Any in-depth material to compare the different deployment methods and which deployment method is best suited for which situation

I understand blue green, rolling upgrades and canary. But there doesn't seem to be any in depth content for the pros and cons and advice for which deployment strategy to employ for which situation. Every article is just surface level. Blue green requires additional set of resources and have ease of roll back. Rolling update doesn't require additional resources etc..

Is there any reference material for more detailed analysis?

https://redd.it/rbddfq
@r_devops

Expose your Kubernetes service

Is it possible to Expose your Kubernetes service with ingress controller without having dedicated domain or even without ingress controller?

https://redd.it/rbaymt
@r_devops

Offline kubernetes

Anybody ever tried to setup this nightmare before? I hope somebody can give me some pointers on how to troubleshoot this. I've got a working online cluster. I export the downloaded images using podman. I reverted the controller/nodes using a snapshot. I imported the exported containers into the controller and tried a kubeadm init. It say the image names/version matched and attempted to create a new cluster but failed somewhere in the process. What I'm running into is when I use crictl or podman to try and list my containers or view logs there are none. I've confirmed the exporting is the cause with resetting my online cluster and importing the saved images. Can anyone point in the right direction on troubleshooting this? Either with what went wrong with exporting or why the containers aren't starting in the cluster. I've tried using podman/crictl logs function but there are no containers when kubeadm exits. Any containers kubeadm tries to create with the imported images are gone. Should my next attempt just be to find out where an online master saves the images and tarball all the files up?

https://redd.it/rbfx1j
@r_devops

How to build a self-service container management system for your team

Last chance to register for this live event! Discover how to build a self-service container management system for your team, featuring Portainer Technical Evangelist, Adolfo Delorenzo.

To succeed with containers, you need to give end-users secure access to the tools they need to do their job. Portainer makes it easy to set up and configure a complete service delivery engine.

In this session, you’ll learn more about -
1. Resource management
2. Resource assignment (namespaces, registries etc)
3. User roles
4. Cluster security


EVENT DETAILS
Wednesday 8th December
8am San Francisco
11am New York
1pm Rio De Janeiro
4pm London
5pm Berlin
7pm Moscow
Midnight Singapore


Register here
https://lnkd.in/d8ycgE7E

https://redd.it/rba3f7
@r_devops

Alternatives to Terragrunt

Hey guys, as us-east-1 is down, I'm looking to reduce the annoying repeated code from not being able to use variables in the backend.tf files. Are there any other tools aside from Terragrunt that could help with this?

https://redd.it/rb8r59
@r_devops

Did anyone else experience errors from the Jira API in the past 2 hours? (0200 - 0400 UTC)

Was getting an x509: certificate signed by unknown authority error.

Anyone else experienced the same?

https://redd.it/rbir80
@r_devops

Azure AD Resiliency Deep Dive

I created a video to explore the resiliency of Azure AD. This includes what Microsoft does and what we can do as architects, as developers, as administrators to improve it.

https://youtu.be/Zk7A9U39JeI

Hope you find it interesting.

https://redd.it/razzzx
@r_devops

Is AWS hard to use or am i a total moron?

i am a web developer on a project with a lot of background tasks. i did some digging and found out about kubernetes jobs.

I tried to setup our background jobs to run on kubernetes on Google Kubernetes Engine. It took me about 30 minutes to set everything up (create a gke cluster, connect to it, create a cloud function to trigger job in the cluster, create a cloud build trigger to watch our repository and build image each time i push something).

Then i was sure that kubernetes jobs was working for us.

but AWS gave us bunch of credits (10k usd) so i had to move my setup to aws. Creating a cluster on aws took about 15 minutes (it hangs in "creating" phase for 15 minutes). then i couldnt connect to it because i created it with root user and had to read a bunch of documentation for a while. then i decided i shouldn't create cluster from UI with my root account so i deleted it and created cluster again with awscli. when i created cluster with awscli my root user didnt get any permissions for the cluster so i couldnt do anything from the ui.

all i wanted to do was create a damn cluster and connect to kubernetes api. why is this so hard? and aws cloud console in the web interface is not good for anything. i thought it would be like google's cloud shell, but no you still need a lot of mambo jambo to connect your own resources.

at this point i really dont understand why people keep using aws. i am planning to move to gcp despite having 6 month worth of credits in aws because i feel like i cant debug any problem in aws without having a lot of experience and knowledge about it and it scares me.

i had very similar experience with aws elasticbeanstalk. it supposed to be very easy to deploy your app but i spent couple hours and learn some aws scripting language to be able to change CORS settings for our api backend.

https://redd.it/rblcgh
@r_devops

Using Older Oracle Linux Release With DNF Install/Update

I recently migrated our software from CentOS 8.2 to Oracle Linux 8.4 and everything was going smooth for a week or so. Then a new kernel was released (kernel-4.18.0-305.25.1.el8_4) which broke our dependencies, and then a new minor version (8.5) soon after. I need to lock the version to 8.4 to keep it as stable as possible which is seeming to be difficult with Oracle.

With CentOS I just set Artifactory to use the mirror for 8.2, but Oracle is either latest or 8.4 for BaseOS only (older kernel etc.) and I really don't want to have to deal with switching kernel versions for our product again. Anytime the kernel changes or any other major change happens, it breaks our ISO build process which is an absolute PITA to fix.

I've tried using --releasever=8.4 among many other things including -C option to prevent updating (cache gets cleared in docker multiple times due to nested containers), using --exclude=*el8.5* (still gets newer kernel than I'd like) and manually pruning el8_5 rpms in a textfile output by repoquery (causes dependency issues as it doesn't replace with el8_4 version).

I'd like to lock it to use 8.4 but get the latest packages for that version if possible without upgrading anything to Oracle 8.5. With 50-100 packages using something like Versionlock doesn't seem like the best/easiest/cleanest way to do it if there are other options.

Anyone have anything else I can try? Thanks!

-----

Edit:

I just found out you can Versionlock with a text file, so I think I'll just do that using all the packages with the versions I want until I can come up with something better.

https://redd.it/rblm5h
@r_devops

Assistance with Gitlab CI/CD YML file

Hi all,

I'm very new to CI/CD and come from an ops background so please forgive my ignorance. I'm currently trying to automate my homelab a bit so I've recently started placing my docker-compose files in GitLab and trying to deploy them using Gitlab CI/CD

I have my docker host which is also configured as an on-prem runner and have the following pipeline yml file:

image: docker:latest

services:
- docker:dind

stages:
- test
- deploy

test:
stage: test
only:
- develop
- production
script:
- echo run tests in this section

step-deploy-prod:
stage: deploy
only:
- production
script:
- docker stop portainer
- docker rm portainer
- docker pull portainer/portainer-ce:latest
- docker-compose -f docker-compose-portainer.yml up
environment: production
when: manual
allowfailure:
exitcodes:
- 1

The first time it ran as the docker container exists however if the container is not present the "docker stop portainer" commands errors out and rightly so as the container does not exist.

I'm trying to have the pipeline skip that and continue with the rest of the shell scripts however it just stops with the exit code of 1 even though I have specified it to allow failure.

https://redd.it/rb7x71
@r_devops

Automatic update design?

Hi mates,

I am trying to design an automatic update agent for my windows application, so basically whenever new updates available, agent should pull them and silently install them.

Is there any open source application which can do this?
I found one Omaha. I know this is very straightforward but wanted to achieve this in more smarter way.
Please share your thoughts on this.

Cheers 🍻

https://redd.it/rb624w
@r_devops

Production level AKS Cluster using Terraform

Hello,
I'm looking for some links where we have the creation of Azure Kubernetes Service with terraform which includes creation of new Vnets, security groups, Ingress rules etc etc..

There is no much context on the official terraform site..

Please help here

https://redd.it/razqex
@r_devops

Can we talk about GitLab?

Hi all - Interested in opinions on GitLab. Are there strong feelings around GitLab vs. GitHub for SCM? How about code testing? Seems like GitLab has been building out its functionality to provide more of platform. Anyone have experience deploying GitLab wall to wall for a large team/organization?

Just trying to gather thoughts on why people like it, if the functionality has legs beyond SCM, and if there are any big dissenting opinions out there.

https://redd.it/rb3n30
@r_devops

Newbie needs help

Hi I am very new to devops. I wanted to see if someone would be willing to talk to be for about 10 minutes on testing and enterprise monitoring. t am looking into an opportunity and would like to talk to someone that has experience in the area.

https://redd.it/rb30l2
@r_devops

How do you adopt helm for an existing LAMP / Wordpress / Drupal / application? Specifically, when using a public chart like bitnami/wordpress, how do you get your existing data into the deployed environment?

If you follow the instructions on the binami/wordpress chart, one can have a working app up and running in 30 seconds after executing 2 lines of code. There are 24,243 billion internet articles that reiterate exactly how to do that. Personally, I find it baffling that I cannot find an official or best practices approach to migrating existing traditional architectures and their data into kubernetes. What I can find is all over the place - "use a configMap; use an init container; don't use k8s but connect to a db server outside of the cluster; use kubectl to ssh into the container and manually copy; put an sql file in the ... init.d folder"


So how is it done?


Scenario 1)
I use a public Helm chart to install the app. Helm creates PVCs for the db and mount that will contain the mutable files (wp-content/*) I see it up and running in a few seconds. Now how do I get my data into that db, and how do I get my existing plugins and other files over to the file mount?


Scenario 2)
The above is post-deployment and manual. How can this be automated so that when I do "helm install <chart> everything makes it over as part of the deploy process? I feel like the values.yaml file plays a role here, but I haven't been able to figure it out.



Links to references and tutorials are very welcome!

https://redd.it/rbrx8s
@r_devops

AWS Lambda: Can you have too many? Or is it more nuanced than that?

Hi all,

I have an interview in 3 weeks time for my company as a Technical Lead. They've asked me to prepare some answers for a couple of questions. One of these questions being:

Should X reduce how many Lambdas we use? If so, then how should we go about doing this?

Now AWS isn't my strong suit and they know this so I think this question is to see how I cope going about answering something I don't really know much about. Which brings me here.

I was wondering;

- Is there even a limit to the amount of Lambdas you can have setup in AWS? I can't seem to find much online, but I think it boils down more to cost vs benefit and whether using a Lambda suits the needs of the feature, or what you've got in place to manage the amount of Lambdas you have?

- I'm not sure how best to even answer the question, I was contemplating going down the route of comparing Lambda vs EC2, their costs, what situations they're best used in and then matching that against what we use in the company and whether we could swap one for the other

Gone on a bit of a ramble but hope I make sense. Any advice is much appreciated as my lack of knowledge is overwhelming my confidence and I'm struggling to identify how best to approach it.

https://redd.it/rbsk9u
@r_devops

Automating Creation of Bitnami Sealed Secrets

Hi,

I've been using Bitnami Sealed Secrets (https://github.com/bitnami-labs/sealed-secrets) for a while now and have created a script that will take a file as an input and generate a sealed secret to be deployed into the cluster from the input file.

This still involves manual step of running the script. Has anyone automated the process of sealed secret creation from a commit trigger or any way that doesn't require manual work?

https://redd.it/rbs25p
@r_devops

Adaptive Request Concurrency. Resilient observability at scale ?

This is a post written at the Vector.dev team that discusses Adaptive Request Concurrency for observability pipelines. Automatically optimizing HTTP communication. It introduces an old networking concept into ⠀the o11y domain. Let us know what you think! https://vector.dev/blog/adaptive-request-concurrency/

https://redd.it/rbrr0y
@r_devops

Capitalization and abbreviation of technologies in Jira, Slack, etc.

Lol random thought but I'm just curious, do you guys have rules you follow for when to properly capitalize technologies like docker and kubernetes?

Because technically they're proper nouns so they should always be capitalized, just like days of the week (Monday, Tuesday, ) and the word "Internet".

But when a sentence has like a dozen capitalized words and abbreviations, it just looks weird... Like How Jaden Smith Would Capitalize Every Word on Twitter...

An example might be, "You can update the RDS DB with the AWS CLI". Or, "JIRA and Slack are updated when a GitHub PR is opened"

Even the word "DevOps" has a 33% letter capitalization rate haha

https://redd.it/rbxk53
@r_devops

A library to improve scalability of yaml

Hi everyone, hope you all doing well!


Let me assume I'm not the only one who both love and hate YAML at the same time, love it because it's human-readable, and hate it due to its lack of composability and reusability.


#### The problem


There are `tags`1 in yaml spec, which supports custom rendering of field values. In theory, you can do anything with these custom tags, so you can make yaml scalable with these tags. But in reality, seldom case there is custom tag support in existing applications. One reason could be it's simply hard due to lack of parsing library support, or just not worth it to implement such support, and another reason I can think about is these tags make yaml files look overly verbose.


But to make yaml scalable, we have to overcome such obstacles, especially when it comes to existing DevOps solutions, most of which consist of many yaml files, and we want to manage these files for all kinds of use cases.


#### My solution


I implemented `rs`2, a golang library providing easy integration of custom rendering, using its unique rendering suffix syntax or ordinary yaml tag (with special tag prefix and certain limitations).


Developers can support very flexible yaml configuration with `rs`2, and still keep their config type-checked; End-users will be able to configure the app with almost unlimited flexibility once granted a proper set of renderers implemented by developers. Please have a look at the `rs`2 if you want to know how it satisfies both developers and end-users, and also check out our task runner `dukkha`3 built with `rs`2 making YAML files Makefiles.


I wish this library could inspire new ideas around yaml, or at least can improve yaml's user experience in existing or future tools (currently limited to tools written in go). More ambitiously, I'd like to make changes happen in the existing DevOps pipelines that rely heavily on plain text templating for yaml.


What do you think about it? Do you like the rendering suffix syntax? Or do you think I'm doing it in the right direction? Leave your comments here or in github discussions.


Looking forward to hearing from you!


Thanks for your interest!


P.S.


I'm a long-time follower of this subreddit, but using teddit for privacy reasons, I learned a lot from your posts. Recently I got the idea to improve existing tools using yaml, and here it is. Fix me if I'm doing posting the wrong way.


1: https://yaml.org/spec/1.2.2/#3212-tags
2: https://github.com/arhat-dev/rs
3: https://github.com/arhat-dev/dukkha

https://redd.it/rbosz5
@r_devops

Onboarding New Engineers

Typically for the first week(s) we have the engineer

Meet with the manager for a 1-on-1 session every day for the first few weeks then scale it down
15-minute meet and greets with all the primary teammates (BA, Dev's and OPs) on first week
Have a team zoom ice-breaker game day at end of the week (everyone is remote)
We create a support ticket welcoming them to the team listing out many of the applications used and ask them to familiarize themselves with the different tools.

What does your team do to onboard new engineers?

https://redd.it/rbzxud
@r_devops