How do you deploy to the test environment?

This might be a silly questions, but I need a little help.

So I have a test server (in aws) which I need to connect using Jump-host.

I have all the config file for deployment. But I am not able to clone the repo from my test env.

Could you please tell me what should be my approach?
Thank you!

https://redd.it/ppweon
@r_devops

Some Cross-chain Bridges

1. Rainbow Bridge

Supported: Ethereum, Near, Aurora.dev

Link: https://ethereum.bridgetonear.org/


2) Hop Protocol

Supported: Ethereum, Polygon, XDai, Optimism, Arbitrum

Link: https://app.hop.exchange/

3) Xpollinate

Supported: BSC, Polygon, XDai, Fantom

Link: https://xpollinate.io/

4) Celer Bridge

Supported: Ethereum, BSC, Polygon, Arbitrum, XDai, Fantom, Avalanche, Optimism, OkexChain, Heco

Link: https://cbridge.celer.network/

5) AllBridge

Supported: Ethereum, BSC, Avalanche, Heco, Polygon, Solana

Link: https://app.allbridge.io/bridge

If you know more, do comment!!!

https://redd.it/ppy6mt
@r_devops

New to gpu devops - how to dev/test?

Hello. I have been doing journeyman devops for long time, but it was all either service based stuff, or simple app development/deployment stuff. Classic tool chains like Vagrant, terraform, docker, virtualbox, google actions, circleCI, fastlane, etc.

I have a client that wants us to build and deploy VR applications onto their VSphere stack, using CloudXR and GPUs to provide services for clients in an experiment. This will eventually scale very wide, again for experimentation.

The challenging thing that I can't unravel is how to dev/test that locally before I have to touch their big iron. We are, of course, all remote, and the big iron is still in development, and we don't have the resources to have two instances to play with simultaneously. And, in the future, the big iron will be air-gapped.

How can I emulate this in my home office (remote worker) using desktop computers, to test my build and deploy before I push to "production"? What tools would be best to use in this case?

So, if anyone has a hint, a white paper, a google term, a youtube video that would help accelerate my learning process and make this more efficient, I would appreciate it. Avoiding costly licenses of VMWare would be a plus.

https://redd.it/pq3f50
@r_devops

Making a good first impression in my first DevOps interview?

I'm new to Computer Science and primarily a Software Engineer. I recently got an interview for an entry-level DevOps position, and I'm curious what people think is important information to study up on before my interview in about a week.

https://redd.it/pq3nfu
@r_devops

What are some commands you can use to see what's causing a slow down on a server?

iotop
top
SHOW FULL PROCESSLIST

I am running these, but I am not sure how to be 100% sure what's causing the issue. I did top and saw that idle time was low and I/O wait was high and CPU user time was high, I think the culprit is a rsync process, but the top process always shows me that the mysqld process is the process that uses the most CPU. So I am not sure how to check, I tried SHOW FULL PROCESSLIST, but it doesn't show me anything particularly strange, and doesn't tell me that there's a rsync, at least I don't see any SQL query, maybe I missed it meaning it was already gone by the time I ran it. There's a lot of sleeping processes. 603 and only 2 not sleeping. The % the mysqld process uses is 695% in terms of CPU, and the other processes below it are using roughly between 20% to 10% and they're php-fpm, redis and php processes. So how do I know if I should upgrade or not? I think we need to upgrade, but I am not sure how to check the exact reason why.

https://redd.it/pq658v
@r_devops

Best devops interview question, choose one?

1. How is your pipe game?
2. How is your pipe game?
3. How is your pipe game?
4. How is your pipe game?
5. How is your pipe game?

https://redd.it/pqa5di
@r_devops

How would you deploy this build? Next.js, Redis, Express API, PostgreSQL on AWS?

I have been getting into devops for the past weeks and not sure if I am overengineering and need guidance on my pipeline order of operations.

Background: I am a one-man dev that wants automate as much as possible while having a build that can handle some sort of scale and don't want to be scrambling if my app gets more users. I plan on going with AWS mostly. I am building my own SaSS. Want to be Cloud Agnostic for the most part.

The Tech Stack:

1. Users access Next.js frontend
2. Next.js backend (Koa.js) connects to Elasticache (Redis) for session storage, Public Subnet
3. Backend Express.js GraphQL API connects to RDS (PostgreSQL), Private Subnet

My Pipeline (My Order of Operations may be wrong):

1. Terraform and source code push to feature branch
2. Pull Request to Master Branch
3. Github Actions detects pull to Master and builds Docker Images and pushes to AWS ECR (Elastic Container Registry) Choosing over Docker Hub because my images aren't that large so AWS ECR is better.
4. AWS EKS (Elastic Kubernetes Service)
5. Worker Nodes will be Fargate
6. Frontend (Next.js) will have LoadBalancer Service
7. Backend (Express.js) GraphQL API will be ClusterIP Service for only internal Cluster communication.
8. I don't plan on having Elasticache (Redis) or RDS (PostgreSQL) as part of K8s Pods

I guess I am unclear at what part Terraform manifest file gets executed. I feel like I have no choice to use a container orchestration tool because how else will I know about my container's health. Like if I just use Docker as a standalone, I won't have any insights. But I hear that K8s is overkill for my application type since it really is just mainly is a frontend and backend API.

Still on initial stages of research, for Logging and Monitoring.

Logging:

1. FluentBit = EKS Worker Node (Fargate) Logging Agent
2. Logging Backend? Haven't decided yet...

Since EKS Control Plan is managed, I am assuming I do not need to do logging for that.

Monitoring:

1. Prometheus
2. Possibly use Grafana with Prometheus

I feel as if a lot of this is mandatory, I mean going EKS without logging and monitoring seems like a bad idea. But then again, I am new to this whole devops thing.

https://redd.it/pqc4ok
@r_devops

Which of the following is more important for DevOps?

There is a constant tug of ware between enabling developer velocity, risk reduction and cost reduction.

View Poll

https://redd.it/pqemfc
@r_devops

How do you handle the apps (e.g., open source tools) that do not have built-in SSO support?

Love to hear your thoughts.

View Poll

https://redd.it/pqeazv
@r_devops

What to expect from a Junior DevOps technical interview/assessment?

Hello folks! I recently applied for a Junior DevOps position and was able to successfully pass through the first round (!!) (a language test). I'm incredibly happy for this chance. However, next Friday I'll have an interview with someone from the engineering team and will be assigned a technical test to measure my skills. I'm nervous since I'm not sure what to expect from this test. I feel comfortable programming in Python, I know some Docker basics as well, and I'm also studying the basics from a AWS SA guide (just in case). May I ask if anyone can suggest me what other skills should I brush up? Any advice would be kindly appreciated.

Thanks in advance. Stay safe and healthy.

https://redd.it/pqghbf
@r_devops

Best secure practice to store environment details

I want to learn about the best practices to store all environment details to be accessed by other devops folks.

The use case would be something like once the infra is up all the details like ip, login details etc should be securedly stored but in a human accessible format.

https://redd.it/pqgwu3
@r_devops

How to Integrate legacy API with AWS API Gateway proxy

https://towardsaws.com/how-to-integrate-legacy-api-with-aws-api-gateway-proxy-9e1c52d35bab

https://redd.it/pqfkua
@r_devops

Security concerning Flask and AWS Products

Hello folks, so I'm used to deploy Flask and Dash Plotly apps (shared on private git repository) on EC2s connecting to S3 and RDSs using boto3 and SQLAlchemy respectively.

These apps have reports on public information, so it's no big deal them being public so basic flask authentication and security groups on AWS are quite fine.

My current problem is that now we might need to store some sensitivity information on S3 and RDS. I'm looking for advice with some devs in house, but I'd like to be prepared to talk to them.
What are some measures I could take to keep my app from being attacked and my storages safe?
I know that http is a problem and someone can put themselves between the client and the server, but what else should I be considering?
Should I use django for example? Is configuring nginx enough?

If the question is too loaded, answer only a bit, but thanks anyway.

https://redd.it/pqbq37
@r_devops

Auto-create SSL certificate - Python

Hello,

I'm a developer, and I'm trying to make a script that created the SSL certificate automatically, and I need to ask if there is any pioneer in the SSL certificate industry, that provides an API to get the certificate from the CSR key that's I have been generated from OpenSSL command line.

​

Note: the script would be on python

​

Many thanks

https://redd.it/pq5nux
@r_devops

How hard is it to land overseas with a devops job?

Has anyone have experience relocating/applying directly to an overseas country which requires visa sponsorship as a devops engineer?

Im a 3yr devops guy looking into canada or US.. but seems like company needs to sponsor the visa which makes it hard.. i thought devops would be relatively easier since its high demand? Anyone have any idea?

https://redd.it/pqpr2g
@r_devops

My Ansible and Terraform tooling in one docker image.

**https://github.com/bluxmit/alnoda-workspaces/tree/main/workspaces/ansible-terraform-workspace**

I'm used to running Ansible and Terraform on one of the infra servers, and happy to share the image I've made for that. It has OSS tools to visualize terraform infrastructure and state; schedule ansible playbooks, monitor executions, observe plays, etc. Can run in the cloud, has auth, https.

Includes Cronicle, Ansible Ara, cmdb, Ansible inventory grapher, Ansible playbook grapher, Terraform Rover, Terraform Balst Radius, and many more.

I hope someone finds it useful

https://redd.it/pqu2ra
@r_devops

Custom alarms in AWS

In our production environment we want to put an SNS alarm for whenever a S3 bucket is created and deleted and when any table is created in Dynamo DB or any new security group is added, and more. We have alreadt enabled Cloudtrail but when I enable "Data Events" for s3 and DyanmoDB is sent around 50 mails for every object is created in the selected bucket for Cloudtrail logs and we don't want this spam.

How can we achieve that?
Thanks!

https://redd.it/pqucnu
@r_devops

What does it mean to go from Waterfall software delivery to DevSecOps software delivery?

Work for an old fashioned company, I have no illusions that we do things in a dated fashion.

Code is delivered waterfall style via big projects that must hit certain milestones and features are delivered when they are ready. That means delivery dates often get pushed back and the user community really never knows when they are going to get updates.

We're bringing in some consultant firm apparantly to help us transition to a devsecops delivery style (be more agile is thrown around a lot)

I'm cool with that but I also want to understand more how that should look post-transformation so I can help myself and the consultants best do the actual work of transforming.

Is it simply making it acceptable to deliver smaller bits of features at a time? Is it about ensuring we have a CI/CD pipeline via github repository so everyone can check out/in code on the fly? Is it about making sure security is baked into every step of the process?

Help me understand what the actual software delivery process looks like in an old school waterfall style company vs one delivering it 'agile via devsecops' style? I feel I get the 'mindset & culture' change piece of this to reduce silos, but I'm struggling to comprehend if we are successful, how does that change my day to day delivery of software to the business. Thanks!

https://redd.it/pqwdkx
@r_devops

DevOps Responsibilities

Is the DevOps team responsible for where an application is deployed to? If so, is the team responsible for creating and maintaining the environment the application lives in?

https://redd.it/pqx7d2
@r_devops

Is getting a CKA cert worth it?

I have a bit of experience with k8s implementing long-term projects in our company. I kinda just learned things as I went along. Experience is with AKS on Azure and self hosted k8s.

What kind of companies care about the CKA cert? Who would be looking for it basically?

https://redd.it/pqxx9f
@r_devops

Messenger to slack and vice-versa

We have a messenger group chat, and basically, when a message is sent in that chat, I want it sent to a specific slack channel. Then when I type in the slack channel it is sent to that specific messenger group chat.

Is there a way to connect both applications together?

https://redd.it/pqzg0o
@r_devops