CI CD for low level Linux and kernel modules

Hi all,

How do you guys do CI CD with kernel modules?

Do you just setup VMs with proper kernel configurations and run your jobs on them through jenkins or gitlab ci?

Did you manage to do them through docker containers and somehow made it work? if so how did you do it?

I would love to hear from all of you devops people who work in embedded linux and kernel development, how do you guys work on such projects?

https://redd.it/qto0ly
@r_devops

One platform, one tool.

What if you could do everything from one platform. From CI/CD to cluster deployments, and perhaps even deploy your regular infra tools.

View Poll

https://redd.it/qt995v
@r_devops

My Containers Learning Path

Following up on the feedback I got here last time, I decided to share my containers learning path as a blog post. The following learning order turned out to be particularly helpful for me to understand Docker (and not only) containers:

1. Linux Containers \- learn low-level implementation details.
2. Container Images \- learn what images are and why do you need them.
3. Container Managers \- learn how Docker helps containers coexist on a single host.
4. Container Orchestrators \- learn how Kubernetes coordinates containers in clusters.
5. Non-Linux Containers \- learn about alternative implementations to complete the circle.

I've been digging into the internals of the containerization tech for the past few years, meticulously documenting my findings. However, I've come up with the above order only recently. So, this blog post is an attempt to organize my in-depth but ad-hoc write-ups into a structured way to learn containers' fundamentals.

Hope someone will find it useful.

https://redd.it/qtw0qo
@r_devops

Homelab CI/CD Pipeline

I am looking for a tutorial to build a simple CI/CD pipeline using open-source tools on my homelab. Everything I have found to this point has been overkill for what I want to accomplish. I appreciate the help!

https://redd.it/qtw75h
@r_devops

Looking for hosting recommendations for a static site with some form of access control (ideally free or cheap)

Hi I looking for some recommendation on the best and cheapest option to host a small website with some form of access control.

Essential I have collated all my personal notes from differ formats and ported them into markdown files and saved them to a private repo. What I am now looking to do is make these into a knowledge base / wiki website for personal use that I can easily refer to when not on my personal computer, however I do not want to make them public accessible without some form of authentication (basic auth would do).

Currently I looking at using something like Hugo or Jekyll or mkdocs to generate the site every time there is a commit to the git repo (using github free actions) and then copy them to the website server.

I been looking at a few options (ideally free as money is a bit tight atm, but I am expecting that I might have to pay for something), however all free options I seen so far do not offer any form of access control on the website (ie github pages, cloudfront pages etc). Does anyone have any recommendations on what hosting to use? I would be fine with a cheap VM that I can run nginx/Apache on and make use of .htaccess files to control access.

​

Thanks

https://redd.it/qu0ntm
@r_devops

Can Therapy lower chances of getting hired for Gov positions?

Not really a dev ops question, just related but I’m not sure where to ask. So sorry if this isn’t the right place. But asking in case anyone can help. I have a friend that needs therapy, he’s a Devs Ops Engineer. He is avoiding therapy saying he doesn’t want the fact that he went to Therapy to show on his background check. He says he might get rejected for US government positions if they see that on his background check. Can that happen? Anyone have any experience or knowledge about this? Any answers would be appreciated, thank you!

https://redd.it/qtxmqz
@r_devops

Is Nana's devops bootcamp worth it?

I am planning to take DevOps bootcamp by Nana. Can anyone who have experience or have done let me know whether it's worth it to invest in it.
thanks

https://redd.it/qu8dw3
@r_devops

DevOps Bulletin Newsletter - Issue 26

DevOps Bulletin - Digest #26 is out, the following topics are covered:

Keeping K8s clusters clean and tidy
Git techniques to get out of hairy situations
Efficient communication during an incident
Mini-projects in Python for DevOps

Complete issue: https://issues.devopsbulletin.com/issues/git-techniques.html

Feedback is welcome :)

https://redd.it/que8hh
@r_devops

Managing a Docker application with systemd

Linux service manager systemd can be used to manage long-running Docker applications on your server by automatically starting and restarting applications.

https://abhchand.me/blog/managing-a-docker-application-with-systemd/

https://redd.it/quh6a8
@r_devops

Unified or automated timeouts and contracts between microservices

Hello,

I wanted to ask about best practices and maybe tools available on the market for my purpose.

So, let's say that I have a product consist of multiple services. Different services defines different SLAs and timeouts in especially. I'd like to somehow automate the process of reading those SLAs, adjust timeouts dynamically if one of the downstream services agreements changes.

​

Consider these services:


A -> B -> C & D

and a situation where e.g. service B defines timeout of 5s, but a request that's processed in 7s in service C can be a proper response from service C point of view.

I'd like to have some kind of automation, or maybe semi-autiomation, where service B can ask service C what are his SLAs or timeouts, and set its own timeouts properly to that.

https://redd.it/qup48x
@r_devops

Interactive Architecture Diagrams

Does anyone have experience or recommendations for a tool that would allow an engineer to create a multi-layered, interactive/explorable infrastructure diagram? I'm looking to create a diagram that encompasses everything from VPC, subnets, security groups, EKS, statefulsets, deployments, etc. etc.

I did some Google searching, and the only product I found that seemed to fit the bill was Terrastruct. Are there other alternatives? Is Terrastruct a good fit for this use case? Does anyone have experience with Terrastruct, a similar tool, or creating this kind of infrastructure diagram?

https://redd.it/quv52y
@r_devops

Webhooks in Kraken CI for GitHub, GitLab and Gitea

Hello, I have extended webhooks in Kraken CI, in the latest release 0.753. Besides GitHub, there is now support for GitLab and Gitea.
A guide about webhooks in Kraken can be found here:
https://kraken.ci/docs/guide-webhooks/

https://redd.it/qv16g5
@r_devops

How to handle cloud resources in your application while running localhost

Hi (non-)binary people,

When you are developing an application and you run it on your own device, how do you do this when you have to rely on cloud resources like API Gateway, Cloud-map, S3 or a secret store like KMS? With RDS or with the DocumentDB you can run an addtional PostGresSQL/MySQL or MongoDB service on your device. (Although I mention several AWS services, I meant it in general.)

With for example the Application Load Balancer: I keep that configuration to a minimum and basically add configuration to send everything to a reverse proxy. Where the reverse proxy has the correct configuration, with retrying, setting headers etc. I understand that the ALB can do this as well (some maybe better or not, not relevant for this), but when I run my application locally, I still need to have something running to set these headers for example. As I can not set these, what am I doing locally then? I still want to know for sure that if I have a nice feature I can test this locally first before commtting and create a PR. Like I can not run a local ALB, but I can run a reverse proxy locally. So by keeping the configuration of the ALB to a minimum and use a reverse proxy, I can - if needed - run almost everything on my device.

How do you do this, I am eager to your experience.

"May the force be with you"

https://redd.it/qv8ynq
@r_devops

Prometheus alerts in grafana

Hi, all i have installed kube-prometheus-stack in a kubernetes cluster.

This helm chart provides a lot of alerting rules for kubernetes resources. This cluster is offline so i can't send alerts to an external destination using alertmanager. Instead the idea is to observe the cluster using grafana. Is there a way to see prometheus alerts in a grafana dashboard? I tried alertmanager-datasource but does not work maybe because is not updated for a while

https://redd.it/qvbdh5
@r_devops

How incidents made me a better engineer

My colleague has written a great post about handling incidents has made her a better engineer, and how people can make the most of that opportunity.

Think it's a great post for people in this sub-reddit!

https://incident.io/blog/incidents-made-me-a-better-engineer

https://redd.it/qv94gf
@r_devops

Buildpacks pack CLI for FaaS

Does anyone know if there is something similar to Buildpacks for FaaS?

Buildpack with pack CLI allows you to create Docker images based on the code only, which is great. Though, I'm looking for something that can look at your code and create Lambda (AWS) or a Cloud Function (GCP), or even better if you can choose the cloud provider where the FaaS will run to generate the code for you.

https://redd.it/qvjfhk
@r_devops

Need some guidance on building out monitoring/observability from the ground up

So I've semi-recently started at a new job as their only DevOps person where a lot of infra things are greenfield and I'm tasked with getting things built out. I generally am pretty comfortable with most areas of infra (including Kubernetes, been using it in prod since 2015), but I feel a huge gap of mine is monitoring/observability.

I've setup the many metrics/logging/alerting systems before in different environments (Prometheus, DataDog, Sensu, etc), but I've not really actually done much beyond that as usually other teammates in the past have taken on actually working with dev teams, identifying metrics to gather, and getting dashboards/alerting setup for those.

In this new job, one of the first big projects is to get monitoring going and to help the dev teams get started on this. I've already got Prometheus/Grafana setup, and they've got the client library in the main service going. However I'm a bit overwhelmed on how to help them beyond this point. They ask questions about Prometheus and monitoring that I'm not able to answer, and I don't feel equipped to lead here since I'm trying to fill in this gap of experience.

What are some good resources for myself as an infra person on observability/monitoring as well as Prometheus best practices? And are there good resources for me to send to them for them on how to effective use Prometheus to monitor their services?

https://redd.it/qvmrn0
@r_devops

What does the structure of your engineering or development team look like (i.e job titles/role responsibilities)? Ex. Does it include QA Testers or are they a part of a separate QA team? Which team would your SRE(s) fall under?

Trying to do conduct some DevRel research for the company I recently started working for, and would like to better understand the internal structure and dynamics of software teams. Any insights you could provide me would be great. Thanks!

https://redd.it/qvige2
@r_devops

How would you manage this problem?

Hi. I am part of a team and we are currently working on migrating old stuff and deploying new services to kubernetes. The problem is we are terribly under capacity, so many teams and different services moving their stuff to K8S and we are accumulating a lot of technical debt because time pressure.

We also have the problem that once we start a project it is never ending. There’s no sense of closure or (iterations). Every single day is a ping from someone asking to change or tweak something. (Multiply this by 10). So the work keeps accumulating, everyone wants to change stuff, try something new and we have no time to do things right or develop improvements.

Quite frankly I am already annoyed and burnt out. I’m my previous company our SRE team had a product owner, our backlog was properly prioritized and teams wanting to do stuff would go through that process first. That allowed us to allocate the right time for everything. But now the work is so unorganized, developers think they can dispose of us for anything anytime and we’re stuck with unrewarding work because everything is improvised.

How would you fix this problem?

https://redd.it/qvwca9
@r_devops

Are there any reasons to choose VMs over containers?

Most of the pros and cons give the weight as to containers as better than VM, and it makes sense. But are there any use cases where using a VM makes more sense?

https://redd.it/qvzrkm
@r_devops

First Junior SRE interview tomorrow, need help

I somehow lucked out and got set up for an interview for a JSRE position tomorrow.

What should I expect from the interview process for a junior site reliability engineer? I'm passionate about the position, but with only 8 months of system engineer experience and a few years of scripting (cmd, powershell) experience, I am worried that I will fall short on the technical side.

I've read the phoenix project, and I'm currently reading the Google SRE handbook as well. It's all really interesting to learn and think about, I just don't have much experience. Is there a best way to approach such an interview, or what would generally be expected for a Jr SRE to know?

https://redd.it/qw47bq
@r_devops