Run a script every time someone pushes to git

I'm working on automating our test process and want to build, install and run my test scripts every time one of the devs does a git push to one of the relevant projects. I'm currently using Ansible to automate everything and notify me if something isn't working but I haven't found a good solution for daily scheduling (currently using crontab but there's some limitations with Ansible's become feature) and triggering a script to run from a git push.

Ansible Tower looks like it will do most of what I need but it's outside the budget of our organization (I'm running more hosts than the community version will support)

Any suggestions for daily scheduling and triggering a build on any git push to our repository?

edit: a word

https://redd.it/pu2i4d
@r_devops

dev on-calls

I work for almost 10y in IT company (\~150 employees) as a software engineer (dev). I've seen a lot of changes regarding the product lifecycle, one was to start the on-call duty by dev almost 6 years ago. The dev on-call means that when the alarm goes off you must restore the application, root cause analysis can be conducted later. Me as a Software Engineer accepted this, I had my doubts (fear?), but after all its dev that writes the software and must be able to run it - that's how I personally rationalized this.

As the time passed I think the dev on-call is a positive thing: it creates a better programmers:

you don't write too generic/abstract code
you write operationally-cheaper software
you expose proper metrics
you naturally log proper events
whilst still being able to create good maintainable code
etc.

The on-call didn't last long, soon the dedicated support team was hired, silos were created, dev had little insight into product prod-behavior.

Fast-forward present day: I'm in different project in the same company, project started over 2y ago but gained traction last year. Since the last year, the project consists of 4 teams now and requires on-calls. I don't want to hire dedicated 'support' team, I want all (with regard to sensible team-size defaults: https://sre.google/sre-book/being-on-call/) experienced-enough devs to perform the on-call.

I made that clear from the beginning. However, currently the on-call is performed by my team only (since we're most experienced overall and our area of expertise is infrastructure/backend)

Building that team was hard, people were unwilling to take that responsibility, but somehow it took off. The team consists of devs only (like the other teams).

As the application development progressed we started to lose control over technologies introduced by each team. They create their own services, they want freedom of tech-choice and they want to do it fast. To be honest: I don't feel anymore that I should support all of that... It's also them that should feel the responsibility, I'm the same dev as they are. The point was not to be the martyr of the project, the point is to take the responsibility and create better software. Moreover people learnt that they can trade their crippled code into more operational load because it's not them supporting it

Soon I want to engage other people in on-call, the team leaders seem to understand my point of view, the devs however: do not. I hear a lot of complaining: "I don't want to do this", "I can't", "I don't know how", some people said that they will quit. Even one guy from my team wants to leave the team and demands discontinuation of on-calls in the name of "I want to focus on dev" (he had 1 incident past 6 months, he's the author of big part of our backend logic so he knows all of the details, I was shocked when he said that)

Having said all of the above:

1. Is there something inherently wrong with my goals and reasoning? I think that dev performing the on-call duty is the right thing to do (I'm a dev) however my company seems to think opposite
2. How does it work in your company? Do you have dev on-calls? Who is the first line? Do people just accept it (of course the on-call should be compensated but even though do the people accept it)?
3. If my goals are right, what should I do to create the environment where all team members feel the responsibility, understand it and are willing to participate in on-calls?

https://redd.it/ptzhx9
@r_devops

Personal domain name suggestion

I need suggestions to purchase a domain for myself. I am an entrepreneur. Someone already takes FirstLast.com, and it expires in 2022. Firstname.com is super expansive. First.net, First.org, First. Me, First.io, and others are still available. Someone also endures Last.com and honestly speaking, I don't want to use my last name as a domain name because my last name contains 11 characters itself. And my name is also five characters, so 16 characters domain looks quite weird to me. So please suggest your opinions.

https://redd.it/puzesf
@r_devops

Career change, trying to from QA to DevOps / Cloud?

Hi group,

I'm trying to switch careers here. I have over 4.5 years of QA experience with automation and I know java so programming is not a problem. I was fed up with my job and thought of switching job. Embarked on a Business Analysis journey, got a post graduate certificate in it and got a job at a small organisation. Not liking the job at all. I'm thinking of switching to SRE roles or DevOps / cloud . As there seems to be good earning there as compared to BA.

Would appreciate if you could lay down the roadmap. Where do I get started and what is the realistic expectation salary and job prospects for someone starting out fresh.

Thank you

https://redd.it/puxwiy
@r_devops

How long to give a new job?

Hey guys, just looking for some advice from anyone who might have been in a similar situation..

Basically, I worked as as DevOps Engineer for a fortune 50 company for the past few years, usual big slow corporate stuff with highly restrictive RBAC so I only had to worry about my immediate project's services and CI/CD and we worked in a pretty good scrum system that always gave us a fair workload. It was a cushy number but the pandemic caused me some pretty bad burnout so I decided it was time for a change, I got a new job a few months ago and was hoping a fresh start would give me a mental kickstart.

So far, I'm more stressed than I've been since the first few months into my first job and things don't seem to be getting much better. I'm working for a much smaller consultancy and have a vast amount of stuff I need to learn, at the same time I got thrown a major project in my second week that was already behind schedule and its been a bit of a car crash from my POV, I've had to learn everything on the fly while at the same time supposedly acting as an SME to the client. I just figured out at 5pm this evening that the entire pipeline I'm currently working on is a non-runner because of technical limitations, I've wasted two weeks of effort on nothing so Monday morning is gonna be fun explaining to the client!

In my previous company that would have been flagged in a spike but here it seems I just get assigned these huge complex tasks with tight deadline and if there's an issue half way through its my problem.

TLDR, out of my depth at new job, work systems are a bit chaotic with no clear planning or acceptance criteria and because its such a small company there's no respite and nobody to fall back on.

I've never left a job after such a short amount of time but definitely considering it at the moment, just wondering if anyone has done similar, any advice on how to navigate the shitstorm or low long I should give it before making a decision? Leaving a job after a few months is presumably a red flag for recruiters but I don't want to throw away a year of my life being miserable just for the sake of some work experience.

https://redd.it/puuw3t
@r_devops

Not able to run docker container in Mac M1. Help please!

Hi,
I'm a front end developer, recently I was given a take home test to do. The problem is they have included the BE code and docker in the project too. I'm supposed to be running docker locally with nginx. They have set it all up with docker-compose file.
Only problem is I'm not able run couple of containers including FE one. It's showing an error and exiting immediately. They did say I'm not supposed to publish test to public or else I'll be disqualified. So I'm in bit of pickle. Hoping one of you guys maybe able to help me?
The error is
runtime: failed to create new OS thread (have 2 already; errno=22) fatal error: newosproc

I did Google this issue and I saw couple of stack over flow answers but I didn't understand what I'm supposed to do.
Thanks for reading 🙂

https://redd.it/pv2k2j
@r_devops

How to mix separated versions of Python in the cleanest way

Hello

My service is running 120+ GHE repositories with different versions of python engines - each of them requires a separated venv.

On my previous laptop running Ubuntu LTS 18.04, I was fighting with python versions (default-system is python 2.9, and no official support after Python 3.6 from canonical repositories).

How do you handle properly, multiple versions of python engines, with large amount of venvs (pipenv or poetry based) ? I just have migrated to Ubuntu LTS 20.04.

Thank you

https://redd.it/pv41m8
@r_devops

What is the best Shared filesystem solution for Kubernetes cluster (AWS EKS) ?



We have an EKS cluster on three availability zones, our pods need a shared filesystem across these availability zones so they can share what they write on it, we started by implementing a native solution in AWS which is EFS (Elastic Filesystem) but since this solution is based on NFS, it caused significant latency on the filesystem, so we tried to use CephFS implemented with Rook, this solution worked very well with few pods writing to the disk but then when the number of operations increased we could see that the latency increased as well.

My question is, do we have an alternative solution to install on our cluster that can be scalable (Provides the same Throughput independently from the number of operations on the filesystem)?

https://redd.it/pv5rtz
@r_devops

hashicorp consul understanding

Hi All,

We are looking into consul for service discovery, and wondering.. do user application actually connect to the consul servers for resolution of the apps ?

Or do you guys purely use the service discovery for the internal workings of your microservices? (as my understanding is you need a consul agent to get the dns resolution.. but general user machines would not have the consul agent) So do you use other methods of resolution for the user applications for where the services are located?

For example user-application-a needs to resolve service-z, does user-application-a connect to consul in some fashion, or perhaps user-application-a connects to a specific database that is populated with dns records from consul?

thank you!

https://redd.it/ptz2mk
@r_devops

GitLab CI/CD example project?

Looking for an end-to-end CI/CD example project based on GitLab. Any help, please?

https://redd.it/pv98oo
@r_devops

gitlab autoscaling runners aws

havent seen any repo code of autoscaling gitlab runners on gitlab.com for reference
theres few ways with docker+machine,ec2,even the native aws autoscaling

anyone working on such environment ,how you choose between these options

https://redd.it/pv3s1f
@r_devops

Zero To Mastery Course (DevOps)

Hello everyone,


I was wondering on what you guys think of the following course? I have been in the IT field comfortable for many years and never really obtained any certifications. I want to get into DevOps and hopefully in the near future transition into this career field.


https://www.youtube.com/watch?v=WaCqZYR-oPk

https://redd.it/pu2h6y
@r_devops

What kind of metrics is New Relic bad at keeping track of?

I want to try and keep track of ETL processes and what stage processes succeed and fail on. Is New Relic a good tool for this? I've mainly used it so far for things like success rates and failure rates but is it the right tool for this kind of job?

https://redd.it/pu1f7g
@r_devops

News to the Sub

Hey team. I have been a traditional network engineer for a long time. I can see and feel that it is getting phased out. I am great in programming in Python too. Do we have resources to jump in the SRE/DevOps world?

https://redd.it/pvf2hj
@r_devops

Separation of Duties

If someone can please explain this to me, I would appreciate it.

I understand that a SOD can be enforced in deployment tools or versioning tools/code repositories such as Git, Azure DevOps, Jenkins, etc. through branch protection rules. However, theoretically, couldn’t a developer still have direct access to a production environment?

I think what will help me understand this is better is if someone can explain how access to production is gained in the first place. I understand that production sits on a server with an underlying database, so would access to production be at the server level and possibly restricted through AD groups?

What good are branch protection rules for committing a change to the master branch if a change can be made directly within production? Or is access to production restricted through tools such as Azure DevOps or Git?

Thanks in advance.

https://redd.it/pvjkm8
@r_devops

DevOps please don't kill me!

Hi guys... I have read the post, where a guy asked about blogging. and all that fun stuff, and many of you encouraged this idea. I just wanted to say, that i was preparing for a longer time to engage in blogging on topics related to DevOps, and i would like to apologize if this looks like that i have stole someone idea, please it was not my intention. Today i wrote my first blog post, so if you like, please read it, i would appreciate your feedback on this. It is from Junior perspective.


https://devopsengage.com/devops-please-dont-kill-me

https://redd.it/pvg3qf
@r_devops

Terraform EC2 (Root Block device Encryption error failing to reach target state )

This error is been in the head for over 10 days.

While creating an EC2 Instance in terraform the Instance won’t reach the target state and says

│ Error: Error waiting for instance (i-*************) to become ready: Failed to reach target state. Reason: Client.InternalError: Client error on launch
│

And also we have encryption of new EBS Volumes enabled in our EC2 dashboard.

And my basic EC2 Code looks like this.
```
resource “aws_instance” “web” {
ami = “ami-"
instance_type = “t2.micro”
availability_zone = “ap-south-1a”
root_block_device {
volume_size = “10”
volume_type = “gp2”
delete_on_termination = true
encrypted = true
kms_key_arn = "arn:aws:kms:*************”
}
}
```

https://redd.it/pu0w4o
@r_devops

Gitlab CI server alternative that is more FOSS

Hi

As I understand it gitlab is open core. Are there any alternatives that are more foss (not just the core that is open) and preferably GPL'd?

thanks

https://redd.it/pvrece
@r_devops

K3S | Setup a lightweight Kubernetes Cluster in Minutes | Hands-on Tutorial

Hi folks,

I started a YT channel to share some knowledge and content to easily start into DevOps related topics. There are not many videos yet but I kindly would ask you for some feedback - positive or negative I'll take it all. ;)

I'd like to point out, that this is not about money. I do have a well payed job and do this is in my spare time.

Next topics will probably cover some basic CI/CD stuff, like GitLab && || GitHub Actions or maybe a comparison of open-source vs enterprise monitoring tools in the microservice world?

What do you think? Are there already to much channels around or can there never be enough?

https://youtu.be/1hwGdey7iUU

Cheerio,

Stephan

https://redd.it/pvr4wa
@r_devops

I have built KV Store: Config or settings store in Redis with beautiful UI and code generation

The purpose is to avoid redeploying for simple env var changes.

GitHub: https://github.com/Ananto30/kv-store

Use KV Store to store app settings or other configs that are frequently changed.

It also generates codes (Python & Java for now) to ease development.

https://redd.it/pvt3kt
@r_devops

Does a Shared VPC make sense?

quick rant: I miss the days where you could just spin up a VM on your own computer, practice the linux command line, or whatever you were interested in at the time, and then be on your merry way. Nowadays, with Cloud Native everything, it seems almost impossible to recreate this old time way of learning by doing....unless you really don't mind shelling out a bunch of money to Bezos so you can practice running a K8 Cluster for example.

I'm wondering if there exists a community that runs a VPC, it's members can spin up and practice whatever they want, and in exchange, they donate whatever they can to help out with the cost (or maybe a subscription fee)? If this doesn't exist, do you think the dev community would benefit from such a system? I feel like in doing so, it would help alleviate a lot of people's concern about the initial setup, and they could just start jumping in and learning, building, practicing, etc.

I know there would be a million concerns here with sharing a VPC, and the potential for people to get cute and try running bitcoin mining servers exist, but with IAM, billing reports, and other reporting tools, I feel like it should be feasible to mitigate those concerns, keep cost down for everyone, while letting people just build without the headache of associated cost.

https://redd.it/pvsvm5
@r_devops