Amber, Encrypted secrets management

Amber is an encrypted secret management solution tailored towards CI system. It allows the encrypted secrets to be stored as part of the git repository itself so that changes can be tracked over time. This is the announcement post with more details: https://www.fpcomplete.com/blog/announcing-amber-ci-secret-tool/

This is the github repository with the code: https://github.com/fpco/amber

https://redd.it/p77lvz
@r_devops

Grafana-Azure AD Integration

Hi there,

We have integrated Grafana with Azure AD to enable SSO login. We have created two groups Grafana-admin and Grafana-users on the Azure AD with different members. I need to assign the level of permission’s (admin, editor, viewer) so that the group “Grafana-users” only have the viewer access and “Grafana-admin” has the admin level access? I need help to understand where should I need to define this configuration?

Thanks, and I really appreciate your help on this.

https://redd.it/p798hc
@r_devops

EDI Analyst

Hello all,

I recently apply to a position with EDI (Electronic Data Interchange) Analyst title and my job tags said it belongs to data warehouse. My question is whether the job is devops related and can I gain some knowledge of devops by doing the role. Thank you.

https://redd.it/p78o4e
@r_devops

DevOps Guest Writer

Lucidity is hiring! We’re on the lookout for DevOps guest writers:

If you’re a DevOps/SRE engineer with experience handling AWS infrastructure at your org, and you also happen to write articles on DevOps-related subjects, then you’re the one for us.

We’re actively building out our guest contributors network and would love to team up with DevOps engineers to write insightful articles on managing AWS storage.

This is a fully compensated role and would be perfect for someone who is motivated to share their acumen with the DevOps community.

If you or someone you know fits this role, do drop a comment or you could also email me with some of your previous articles at [email protected].

https://redd.it/p7bjdr
@r_devops

Automating Terraform updates using Dependabot

Hi there, Dependabot received private registry and Terraform 1.0 support last month so I've decided to see it in action. If you're using GitHub as your VCS Dependabot might be something to look at :)

https://sysdogs.com/articles/automating-terraform-updates-with-dependabot

https://redd.it/p7d7l7
@r_devops

GitLab or GitHub/Azure DevOps

What should I make sure we ask about and look into? I have GitLab experience, I was surprised that the GitHub/Azure DevOps sales pitch actually sounded so good. Enterprise Architects are now doing a test run of each before making a decision. What would I regret not having brought up?

Context: large traditional enterprise that struggles a lot. I’m the new DevOps lead on a struggling/failing project looking to turn stuff around. It appears both would work for what I need, IoC (including pipelines!), GitOps, and automatic (not auto-manual!) deploys and rollbacks. If there’s anything I should look into now is the time to raise objections and point stuff out.

I know the “traditional” adjective sounds bad, and it is tbh. If I succeed in this role I’ll have to excel as a diplomat in addition to technical skill.

https://redd.it/p7e99u
@r_devops

Harbormaster: The anti-Kubernetes for your personal server

I thought the /r/devops subreddit might be interested in this project I just found!

https://gitlab.com/stavros/harbormaster

https://redd.it/p7frxs
@r_devops

Downloading from Artifactory

Hello, I am trying to download a package from our artifactory deployment using powershell.

Using Invoke-WebRequest I authenticate correctly however it doesn't download the file, only the loading page. Not sure if I'm missing a setting somewhere or not.

Invoke-WebRequest -Uri "https://artifactory:8082/artifactory/test/testfile.exe" -Headers $header -Method "Get" -ContentType "application/executable" -UseBasicParsing -OutFile "C:\\temp\\testfile.exe"

Any help or pointers in the right would be greatly appreciated.

https://redd.it/p7eyip
@r_devops

Devops Engineer interviewing process

Just got off a call with a company that said their final interview section is a 4 hour technical and personal interview. Is that common? Took my by surprise. I'll also add this isn't for a junior position.

https://redd.it/p7hs7p
@r_devops

Hey , I’m new to helm and all , is there a way to pull image from ECR to the pods created with helm value file?

I’m trying to make a git action to install helm via GitHub but my helm chart is in ECR

https://redd.it/p7ispa
@r_devops

nginx and trailing slashes

I have following config

server {
listen 443;
listen [::]:443;

location / {
proxy_pass https://svc1:3200/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-NginX-Proxy true;
proxy_read_timeout 3600;
}

location /backend-api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_pass_header Content-Type;
proxy_pass https://backend-api:3000/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
proxy_read_timeout 3600;
}

location /backend-api {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_pass_header Content-Type;
proxy_pass https://backend-api:3000/;
proxy_ssl_session_reuse off;
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
proxy_read_timeout 3600;
}

When I navigate to [https://example.com/backend-api/api/](https://example.com/backend-api/api/) I get API response

but when I navigate to

[https://example.com/backend-api/api](https://example.com/backend-api/api)

it redirects me to [https://example.com/api/](https://example.com/api/)

why is this happening? Why do I get this redirect without /backend-api/ part?

https://redd.it/p7d2cu
@r_devops

Starting a new consulting role. Any advice?

I've got two years of experience as a Devops engineer. My current company is super chilled out but I wanted more money and exposure to new technologies. I'm going to be starting my new job in just over a month. It's a consulting role and I'm a little nervous as I don't know exactly what to expect. What's some advice/tips you guys would give?

https://redd.it/p7nm36
@r_devops

History of PaaS: How Canon almost became a major cloud provider

Hey r/devops!

Here's an article about Zimki, the world's very first PaaS that belonged to Canon (the camera company). It also touches on the origin of AWS and the discusses the relationship between IaaS and PaaS. Thought it could be an interesting read!

https://blog.porter.run/history-of-paas-how-canon-almost-became-a-major-cloud-provider/

https://redd.it/p7n94h
@r_devops

AWS PrivateLink | MASTER the AWS PrivateLink | Demo, EC2 to SSM, and Troubleshooting

Hey everyone,

I'm sharing this video to show how to secure the traffic between your EC2 instances and SSM, by using a PrivateLink. With a PrivateLink, traffic remains within the AWS ecosystem so this is an ideal solution for compliance and regulations such as HIPAA, and PCI. Also, I cover a few troubleshooting scenarios and go into detail.

https://www.youtube.com/watch?v=pUDrVImuPpA

Shoutout to /u/tdk2fe for the suggestion and for giving me the idea. This video was fun to edit.

I try to make these videos digestible and easy to follow regardless of your AWS experience.

Let me know what you think, and thanks again!

https://redd.it/p7tx48
@r_devops

Need suggestions on Backend setup & Frameworks

Please suggest some backend setup &/or frameworks for the following task

- Fetch data from API-1

- Use API-2 to do some data manipulation

- then store the data on MySQL database

This needs to happen automaticilay once ever 24h

- Finally create my own API-3 which will serve data from my database. (No frontend required)

Ps. I want to run in it on a basic Apache hosting server. So, needs to be lightweight

https://redd.it/p7h7xb
@r_devops

USA Visa Applications for tech jobs

Anyone have experience applying for USA working VISA from Europe? I’m a DevOps Engineer and always wanted to work in the US tech community, I know getting a visa is difficult without a job offer and most companies hiring within the US.

Any tips, knowledge share and feedback would be greatly appreciated.

https://redd.it/p7co80
@r_devops

Setting up SES with Pulumi - A guide

I wrote a small guide to setting up SES with Pulumi that r/devops might be into, you can find it here:

https://vadosware.io/post/setting-up-ses-with-pulumi/ (You could also go straight to the code at the bottom)

In a sea of great options, Pulumi is my choice of infrastructure-as-code library because it actually is code and as a result very flexible.

I've got a huge bent for running my own infrastructure, so I'm always interested in how I can make cloud stuff divert/key off of my own external infrastructure/resources. To that extent, Maddy is mentioned in this post and I encourage everyone to look into it for running a mail server, it's pretty sweet. It's relevant because I set up the DKIM, SPF, etc to support maddy as well as SES -- I could send all my email through maddy but I choose to use SES and keep the second option (receive/send through maddy, send from applications through SES).

Hope you enjoy the post and learn something!

https://redd.it/p7xz6v
@r_devops

Which one should i pick Github Action vs Gitlab?

Hi, i recently joined an internship as DevOps Eng and i was asked to figure out best CI/CD tool and i went through this post https://www.reddit.com/r/devops/comments/ls7lzk/cicd\_if\_you\_were\_to\_start\_over\_what\_tools\_would/ where i noticed whether Github Action or Gitlab would be good choice to start, since our company using Github for repo so which one would be best CI/CD according to your opinion?

THANK YOU so much for your time.

https://redd.it/p81iny
@r_devops

What are the things we as engineers don't spend enough time on?

We often have to balance many tasks and often conflicting priorities, so I was wondering what are the 10 things hard but rewarding activities we don't spend enough time on but would be beneficial to do more of...

So in my opinion, what I'd definitely like to dedicate more of my focus on:

​

1. Backups & Preventing Accidental Deletion

2. Naming Things

3. Code Reviews

4. Problem Definition

5. Architecture and Design Decisions

6. Alignment with Other Teams

7. Giving Praise Where It Is Deserved

8. Hiring

9. Reading Logs

10. Communication

​

I actually put them in an article where I elaborate a bit more on why I think so. But intrigued to know what would you add to the list?

https://redd.it/p8366l
@r_devops

AWS SSO and the Lost IAM Keys

Wrote a new blog about AWS SSO and IAM Keys challenges and best-practices :

https://www.cloudquery.io/blog/aws-sso-and-the-lost-iam-keys

https://redd.it/p85w2g
@r_devops

CNCE #2

Hello everyone!

The ChaosNative community is glad to invite you to the Cloud-Native Chaos Engineering Workshop #2 where you can network with tech geeks around the world. Get yourself exposed to the world of resiliency and reliability. We will be having interactive talks and discussions with our experts about:

1. Hands-on experience with a workshop on Cloud Native Chaos Engineering which introduces you to the basics & fundamentals of Chaos Engineering. 

2. A sneak-peek at the latest evolution in the Cloud Native Chaos Engineering world with LitmusChaos 2.0. 

3. A demonstration of running Chaos experiments in just a few steps!

Mark your calendars for 9th September 2021, 9 PM IST

Register here: https://www.chaosnative.com/cnce-workshop

https://redd.it/p85e7m
@r_devops