Application Server Migration on EC2

I hosted a java/j2ee web application in the cloud on ec2. It's just a lift and shift. I'd like to get rid of Web logic application server and replace it with Tomcat. Will there be any unforeseen issues? Any pointers? Thanks.

https://redd.it/ozw95k
@r_devops

What is DevOps?

Every time a non-technical friend asks me what I do, I try to explain what the cloud is and how I work in the cloud in automation and architecture. Everybody always says “I have no idea what you’re talking about and I don’t know what you do”, despite me trying to explain it. How do you describe DevOps to your non-technical friends/family in laymen’s terms?

https://redd.it/p01pm3
@r_devops

Fedora or Ubuntu

I'm a CS student wanting to get into and learn devops related topics like containers, etc., machine/deeplearning

I really don't know which one to use out of the two, just that I like Fedora's stock GNOME better than Ubuntu's version of GNOME. But from what I've read Fedora has better support for podman than docker. Is it a big trade off in my path to learn and explore more about the field mentioned above ?

Have some moderate experience of using linux from Ubuntu to arch with only window managers, but never settled on one distro

Really sorry if it's a noob question
Thanks in advance !!!

https://redd.it/p020rm
@r_devops

Gitea with Azure AD Authentication + Drone CI. It is a good start for my home lab!

Self-hosted options might be losing their place with cloud-native applications. But for your own experimentation, it is a great addition to complement your cloud lab environments. It's pretty straightforward and fun hosting your own Git, Azure AD, and CI

Today I finished my gitea installation, configured authentication with azuread, and started setting up drone ci.

​

Here is day 3 of my DevOps vlog life!

​

https://youtu.be/YlGynTqNe0M

https://redd.it/p041pj
@r_devops

What can I use to redirect http request coming to my public facing server to on premise webserver?

I have vpn server on linode that has ip 10.8.0.1 and it is always connected to its client 10.8.0.2 which is running apache webserver. Now for some reason I cannot directly make on premise apache webserver open to wan by port forwarding so I want to know if there is a way that if someone visits my website.com the tool refirects —-> 10.8.0.2 internal private ip.

Because both nodes are within same vpn there is nothing blocking any traffic.

Is traefik a possible tool to do that ?

https://redd.it/p03zin
@r_devops

DevOps compatible life style

What do you think about being digital nomad and devops engineer at the same time? Is DevOps/SRE compatible with a digital nomad life?

https://redd.it/ozouuh
@r_devops

What security scans and tests to run in each environment?

There are many tools for scans such as sonarqube, fortify sca, we inspect, functional tests with Tosca, uft, and contrast, performance tests with loadrunner. In which environment should each of these tests be conducted in?

https://redd.it/ozjp4x
@r_devops

Amazon EC2 Auto Scaling enhances Instance Refresh with configuration checks, Launch Template validation, and Amazon EventBridge notifications

https://aws.amazon.com/about-aws/whats-new/2021/08/amazon-ec2-auto-scaling-enhances-instance-refresh-configuration-checks-launch-template-validation-amazon-eventbridge-notifications/ This will definitely speed up ASG deployments. Eventbridge notifications addition is icing on the cake.

https://redd.it/p09g4s
@r_devops

Challenges working with AWS?

We are working on a platform that provide tools for developers to create their own custom, reusable component on AWS. We want to help developers to skip the not-so-interesting part of configuring their AWS and also teams who want to create, standardize how they can access their AWS environments.


Some of the problems that we see are that developers might not have the necessary skillset, or do not want to handle the complexity of spinning up their own infrastructure.

​

Because we are still working on finding out some of the challenges that they might face, would like to ask about some of the challenges that developers or you might face from your perspective.

https://redd.it/p09n9q
@r_devops

Your ideal interview experience.

Hello folks, my team is interviewing candidates for devops and mixed software/devops positions and I need your feedback and experience to gauge the interviewees and make the process as valuable as possible.

The project is a cloud migration of our current on premise infrastructure/software and we start from 0.

The profile of our candidates is contractors with lots of experience and ability to handle their own and design stuff. Ideally they should know about cloud and tools/technologies such as terraform, kubernetes, dokerizing applications etc. The roles that include software experience, Java to be precise, don’t require deep knowledge of the above, only user experience.

Knowing the above how you, good people of this community, would like your technical knowledge be evaluated? Personally, I see no point of asking questions such as definitions and simple “Tell me what’s kubernetes” questions. The candidates based on their resumes are on the senior side.

Btw, if you fit the profile and are on EU time zone the roles are for remote. Thank you all for your time!

https://redd.it/p0bmql
@r_devops

Handling of ELK stack Logs/Metrics on Aws

Hi All,

I am working on a proof of concept for setting up elk stack with our aws resources. I would like to know if anyone has any pointers on a cost effective setup and index management.

Would it make sense to create an index per service on aws?

Also, for pricing, for 1 day of collecting "just" ec2 metrics on 1minute interval came at around 3 dollars cost. Would opting for S3 be better in terms of efficiency money wise? For a startup elk stack brings quite some benefits for data visibility however the price when you consider it kind of makes it hard to delve deeper into it this way.

Any pointers would be appreciated.

https://redd.it/p0d57p
@r_devops

DevOps Engineer - job - how to...?

Hello,

Am thinking about IT roles, and from on premises to Cloud + DevOps \[ + Agile\].

Am an IT professional, but *behind with the times*. But mainly because...

* my organisation is
* young family, so less time to self-develop

Thinking about my career. DevOps is growing (eg [Emerging\_Jobs\_Report\_U.S.\_FINAL.pdf (linkedin.com)](https://business.linkedin.com/content/dam/me/business/en-us/talent-solutions/emerging-jobs-report/Emerging_Jobs_Report_U.S._FINAL.pdf) and [DevOps Jobs, Skill Sets & Salary Benchmarking | IT Jobs Watch](https://www.itjobswatch.co.uk/jobs/uk/devops.do) .

I found a great article about DevOps Engineer career;

[How to Become an DevOps Engineer in 2020 | by Shane Shown | The Startup | Medium](https://medium.com/swlh/how-to-become-an-devops-engineer-in-2020-80b8740d5a52)

There's lots of "applause" for the article, and no dissenting comments, so *arguably* it's been "peer reviewed" and "sanity checked".

My own thoughts about this were expressed pretty much as is in the article, so I won't reproduce them. It doesn't feel \[to me\] as an IT Manager + HR's unrealistic wish list, but realistic. A great breadth and depth of skills, but still realistic. It's a shame I can't add embed an image here, but the key image is...

[https://miro.medium.com/max/700/1\*57\_\_j14aNQfmPZyFoS1yRg.png](https://miro.medium.com/max/700/1*57__j14aNQfmPZyFoS1yRg.png)

I agree with Shane Shown that a DevOps Engineer...

1. absolutely needs awareness of all steps in the cycle
2. needs awareness of the contemporary and mainstream tools and automation in all steps in the cycle (Git; AWS; Kubernes; Docker; Jenkins; etc)
3. realistically, more than mere awareness; working knowledge of the fundamentals
1. In my mind, as a first pass, be able to write a "hello world" app that completes an iteration of the DevOps cycle
2. In further passes, a full - but still relatively simple - app with a application tier and a database tier (including data reporting and instrumentation
4. As a DevOps engineer, you wouldn't actually code, deploy and operate an entire complex app, but you'd be able to have an in depth, practical conversation with subject matter experts (SMEs) at all stages of the DevOps cycle - developers, QA, infrastructure, reporting, security,etc You'd be able to discuss database schemas, response times, PII, ETL, etc for solutions

So, where does that leave me?

I like the concept of having this breadth and depth of understanding.

But...

* I'd probably be mostly learning independently - (that's achievable in 2021 and in this domain)
* can one start as a "Junior DevOps Engineer?"
* thinking about that graphic, what's the minimum you need?
* AWS
* Kubernetes
* Docker
* databases
* maybe elementary Java
* this is a *serious* transition for me, and this role requires *serious* investment in time and skills. How *secure* is this role (is it about to be replaced by a "click me" button from a startup that automates everything, leaving "investment" a worthless, "stranded asset" (exaggerating to make a point; have a family to consider, etc).

This isn't a short and simple question; all thoughts appreciated!

https://redd.it/p0dpae
@r_devops

CI/CD tools comparison: Which one to pick and why use an external of a built-in tool?

As a follow up to my previous post [about GitHub vs Gitlab vs Bitbucket](https://www.reddit.com/r/devops/comments/oy06no/full_suite_comparison_bitbucket_vs_gitlab_vs/), I was wondering what CI/CD tool you would recommend and why?

Some popular ones i found were:

* [Concourse](https://github.com/concourse/concourse) (Seems like an open source, self hosted tool)
* [Drone](https://github.com/drone/drone) (Seems like a service but you can also self host it too)
* Gitlab CI (Gitlab's built in CI service, 400min/month free)
* Github CI (Github's built in CI service, 2500min/month free)
* [CircleCi](https://circleci.com/docs/2.0/) (Service, 250min/month free)
* [Travis](https://travis-ci.com/) (Service, 1000min/month free)
* [Jenkins](https://www.jenkins.io/) (Open source, self hosted tool)


And a more extensive list here: [CNCF CI/CD tools overview](https://landscape.cncf.io/card-mode?category=continuous-integration-delivery)

Also, why would/should one use an additional third party CI/CD tool over, lets say, Gitlab's built in service? What are the advantages/disadvantages?

https://redd.it/p0dw1g
@r_devops

trying to learn by deploying app but been stuck on same error. getting frustrated

Hi, this is my last attempt in resolving this error. I have read multiple blogs, tutorials, Q&A sites and tried deleting and deploying multiple times.

My ultimate goal is to deploy using github actions so I am following the guide by azure to deploy application using k8s.

Every thing was fine until I deployed, but one node is in not ready state with ImagePullBackOff status

kubectl describe pod output

I'm facing no error while performing below commands so I think authentication should not be an issue.

az acr login & az acr repository list

I even tried adding secret and using imagePullSecrets

I have no idea what am I missing, tried following the guide word by word.

https://redd.it/p0g3bu
@r_devops

I have created a simple OTA server (with UI) to assist you in iOS CI/CD pipeline, hope it can help you

Source code: https://github.com/vietanhduong/ota-server

https://redd.it/p0h8i1
@r_devops

Does anyone use HashiCorp Vagrant anymore?

I'm a new DevOps in an IOT shop. Ansible is being used (a good thing) and has a homegrown environment for testing changes. This is IMHO really good, many people, including myself, skip this. Here is the rub: It's based on HashiCorp Vagrant.

I've used Vagrant before, but it's been many years. I discovered that the latest "ubuntu/focal64" box and the latest VirtualBox (6.1.26, at least on a Mac) are incompatible.

So, my question is this: Are you using Vagrant? Do you like it? Do you wish you were using something else?

https://redd.it/p0icih
@r_devops

How does your team organize/manage their runbooks?

I'm a member of a 12 person team who is responsible for several production services.

We try to write runbooks for any incident that occurs and tie them to our alerts (DataDog), but I've noticed a couple of problems with how we manage them:

1. Runbooks become out of date. This may be because no one on the team feels like they 'own' our runbooks (even though I feel like they should be everyones responsibility to keep up with).

2. We keep our runbooks in a GitHub repository for our team, but they are nested under several subfolders depending on the service they reference. This makes them hard to find during an incident (especially if you are woken up at 3am). GitHub search is not the best for this usecase it seems.

I'm wondering how other teams manage their runbooks and keep them up to date and easily discoverable? I know there are tools out there like Rundeck (PagerDuty) and what was VictorOps (now Splunk Oncall), but these seem to focus on runbook automation which is not what we want.

I don't want to fully automate our runbooks, but simply make them easily discoverable when we need them and some how encourage keeping them up to date.

Any ideas/feedback would be greatly appreciated!

https://redd.it/p0ix2i
@r_devops

How to handle www vs no www

I have a VPS with an Nginx reverse proxy that accepts both www\.example.com and example.com. I've noticed some odd behaviour though caused by this.

If the url is follwed by /api/, it will be redirected (proxy_pass) to my NodeJS service running at localhost. My client is configured to call https://example\.com/api/ when making API requests. However, this causes a CORS rejection when a call is made from www\.example.com, no matter how I configure my API CORS settings. Changing the API url to https://www.example.com/api/ made the error go away and now requests can be made from both the www and non-www domain.
The login session seems to be seperated for both domains (I'm using auth0). If I log in at the www domain, I'm not logged in at the non-www domain and vice-versa. Logging out works globally though.

Sorry for the long post, but these behaviours make me wonder if I have been handling this incorrectly altogether. Should I stick with www or non-www and redirect one to the other? What is the correct configuration?

Thanks in advance

https://redd.it/p0io5y
@r_devops

Help with CI/CD Idea

Hi all,

I've been a lurker for a while now and am dipping my toes into some CI/CD tools. I come from a very ops background but I play around with Docker in my homelab quite a bit and use it to host several services.

I'm now at the point where I want to start automating some things as well as just learning DevOps tools/methods to apply to my current job (Cloud Engineer). The first thing I've identified as "low hanging fruit" is to automate my docker container deployments using docker compose files hosted in GitHub.

Currently I have various docker-compose files for different services. So essentially I would do the following when updating an image (all on the Docker host itself via CLI):

\> Delete the container

\> Grab latest docker container of the service in question

\> Run docker-compose up

\> Profit

I am now at the stage where I want to achieve something similar to the following:


\> Upload my docker-compose files to GitHub (done with some already)

\> Use a CI/CD tool to create pipelines to fetch the compose files and deploy the services and then essentially if I edit these compose files and commit for the CI/CD tool to then strip down the service an re-deploy with the new compose additions.

What I have done so far is the following:

\> installed Jenkins as a Docker Container on my Docker host

\> Connected Jenkins to my GitHub repos in that it can actually see the compose files

I am stuck now at actually getting the files deployed. Someone over at the Jenkins subreddit suggested adding my Docker host itself as an agent as opposed to trying to use Jenkins plugins to natively deploy it.

I'm very new at the CI/CD side of things so appreciate any and all guidance you can provide.

https://redd.it/p0ivd0
@r_devops

How to find companies with good devops culture?

I’m starting a job search and I’m relatively convinced that I wouldn’t like to be a “devops engineer” I want to be an engineer that does devops along with others that do the same. Is there any way of finding companies like this?

https://redd.it/p0n4p7
@r_devops

AWS S3 Pricing is expensive

As a software engineer, who has extensive knowledge on AWS, Azure and other cloud providers, I have noticed that pricing is extremely expensive especially for big projects that require alot of data. S3 charges $23 per Tb /month and other fees related to retrieval and storage of data. The pricing may not seem like alot but adds up very quickly. I have recently switched to Windrate, which is a platform that allows major vendors like AWS, Azure, and Google Cloud to bid on your software storage needs and I have gotten well below the market price listed for AWS S3 and Azure Blob storage. Very interesting website and developers who work for big companies should check it out!

https://redd.it/p0k7wv
@r_devops