DevOps for network infrastructure?

Hello, I was wondering if any of you all out there had experience and lessons learned with using tools like terraform/ansible to manage your network infrastructure: things like routers, firewalls, switches, etc.

https://redd.it/prfhgi
@r_devops

Help me find a DevOps thesis topic for my master's degree.

I am new in the world of DevOps and need to find a topic for my thesis, and I want to find a topic that will help me to improve as an engineer and get my diploma at the same time.

https://redd.it/pre0on
@r_devops

Do I need SSL configs for production?

https://github.com/sowmenappd/load\_balanced\_nodejs\_app/tree/main/nginx

​

I tried this config and it works well on localhost, but I am wondering if I need some SSL config to deploy it to production.

​

ssl on;

sslcertificate /etc/ssl/ssl-bundle.crt;

sslcertificatekey /etc/ssl/ssl-tutorials.key;

Do I just need to add these files after getting my certificate files from SECTIGO and put it inside the nginx config inside my docker box? Not sure if there's more to it than that.

​

[https://www.ssls.com/knowledgebase/how-to-install-an-ssl-certificate-on-a-nginx-server/](https://www.ssls.com/knowledgebase/how-to-install-an-ssl-certificate-on-a-nginx-server/)

​

I am wondering if I just paste it inside of here:

​

server {
listen 80;
location / {
proxypass https://lb;
}
}

​

https://redd.it/prjgq1
@r_devops

How do you find where the rsync process is coming from?

How do you find where the rsync process is coming from? We have a rsync process, but I am not sure what's the thing that initiate it. I looked at our cronjob running from the Wordpress project, looked at the code, and I don't really see anything that might be running it, but I know it's there, because I think I ran iotop and saw it. What are some helpful commands that would allow me to find it?

https://redd.it/prm5r8
@r_devops

Top DevOps tools that are worth trying

Find out here the top DevOps tools such as Git, Jenkins, Docker, Puppet and etc.

https://technostacks.com/blog/devops-tools

https://redd.it/prppk1
@r_devops

A first update on our DevOps/Cloud/SRE salary survey

🎉 We have a little update on our salary survey which we launched roughly three months ago (check out https://salaries.devops-jobs.net/ if you haven’t yet) and needless to say we’re still pretty excited about it.

About four weeks after the launch we enabled the download feature on the site so everyone can get the latest dataset in JSON and CSV format. Furthermore there’s now a weekly sync of these results to a dedicated github repo as well.

As initially announced, but not yet implemented during that time, we built our own FX data API to provide free and public currency data (yes, you can use it as well if you like!) for the Forex calculations taking place on the dataset in the salary_in_usd column. This is because we allow people to fill in their annual salary in their home or actually paid out currency and then do the work for you to translate that into its corresponding USD amount (yearly average) for better comparability/reference, with data provided by the Bank for International Settlements (🏦 the bank for the central banks, basically).

Well, it’s always fascinating how much effort can go into something seemingly simple like a salary survey (hint: way more than you anticipated). But still, it looks like it’s worth the effort.

We also put in some more descriptive information on the download page about what each column in the dataset represents or how to interpret it. Should be pretty straight forward by now, and hopefull very easy to work with.

Now the plan is to keep this site up there indefinitely for the future to collect remote work salary information year by year on an ongoing basis. With this in mind it should be a good reason now to share this with your colleagues and friends if you haven’t done so yet. 😉

It’ll be very interesting to see how much data we can gather in the long term, and also keep in mind that all this is in the public domain (though mentioning the data came from us would be nice and also increases the amount of data available to share). Meaning it’s free to use by anyone for anything. 🙂

Last but not least: Many thanks to all of you who filled out the survey form and shared the site with others. That’s pretty awesome! 💪

Original article: https://insights.devops-jobs.net/a-first-update-on-our-salary-survey/

https://redd.it/prq6yj
@r_devops

Netflix for Cloud Native Technologies

Hi all.

I’ve spent the last 12 months of my life streaming 3-5 times a week, providing over 150 episodes and 400 hours of hands-on tutorials and introductions to CloudNative technologies.

https://rawkode.live

It’s all available and free on YouTube.

I really hope people find this material useful and I’d encourage feedback and suggestions for new episodes.

I hope I can make your Cloud Native journey just that little bit easier.

Thank you 💖

https://redd.it/prs23m
@r_devops

How can I access the app in my local system?

So, I have an app running in a remote server (aws ec2) which I can ssh through a jump host I have in a pub subnet.

I have successfully deployed the app in the server and checked using curl that it's up and running.

However, how can I view it in my local system? I don't think I can access it using localhost:<portnum>?

How should I proceed and configure?

Thank you for your help!:)

https://redd.it/prtz1h
@r_devops

Deploy to AKS from GitHub Actions

Having an automated way to deliver and deploy an application to your Kubernetes cluster is a great way to ensure speed and efficiency with software updates.

In a hosted environment, both for the Kubernetes cluster (AKS) and the CI/CD pipeline (GitHub Actions), there can be many challenges for continuous delivery/deployment:

- How can we trigger a pipeline run from a git tag push?
- Where can we privately and securely store the application container images?
- How can the CD runner access the Kubernetes cluster and the container registry?

All of these questions are answered in this blog post!

https://redd.it/prvzq0
@r_devops

Do you end up being tech support for the dev team?

The number of times I end up troubleshooting a devs computer issues is getting too damn high

https://redd.it/prvwu5
@r_devops

Remove your secrets from personal repos!

I decided to run a couple of GitHub dorks over the weekend. One of the queries I used to search code is "authorization+bearer+NOT+secrets+NOT+TOKEN+in:file+path:.github/workflows". People keep storing secrets on GitHub Workflows, especially on their personal "experimental" repos, such as:

\- This token is valid to https://hacker-news-delta.vercel.app/api/email-digest

\- This token allows the user to CRUD the database on https://api.notion.com

I created PRs to fix these issues, but didn't see any action on them yet.

Bottom line - all main branches in your publicly available repos are searchable by GitHub's APIs, so be careful with secrets!

Feel free to add tips on how to validate secrets are not pushed to your repos.

https://redd.it/pru88t
@r_devops

Anyone here have any good resources for learning Go, besides the obvious?

I'm looking for tutorials to learn Golang, or really good books, or courses that take a project based approach to learning, e.g. actually building apps to learn concepts rather than just going over general syntax. Anyone have good recommendations? Here are a few resources I've looked at so far:

https://www.udemy.com/course/go-programming-language - seems to be on point. Favorite course so far.

https://learning.oreilly.com - most books I've looked at don't go into too much depth, or if they do, they don't actually show how to apply concepts in real world projects.

https://gobyexample.com - don't like that it doesn't take a project based approach.

https://redd.it/prvyhe
@r_devops

Where do you store repository specific DevOps / Makefile scripts?

Let's say you have a bigger Python project and you have scripted a more involved test in a shell script so that you can easily run the test suite locally but also in your CI/CD pipeline. Basically documentation as code. In which folder do you store these type of files?

Currently I'm putting them all into:

$projectroot/bin

But this clashes for example with projects that use Java as Java places its binaries into this bin directory. So maybe this is better:

$projectroot/.local/bin

Maybe you don't use scripts like this at all? What do you use instead?

https://redd.it/prtvu6
@r_devops

Maven

Hey guys, hope this is the right forum. I have a pom file in my project. When i do mvn clean install, it throws "plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved..." error. I'm doing this on my company's gitlab and it cant connect to anywhere outside the internet. We have a package for maven clean plugin in our jfrog. I'm thinking that I have to somehow reference this package on my pom.xml file. Does anyone know how to do this?

https://redd.it/ps31kq
@r_devops

DataDog to forecast anomalies?

I am building a monitoring dashboard for our infrastructure and really like the anomaly detection and forecasting alerts and corresponding widgets in DataDog. However, I am frustrated that they cannot be used in tandem.

Rather than setting a threshold to alert me when we are foretasted to hit it, it would be great if I could be alerted when we are projected to have an anomaly, so my static threshold updates as the system does. I was trying to explore ways to leverage the API to programmatically get that anomaly level from the anomaly alert and then use it to set the forecasting alert, but I do not think this is possible.

Does anyone have any experience trying to do something like this or know where I may be able to get some advice on the matter?

https://redd.it/ps42ba
@r_devops

Prometheus

Hi guys. I’ve configured my alert manager so that I receive alerts in web hook url. I can see the alerts in alerts dashboard. But they are not being to sent to the url. Please help. Thanks.

https://redd.it/prvchj
@r_devops

Small exercises with full devops cycles for beginners?

I'm tryin to get my feet wet in the field. Is there any exercises available online that I can practice to understand how devops works?
I'm talking writing a small code, pushing it to git, using Jenkins to build and deploy and pulling the built in aws machine.
Thanks

https://redd.it/ps6c2q
@r_devops

The things don't make sense in the SushiSwap's MISO launchpad hack:

According Theo SushiSwap's CTO: An "anonymous contractor" with the GitHub handle AristoK3 and access to the project's code repository had pushed a malicious code commit that was distributed on the platform's front end. What is ANONYMOUS CONTRACTOR?!?!

As confirmed here: "I have seen PRs with more than 40+ files changed that instantly got approved". Obviously, it doesn't make sense unless you are roadrunner!

https://redd.it/ps30p5
@r_devops

How do developers handle developing large scaled dockerized applications locally?

I am currently working on a fairly large scale project (upwards of 250 docker containers), which has complexe dependencies on multiple APIs and front-end applications. The staging and production infrastructures are running on Kubernetes. My team is made up of approximately 50 developers all running macOS on company laptops. We are split up into teams that each work on specific parts of the project. Some are front end developers, some are backend developers. Currently we all develop on our laptops locally using either locally installed dependancies or via docker containers (mongoDb, PHP, RabbitMQ…) but we are limited to installing only the specific part of the project we are currently working on as it does not seem possible to run the whole project at the same time on each developers laptop, but this method is very clunky, and can vary from one developers machine to another. I like the whole idea of using docker-compose to have the whole project running locally, but in my experience as soon as you have a few docker volumes running, the MacBooks grind to a halt. Currently switching over to Linux laptops is not an option.

I am looking for advice on how other large scale companies deal with the problem. I would love to have a similar experience to the production systems, possibly running something like Minikube locally, but I don’t think the performance will be any better and it adds a lot of complexity for new developers. We have also thought about running our dev environments on linux VMs but that can quickly be expensive.

How do people in large companies / projects deal with this ?

https://redd.it/prpz5e
@r_devops

Meta: Proposal to introduce a DevOps wiki and FAQ

Hello friends,

I think it might be nice if we introduce a proper wiki and FAQ for this subreddit. I suspect this subreddit will become more popular as DevOps roles become more popular as a choice of career and I think a wiki and FAQ will help people entering into this field and also prevent the same questions being asked again and again.

What does everyone think? Will this be practical or not?

If we do this, what sections should be included?

https://redd.it/prjgi3
@r_devops

How To Manage Staff Engineer That Always Has Strong Opinions On Your Work?

I am an ops engineer that sent the past 3 years on a small infra team at a *very* popular tech company. I got to onboard my company into K8s. I recently moved into a new company and I thought that I would be creating the micro service infrastructure, but they brought another more senior person to the team.

In my previous company, even the most staff level engineers had a sense of humility (there was this code of "we do not know what we are doing but we are here building the bestselling app things that we cab"). That pervious job is my only professional full-time devops experience, but our scale and success illustrated that we did something right.

In my new job, the staff engineer does whatever he wants, but always has opinions on the work of others. He also does things like tell me what kubernetes command to run, as if I do not have experience with kubernetes.

I realize that unless this is your personal project, you will always have to deal with this kind of bullshit. However, I hate the fact that we are in this space of "he is meant to be my peer but is acting like a tech lead without giving tech lead instructions and plans."

What do I do in such a situation, I do not care if I have to execute on his image. I truly do not. I just hate the ambiguity of hierarchy.

https://redd.it/psfvzc
@r_devops