Getting started with GitOps - Maybe for beginners

A nice blog on getting started with GitOps basics. If you are a newbie, this will help you to know more about gitops and its principles.

https://blog.shellkode.com/getting-started-with-gitops-principles-93ec32a1e3a5

https://redd.it/rfhaec
@r_devops

Recommended course to get into Python scripting & automation for AWS Cloud and DevOps? (as a Javacsript Dev)

I learned to code Javascript and Node.js from a Udemy course and made a couple webapps, but then found my real love in this field in cloud computing and networking. Got certified with AWS as a solutions architect. Found out many AWS jobs are asking for Python scripting skills with AWS. I was really interested in learning Golang, and I see some demand for it, but most jobs I'm applying to ask for Python scripting and automation specifically.

So that being said, I don't need to relearn programming basics like what a variable is or how to do a loop. I also don't want to make a web app or game with Python - I need to specifically learn the scripting, devOps and cloud automation side of it. Can you recommend any courses for this specifically (and as someone who already has programming fundamentals). Something that can get me hands on Python scripting training for SRE, Cloud, DevOps and SysAdmin work with Linux etc and fill the gap in my knowledge to prepare me for working on the job.

https://redd.it/rfjpdf
@r_devops

Is security through obsolescence a phrase?

Because Log4j shenanigans, had to check some services. This service is 5 major versions behind and has no CVE's - and has been on my hit list for "Why the hell haven't we updated this", but our application code can't handle the 5 major version changes.

Security through obsolescence FTW.

https://redd.it/rfjwg1
@r_devops

I started learning GoLang so that I can write Kubernetes Operators and API extensions but...

... will this knowledge and skills really help me with my career or any project that I work on?

Personally I think that if I have the ability to use GoLang:

\- Fix/Patch operator issues

\- Write custom solutions that are directly bound to k8s

\- Write my own operator and easily administer projects

\- Learn Test Driven Development with Go

\- Be closer as ever to developers and understand their needs while developing the apps

Is this right and should I stop and go to Kubernetes only specialization or this path is possible in companies as a normal DevOps or DevSecOps job?

https://redd.it/rfhguh
@r_devops

How rare is it to get a job in US if you currently work in a different country?

If I wish to settle in US since it provides a better lifestyle for me for various reasons, can I get a job there if I currently work in a different country? Or is it too rare to happen? Is it more beneficial if I do a MS in US and then get a job?
I currently have 1.5 years of experience in DevOps Engineering, there's still so much to learn and I continue to do so. But, the thing is, I don't want to study MS for 2 years if I can get a job based on my experience.

My question is to those who are currently in US who have relevant experience to answer this question, and also to those who have achieved this case!

https://redd.it/rfin4s
@r_devops

Logging in Offline mode

Hey gang!


I have a use-case where I have unix hosts (IoT devices) which are deployed on a customer's premises. I would like to capture logs and telemetry for them. Sometimes these devices are *not connected* to the internet but are still in operation. They can be "offline" for weeks (still assessing if that's how our users actually use them) while still being used. How do we buffer and forward these logs to a Log management service? Datadog and CloudWatch will reject logs with a timestamp older than 24h.

​

How might one architect the logging pipeline with this in mind?

I'll post some of my own thoughts but wanted to leave the conversation open and unbiased to start.

https://redd.it/rfjaa4
@r_devops

How do you keep organized?

I was trying to think of the subreddit to post this in. This isn't really the right one, but I've worked with DevOps & IT people for many years and I know they always have like fifty different things to do, so I guess I'll ask here.

I work for a small nonprofit. I'm a Linux server admin, a webmaster, I take support phone calls for both employees and customers, I manage livestreams from the company, and I manage google analytics and adwords for the company. The way the work load is balanced in the company, there is simply no one else to take any work off my shoulders, and that's fine. We're all very passionate and believe in what we are doing.

I work within a team of three, but I more or less have complete autonomy. On top of that I have a one year-old son, I take care of my one year-old step-granddaughter, and I have one more baby on the way. That means I really only get five hours of focused work a day (when we can afford to have a babysitter here). Beyond that I have 2-4 hours of work where I'm simultaneously cooking, taking care of children, etc. Beyond that, I have tremendously bad short term memory, to the point where sometimes forget what I'm doing as I'm doing it. No it's not some horrible brain illness, stop worrying about me, I've been dealing with it for most of my life and I'm fine.

Okay, all that aside: my life is chaos. And every attempt I have made at organizing it has fallen apart. To do ist, calendars, sticky notes, all that shizz - it's not enough, often times because I forget where I put what I was doing. I don't know how to prioritize or how t learn how to prioritize tasks. When I look around, all I see is fires to put out, and not enough time to do it.

The only time I have really been successful is if I get myself into a routine and execute that routine every day. But the problem that I'm having is I have to deal with so many fluctuating variables that I never establish a routine.

So I want to ask -- you professionals out there in demanding companies that want you work functionally thrice as much as you are physically capable of - what tips and tricks do you have for being organized and getting your work done?

Thank you.

https://redd.it/rfp6ma
@r_devops

Is there any tool to create diagrams with Git Branches? Something like PlantUML?

I am looking for a tool to design git branches flows declaratively, like PlantUML or something.

I know I can do this in tools like Draw.io but I wanted to do it via "code".

Does anyone know of any tool that allows me to do it?

https://redd.it/rft1gx
@r_devops

Any recommendations for trying to pick up short contracting gigs on top of full time work?

Right now I’m working as a devsecops engineer.

I make good money but I’ve got some debts I want gone immediately.

I figure I could suffer through a 3-month contract gig and double my income for that period and really roll in the dough.

Does anyone have experience with doing this?

https://redd.it/rftf7d
@r_devops

What are your actual job titles?

My boss (CTO) has offered that I come up with my own job title to be listed within the company (and part of my email signature).

My current title is just “Manager”, but when I join meetings, it’s hard for others to quickly understand that I’m more of an architect/devops with a few managerial responsibilities.

I’m assuming many of you are in a similar role, so what the job title encompasses "Senior Software Engineer/Team Lead/Architect/DBA/DevOps with some Managerial Responsibilities”?

https://redd.it/rfv52v
@r_devops

Monitoring/Observability on Fargate

Howdy. I’m currently evaluating a few monitoring solutions for our EKS clusters and have run into some headaches while setting up Datadog for Fargate workloads.

What is everyone using to monitor their clusters and applications?

The whole idea is to have observability into our clusters but also into our applications running in those clusters.

https://redd.it/rfupn6
@r_devops

Remote DevOps Hiring - What Sites to Use?

My US-based company is hiring a 100% remote mid- to senior dev ops position. We are focusing on hiring in South/Central America/Mexico.

What job posting sites for a remote dev ops position will get the most visibility in these markets?

https://redd.it/rfxqem
@r_devops

My 2022 Roadmap

Hi /r/DevOps

Mods - let me know if this is not good and I should remove it!

My boss just recently asked me to put together a roadmap for 2022 and I took that as an opportunity to modernize everything. Some will be harder than others just because but I am excited about it.

Things I have put on my roadmap:
- IaC and Immutable Infrastructure w/ Terraform
- Disaster Recovery with AWS Backups and Terraform
- Site Reliability/Observability, Monitoring, Logging w/ Loki, Jaeger and Prometheus
- A bunch of different bots in Python to check the site, feeds, anomaly detection and different personas to navigate the site
- Nomad, Consul and Vault because life is good :)
- Packer to build docker images and AWS AMIs
- All configuration management with Ansible
- I am adding some PCI and security scans as well.
- A bunch of pipelines for service configuration, server configuration and code deployments.
- Tests of all kids from performance budgets to integration tests.

There is also some Governance, Guidelines and whatnot. I am not brave enough to migrate an eCommerce site to Kubernetes yet Nomad does very nicely for me.

Anyways, I was wondering if you have anything that you think I should add to my roadmap or at least to my R&D Backlog :)!

Goal is to automate everything and treat every piece of IT/code/configuration/services as disposable because it can be recreated on the spot. All secrets and data go to their respective vaults/databases!

Thanks in advance

BA

https://redd.it/rfwews
@r_devops

Do I need to upgrade log4j again (since last Friday Dec 10 2022 ) ??????

https://blog.360totalsecurity.com/en/log4j-remote-code-execution-vulnerability-exists-in-apache/

https://github.com/apache/logging-log4j2/compare/log4j-2.15.0-rc1...log4j-2.15.0-rc2

https://redd.it/rfv5ye
@r_devops

Job Interview Question - When To Disclose DUI Incident To Potential Employer?

Hello,

I am currently interviewing for a job that I feel pretty confident that I am going to get an offer for (been through 3 rounds of interviews, each one successful, and have one last interview with the hiring manager). I am currently a seasoned IT professional and have been in the industry for around 10 years or so. Unfortunately, I have a DUI which I am not proud about. The incident occurred several years ago at this point and is something I attribute to being a dumb kid in his 20s that has come a long way since then (have a wife and kids now) and learned a great deal from.

Question - If I get an offer, I was thinking of disclosing the DUI (only at this stage of receiving an offer), because I assume if I accept the job offer, they will need to run background checks on me, and the DUI will pop up as a red flag. I just wanted to make sure if this was the best approach? and I should NOT try hiding the incident from the employer / recruiter and basically keeping quiet regarding the DUI incident?

Any feedback / thoughts / advice would be greatly appreciated.

https://redd.it/rfqejg
@r_devops

Is it possible to Jump from a Help Desk job to a Devops position?

Hello everyone, I may potentially start a Help Desk position soon and I am really interested in working with the cloud in the future. With that being said, I'm really interested in DevOps. I only have two certs at the moment. I also have some coding experience. I know I will have to get a Cloud cert but idk if I should get an AWS or Azure one, but i really want to jump from Help Desk to DevOps in a year or a year and a half.

https://redd.it/rg1zs3
@r_devops

Do you prefer push mode or pull mode for monitoring your systems?

Pyroscope is an open source continuous profiler and in v0.4.1 we added pull mode support (particularly for Go integration): https://github.com/pyroscope-io/pyroscope/releases/tag/v0.4.1

As an open source project we have less quantitative data to help us understand whether users prefer push mode or pull mode (in general) or even more specifically for getting profiling data about their applications.

Also for context, our Pull mode implementation was greatly influenced by prometheus and most commonly requested by prometheus pull-mode users (fun fact: Github copilot was able to write \~50% of our docs page on this topic likely because of it seeing so much prometheus).

We suspect more people prefer push mode (fundamentally easier to be precise -- in our case specifically about timestamps), but were definitely surprised by how many people requested a pull mode...

Whether its prometheus, datadog, influxDB, etc -- which method do you prefer for monitoring your systems?

https://redd.it/rfq8qb
@r_devops

Move from SRE to backend software engineering

Did any of you make this jump? I am considering moving away from SRE because I am simply finding this position to be stressful, I am getting burnt out quickly, works feels unappreciated and the on call is constant.

I have learned coding at uni but I am revisiting concepts with CS50, then I plan to learn OOP and just make the jump.

How hard was it to land a job? Does sre experience counts for the lack of developing experience?

Thanks.

https://redd.it/rg41ft
@r_devops

Ansible with azure key vault

Have anyone tried getting secrets into ansible from azure key vault?
I've spend few hours without any luck...

https://redd.it/rfiiad
@r_devops

WinRM I/O timeout during packer build when using private subnet

Overview of the Issue

I'm trying to create an AWS AMI with packer but it seems like I am running into an issue where it seems WinRM keeps timing out when I use a private subnet.

​

I've taken a look and can see there is a IGW attached to the VPC and when I do try this with a public subnet, its able to connect to WinRM just fine with no issues.

​

My question is what can be stopping winRM from connecting and how to prevent timeouts from occurring?

​

Reproduction Steps:

Launch the template and attempt to create AMI (packer build .)

​

Packer version

1.7.8

​

Simplified Packer Template:

packer {
requiredplugins {
amazon = {
version = ">= 0.0.2"
source = "github.com/hashicorp/amazon"
}
}
}

source "amazon-ebs" "windowsserver" {
amidescription = "TestAMI"
aminame = "TestAMI"
amiusers = ["${var.amiusers}"]
associatepublicipaddress = false
communicator = "winrm"
instancetype = "${var.instancetype}"
region = "${var.awsregion}"
securitygroupid = "${var.securitygroupid}"
forcederegister = true
forcedeletesnapshot = true
sourceamifilter {
filters = {
architecture = "x8664"
name = "WindowsServer-2019-English-Full-ContainersLatest-*"
root-device-type = "ebs"
virtualization-type = "hvm"
}
mostrecent = true
owners = "amazon"
}
subnetid = "${var.subnetid}"
userdatafile = "./bootstrapwindows.txt"
vpcid = "${var.vpcid}"
winrminsecure = true
winrmport = 5986
winrmusessl = true
winrmtimeout = "60m"
winrmusername = "Administrator"
}

build {
sources = ["source.amazon-ebs.windowsserver"]

provisioner "powershell" {
script = "./SetNetwork.ps1"

]

}

}

​

​

Operating system:

​

The EC2 is Windows Server 2019

​

​

\### Packerlog output:

2021/12/13 09:02:59 Using host value: EC2InstancePrivateIP
2021/12/13 09:02:59 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:02:59 INFO Attempting WinRM connection...
2021/12/13 09:02:59 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:02:59 DEBUG connecting to remote shell using WinRM
2021/12/13 09:03:29 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:03:29 ERROR connection error: unknown error Post "EC2InstancePrivateIP:5986/wsman": dial tcp EC2InstancePrivateIP:5986: i/o timeout
2021/12/13 09:03:29 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:03:29 ERROR WinRM connection err: unknown error Post "EC2InstancePrivateIP:5986/wsman": dial tcp EC2InstancePrivateIP:5986: i/o timeout

​

https://redd.it/rfghv4
@r_devops

GraphQL vs REST - a low-code API showdown

REST and (the newer) GraphQL APIs are the core technologies behind the vast most of today's integrations. These APIs allow external developers to tap into the functionality of the major platforms and build in their custom functionality to suit their needs.

​

https://linx.software/graphql-vs-rest-a-low-code-showdown/

https://redd.it/rg8ivm
@r_devops