GCP vs AWS

You all might get a kick out of this.


Link

https://redd.it/p3wbx4
@r_devops

Monitor GitHub Pull Requests with Prometheus

I developed a new exporter so that we can get more insight into hacktoberfest contributions within my company this year. We're also thinking of giving prizes for top three contributors.

I hope others will do the same and find this useful!

https://dev.to/circa10a/monitoring-github-pull-requests-with-prometheus-57p2

https://redd.it/p217ut
@r_devops

Is DevOps a service or a process

I am very confused right now. I thought devops was the process of standing up a server, creating places to put code and data. IE linux server, sql databse. Getting code to the correct place and to make sure everything works the way it should using ci/cd. Soooo can someone explain what Azure devops, gitlab devops, teamcity, and aws devops is? I guess I'm mostly confused by the ci/cd. I don't need a devops service to do ci/cd.

https://redd.it/p3ymai
@r_devops

What to do when you feel stuck in an automation?

I'm new to this role, it's my first project and I'm working with a maven test for mulesoft that I can run in the Mulesoft IDE/Anypoint Studio but I'm stuck in automating it. I tried with my coworkers and they're all busy(also I'm trying yo learn, so I don't call very for help very often), also tried with developers and community/help forum. I'm stuck because I cannot run the test without the enterprise runtime so I got an error describing this and then I use the parameters from the documentation to fix the issue, but maven returns the same error :(

I tried everything that I knew, I tried running the IDE with strace to guess how it performs the maven call and what parameters it uses to work, I tried reconfiguring and also changing the runtime, the machine, the configurations and versions from Java and Maven, now I'm out of ideas and very frustrated. What do you do when this happens?

https://redd.it/p3z8ea
@r_devops

OSS Package Update Hygeine

It’s very tempting to think that once you pull in a React or an Angular, and then a bunch of other less reputable add ons that can add tens or hundreds of other dependencies to your project, to deploy and call it done. But packages may update frequently, dependencies change, maintainers may drop support quickly after major releases, and that large dependency tree is likely to catch some vulnerabilities.

So, I’m curious how well you, or the developers you support, do at keeping OSS dependencies up to date in 1st party applications. I find projects with hundreds of packages that are out of date by months and even years. Outdated on its own may not be the end of the world, but if you get out of date by years and a vuln is found, it may or may not be ported back to your major/minor release. Just taking the latest point release that fixes the vuln is an option if you’ve kept up to date, but can be daunting when you’re several major versions behind.

What have you seen? Do you enforce policies? How do you make sure development teams understand that free OSS isn’t free and the trade off in features comes with a responsibility to stay reasonably up to date?

https://redd.it/p4222u
@r_devops

Recommandations about an automated workflow architecture

I need to run tests on a product I created for my entreprise, and I need the flows to come from a lot of différents public IPs (not private. It's very important). These tests must be run in the cloud. These tests cost is important.

I created a workflow (to test the product) which explains that the x task can be run at the same time than the y task, but the z task must be run after the x and y tasks. Each task (x, y and z) are independent and can be containerized. I want to be able to run a maximum number of tasks at the same time and priorize them.

The workflow is a bit complicated but if it is followed, everything will be ok.

At the beginning, I was planning to create myself an orchestrator in Python. But considering that the tasks I want to run can be containerized, I think it will be by far easier to use containers orchestrators like swarm or kubernetes.

My problem is that the tasks (or the whole workflow) needs to be run for a very long time or even permanently. Then, it will cost a lot. As I said before, I need the flows to come from many different public IPs at the same time.

Then, considering the minimum hardware requirements of swarm and kubernetes (4 vCPUs/ 8 Go RAM per node for swarm and 2 vCPUs / 2 Go RAM per node for k8s), I think that the best for my project would be to use kubernetes and many 8$ / 2 vCPUs / 2 Go RAM VPSs.

Then, each k8s node/pod will run x tasks at the same time and with the k8s queue, I will be able to do exactly what is written in my workflow in parallel on all the pods / nodes (which are VPSs with 2 vCPUs / 2 Go RAM)

- Can you please give your opinion about that ?

Note : considering I need the flows needs to come from many public IPs at the same time (to simulate clients connections) I also go the idea to create the following architecture :
- 3 or 4 pods / nodes with each 8 or 12 vCPUs / 8 or 16 Go RAM
- 1 loadbalancer
- Use a /64 public IPv6 subnet (is that possible ? What's the price ?)
The flows of the containers running on the nodes will get out on internet through the loadbalancer and will be natted randomly with a specific IPv6 address. I gave a look at opnsense and pfsense virtual instances but I'm not sure these products can do that...

- Can you also give your opinion about that ?

Thanks a lot and have a good day.

https://redd.it/p441rs
@r_devops

MacOS user and docker networking limits and testing

So how are you folks getting around the limits of macos networking with docker and testing your containers? Do you just have an ecs cluster or something that you do your build tests on? Or are you building a local Linux vm and using that as your container host to test before pushing to your repo?

https://redd.it/p47ria
@r_devops

New devlog for my shoot em' up roguelike game Osore

Hey there, I just uploaded a new video on youtube about the progress I made the past 2 and a half weeks. Mainly it's about the new content I added to the game and new miner features.

Hope you enjoy watching the video, and don't forget to like, subscribe and all that good stuff ;).

https://www.youtube.com/watch?v=DEHSfjGeqSo&t=331s

https://redd.it/p4b69d
@r_devops

Anyone host kubernetes in digitalOcean? What are the limitations? Would anyone be interested in kubespray support for terraform?

I'm thinking about using DigitalOcean due to its relatively cheaper infrastructure costs and wondering if anyone here has noticed any limitations? Is there a reason why Kubespray doesn't have Terraform contrib added for it added yet that anyone can think of offhand? FYI no affiliation with them besides not wanting to pay $200+ per month for a Kubernetes Cluster in AWS/GCP (actually not sure if it's cheaper in GCP just know it's expensive af in AWS for a personal site).

https://redd.it/p4ffpw
@r_devops

Is it profitable to start your own Cloud or Software Consulting Agency ?

Anyone here at this sub owns cloud/software agency? Hows it going ? How did you start ?
Is it scalable ? What's the profit margin like ? How do you get client?

Currently work as Cloud engineer in the UK, thinking of going contracting but the idea starting your own agency and outreaching to client provide service seem also good. Wonders what everyone thoughts in this. Is it worth it ?

TLDR; Profit margin and scalability of starting cloud agency ? Is it even worth it. Better to stick contracting ?

https://redd.it/p4iizw
@r_devops

The Deployment Spectrum

As most others I've had the idea of a "deployment spectrum" floating around my head for a while, along with the history.

Often when describing the plethora of options on how to deploy a certain application or piece of infra/workload I find it useful to think of this spectrum (and where the client is along it), so I thought I would get it out there so I can refer to it from time to time.

There's lots missing (you'll notice I don't mention many cloud-specific options like Elastic Beanstalk, ECS, Cloud Run, etc), but I think its' a good 10k foot view of the landscape.

https://vadosware.io/post/the-deployment-spectrum/

https://redd.it/p4k3ma
@r_devops

Automatically Set/Unset Environment Variables when Changing Directories

This is a common pattern I see when auditing environments. I have done a few engagements where secrets exported automatically via .zshrc or .bash_profile can lead to exploitation of things like Jfrog/artifactory and AWS environments. This approach will set and unset ENV variables when entering and leaving a directory.

[Link to Article](https://mikemackintosh.com/automatically-setting-environment-variables-when-changing-directories-70757e7332fb?sk=90cbd3d19e60a61e28549b6f45a1fc08)

https://redd.it/p4k205
@r_devops

Advice for a New DevOps Intern

I've recently started a 12 month Software Engineering internship at a large bank in the DevOps team. I am a few weeks in and thus far I have just been learning as much as I can about the processes and tools, as this role is completely different to what I learned in my degree. I feel incredibly fortunate to have landed here the more I learn about this career path.

​

What advice would you give to someone who has just started and wants to get the most out of this career?

https://redd.it/p4mblv
@r_devops

Ideas for personal project with Python, Docker / Kubernetes.

Hi everyone,

So recently I have gotten into teaching myself Python and some docker, kubernetes / containers.

I was thinking that a good way to get more experience is using the knowledge I've gained to do a project where I combine everything. So basically build a app in python and then containerise the application and deploy it with kubernetes to integrate scaling, high availability etc.

Firstly does this sound like a good plan ? And secondly what would be a good app to build for a project like this. Something that is not super complicated would be good I assume.

https://redd.it/p4qd54
@r_devops

how do I learn to write script like this?

Hi,

After completing my foundation course in Cloud native course, I felt that I am like not even understand how this Docker file is written as appear in

https://github.com/exercism/website/blob/main/docker/dev/init.dev.sh

I would like to know how do I learn to create a docker file like that.

Is there any resources I can refer to for me to practise things.

​

Tks.

https://redd.it/p4r6u4
@r_devops

Helm Question -> How to inject values from DB for helm template usage?

Hi there,

Question for the community\~ Per the title, I have a set of values that I'd like to loop over when creating charts from a template.

However, these values are stored and updated in a SQL DB. Is there a way I can dynamically pull these values each time I deploy the chart? Was wondering if helm can do API calls, queries, or maybe I can write a custom function somewhere?

If not, any ideas for an alternative? Ideally, I'd like to avoid hard coding these values. Thank you!

uyt2190

https://redd.it/p4yrbi
@r_devops

What you called a company that doesn't have a good documentation

I'm working with a company that provides real-time payment solutions, I have been with the company for seven months as a DevOps and support engineer, the company lack of documentation about things like deployment, even the pipeline does not have a readme file, I feel that the knowledge is limited for a certain people. how do you deal with this?

https://redd.it/p4zwuo
@r_devops

Storing sensitive data in RDS

I'm new to aws and I'm trying to figure out how to encrypt data and here is a scenario.

I'm creating an app which requires a public and a secret key from users to access a third party service how can I store those keys in RDS? And once they are encrypted in the database how can I retrieve the unencrypted keys to access the third party? I searched youtube but all I saw was KMS how can I utilize that service and if there are other services for this purpose what are they?

https://redd.it/p4zsoi
@r_devops

How to land your first job as a DevOps Engineer

https://bradmccoydev.medium.com/how-to-get-your-first-job-as-a-devops-engineer-a0bffbbdc6b8

https://redd.it/p5441o
@r_devops

Is Oracle Cloud really a bad idea?

Hello everybody,

​

I am making a *very* egress-heavy webapp (lots of HD video) and am trying to decide between Oracle Cloud and DigitalOcean for infrastructure. It's worth mentioning at this point that I am the only guy working on this project and it is a completely self-funded venture. I also have to pay my lawyer and stuff to help make sure I'm doing compliance right, as the industry I'm in is one where you *do not* want to run afoul of the law.

​

Oracle Cloud's free tier seems pretty awesome, 10TB (terabytes) of free egress, and after that it's still cheaper per GB relative to AWS/Azure/GCP. DigitalOcean also has pretty cheap bandwidth, but building stuff on there will probably be a bit more work since I'd need to use Kubernetes to cheapen up things (I have many services I need to run instead of ready-to-use cloud services).

​

But... Oracle.

​

Think it's worth the risk if I use their cloud services and don't buy any licenses to anything? Or should I get over it and go with DigitalOcean?

https://redd.it/p53k25
@r_devops

Elastic APM (Java) experiences?

Is it any good? Does applications take notable performance hit when APM is used?

https://redd.it/p58g1d
@r_devops