Remote DevOps Hiring - What Sites to Use?

My US-based company is hiring a 100% remote mid- to senior dev ops position. We are focusing on hiring in South/Central America/Mexico.

What job posting sites for a remote dev ops position will get the most visibility in these markets?

https://redd.it/rfxqem
@r_devops

My 2022 Roadmap

Hi /r/DevOps

Mods - let me know if this is not good and I should remove it!

My boss just recently asked me to put together a roadmap for 2022 and I took that as an opportunity to modernize everything. Some will be harder than others just because but I am excited about it.

Things I have put on my roadmap:
- IaC and Immutable Infrastructure w/ Terraform
- Disaster Recovery with AWS Backups and Terraform
- Site Reliability/Observability, Monitoring, Logging w/ Loki, Jaeger and Prometheus
- A bunch of different bots in Python to check the site, feeds, anomaly detection and different personas to navigate the site
- Nomad, Consul and Vault because life is good :)
- Packer to build docker images and AWS AMIs
- All configuration management with Ansible
- I am adding some PCI and security scans as well.
- A bunch of pipelines for service configuration, server configuration and code deployments.
- Tests of all kids from performance budgets to integration tests.

There is also some Governance, Guidelines and whatnot. I am not brave enough to migrate an eCommerce site to Kubernetes yet Nomad does very nicely for me.

Anyways, I was wondering if you have anything that you think I should add to my roadmap or at least to my R&D Backlog :)!

Goal is to automate everything and treat every piece of IT/code/configuration/services as disposable because it can be recreated on the spot. All secrets and data go to their respective vaults/databases!

Thanks in advance

BA

https://redd.it/rfwews
@r_devops

Do I need to upgrade log4j again (since last Friday Dec 10 2022 ) ??????

https://blog.360totalsecurity.com/en/log4j-remote-code-execution-vulnerability-exists-in-apache/

https://github.com/apache/logging-log4j2/compare/log4j-2.15.0-rc1...log4j-2.15.0-rc2

https://redd.it/rfv5ye
@r_devops

Job Interview Question - When To Disclose DUI Incident To Potential Employer?

Hello,

I am currently interviewing for a job that I feel pretty confident that I am going to get an offer for (been through 3 rounds of interviews, each one successful, and have one last interview with the hiring manager). I am currently a seasoned IT professional and have been in the industry for around 10 years or so. Unfortunately, I have a DUI which I am not proud about. The incident occurred several years ago at this point and is something I attribute to being a dumb kid in his 20s that has come a long way since then (have a wife and kids now) and learned a great deal from.

Question - If I get an offer, I was thinking of disclosing the DUI (only at this stage of receiving an offer), because I assume if I accept the job offer, they will need to run background checks on me, and the DUI will pop up as a red flag. I just wanted to make sure if this was the best approach? and I should NOT try hiding the incident from the employer / recruiter and basically keeping quiet regarding the DUI incident?

Any feedback / thoughts / advice would be greatly appreciated.

https://redd.it/rfqejg
@r_devops

Is it possible to Jump from a Help Desk job to a Devops position?

Hello everyone, I may potentially start a Help Desk position soon and I am really interested in working with the cloud in the future. With that being said, I'm really interested in DevOps. I only have two certs at the moment. I also have some coding experience. I know I will have to get a Cloud cert but idk if I should get an AWS or Azure one, but i really want to jump from Help Desk to DevOps in a year or a year and a half.

https://redd.it/rg1zs3
@r_devops

Do you prefer push mode or pull mode for monitoring your systems?

Pyroscope is an open source continuous profiler and in v0.4.1 we added pull mode support (particularly for Go integration): https://github.com/pyroscope-io/pyroscope/releases/tag/v0.4.1

As an open source project we have less quantitative data to help us understand whether users prefer push mode or pull mode (in general) or even more specifically for getting profiling data about their applications.

Also for context, our Pull mode implementation was greatly influenced by prometheus and most commonly requested by prometheus pull-mode users (fun fact: Github copilot was able to write \~50% of our docs page on this topic likely because of it seeing so much prometheus).

We suspect more people prefer push mode (fundamentally easier to be precise -- in our case specifically about timestamps), but were definitely surprised by how many people requested a pull mode...

Whether its prometheus, datadog, influxDB, etc -- which method do you prefer for monitoring your systems?

https://redd.it/rfq8qb
@r_devops

Move from SRE to backend software engineering

Did any of you make this jump? I am considering moving away from SRE because I am simply finding this position to be stressful, I am getting burnt out quickly, works feels unappreciated and the on call is constant.

I have learned coding at uni but I am revisiting concepts with CS50, then I plan to learn OOP and just make the jump.

How hard was it to land a job? Does sre experience counts for the lack of developing experience?

Thanks.

https://redd.it/rg41ft
@r_devops

Ansible with azure key vault

Have anyone tried getting secrets into ansible from azure key vault?
I've spend few hours without any luck...

https://redd.it/rfiiad
@r_devops

WinRM I/O timeout during packer build when using private subnet

Overview of the Issue

I'm trying to create an AWS AMI with packer but it seems like I am running into an issue where it seems WinRM keeps timing out when I use a private subnet.

​

I've taken a look and can see there is a IGW attached to the VPC and when I do try this with a public subnet, its able to connect to WinRM just fine with no issues.

​

My question is what can be stopping winRM from connecting and how to prevent timeouts from occurring?

​

Reproduction Steps:

Launch the template and attempt to create AMI (packer build .)

​

Packer version

1.7.8

​

Simplified Packer Template:

packer {
requiredplugins {
amazon = {
version = ">= 0.0.2"
source = "github.com/hashicorp/amazon"
}
}
}

source "amazon-ebs" "windowsserver" {
amidescription = "TestAMI"
aminame = "TestAMI"
amiusers = ["${var.amiusers}"]
associatepublicipaddress = false
communicator = "winrm"
instancetype = "${var.instancetype}"
region = "${var.awsregion}"
securitygroupid = "${var.securitygroupid}"
forcederegister = true
forcedeletesnapshot = true
sourceamifilter {
filters = {
architecture = "x8664"
name = "WindowsServer-2019-English-Full-ContainersLatest-*"
root-device-type = "ebs"
virtualization-type = "hvm"
}
mostrecent = true
owners = "amazon"
}
subnetid = "${var.subnetid}"
userdatafile = "./bootstrapwindows.txt"
vpcid = "${var.vpcid}"
winrminsecure = true
winrmport = 5986
winrmusessl = true
winrmtimeout = "60m"
winrmusername = "Administrator"
}

build {
sources = ["source.amazon-ebs.windowsserver"]

provisioner "powershell" {
script = "./SetNetwork.ps1"

]

}

}

​

​

Operating system:

​

The EC2 is Windows Server 2019

​

​

\### Packerlog output:

2021/12/13 09:02:59 Using host value: EC2InstancePrivateIP
2021/12/13 09:02:59 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:02:59 INFO Attempting WinRM connection...
2021/12/13 09:02:59 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:02:59 DEBUG connecting to remote shell using WinRM
2021/12/13 09:03:29 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:03:29 ERROR connection error: unknown error Post "EC2InstancePrivateIP:5986/wsman": dial tcp EC2InstancePrivateIP:5986: i/o timeout
2021/12/13 09:03:29 packer-plugin-amazonv1.0.1x5.0linuxamd64 plugin: 2021/12/13 09:03:29 ERROR WinRM connection err: unknown error Post "EC2InstancePrivateIP:5986/wsman": dial tcp EC2InstancePrivateIP:5986: i/o timeout

​

https://redd.it/rfghv4
@r_devops

GraphQL vs REST - a low-code API showdown

REST and (the newer) GraphQL APIs are the core technologies behind the vast most of today's integrations. These APIs allow external developers to tap into the functionality of the major platforms and build in their custom functionality to suit their needs.

​

https://linx.software/graphql-vs-rest-a-low-code-showdown/

https://redd.it/rg8ivm
@r_devops

"infrastructure in a bottle"

Hi,

In most of the jobs I worked, there's always a complex issue of testing new code. We always have the "dev" copy of infrastructure. But it's never in sync with prod, used by someone else to experiment with next push.

I am looking for something like VirtualBox but for entire infrastructure. Single command to spawn entire fleet of mock machines, with networks, dns, volumes etc. So I can do end-to-end on a one powerful enough machine.

An infrastructure in a bottle.

I was thinking about Kubernetes, but before I dive into 300 pages book on the subject, I figured it does not hurt to ask here first.

Does anyone know a language of decribing infrastructure, that can be just as much deployed on prod AND deployed locally?


By prod I don't mean AWS or any other provider in particular. On the opposite, I am happy to setup my own machines if that gives me this single use case.

Kind Regards

https://redd.it/rg9kr3
@r_devops

Where are you finding high paying jobs?

I keep reading that DevOps and SRE jobs are high paying in the $300k+ range but I rarely see any for that. I am located in Canada but looking for a remote US job and seeing almost none in that salary band. I wanted to ask and see where people are finding these high paying jobs? I currently make decent enough money but not close to what others are saying they make. Advice?

https://redd.it/rg9vi9
@r_devops

Improving Application Availability with Pod Readiness Gates

Hi /r/DevOps,

Today I published an article titled "Improving Application Availability with Pod Readiness Gates", where I explain how to use Kubernetes Readiness Gates to create custom Pod status conditions and to implement complex readiness checks in places where liveness and readiness probes just aren't good enough.

Here's the link: https://towardsdatascience.com/improving-application-availability-with-pod-readiness-gates-4ebebc3fb28a

Feedback is very much appreciated!

https://redd.it/rg929a
@r_devops

How to get the Kafka confluent developer or administrator certification ?

Hey everyone I just started working as a Devops engineer and I have been working with Kafka for about a month now, in order for me to make sure that I really understand Kafka and that I am fully autonomous while using I decided to pass the confluent official certification in 2 months. (And also use it as an argument to get better jobs proposal).

I have 2 questions :
- The certification is only valid for 2 years, do I need to pay again to extend it ?
- Do you have any tips to get the certification ?

https://redd.it/rgb69d
@r_devops

How do you test your cloud based resources if its written as IaC? Do you apply the same testing pyramid concepts?

I actually have two questions here,

The first would be on automation testing for the IaC itself, as I've recently started reading about different tools which can do this (e.g. terratest - it requires go knowledge though, RSpec - requires some ruby knowledge)
I'm interested to know more about your implementations for testing IaC, how did it benefit you/your team and the ROI of applying it.


The second question would be on how you guys do performance and stress testing? as I'm interested to know real world experience regarding it.

https://redd.it/rgdtby
@r_devops

Noop Question: Is it possible to Automate the Creation and Configuration of VM in Azure?

Hello there!

Currently, I'm working with a small team on a huge project, because that we need to do pretty much everything in the project (backend, frontend, support, business stuff, and DevOps).

I was thinking in find ways to get rid of support things, that can be massive sometimes. One of the things is the task to create and configure new Virtual Machines to Client when requested.

What we currently:
\- Clone Machine (the machine can be new or some that already exist)
\- Enter the VM and execute a script that will configure it:
\- Change hostname
\- Change username and password
\- Update few certificates
\- Enter the Server and add a new machine to the list

​

So can it be automated, or some part of it?


Thanks!

https://redd.it/rgelru
@r_devops

What is really considered Junior/Mid/Senior SRE?

I've seen job posts Junior/Mid/Senior SRE on LinkedIn. All with overlapping descriptions.

From a seasoned SRE point of view, which would be the real skillset and experience each one should have?

Thanks.

https://redd.it/rge0de
@r_devops

Can this be done with AWS free tier services?

Long time full-stack web developer staring at the prospect of using AWS for the first time.

I have a client (who happens to be an Amazon seller) looking to automate a few tasks, ideally using AWS Free Tier services.

The solution will be a small collection of PHP scripts (not a website, just the scripts and their Composer dependencies) that call various third party APIs (including UPS Quantum View and Dropbox) and send emails, all run as cron jobs at most hourly.

I could deploy on traditional hosting in a few minutes, but the AWS services are an obtuse menagerie.

From what I can gather, I'll need EC2 Beanstalk at minimum, but beyond that I'm lost.

I'm certain this can be done with AWS, but which services do I need?

Or should I steer the client toward hosting this on his GoDaddy server? Not ideal, but it's what he has.

https://redd.it/rgijdl
@r_devops

Do I have to add backend port to security groups in aws ec2 to let the frontend talk to it?

I have a website hosting on aws ec2. My backend is running at port 8000 and my frontend is at 3000. Now I made my ip public so people can access my website. I added 3000 into the security group and now people can see my frontend UI. However, I found out that I have to add backend port 8000 into the security group as well otherwise my website only has frontend because it could not talk to the backend. This is bit confusing to me because to my knowledge if I expose only frontend port, it will call 8000 by itself within the ec2 host just like how localhost works there. But now I need to expose 8000 to the public in order to make my website fully functional. I don't know if exposing both frontend and backend ports is supposed to be the way to host a website or there has to be another way? Any comments or suggestions would be greatly appreciated! :)

https://redd.it/rgk0t0
@r_devops

Create a symbolic link (also symlink or soft link) in Linux - Ansible module file

How to create an "example" symbolic link that references "/proc/cpuinfo" in Linux with Ansible. Simple Ansible code and verification included.

https://youtu.be/uZF671e924k

\#ansible #symlink #softlink #file #linux #filesystem

https://redd.it/rgkwhz
@r_devops

PagerDuty is down

https://status.pagerduty.com/

Edit: Looks like it's coming back online now. Will delete post when all clear.

https://redd.it/rgmhmu
@r_devops