DevOps as tier 1 developer support

I've been with my current team for a few months now, and it's struck me as odd that DevOps is the first point of contact for developer requests, which is anything from restarting services, checking user permissions (merges/PRs/Pipelines) troubleshooting application stacks, project/process tweaking in Jira/ADO... you get the idea.

While these requests are generally DevOps related, I'd say a good 40% of them are more suited to IAM, senior developers, POs/PMs etc.

My question is - is this the expectation for a DevOps team? Experience tells me no, but maybe I've just been lucky up to this point.

P.S. I should add that while I don't mind supporting my colleagues, I know that our engineers are capable of doing so much more than responding to support requests

https://redd.it/rn182h
@r_devops

Is it bad to start your career directly into DevOps after college?

What's your opinion on someone who is directly starting his career in DevOps after college?

Edit: Junior DevOps in development team along with developers

https://redd.it/rn25n4
@r_devops

setting up a chef server

hello! I'd like to set up a chef just to test syntax on recipies and cookbooks. do i need a full chef server to do this? will chefdk cover my needs? will chef workstation?

https://redd.it/rn2lnl
@r_devops

Which CS subjects should a DevOps engineer study?

Referring to this table of CS subjects, which of these subjects would be worth relearning and would provide the most benefits in a DevOps role?

https://redd.it/rn3u06
@r_devops

How to populate secrets on first deployment of an application?

We have a pretty standard set of Java applications which are deployed onto Kubernetes using Helm charts. Our cluster has Vault for secret storage. Everything works great.

The problem is that we are having to pre-populate Vault with secrets using a script before the application is first deployed.

Later, if a Developer adds a new secret to the application, someone has to manually add a new secret to Vault before the newer version of the application is deployed.

I'm wondering if anyone has found a way a reliable, scalable way for an application to "bootstrap" new Vault secrets on first deployment?

i.e. if an application is deployed for the first time in a cluster and finds none of the secrets it needs are populated, then it can automatically create new secrets with randomized values and populate them in Vault.

Have spent a few hours Googling but couldn't find any solutions to this.

https://redd.it/rn6jr3
@r_devops

Jenkins Server unable to connect to SonarQube



Hi all im running Jenkins and Sonarqube on AWS.

Jenkins is unable to connect to my SonarQube server. I have checked the security groups and the Sonarqube SG has an inbound ruleto allow the jenkins server to connect to my sonarqube server but im still getting the below errors,

I have copied the token provided from the sonarqube server and put that into the sonarqube server environment variable.

Also the SonarQube server is up and running and accessible via public IP. (please note i have x'd out the actual private IP address from the console output below)

Any help would be appreciated.

1. INFO: SonarScanner 4.4.0.2170
2. INFO: Java 1.8.0_312 Private Build (64-bit)
3. INFO: Linux 5.4.0-1060-aws amd64
4. INFO: User cache: /var/lib/jenkins/.sonar/cache
5. ERROR: SonarQube server [http|://xxx.xx.xx.xx\] can not be reached
6. INFO: ------------------------------------------------------------------------
7. INFO: EXECUTION FAILURE
8. INFO: ------------------------------------------------------------------------
9. INFO: Total time: 0.570s
10. INFO: Final Memory: 3M/31M
11. INFO: ------------------------------------------------------------------------
12. ERROR: Error during SonarScanner execution
13. org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
14. at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
15. at java.security.AccessController.doPrivileged(Native Method)
16. at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
17. at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
18. at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
19. at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
20. at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
21. at org.sonarsource.scanner.cli.Main.main(Main.java:61)
22. Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
23. at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
24. at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
25. at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
26. at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
27. ... 7 more
28. Caused by: java.lang.IllegalArgumentException: Expected URL scheme 'http' or 'https' but no colon was found
29. at org.sonarsource.scanner.api.internal.shaded.okhttp.HttpUrl$Builder.parse(HttpUrl.java:1332)
30. at org.sonarsource.scanner.api.internal.shaded.okhttp.HttpUrl.get(HttpUrl.java:917)
31. at org.sonarsource.scanner.api.internal.shaded.okhttp.Request$Builder.url(Request.java:165)
32. at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:110)
33. at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
34. at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
35. ... 10 more
36. ERROR:
37. ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
38. WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeed?
39. ERROR: SonarQube scanner exited with non-zero code: 1
40. [Slack Notifications\] found #5 as previous completed, non-aborted build
41. [Slack Notifications\] will send OnEveryFailureNotification because build matches and user preferences allow it
42. Finished: FAILURE

https://redd.it/rn2s4k
@r_devops

Retrospect on the AWS Outage and Resilient Cloud-Based Architecture

If an AWS outage on a single availability zone (AZ) is able to take down so many services like Slack and Hulu, perhaps it’s a good time to revisit common practices for business continuity & disaster recovery:

Retrospect on the AWS Outage and Resilient Cloud-Based Architecture

https://redd.it/rmry9c
@r_devops

How to apply gitops workflow with Vault and Kubernetes?

I deployed vault helm chart via ArgoCD in a Kubernetes cluster and I manually created hcl policies, users and approles with the vault cli by connecting to the container. I’d like to commit the hcl files to git and have a gitops workflow instead so when the deployment gets destroyed, I can easily reapply things that were created. How can I do this with vault helm?

https://redd.it/rnbxc6
@r_devops

Holiday plans voided by the log4j CVEs

Not much here. Just an empathy post for all those whose holidays that have been impacted by the recent log4j CVEs reported. You're not alone!

https://redd.it/rne1cq
@r_devops

Automatic two-way mirroring of Github repositories

I currently have access to a github repo that belongs to old school administrators that will not enable modern github features (such as deploy keys, actions, etc), which unfortunately inhibits my team's ability to implement basic ci/cd functionality.

I was wondering if there is a solution that allows for automatic two way mirroring of git repositories such that I can spin up my own private repo and implement integrations off the repo my team controls instead.

I was thinking a solution using webhooks to recognize when a change occurred in one repo and automatically mirror it to the other, that way users can work from either one.

Does something like this exist? Any advice on how to solve this particular predicament?

Thanks and Happy Holidays!

https://redd.it/rnf557
@r_devops

Top DevOps Automation Tools In 2022 And Beyond

Automation has become pivotal in today’s technologically advanced world. One can see a number of processes in which automation has played an important role. It has created a new sense of emergency in which either a person is busy automating processes or getting automated.  Because with the help of automation, the efficiency has increased manifold. As well as, the productivity and quality of the work have also improved.

As per the stats, circa 51% of companies are using marketing automation tools and around 58% have a plan to use automation tools.

Read this blog to learn which DevOps automation tools are popular and why.

https://redd.it/rngejd
@r_devops

Finessed my way into SWE role without containers

The role is a software engineering role rather heavy on cloud and DevOps / containerization. I think I got the job more because I had a positive attitude and was a referral from an acquaintance on the team, plus have a couple years of development experience, but that might be besides the point.

Where should I get started learning containers, Docker and maybe even cloud (with how it’s relevant or fits in)? I’m currently going through a crash course video on YouTube by academind since I used his videos to learn front-end / JavaScript. I can reference official documentation but it tends to get really dry really quick.

https://redd.it/rnhhuj
@r_devops

Cloud Malware analysis tool/api

Hello,

I am looking for some feedback on "Cloud Malware analysis tools/API".

The need, send suspicious "png, jpg, pdf" into a cloud tool in order to get a score of the possible threat of this file.

Does anyone is using a tool like this ?

Of course I need a good response time/availability since i will send a good amount of file/s to it.

​

Thanks.

https://redd.it/rnh35l
@r_devops

How should I deploy my website

I'm not sure if this is the right subreddit to ask,

But right now I'm a bit confused on how I should deploy my website. I'm deploying a scrabble website with word search, board analysis, and later on player vs player feature as well as puzzle feature. There will be a user login feature and the only thing we store about the user is the puzzles that they have done as well as the matches that they have played.

There's potentially some traffic to the website, so I was wondering whats the best way to deploy

https://redd.it/rnjbvu
@r_devops

How do I get devs access to EKS?

TLDR in the end

We've been exploring Okteto as a tool to allow devs to work in near-production environment with K8s.

Here's the issue - it's not possible or easy to onboard and manage hundreds of devs onto IAM.

We currently use an LDAP server to grant them access to EC2 Linux instances which is easy enough but IAM has more granular stuff for K8s which we want to use (and I beleive is the only way to get access - maybe I'm wrong)

Is there a way to work with IAM and LDAP so that groups and users can sync?

---

Eventually, we'd onboard teams (as groups) and grant them access to namespaces or deployments or projects in Rancher.

---
TLDR;
I want devs to be able to get a

.kubeconfig

file from Rancher for their user/group and then use it to work with Okteto to deploy and test their code on the cluster.

How do I get this up and running?

https://redd.it/rnjtmk
@r_devops

Merry Christmas! I am giving away my ebook Command Line: A Modern Introduction for free. Grab your copy as a gift :)

1. Go to https://stribny.gumroad.com/l/moderncommandline
2. Enter "christmas" as the discount code
3. Enjoy your Christmas gift:)

https://redd.it/rnl9z3
@r_devops

Which CI service allows running containers to test open source software?

Hi Devops folks,

I have a open source project, and I'd like to test it against a live DB.

Is there a service, which allows me to run containers while building the software?

I am relatively new to Github actions, it allows me make build and publish it to repository.

I am not sure if it allows, running containers of my choice while test section of the build runs.

Any service like CircleCI, TravisCI provides such service?

https://redd.it/rnj5y4
@r_devops

How your company selects a CI/CD tool?

I am an aspiring DevOps engineer and still learning. I was going through the CI/CD process so I really wanted to understand how a company or a start up selects a CI/CD tool?

The DevOps architects or DevOps managers make this decision or an engineering head/CTO makes this decision.

Or, is it the initial developers that were hired that make this decision.

Since there are a lot of CI/CD tools (Jenkins, CircleCI, Semaphore CI, Harness, TeamCity, etc) out there it can be very daunting exercise and I am really interested to know this with your experience.

https://redd.it/rnemdn
@r_devops

DevOps or Test Automation: Need help to decide next steps in my career

Hello good people. I need some guidance. Please help.

I am currently working as a Software QA engineer[Test Automation\]. I have three years of experience in test automation. I had completed my bachelor's in Software Engineering. After that, I join a company as a manual tester. After one year, My manager switch my project and put me in a project where my role is to automate the Backend test suite with Java and bash script. till now I am working on that project. In this project, I have to maintain a CI/CD pipeline. One year ago our client move the project to AWS so I got some good exposer to AWS. I work closely with our offshore DevOps team. Which makes me interested in DevOps activity. My current skill set is below:

1. I have experience in UI and API automation with JAVA, TestNG.
2. I have basic knowledge about CI/CD pipeline and workflow.
3. I used Jenkins, Elastik, and Rundeck on daily basis.
4. Basic knowledge about AWS infra.
5. I know Python [medium level\], Bash [can write script\].

My Questions are below:

1. I am moving to Canada next year so it is kinda hard for me to decide which path I should go to get a Job in Canada, Automation or DevOps?
2. If I want to move to DevOps what skills or Cert I should get to land my first job?
3. I am kinda decided to go for AWS SAA or AWS Sysops certificate [To learn more about AWS infra\]. Is it help me to land a job in the cloud?

Thanks, Everyone. I really appreciate your help.

https://redd.it/rnpx2u
@r_devops

Free Slack app to keep a status dashboard one click away from your team!

I have developed a free Slack app that I think might come in very handy for fellow DevOps engineers, with Status Center you can have a status dashboard, displaying the status of selected status pages, just one click away in your Slack workplace.

It can also notify you in real-time, directly on a Slack channel of your choosing.

We've only started working on this tool, and the number of status pages is limited, but there is a button for you to request new ones, we will be adding new ones quickly.

Looking forward to hear your feedback!

The tool: https://statuspal.io/status-center/slack/

https://redd.it/rnsb7b
@r_devops

Is there a way to make git tortoise and visual studio work faster on a project inside of WSL2?

Ok, I did the opposite by putting the project inside my Windows drive. Now, I have the project inside the WSL2 drive, so the website works faster and is much more responsive, but when using Visual Studio and tortoise it's super slow, so the search is slow and git tortoise sometimes freeze. Is there a fix for this?

https://redd.it/rnuye0
@r_devops