When would you start transitioning from monolith to microservices?

If you already have a monolith in production everything on one server on one os, when would you see the need to start the transition away from a monolith and into a microservice? When would it be too late? When would it be too early?

https://redd.it/qp3s5p
@r_devops

Using both Terraform & Ansible with Gitlab for AWS

I'm trying to get this working and just can't get it. I'm running a terraform build through gitlab with a shared runner. I've created a docker image that has everything I need (terraform, aws cli, boto3, ansible) and I can't work out how to get them to work together.

​

I'm struggling to figure out how to get the credentials so that I can connect to the instances after using aws_ec2 dynamic inventory. I'm not sure how to store the credentials, and they're in private subnets with no inbound access.

https://redd.it/qmse9h
@r_devops

Need Help Jr Site Reability Engineer Salary

I was just verbally offered a job for a junior site reability engineer for a company based in CO. They asked what I'm looking for a salary, but asked for some time to research. An acquitance in the industry said somewhere between $90 - 100k. I couldn't find any solid answers on Glassdoor or levels.

I was hoping someone can give me a ballpark range to go with, or a resource that I can use. Thanks

https://redd.it/qn028u
@r_devops

Kubernetes Technical Deep Dive Books

Hey Everyone,

I've been a long lurker on this sub. I've recently got a new job that'll be a mix of SE & DevOps work and responsibilities. One of which will be dealing with a lot of legacy migrations to GCP using their CKE service.

I've only dealt with Kubernetes at a high level in my previous role and would love to get a deep technical dive into Kubernetes before I begin my new role.

Does anybody have any good suggestions on some deep in-depth technical books with Kubernetes?

Thanks for all your responses

https://redd.it/qmzfde
@r_devops

Do you use Stack Overflow? If so, how would you improve it?

I've posted here a few times in the past, and as a reminder I'm not a DevOps engineer myself. However, I work for a team building a product for the DevOps community. I've spent significant amounts of time over the last year combing through posts on S.O. to better understand the space.


I noticed that they had made some changes recently that I thought were phenomenal (https://meta.stackoverflow.com/questions/411352/outdated-answers-accepted-answer-is-now-unpinned-on-stack-overflow)


So it go me thinking...what else would you change about S.O.? Whether it be how stale content is managed, how community members engage with it, etc. All thoughts are welcome!

https://redd.it/qmtsk3
@r_devops

Let's Write Our First Helm Chart!

I've made a video tutorial on writing the simplest Helm chart, to deploy pgAdmin on Minikube. Hope it helps beginners to learn Helm a bit: https://youtu.be/xHqnilCYufE

https://redd.it/qp9psw
@r_devops

How to Install Kali Linux In VMware Workstation Pro 16

How to Install Kali Linux In VMware Workstation Pro 16 In Just 6 min

https://youtu.be/WvF4-ShKTVk

https://redd.it/qpa284
@r_devops

Change entry of Private Certificate

I created a Private certificate from ACM but the issue I am facing is the when I check it's properties the entry type is "TrustedCertEntry" which is not working for me.

I read on StackOverFlow that the entry has to be "PrivateKeyEntry" which I am getting by a self signed certificate but this is not a security best practice. Is there a way to somehow get "PrivateKeyEntry" type from AWS ACM or any other trusted CA?

Our usecase is to enforce HTTPS traffic from our application.

https://redd.it/qpb0qk
@r_devops

Where Can I Learn How to Build and Maintain a Production-Grade Infrastructure?

I learned to host my own webserver and database in aws ec2 for a small project through tutorials and articles online. (Youtube and Medium) The resources I've found only teach the bare minimum to get services up and running (eg: Setting up nginx manually with little to no configuration, installing it using apt, and only using it as a simple reverse proxy for a single webserver) I'd like to learn how big companies like Google are able to serve millions of requests per second while maintaining high availability. It would be great to learn how they configure and use their load balancers, CI CD, logging, vpc setup, rate limiting, multi-region clustering, etc. in a production environment. Thanks for your help.

https://redd.it/qpdq9o
@r_devops

Create a JKS keystore with Private Cert Entry

My use case is to enforce HTTPS traffic from our custom API Gateway.


So, I created a Private CA (root) in AWS.

After that I created a Private Certificate with my load balancer's URL.

Now when I try to export that certificate, it shows me three files.

Certificate Body, Certificate Chain and Private Key.

and I have a Certificate Body from my CA.

Now, I need to import them in keystore in JKS format with entry as Private Cert Entry.

I tries many things but it didn't work, quite honestly I don't really know what to do all these files and which one should I import in the keystore.

Any sort of help is appreciates, thanks!

https://redd.it/qpcztg
@r_devops

What do you recommend?

I need to set up a cloud project in Azure for a video platform. The videos should be loaded quickly, so would we need a fast database like ElasticSearch or are there better alternatives? I am wondering in general how should we store the videos that will be uploaded. In simple files systems or database with path?
Happy for every help and if you are open for a zoom call where you can help me out I would highly appreciate that!

https://redd.it/qpa0n4
@r_devops

Terraform pipeline to apply changes

Hi there,

People that are starting in DevOps and automation with Terraform might find a post that I wrote a while back about how to set up a pipeline in AWS CodeBuild to apply your TF changes in a GitHub repo.

Here's the link

Cheers!

https://redd.it/qpkvi1
@r_devops

Make GitHub Actions faster

Hey,

We recently launched BuildJet for GitHub Actions, and we saw a lot of DevOps users sign up for the service. Thought that it might be interesting for this community.

We make your GitHub Actions finish much faster, for lower cost. It's surprisingly easy to install. You simply replace the `runs-on: ubuntu-latest` with `runs-on: buildjet-8vcpu-ubuntu-latest` and your Ci workflow will get access too much better and faster hardware.

For a technical rundown you guys could check out: https://buildjet.com/for-github-actions/blog/a-performance-review-of-github-actions-the-cost-of-slow-hardware or checkout our website: https://buildjet.com/for-github-actions

https://redd.it/qpm88s
@r_devops

Using python script to execute multiple commands inside a docker container?

I'm trying to access a container on another server and execute commands inside it programmatically. Can someone guide me on this please?

https://redd.it/qpo0mi
@r_devops

Self-hosted CI/CD options?

I am running k3s on bare metal, and I was looking at drone CI however it requires me to open ports on my network. I prefer not to since Im not ready to deal with the security burdens just yet.

some options I had in mind:

1.) Open port 443 -> Nginx with GitHub IP's whitelisted for drone CI

2.) self-host GitLab and pull mirror Github (Costs $20/month), then point drone to GitLab. My issues with this option are:

I prefer not to spend the $20/month at this point.
It also looks like drone adds info back into the repo that would be useful for devs to look at that would not be present in GitHub.

3.) GitHub actions self-host runner

My ask is, what would be the most elegant solution? I am open to other suggestions. Thanks

https://redd.it/qpok5q
@r_devops

Does anyone know how many Microsoft Developers work on GitHub vs Azure DevOps?

How about the future, do you see a time when all the Azure DevOps capabilities will be rolled into GitHub.

https://redd.it/qpk6z9
@r_devops

Docker Swarm getting going - Quintessential Questions

Hey Folks,

Coming into Docker Swarm from an absolute basics (singular, compose files) perspective, there are a few things I worry about and I want to know more. Any help that can be lent is great.

​

* 1) **STORAGE** \- In Docker Swarm, I see that you can define a volume driver
* A) where is this data bound to by default in a swarm?
* B) Should I be using shared storage like netapp or glusterFS with a Swarm?
* C) in a non stateless service deployment, where would I expect to see each containers data being stored among a deployment? (question similar to A but more particular)
* D) Are there plugins I should be using for storage? What is a best practice for stateful services/services which need volumes
* 2) **NETWORKING -** In Docker Swarm, I am going to have multiple hosts that will be hosting these services since that is what Swarm is all about
* A) What IP address should I expect my services to be available at?
* B) Should I expect Swarm, from an external network perspective, to behave instead as if I had a cluster of servers available and essentially load balance between a few of these? The difference being that I could have multiple different services running on the swarm as long as they don't use the same port?
* C) Can two stacks with the same port be deployed onto swarm or will that throw an error?
* 3) **ORCHESTRATION -** Are there common tools that are used with Swarm? If so, what are the most common ones that are recommended?
* A) [Portainer.io](https://Portainer.io) for any future onlookers is one I know personally

​

Thanks any and all!

https://redd.it/qpt0bn
@r_devops

Just putting this out there for now.. (asking for help)

Would any soul be willing to help me get a python app deployed to a kube cluster? I have a potential job offer and if I can get this app deployed, I think I would get the job. They are looking for a junior hire they can mold to the position.

I've been working on this since last Wednesday. I containerized my app and got the cluster up and running by Thursday night. Deploying it to the internet has been tough. I've tried a few different ways to deploy and I am trying out one more. It may take an hour to do so and if it does not work, I really need to call in some help. I feel it has something to do with my choice of CNI provider. I may have picked an old version... I'll report back and in the meantime, please let me know what you would need to lend a hand.

Mods, please delete if this is not allowed.

https://redd.it/qpsfj1
@r_devops

Best redirect solution without provisioning a software load balancer?

I need redirects (and sub url redirects) to a page, for example:

old.example.com -> new.example.com
old.example.com/test -> new.example.com/docs
another.example.com/testing -> new.example.com/docs

Trying to avoid using something like nginx for management overhead, considering using cloudfront+s3 bucket but this seems overkill and will result in a lot of buckets.

​

Any suggestions are appreciated :)

https://redd.it/qpjxvg
@r_devops

INTERVIEW QUESTIONS - tough questions to ask interviewer

Hey Guys,

I've got an interview tomorrow and I've been encouraged to ask the 'tough' questions to the interviewer. Things that come to mind are:

-What does success look like in this role?

-What are the biggest gaps you guys have today?

-etc.

Does anyone have any other good questions they like to ask during interviews?

Any suggestions and feedback would be greatly appreciated. Thanks!

https://redd.it/qpy6un
@r_devops

Is there still a place for traditional cloud servers in the world of containers?

I’m fairly early into my DevOps career in (3 years). All of the applications I’ve worked on so far have run on containers, whether it’s ECS Fargate, Openshift or K8s. I don’t really see a lot of drawbacks to them, but I’ve also not got much to compare them against. The general trend in the company I work for also seems to be moving towards using containers for our projects. They just seem to be regarded as ‘better’.

Is this fair to say? Or are there still reasons to choose say, EC2 for running apps on over containers?

https://redd.it/qpyqcp
@r_devops