Understanding Kubernetes in a visual way

Kubernetes is a complex technology and ecosystem. In the past months I published a serie of sketchnotes about Kubernetes: "Understanding Kubernetes in a visual way".

The serie is available on https://dev.to/aurelievache/kubernetes-sketchnotes-pods-4ib0

And also in book format: https://gumroad.com/aurelievache

I've also published a serie of short videos mixing illustrations and speech:
https://youtube.com/c/AurelieVache

What do you think?

https://redd.it/qokxlf
@r_devops

Aborting Docker Compose when there is 2 or more services returning exit code

I have 2 services that returns an exit code (migrate and test). Migrate will always exit first, followed by the test service. I have tried something like:

docker-compose -f docker-compose.test.yml up --build --exit-code-from test

This however does not work. I was hoping that the command would wait until the test service is finished, then abort. Is there a solution in which I can abort after the test service exits?

https://redd.it/qn2ivl
@r_devops

Learning CloudFormation and GitOps

In your experience, how much time take to work in intermediate level with CloudFormation and use it with Git with confidence. I know that it depends on my skills and experience with both tools. But supposing that my level is beginner.

https://redd.it/qoxqer
@r_devops

LOCAL + CLOUD CI/CD

An idea I have been toying with lately is local CI/CD pipelines in Docker containers to reduce the time it takes to get feedback about runs. For example, quicker static analysis of code and engineers passing quality gates before even committing locally.

I've thought I could just use Makefiles. However, this could potentially lead to "it works on my machine" issues and means maintaining two (or more) files.

I've seen AWS CodeBuild and GitLab both have local CI/CD versions.

Has anyone implemented something similar before? Any advice that could be offered as to alternative products to research and pitfalls?

https://redd.it/qow4cu
@r_devops

When would you start transitioning from monolith to microservices?

If you already have a monolith in production everything on one server on one os, when would you see the need to start the transition away from a monolith and into a microservice? When would it be too late? When would it be too early?

https://redd.it/qp3s5p
@r_devops

Using both Terraform & Ansible with Gitlab for AWS

I'm trying to get this working and just can't get it. I'm running a terraform build through gitlab with a shared runner. I've created a docker image that has everything I need (terraform, aws cli, boto3, ansible) and I can't work out how to get them to work together.

​

I'm struggling to figure out how to get the credentials so that I can connect to the instances after using aws_ec2 dynamic inventory. I'm not sure how to store the credentials, and they're in private subnets with no inbound access.

https://redd.it/qmse9h
@r_devops

Need Help Jr Site Reability Engineer Salary

I was just verbally offered a job for a junior site reability engineer for a company based in CO. They asked what I'm looking for a salary, but asked for some time to research. An acquitance in the industry said somewhere between $90 - 100k. I couldn't find any solid answers on Glassdoor or levels.

I was hoping someone can give me a ballpark range to go with, or a resource that I can use. Thanks

https://redd.it/qn028u
@r_devops

Kubernetes Technical Deep Dive Books

Hey Everyone,

I've been a long lurker on this sub. I've recently got a new job that'll be a mix of SE & DevOps work and responsibilities. One of which will be dealing with a lot of legacy migrations to GCP using their CKE service.

I've only dealt with Kubernetes at a high level in my previous role and would love to get a deep technical dive into Kubernetes before I begin my new role.

Does anybody have any good suggestions on some deep in-depth technical books with Kubernetes?

Thanks for all your responses

https://redd.it/qmzfde
@r_devops

Do you use Stack Overflow? If so, how would you improve it?

I've posted here a few times in the past, and as a reminder I'm not a DevOps engineer myself. However, I work for a team building a product for the DevOps community. I've spent significant amounts of time over the last year combing through posts on S.O. to better understand the space.


I noticed that they had made some changes recently that I thought were phenomenal (https://meta.stackoverflow.com/questions/411352/outdated-answers-accepted-answer-is-now-unpinned-on-stack-overflow)


So it go me thinking...what else would you change about S.O.? Whether it be how stale content is managed, how community members engage with it, etc. All thoughts are welcome!

https://redd.it/qmtsk3
@r_devops

Let's Write Our First Helm Chart!

I've made a video tutorial on writing the simplest Helm chart, to deploy pgAdmin on Minikube. Hope it helps beginners to learn Helm a bit: https://youtu.be/xHqnilCYufE

https://redd.it/qp9psw
@r_devops

How to Install Kali Linux In VMware Workstation Pro 16

How to Install Kali Linux In VMware Workstation Pro 16 In Just 6 min

https://youtu.be/WvF4-ShKTVk

https://redd.it/qpa284
@r_devops

Change entry of Private Certificate

I created a Private certificate from ACM but the issue I am facing is the when I check it's properties the entry type is "TrustedCertEntry" which is not working for me.

I read on StackOverFlow that the entry has to be "PrivateKeyEntry" which I am getting by a self signed certificate but this is not a security best practice. Is there a way to somehow get "PrivateKeyEntry" type from AWS ACM or any other trusted CA?

Our usecase is to enforce HTTPS traffic from our application.

https://redd.it/qpb0qk
@r_devops

Where Can I Learn How to Build and Maintain a Production-Grade Infrastructure?

I learned to host my own webserver and database in aws ec2 for a small project through tutorials and articles online. (Youtube and Medium) The resources I've found only teach the bare minimum to get services up and running (eg: Setting up nginx manually with little to no configuration, installing it using apt, and only using it as a simple reverse proxy for a single webserver) I'd like to learn how big companies like Google are able to serve millions of requests per second while maintaining high availability. It would be great to learn how they configure and use their load balancers, CI CD, logging, vpc setup, rate limiting, multi-region clustering, etc. in a production environment. Thanks for your help.

https://redd.it/qpdq9o
@r_devops

Create a JKS keystore with Private Cert Entry

My use case is to enforce HTTPS traffic from our custom API Gateway.


So, I created a Private CA (root) in AWS.

After that I created a Private Certificate with my load balancer's URL.

Now when I try to export that certificate, it shows me three files.

Certificate Body, Certificate Chain and Private Key.

and I have a Certificate Body from my CA.

Now, I need to import them in keystore in JKS format with entry as Private Cert Entry.

I tries many things but it didn't work, quite honestly I don't really know what to do all these files and which one should I import in the keystore.

Any sort of help is appreciates, thanks!

https://redd.it/qpcztg
@r_devops

What do you recommend?

I need to set up a cloud project in Azure for a video platform. The videos should be loaded quickly, so would we need a fast database like ElasticSearch or are there better alternatives? I am wondering in general how should we store the videos that will be uploaded. In simple files systems or database with path?
Happy for every help and if you are open for a zoom call where you can help me out I would highly appreciate that!

https://redd.it/qpa0n4
@r_devops

Terraform pipeline to apply changes

Hi there,

People that are starting in DevOps and automation with Terraform might find a post that I wrote a while back about how to set up a pipeline in AWS CodeBuild to apply your TF changes in a GitHub repo.

Here's the link

Cheers!

https://redd.it/qpkvi1
@r_devops

Make GitHub Actions faster

Hey,

We recently launched BuildJet for GitHub Actions, and we saw a lot of DevOps users sign up for the service. Thought that it might be interesting for this community.

We make your GitHub Actions finish much faster, for lower cost. It's surprisingly easy to install. You simply replace the `runs-on: ubuntu-latest` with `runs-on: buildjet-8vcpu-ubuntu-latest` and your Ci workflow will get access too much better and faster hardware.

For a technical rundown you guys could check out: https://buildjet.com/for-github-actions/blog/a-performance-review-of-github-actions-the-cost-of-slow-hardware or checkout our website: https://buildjet.com/for-github-actions

https://redd.it/qpm88s
@r_devops

Using python script to execute multiple commands inside a docker container?

I'm trying to access a container on another server and execute commands inside it programmatically. Can someone guide me on this please?

https://redd.it/qpo0mi
@r_devops

Self-hosted CI/CD options?

I am running k3s on bare metal, and I was looking at drone CI however it requires me to open ports on my network. I prefer not to since Im not ready to deal with the security burdens just yet.

some options I had in mind:

1.) Open port 443 -> Nginx with GitHub IP's whitelisted for drone CI

2.) self-host GitLab and pull mirror Github (Costs $20/month), then point drone to GitLab. My issues with this option are:

I prefer not to spend the $20/month at this point.
It also looks like drone adds info back into the repo that would be useful for devs to look at that would not be present in GitHub.

3.) GitHub actions self-host runner

My ask is, what would be the most elegant solution? I am open to other suggestions. Thanks

https://redd.it/qpok5q
@r_devops

Does anyone know how many Microsoft Developers work on GitHub vs Azure DevOps?

How about the future, do you see a time when all the Azure DevOps capabilities will be rolled into GitHub.

https://redd.it/qpk6z9
@r_devops

Docker Swarm getting going - Quintessential Questions

Hey Folks,

Coming into Docker Swarm from an absolute basics (singular, compose files) perspective, there are a few things I worry about and I want to know more. Any help that can be lent is great.

​

* 1) **STORAGE** \- In Docker Swarm, I see that you can define a volume driver
* A) where is this data bound to by default in a swarm?
* B) Should I be using shared storage like netapp or glusterFS with a Swarm?
* C) in a non stateless service deployment, where would I expect to see each containers data being stored among a deployment? (question similar to A but more particular)
* D) Are there plugins I should be using for storage? What is a best practice for stateful services/services which need volumes
* 2) **NETWORKING -** In Docker Swarm, I am going to have multiple hosts that will be hosting these services since that is what Swarm is all about
* A) What IP address should I expect my services to be available at?
* B) Should I expect Swarm, from an external network perspective, to behave instead as if I had a cluster of servers available and essentially load balance between a few of these? The difference being that I could have multiple different services running on the swarm as long as they don't use the same port?
* C) Can two stacks with the same port be deployed onto swarm or will that throw an error?
* 3) **ORCHESTRATION -** Are there common tools that are used with Swarm? If so, what are the most common ones that are recommended?
* A) [Portainer.io](https://Portainer.io) for any future onlookers is one I know personally

​

Thanks any and all!

https://redd.it/qpt0bn
@r_devops