How can I access the app in my local system?

So, I have an app running in a remote server (aws ec2) which I can ssh through a jump host I have in a pub subnet.

I have successfully deployed the app in the server and checked using curl that it's up and running.

However, how can I view it in my local system? I don't think I can access it using localhost:<portnum>?

How should I proceed and configure?

Thank you for your help!:)

https://redd.it/prtz1h
@r_devops

Deploy to AKS from GitHub Actions

Having an automated way to deliver and deploy an application to your Kubernetes cluster is a great way to ensure speed and efficiency with software updates.

In a hosted environment, both for the Kubernetes cluster (AKS) and the CI/CD pipeline (GitHub Actions), there can be many challenges for continuous delivery/deployment:

- How can we trigger a pipeline run from a git tag push?
- Where can we privately and securely store the application container images?
- How can the CD runner access the Kubernetes cluster and the container registry?

All of these questions are answered in this blog post!

https://redd.it/prvzq0
@r_devops

Do you end up being tech support for the dev team?

The number of times I end up troubleshooting a devs computer issues is getting too damn high

https://redd.it/prvwu5
@r_devops

Remove your secrets from personal repos!

I decided to run a couple of GitHub dorks over the weekend. One of the queries I used to search code is "authorization+bearer+NOT+secrets+NOT+TOKEN+in:file+path:.github/workflows". People keep storing secrets on GitHub Workflows, especially on their personal "experimental" repos, such as:

\- This token is valid to https://hacker-news-delta.vercel.app/api/email-digest

\- This token allows the user to CRUD the database on https://api.notion.com

I created PRs to fix these issues, but didn't see any action on them yet.

Bottom line - all main branches in your publicly available repos are searchable by GitHub's APIs, so be careful with secrets!

Feel free to add tips on how to validate secrets are not pushed to your repos.

https://redd.it/pru88t
@r_devops

Anyone here have any good resources for learning Go, besides the obvious?

I'm looking for tutorials to learn Golang, or really good books, or courses that take a project based approach to learning, e.g. actually building apps to learn concepts rather than just going over general syntax. Anyone have good recommendations? Here are a few resources I've looked at so far:

https://www.udemy.com/course/go-programming-language - seems to be on point. Favorite course so far.

https://learning.oreilly.com - most books I've looked at don't go into too much depth, or if they do, they don't actually show how to apply concepts in real world projects.

https://gobyexample.com - don't like that it doesn't take a project based approach.

https://redd.it/prvyhe
@r_devops

Where do you store repository specific DevOps / Makefile scripts?

Let's say you have a bigger Python project and you have scripted a more involved test in a shell script so that you can easily run the test suite locally but also in your CI/CD pipeline. Basically documentation as code. In which folder do you store these type of files?

Currently I'm putting them all into:

$projectroot/bin

But this clashes for example with projects that use Java as Java places its binaries into this bin directory. So maybe this is better:

$projectroot/.local/bin

Maybe you don't use scripts like this at all? What do you use instead?

https://redd.it/prtvu6
@r_devops

Maven

Hey guys, hope this is the right forum. I have a pom file in my project. When i do mvn clean install, it throws "plugin org.apache.maven.plugins:maven-clean-plugin:2.5 or one of its dependencies could not be resolved..." error. I'm doing this on my company's gitlab and it cant connect to anywhere outside the internet. We have a package for maven clean plugin in our jfrog. I'm thinking that I have to somehow reference this package on my pom.xml file. Does anyone know how to do this?

https://redd.it/ps31kq
@r_devops

DataDog to forecast anomalies?

I am building a monitoring dashboard for our infrastructure and really like the anomaly detection and forecasting alerts and corresponding widgets in DataDog. However, I am frustrated that they cannot be used in tandem.

Rather than setting a threshold to alert me when we are foretasted to hit it, it would be great if I could be alerted when we are projected to have an anomaly, so my static threshold updates as the system does. I was trying to explore ways to leverage the API to programmatically get that anomaly level from the anomaly alert and then use it to set the forecasting alert, but I do not think this is possible.

Does anyone have any experience trying to do something like this or know where I may be able to get some advice on the matter?

https://redd.it/ps42ba
@r_devops

Prometheus

Hi guys. I’ve configured my alert manager so that I receive alerts in web hook url. I can see the alerts in alerts dashboard. But they are not being to sent to the url. Please help. Thanks.

https://redd.it/prvchj
@r_devops

Small exercises with full devops cycles for beginners?

I'm tryin to get my feet wet in the field. Is there any exercises available online that I can practice to understand how devops works?
I'm talking writing a small code, pushing it to git, using Jenkins to build and deploy and pulling the built in aws machine.
Thanks

https://redd.it/ps6c2q
@r_devops

The things don't make sense in the SushiSwap's MISO launchpad hack:

According Theo SushiSwap's CTO: An "anonymous contractor" with the GitHub handle AristoK3 and access to the project's code repository had pushed a malicious code commit that was distributed on the platform's front end. What is ANONYMOUS CONTRACTOR?!?!

As confirmed here: "I have seen PRs with more than 40+ files changed that instantly got approved". Obviously, it doesn't make sense unless you are roadrunner!

https://redd.it/ps30p5
@r_devops

How do developers handle developing large scaled dockerized applications locally?

I am currently working on a fairly large scale project (upwards of 250 docker containers), which has complexe dependencies on multiple APIs and front-end applications. The staging and production infrastructures are running on Kubernetes. My team is made up of approximately 50 developers all running macOS on company laptops. We are split up into teams that each work on specific parts of the project. Some are front end developers, some are backend developers. Currently we all develop on our laptops locally using either locally installed dependancies or via docker containers (mongoDb, PHP, RabbitMQ…) but we are limited to installing only the specific part of the project we are currently working on as it does not seem possible to run the whole project at the same time on each developers laptop, but this method is very clunky, and can vary from one developers machine to another. I like the whole idea of using docker-compose to have the whole project running locally, but in my experience as soon as you have a few docker volumes running, the MacBooks grind to a halt. Currently switching over to Linux laptops is not an option.

I am looking for advice on how other large scale companies deal with the problem. I would love to have a similar experience to the production systems, possibly running something like Minikube locally, but I don’t think the performance will be any better and it adds a lot of complexity for new developers. We have also thought about running our dev environments on linux VMs but that can quickly be expensive.

How do people in large companies / projects deal with this ?

https://redd.it/prpz5e
@r_devops

Meta: Proposal to introduce a DevOps wiki and FAQ

Hello friends,

I think it might be nice if we introduce a proper wiki and FAQ for this subreddit. I suspect this subreddit will become more popular as DevOps roles become more popular as a choice of career and I think a wiki and FAQ will help people entering into this field and also prevent the same questions being asked again and again.

What does everyone think? Will this be practical or not?

If we do this, what sections should be included?

https://redd.it/prjgi3
@r_devops

How To Manage Staff Engineer That Always Has Strong Opinions On Your Work?

I am an ops engineer that sent the past 3 years on a small infra team at a *very* popular tech company. I got to onboard my company into K8s. I recently moved into a new company and I thought that I would be creating the micro service infrastructure, but they brought another more senior person to the team.

In my previous company, even the most staff level engineers had a sense of humility (there was this code of "we do not know what we are doing but we are here building the bestselling app things that we cab"). That pervious job is my only professional full-time devops experience, but our scale and success illustrated that we did something right.

In my new job, the staff engineer does whatever he wants, but always has opinions on the work of others. He also does things like tell me what kubernetes command to run, as if I do not have experience with kubernetes.

I realize that unless this is your personal project, you will always have to deal with this kind of bullshit. However, I hate the fact that we are in this space of "he is meant to be my peer but is acting like a tech lead without giving tech lead instructions and plans."

What do I do in such a situation, I do not care if I have to execute on his image. I truly do not. I just hate the ambiguity of hierarchy.

https://redd.it/psfvzc
@r_devops

If you're adopting container technology, what is the main problem that you're currently trying to solve?

https://www.poll-maker.com/poll3892940x8AE74cEf-123

https://redd.it/psfj44
@r_devops

🔥 HOW TO CHOOSE BETWEEN MULTIPLE DEVOPS JOB OFFERS?

https://youtu.be/7SA-s2PlePU

🔥 HOW TO CHOOSE BETWEEN MULTIPLE DEVOPS JOB OFFERS?

DevOps is the combination of cultural philosophies, practices, and tools that increases an organization's ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.

\#howtochoosebetweenmultipledevopsjoboffers #devops #awsdevops #joboffer #claydesk

https://redd.it/pshdkf
@r_devops

DevOps Master Class Part 6 - Infrastructure as Code

Lesson six of my new DevOps Master Class is now live which dives into Infrastructure as Code. Thinking about initial deployment of resources, configuration of the resource itself, creating custom images, creating containers, deploying to Kubernetes, policy and much more. All, as code!

https://youtu.be/8AgEwM8RhAU

YouTube Playlist for the whole course - https://www.youtube.com/playlist?list=PLlVtbbG169nFr8RzQ4GIxUEznpNR53ERq

GitHub Repo - https://github.com/johnthebrit/DevOpsMC

https://redd.it/psidgu
@r_devops

prometheus alerts from grafana dashboard

Hi guys. I am not able to create alerts for template variables. Pls help me. Thanks.

https://redd.it/psizc0
@r_devops

Need advice from people who have been in similar position

Am I making a mistake declining offers for Infrastructure Automation/SRE Ops roles in product companies and going for Backend development roles in mid-size service based/Big 4 companies?

https://redd.it/psjxew
@r_devops

Mobile DevOps?

Hey folks, how do you prioritize building a CI/CD pipeline for the mobile projects in the small teams under 10 devs?

Do you automate both Android and iOS at the same time or start off with one of them?

https://redd.it/psiz56
@r_devops

Distinguishing DevOps roles

I am noticing a lot of people here confusing the jobs roles of an SRE, SE, & SysAdmin, myself included. So to sum it all up, would this be an accurate distinction.

SRE - automates, designs, & monitors the infrastructure.

Systems Engineer - automates, designs, and monitors the OS deployments.

SysAdmin - maintains/monitors and responsible for the day to day upkeep of what system engineers design.

https://redd.it/psmqty
@r_devops