What to expect from a Junior DevOps technical interview/assessment?

Hello folks! I recently applied for a Junior DevOps position and was able to successfully pass through the first round (!!) (a language test). I'm incredibly happy for this chance. However, next Friday I'll have an interview with someone from the engineering team and will be assigned a technical test to measure my skills. I'm nervous since I'm not sure what to expect from this test. I feel comfortable programming in Python, I know some Docker basics as well, and I'm also studying the basics from a AWS SA guide (just in case). May I ask if anyone can suggest me what other skills should I brush up? Any advice would be kindly appreciated.

Thanks in advance. Stay safe and healthy.

https://redd.it/pqghbf
@r_devops

Best secure practice to store environment details

I want to learn about the best practices to store all environment details to be accessed by other devops folks.

The use case would be something like once the infra is up all the details like ip, login details etc should be securedly stored but in a human accessible format.

https://redd.it/pqgwu3
@r_devops

How to Integrate legacy API with AWS API Gateway proxy

https://towardsaws.com/how-to-integrate-legacy-api-with-aws-api-gateway-proxy-9e1c52d35bab

https://redd.it/pqfkua
@r_devops

Security concerning Flask and AWS Products

Hello folks, so I'm used to deploy Flask and Dash Plotly apps (shared on private git repository) on EC2s connecting to S3 and RDSs using boto3 and SQLAlchemy respectively.

These apps have reports on public information, so it's no big deal them being public so basic flask authentication and security groups on AWS are quite fine.

My current problem is that now we might need to store some sensitivity information on S3 and RDS. I'm looking for advice with some devs in house, but I'd like to be prepared to talk to them.
What are some measures I could take to keep my app from being attacked and my storages safe?
I know that http is a problem and someone can put themselves between the client and the server, but what else should I be considering?
Should I use django for example? Is configuring nginx enough?

If the question is too loaded, answer only a bit, but thanks anyway.

https://redd.it/pqbq37
@r_devops

Auto-create SSL certificate - Python

Hello,

I'm a developer, and I'm trying to make a script that created the SSL certificate automatically, and I need to ask if there is any pioneer in the SSL certificate industry, that provides an API to get the certificate from the CSR key that's I have been generated from OpenSSL command line.

​

Note: the script would be on python

​

Many thanks

https://redd.it/pq5nux
@r_devops

How hard is it to land overseas with a devops job?

Has anyone have experience relocating/applying directly to an overseas country which requires visa sponsorship as a devops engineer?

Im a 3yr devops guy looking into canada or US.. but seems like company needs to sponsor the visa which makes it hard.. i thought devops would be relatively easier since its high demand? Anyone have any idea?

https://redd.it/pqpr2g
@r_devops

My Ansible and Terraform tooling in one docker image.

**https://github.com/bluxmit/alnoda-workspaces/tree/main/workspaces/ansible-terraform-workspace**

I'm used to running Ansible and Terraform on one of the infra servers, and happy to share the image I've made for that. It has OSS tools to visualize terraform infrastructure and state; schedule ansible playbooks, monitor executions, observe plays, etc. Can run in the cloud, has auth, https.

Includes Cronicle, Ansible Ara, cmdb, Ansible inventory grapher, Ansible playbook grapher, Terraform Rover, Terraform Balst Radius, and many more.

I hope someone finds it useful

https://redd.it/pqu2ra
@r_devops

Custom alarms in AWS

In our production environment we want to put an SNS alarm for whenever a S3 bucket is created and deleted and when any table is created in Dynamo DB or any new security group is added, and more. We have alreadt enabled Cloudtrail but when I enable "Data Events" for s3 and DyanmoDB is sent around 50 mails for every object is created in the selected bucket for Cloudtrail logs and we don't want this spam.

How can we achieve that?
Thanks!

https://redd.it/pqucnu
@r_devops

What does it mean to go from Waterfall software delivery to DevSecOps software delivery?

Work for an old fashioned company, I have no illusions that we do things in a dated fashion.

Code is delivered waterfall style via big projects that must hit certain milestones and features are delivered when they are ready. That means delivery dates often get pushed back and the user community really never knows when they are going to get updates.

We're bringing in some consultant firm apparantly to help us transition to a devsecops delivery style (be more agile is thrown around a lot)

I'm cool with that but I also want to understand more how that should look post-transformation so I can help myself and the consultants best do the actual work of transforming.

Is it simply making it acceptable to deliver smaller bits of features at a time? Is it about ensuring we have a CI/CD pipeline via github repository so everyone can check out/in code on the fly? Is it about making sure security is baked into every step of the process?

Help me understand what the actual software delivery process looks like in an old school waterfall style company vs one delivering it 'agile via devsecops' style? I feel I get the 'mindset & culture' change piece of this to reduce silos, but I'm struggling to comprehend if we are successful, how does that change my day to day delivery of software to the business. Thanks!

https://redd.it/pqwdkx
@r_devops

DevOps Responsibilities

Is the DevOps team responsible for where an application is deployed to? If so, is the team responsible for creating and maintaining the environment the application lives in?

https://redd.it/pqx7d2
@r_devops

Is getting a CKA cert worth it?

I have a bit of experience with k8s implementing long-term projects in our company. I kinda just learned things as I went along. Experience is with AKS on Azure and self hosted k8s.

What kind of companies care about the CKA cert? Who would be looking for it basically?

https://redd.it/pqxx9f
@r_devops

Messenger to slack and vice-versa

We have a messenger group chat, and basically, when a message is sent in that chat, I want it sent to a specific slack channel. Then when I type in the slack channel it is sent to that specific messenger group chat.

Is there a way to connect both applications together?

https://redd.it/pqzg0o
@r_devops

How to Integrate legacy API with AWS API Gateway proxy

The emergence of modern web and mobile applications, based on microservices exposing HTTP APIs, has highlighted the need to effectively integrate, deploy, decommission, throttle, and securing a plethora of heterogeneous web APIs.

In this article, we will see why and how to use the API Gateway proxy for integrating legacy APIs.

Full read on: https://towardsaws.com/how-to-integrate-legacy-api-with-aws-api-gateway-proxy-9e1c52d35bab

https://redd.it/pqzxpa
@r_devops

How do you find where the rsync process is coming from?

How do you find where the rsync process is coming from? We have a rsync process, but I am not sure what's the thing that initiate it. I looked at our cronjob running from the Wordpress project, looked at the code, and I don't really see anything that might be running it, but I know it's there, because I think I ran iotop and saw it. What are some helpful commands that would allow me to find it?

https://redd.it/pqyp0z
@r_devops

Most commonly used task manager amongst Python Devs?

What is the most commonly used task manager amongst Python Devs?

https://redd.it/pqwnkq
@r_devops

DevOps Technical Interview (Python)

Hello Everyone,

Let me just start off with some context. I'm a third year undergrad student studying Information Systems and pursuing a Finance minor. I will be graduating in three months (Dec 2021). At this point in time, I've interned as a DevSecOps Engineer for a DoD contractor and a Cloud Engineer Intern for a small consulting startup. I have an AWS Solutions Architect Associate cert as well as a Cloud Practitioner cert.

I've spent the last few weeks pumping out applications in hopes to beat my return offer from my previous internship and allow me to live somewhere more suitable to my likings. At this point, I've been interviewing with one company that I find really fascinating. Job Title: Devops Engineering (For Upcoming University Graduate).

My first interview was more of a screening interview with a recruiter and she moved me on to the second interview which was considered the technical interview. I met with an engineering manager and he asked me some fairly complex AWS scenarios but nothing too bad. Mostly going over my resume and asking me questions about it. He seemed to like me a lot and told me I would be moving onto the final stage. He said it was going to compose of 4, 45 minute interviews one-on-one style with a devops or software engineer on the team. An hour later, the first recruiter called me back for scheduling purposes and told me that the third stage was going to involve coding. I asked her about the style of the interview questions and she said it was going to be geared towards python and she said something like "I think there are going to be algorithm questions as well" but again she's only the recruiter and I do not know how much of the interview process she's involved with.

My python skills are incredibly mediocre at best as Information Systems does is not Computer Science. I have taken an Object Oriented Programming course in the past but it seemed to be geared more towards business applications. My on the job coding experience has mainly been boto3 scripting/shell scripting/aws cli/Dockerfiles/Buildspec/Appspec etc.

I have done maybe 5 leetcode questions in my life as I focus more on cloud infrastructure than programming. As an aspiring devops engineer, should I know a handful of algorithms and how to do leetcode? I feel as if my degree has let me down in terms of knowing how to program. Does anyone have any advice on how I should prepare for this technical interview? I have about 4 days to prepare.

Thanks!

https://redd.it/pqzdf0
@r_devops

GitOps tools in comparison

If you want to switch from classic CI/CD environments to GitOps, then you can choose from any of a large number of available tools. However, it is not always easy to tell which features they support and how suitable they are for your project at first glance. This article provides help in making a decision.

https://cloudogu.com/en/blog/gitops-tools

https://redd.it/pr3jkt
@r_devops

Consume REST APIs in microservices best practices

So we have a bunch of the usual architecture. Microservice 1 emits an event. Since validation and agreements about the events are sh*t and no FIFO is enforced, the event only contains the bare minimum of information. Microservice 2 eats the event, then queries out the API of microservice 1s backend to get the actual most up to date information and updates the backend of microservice 2. Pretty standard so far. Both implementations are in PY.

My question is, how would you guys go about this. I have seen 2 common approaches.

1. Microservice 2 uses requests library to make requests according to the OpenAPI spec of the API of microservice 1s backend. This is implemented by the developer reading the OpenAPI spec and then using requests accordingly. There is not really anything more to it, no validation on the answer, no SDK generated, just that.
2. Microservice 2s developer generates an SDK for Python, implements the API call with it, validates the response and commits the whole shebang (including possibly the OpenAPI spec) in Version Control. With some enhancement sorcery even the replies from the API can be validated.

Both developers pray to God no turd updates the API to cross over spec or release a zillion new versions.

What would be the preferable way to do this be in DevOps. How would one maintain the best amount of control in the codebase and the least amount of work. Are there even better patterns with this?

https://redd.it/pr5zif
@r_devops

Does anybody use dockerised bitwarden?

I want to switch KeePassxc to something else. I'm using it with Dropbox (previously meganz) It seems like some passwords disappear.

Ive seen a lot of good reviews about Bitwarden but i don't like the idea to leave my passwords in hands of some external company no matter how secure and open source this solution is.

So does anybody uses self hosted Bitwarden?

https://redd.it/pr9otu
@r_devops

Cheapest Image/Video cloud storage for 2021?

Hey all,

Planning to deploy my site with Heroku. I also need image/video cloud storage for my site (eg;a user can upload an image). From my research, Wasabi and Backblaze b2 seems to be the cheapest option. But I think backblaze charge for API calls where Wasabi does not - meaning mighBackblt be cheaper as a user can upload their profile picture in my website.

I'm wondering if I'm missing anything cheaper.

​

Thanks!

https://redd.it/pr9dzh
@r_devops

Custom emails from SNS

I have set up some alarms from Event Bridge for some alerts but the thing is those emails are not very readable. So can we do something like put a lambda function in between which makes those alerts readable or atleast filter some keywords that are useful to us?

If yes, how can we do that? I mean if someone can help me with the code, it would be very helpful.

Thanks

https://redd.it/prc1iv
@r_devops