the files to the live server and run any sql scripts on the live database so it is up to date and works with the current code base being pasted into it.

We now want to move into using these kind of tools/workflow:

- Git/GitHub
- CI/CD
- Laravel API


I've been familiarising myself with these tools to get a base. I've also been looking at docker but i'm not sure if we need it or not. I've taken all this information in but still not sure where to start and could really use some friendly advice on how to get this started or at least potentially be pointed in the appropriate direction.

I also have a couple of additional questions such as, if we were to move into the Laravel API approach, would that mean that the API would have to sit somewhere else rather than together with the frontend files?

I have to quickly go out to get my second dose of the vaccine but I thought I would post this to get a base and hopefully get some responses and will add more details when I get back. Thanks guys.

Edit: Formatting

https://redd.it/oyf3tl
@r_devops

Dockerizing existing dotnet application and deploying to Azure app service

Hi, this is my first week and just started using docker for doing a POC to dockerize an existing dotnet application which has 3 web portals connected to Azure SQL database. My team has already build some POC to create a dockerfile for 1 web portal and push the image to ACR and then deploy it to Azure App services. Now I need to build 2 dockerfiles for other 2 web portals and then push them to ACR and then deploy to separate Azure App services via Azure devops pipeline. I have created Azure Devops pipeline for building and pushing to ACR and then deploying to Azure app service and its working fine for the portal where dockerfile was already created by my team. I have created the dockerfile for another portal in similar manner but after deploying to app service facing application error. All the code for 3 web portals is in same github repo. Can anybody through any expert advice how do I proceed with deployment of remaining 2 webportals using docker and creating the dockerfile? I am a beginer in docker and don't have much idea about dotnet too.

https://redd.it/oyzafw
@r_devops

Switch from support to dev?

Hi all, I’m considering quitting my software support job to attend school to become a backend developer.

The reason is that I enjoy working with technology & code, but I hate working with customers.

Am I correct in assuming that backend devs typically don’t have to interact with customers?

What are the major stressors of dev jobs?

Are Devs typically expected to work over 40 hrs/week?

Thanks for your time.

https://redd.it/oy0i9y
@r_devops

What are the top barriers you are facing in adopting DevOps for your organization?

Adopting DevOps? How do you make your transition smooth with DevOps success? There are many reasons why DevOps uptake has been slow.

View Poll

https://redd.it/oz0lsm
@r_devops

How can I monitor nginx status?

I've been using a vm of Digital Ocean to run 3 containers (python+django / nginx / postgresql). So there is already an agent & dashboard to check RAM, CPU, storage usage, bandwidth, load.

How can I check nginx status? In particular, I would like to see requests per second. Any simple way to see this data?

I tried New Relic. But the setup & interface are complicated provided that I only check nginx. It cannot read status_url though I set the status page to localhost. I tried to curl https://127.0.0.1/nginx\_status and it's ok in ssh. But the agent cannot read the data. and I don't know why.

Next, I take a look at nginx amplify but the repo looks like it's not maintained 3 years ago

Any easy way to visualize nginx status data?

https://redd.it/oz0uks
@r_devops

How do you monitor your kubernetes cost?

Hello all
i was reading this articale and it raise avery big problem which i know that is not handled
enough , what are the methods which is implemented to monitor your kubernetes cost?

https://redd.it/oz1d9j
@r_devops

evaluating dagger - programmable CI/CD tool

I recently got access to dagger (soon to be publicly open source), it's described as a programmable devops superglue. It basically aims to replace all your fancy bash scripts in your CI with a clean type-safe declarative configuration.

The language they used is called Cue, it was created by an ex-googler who created the GQL. Dagger allows to embed any script anywhere inside your cue config. The scripts are then executed transparently inside a container. Also it's being built by the former docker team.

I am evaluating it to replace all my devops scripts, especially the kube config templating and container build scripts. The tool is early but there are some supported packages already that you can re-use.

Curious to know if anyone played with it yet or if you have good alternatives.

https://redd.it/oz2tm7
@r_devops