Managing standards across a large set of git repos

Hi,

Looking for experiences people have managing standards (code layout, naming, but also things like aws resources always being tagged). That part is relatively easy, we use a number of linters, tfsec and a whole bunch of other tools.

However, we now would like to use the same standards across all of our repos, and keep them the same as we expect to make small updates to standards. Don't really wanna try and keep 100+ repos in sync manually :)

Thoughts welcome.

https://redd.it/p0vb34
@r_devops

What is Tekton and how it compares to Jenkins, Gitlab CI and other CI/CD systems

I think there is often a confusion about Tekton - it's not really a complete CI/CD system, but rather a Lego. I made a video explaining this point:

https://youtu.be/skcLi9-WTkA

https://redd.it/p0x96u
@r_devops

23 items production readiness checklist

Hello, I have watched a conference where they spoke about 23 production readiness checklist, compiled at a company like Spotify, or SoundCloud, but my memory is betraying me.

Does it ring a bell ?
What's your production readiness checklist ?

https://redd.it/p0ynn7
@r_devops

Basic Linux commands you should know

https://bradmccoydev.medium.com/kubernetes-journey-basic-linux-commands-you-should-know-da4f95ceca5?source=friends\_link&sk=834a31acb43ca1d4ac0321a8bb69157c

https://redd.it/p0z0mp
@r_devops

DevOps Engineer is the new SysAdmin

I teach a graduate course on DevOps and Agile Methodologies and many students think it's an operations course, when actually it's an advanced software engineering course that covers DevOps Culture, Test Driven Development, Behavior Driven Development, Cloud Native Microservice Architecture, Continuous Integration and Continuous Delivery, Docker, and deploying to the cloud and Kubernetes.

I believe the confusion comes from job postings for DevOps Engineers that they see. This, I believe, is an anti-pattern that is prevalent in the industry. Recently when I came across a Job Function dropdown while signing up for a conference that lumped DevOps with Operations, I just had to write my ideas about it down.

Here is the article that I wrote on the topic: DevOps Engineering is the new SysAdmin

I will repeat here what I said at the end of the article because it's important to understand the spirit in which I wrote the article. "I say this with all due respect to those who hold 'DevOps Engineer' job titles. The work you do is critically important, and the skills you possess are infinitely valuable and sought after, but the company you work for is not practicing DevOps if they put you on a DevOps Team. Remember, DevOps is about breaking down the silos, not creating a new one."

I'd be interested in this communities feedback and thoughts.

https://redd.it/p11l4k
@r_devops

How to onboard a new DevOps to a remote team

My company is a startup with around 70-80 and we have been working in a DevOps way more than 2 years. We are a spin-off from a big corporate german machinery builder and we are doing some cool iot tech. At the same time, we have customers that pay really well for it and we are in a hiper grow right now.

​

I have been working partially for the company (been in the mother company) for more than a year where I started like backend but I was focusing little by little to DevOps and finally I ask to the startup to jump full with full contract into the new company and be the "lead" devops. I am now on my own but on september one devops more will join the company to work under me. Could you get me some tips about how to make the onboarding a pleasant as possible? I have no experience with remote onboarding and we will be in different countries. Me in Germany and she will be working from Portugal but it is quite ok because I am spanish and the mindset is really similar.


Which are your recommendations for me onboarding the first new person in my team? I need to say that also the team of backend/Data science people I work with there are like 4 people are really strong in DevOps and they can also support me. And for making all even worst and I will probably be off her first week :(

https://redd.it/p130mg
@r_devops

Enhance your software development process with DevOps - Download WhitePaper

Get Your Free DevOps Whitepaper\- This whitepaper sheds a light on the benefits of DevOps that can help you quicken the software development process by minimizing errors and increasing visibility.

https://redd.it/p14a2p
@r_devops

Major Pagerduty downtime!

Pagerduty is experiencing yet another major downtime affecting their web dashboard and other components. All hands on deck folks!


https://status.pagerduty.com/incidents/6h3slvfz84xp

https://redd.it/p1537d
@r_devops

Rootless Docker

Hello,

I've recently installed docker in rootless mode on Debian 10 Buster with the VFS storage driver.

I've noticed that the docker takes so much storage space now and the performance dropped a bit.

Can someone please explain to me why does it take so much space ?

Is rootless docker good for production ?

Thanks.

https://redd.it/p138qk
@r_devops

How to become a DevOps engineer in 2021.

https://www.youtube.com/watch?v=9pZ2xmsSDdo&ab\_channel=TechWorldwithNana

I do not own the content, just thought I'd share as it's one of the clearest up to date videos I've seen so far. Hopefully it will help others here.

https://redd.it/p17ztx
@r_devops

State of Kubernetes Security Report

This could be of interest to this subreddit

https://red.ht/3wBy3T6

https://redd.it/p179i3
@r_devops

simple way to provision and manage docker containers?

I'm trying to setup a service where each user needs their own api server and database instance when the user account is created, and then I'll have to manage those instances. Does software exist to make this easier? I have docker images, and I'm quite comfortable setting these up individually on GCP or AWS, but have no idea how to automate/manage this. I think all I need is some kind of API to provision instances and handle updates, but am unsure what to do next. I'm wondering if there is something easier than diving deep into k8s.

https://redd.it/p1aeyg
@r_devops

urgent help needed not able to pull resource using github.com but works fine with www.github.com

I can connect to www.github.com but not github.com on the server.

as shown below:

# wget https://www.github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
--2021-08-09 22:10:17-- https://www.github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
Resolving www.github.com (www.github.com)... 52.64.108.95
Connecting to www.github.com (www.github.com)|52.64.108.95|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz following
--2021-08-09 22:10:19-- https://github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
Resolving github.com (github.com)... 140.82.118.3
Connecting to github.com (github.com)|140.82.118.3|:443... failed: Connection timed out.
Retrying.

--2021-08-09 22:12:27-- (try: 2) https://github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
Connecting to github.com (github.com)|140.82.118.3|:443... failed: Connection timed out.
Retrying.

--2021-08-09 22:14:36-- (try: 3) https://github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
Connecting to github.com (github.com)|140.82.118.3|:443... failed: Connection timed out.
Retrying.

--2021-08-09 22:16:47-- (try: 4) https://github.com/nextcloud/bookmarks/releases/download/v4.4.0/bookmarks-4.4.0.tar.gz
Connecting to github.com (github.com)|140.82.118.3|:443...

I have also spotted 2 ips here www.github.com has 52.64.108.95 and github.com is 140.82.118.3 which is also on my laptop where it is working just fine.

Due to this problem nextcloud is not able to update apps.

https://redd.it/p1aury
@r_devops

How to Automate App Deployment using Portainer and Git

Hey DevOps crew, if you'd like to learn how to Automate App Deployment using Portainer and Git, then you're welcome to join this session.

Description
In this how-to workshop event with Technical Evangelist, Adolfo Delorenzo, you'll learn how to use Portainer (integrated into Git) to automate the deployment of apps as part of your DevOps workflow. By the end of this session, you should have a basic understanding of -

\- Git integration
\- Webhooks
\- Basic Portainer API

Event Details
Wednesday 11th August
7am San Francisco
10am New York
11am Rio De Janeiro
3pm London
4pm Berlin
10pm Singapore

Register here -
https://portainer.zoom.us/webinar/register/WN\_IciWKcIxR4iZC77jlGPnmA

https://redd.it/p1d3zv
@r_devops

Attempting to deploy application to server through CI/CD

Hello,
I'd like a jenkins instance (or anything lighter if there are recommendations) to grab pushes to gitlab, run unit tests and if everything passes deploy the most recent version of my app.
The goal is to set it up on branches, so pushes to sage go to stage, pushes to production go to the prod server.
Scenario:
Using either digitalocean or Linode (not interested in AWS), what is the easiest way to reimage and reload a server?
I want it to spin up a server at a certain tier, build it out (presumably using Puppet to install everything), then fetch the source from Gitlab and deploy that. the issues I'm concerned about:
1. Is it normal for a ci/cd to do this? Is there a better way to set up deployments?
2. I would likely be using a public key to pull from GH. How are these stored so that they can be given to new instances?
3. If I have stage.foobar.com and foobar.com (stage/prod), what's the best way to quickly update these dns entries so that the newest server can be reached at that domain? I'm trying to keep the previous one up until the new server is spun up and ready, if that makes sense.

If there are any issues with my logic/ideas, please let me know.
Thanks,

https://redd.it/p1c502
@r_devops

Git branching - long-running QA branch?

I asked about my branching strategy a couple of months ago so forgive me for bringing up a similar topic again. Basically, I am struggling to define a correct flow for my org. Right now we merge head of develop branch to the test branch which deploys everything to QA.

Now I know this is wrong and a better way is to tag the develop branch, or create a release branch (RB) off of a point in develop where the release can be done. However, I am uncertain if that will work for us since none of the QA knows git operations, and I am sure the RB (or tagging) needs to be done by QA since they know best what can be released (right?).

Additionally, we have a lot of devs but limited QAs and hence they have very limited bandwidth to test features. As such, they cannot test features that are not meant to be released. For example, if we only mean to release features 2 and 6, they create an RB off of develop up until feature #6, but now they are forced to test 1, 3, 4, and 5.

What I am thinking is to let QA pick up features to be merged into develop branch and then merge that to the test branch.

Is this approach wrong? Any better alternatives?

Also, out of curiosity, who handles the git operations at your org? I am talking about creating RBs, releasing them to QA, prod, etc. (Aside from merging feature branches to develop- which is taken care by devs in most cases)

https://redd.it/p1aj7w
@r_devops

how do we include the "Certification" portion?

Hi experts,

I did a foundation course on Cloud native course. In one of the exercises, we have to set up a argocd-server-nodeport.yml.

However, I realised there is something that is "left" out - which is the Certification portion when a port is HTTPS based.

Can someone tell me how exactly is the HTTPS part should be done to make it complete ?

Here is the yaml file:

apiVersion: v1
kind: Service
metadata:
annotations:
labels:
app.kubernetes.io/component: server
app.kubernetes.io/name: argocd-server
app.kubernetes.io/part-of: argocd
name: argocd-server-nodeport
namespace: argocd
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30007
- name: https
port: 443
protocol: TCP
targetPort: 8080
nodePort: 30008
selector:
app.kubernetes.io/name: argocd-server
sessionAffinity: None
type: NodePort

https://redd.it/p138ft
@r_devops

ELII - CI/CD, Github Environments and how testing works

ELII - Explain Like I'm an Intern

I've been picking up more and more responsibility and have the opportunity of employing devops culture into my workplace. Yay! But I'm not under the tutelage of another, more seasoned, devops. I'm the defacto guy. So I'm working as I know, supporting the devs as I can.

I want to take it one step further.

We will be getting ourselves a Github Team (paid) and I'd like to take advantage of these:

* CI/CD;
* code owners;
* automated testing;

The problem is: I never had to implement none of these. I don't know how these work.

For instance, my company does, mostly, web/app development. Here and there some different products, but the basics are Magento installs, Wordpress installs, react native and node APIs, rails apps.

How to best approach CI/CD using Github in a way it's not disruptive to developers? I want to effect change but I don't want to be a nuisance. Also, who's supposed to "write" the tests? Me? The devs?

Kinda lost and it's a bit difficult to find concise texts on the web that don't overload the article with a lot of tangent content about other technologies that I might have some interest in the future.

Thanks in advance!

https://redd.it/p1gw5a
@r_devops

Do DevOps people need to be utility players?

*Please read first then put in your 2-cents in response to the question.*

Utility players - people with T-shaped skills - were rare in software teams until recently. DevOps is one of those spaces that management are pushing for utility players.

To my understanding, DevOps implies operations involvement in the whole SDLC to make sure the end product runs well. This means a breadth of systems that people in DevOps must be comfortable with -- essentially requiring them to be utility players.

A utility player is someone who can do several things competently

* You need to be comfortable with platforms, tools, networks, servers and databases and customer support to succeed in today's operations landscape
* Very different from the traditional throw-over-the-wall operational role

Ops of yesteryear

* Ops have been traditionally concerned about stability, so they used to set stringent controls on what kind of code is allowed to run on their systems
* In this environment, they dictate the need for extensive QA in staging, reams of handover documentation and releases only when necessary
* That luxury no longer exists in many fast moving software environments

And so we move forward to the new equation -- the DevOps equation where operators are sometimes so involved in the software, they are embedded in the sprints.

They make sure that plans are made so that resources are used judiciously, code is executed securely and quality is assurable. They are doing all the things in DevOps philosophy to make sure the end product that customers see works as intended.

For this reason, they need to have their finger in many pies -- including a good understanding of software planning and development.

https://redd.it/p1girx
@r_devops

Regression testing plaforms recommendations?

Hi There!

I work for a large dinosaur corp. Our application comprises of a couple million lines of code. We've been switching our SVN to git and using github enterprise do develop our CI/CD pipelines.

​

We also have an independent house build regression platform that works of batches of jobs, testcases that're written in perl predominantly. We manage a UAT environment of \~2000 servers of most OS' (even random old stuff like HPIA). Our regression platform/dispatcher will basically dispatch jobs to servers based on things like regression classes/OS level etc. We have our own builtin dashboards to view stuff like the job queues and run reports (basically html/sql pages) and a workers dashboard that we can use to manage our workers (user id's on servers), such as enabled classes and software releases to test etc. Doing my best to describe this but I honestly never bothered FULLY understanding the nuances of this couple decade old platform.

​

Does anyone know of any available platforms/softwares (ideally open sourced) that would be good to help replace this. Essentially a job dispatcher with good queuing functionality, worker management and reporting dash-boarding.

​

Apologies for the lackluster description and/or lack of regression/testing knowledge that'd have made this an exceptionally painful read LOL

​

Edit: Adding some more info about the application. Not much front end/api testing to do. More so function verification, backend stuff. OS level commands etc.

https://redd.it/p1itbt
@r_devops

Microservices are social constructs

>We can draw application boundaries in hundred arbitrarily different ways... There's little [hard\] science in how this work, and in many ways these boundaries are drawn primarily by human inter-relationships and politics rather than technical and functional considerations.

In summary, if you want to have more robust services, get better at communicating and collaborating, as well as building up political capital.

https://redd.it/p1jjba
@r_devops