What have you made so far that you're "proud of", so to speak?

The tile sounds like a "juniorish" question, but I'll leave it like that. = )

https://redd.it/seiisw
@r_devops

"The fact remains that tooling is behind the culture. To date, if there's a major incident that needs rapid response, developers often feel powerless because they don't have a connection to SRE tools that are heavily infrastructure-oriented." Agree or disagree?

I came across this article and I wanted to get a feeling on whether or not people agree with this statement, made by Itiel Shwartz of Komodor. I'm fairly new in my Devops journey so I would appreciate some discussion to learn from.

Source: https://vmblog.com/archive/2021/12/13/komodor-2022-predictions-sre-tools-will-start-speaking-the-language-of-developers.aspx#.YdxWBBNBz0q

https://redd.it/sekaam
@r_devops

Not much devops but for you it's installed on your machine

I'm looking for an alternative for Docker Desktop. I'm not sure if there are alternatives where docker cli command is compatible. If there's none, it's ok. Which alternative did you like best?

https://redd.it/sel0w5
@r_devops

How to get error messages from Puppet to show up in Jenkins?

I have a pipeline that restarts artifactory.service when there is a change to a configuration file. The job is failing but I can only see the error message in Puppet, how can I get this error message to display in the Jenkins pipeline logs?

I havent been able to find it in the task endpoints doc.

This was the error btw

{"status": "failure", "error": {"message": "Job for artifactory.service failed. See "systemctl status artifactory.service" and "journalctl -xe" for details. ", "kind": "bash-error", "details": {\]}}

But I want to see the error message for any error that pops up from Puppet, in the Jenkins Pipeline.

https://redd.it/se7hu8
@r_devops

HA Vault/Consul Setup

Hello, almost all Vault/Consul HA setup guides uses Consul client on Vault side, I see it is also possible to connet vault directly to consul server. Is it wrong way, is there downsides? (Vault and Consul are on same server under Docker)

https://redd.it/seocnt
@r_devops

Automated testing, development of a substantial number of Ansible roles

We have a substantial inventory of in-house developed Ansible roles (almost 70 and that number is rapidly growing).

They are representing an essential set of tools that we use every day to manage existing and deploy new infrastructure for our hosting customers, so we are really trying hard to keep them updated, tested and in a working condition.

So far we used `molecule` with Docker as a driver to develop them locally, and GitHub Actions to automate their scheduled testing, as we have tests for dozens of scenarios for each role.

However, doing it this way is really starting to be a problem, especially in the development side of things because of `systemd` (we are using Geerling's base docker images) that just does not work properly all the time and some other molecule related bugs that we need to deal with.

Often, our automated tests on GitHub Actions fail just because of Docker, even though roles themselves are functioning perfectly fine.

With all of that said, I feel that we need to make some changes in our development and testing, but I am unsure what could be a proper replacement for the `molecule+docker`? To make things worse, we need something that works on both M1 and X64 arch (for development), plus GitHub Actions as platform of choice for automation.

We were considering switching to Vagrant for development, but Vagrant does not work on M1 (because of VirtualBox). Multipass would do the job, however there is no Provider/Driver for Multipass (plus we are always developing our roles to work on Ubuntu, Debian and CentOS, so Multipass would not be an ideal candidate).

We also have a substantial amount of Proxmox servers that we could use to bring up instances, do automated deployment and testing and then bring them down, but molecule does not have support for Proxmox, either, and documentation is quite horrible.

So, does anyone have a suggestion how we can improve all of this?

EDIT: Just to make it clear, I am more of trying to find if there is a better way of doing all of this, having in mind the amount of roles we have. I know that we can always build our own Docker images to fix the sysmted issue, and continue with what we were doing so far.

https://redd.it/seowmc
@r_devops

when and how to choose cloud over vps?

If I've a web application that doesn't really require elastic features of the cloud and doesn't really need any of the managed services that cloud provides.

Is it justifiable move the app in the cloud? When it becomes justifiable?

I mean, managed services sure help and they speed things up quite a bit, but I feel like I could do the same things with a dedicated server or a VPS with a fraction of the cost.

Asking because recently I've been working with multiple different clients that have wanted and even have it as a requirement to use the cloud even when the app itself is going to be closed from public use and won't ever need any of the elastic features, ever.
I want to be able to justify these choices. I want to truly understand how and why this is a good choice to make over a VPS or dedicated machine that could do everything needed with a fraction of the cost.

At the moment I feel like... clients could save a lot of money. What I am missing here?

https://redd.it/se5t2j
@r_devops

CVE-2021-44790 => anyone else running amazon linux 2 seeing this?

https://alas.aws.amazon.com/cve/html/CVE-2021-44790.html

We got some directions from aws support to upgrade/resolve the issue but it's not working...

\-  Step 1: Check Apache (httpd) status: $ sudo systemctl status httpd           
****You should see “active (running)” for your httpd service. If not, to start Apache, run $sudo systemctl start httpd
\-  Step 2: Check modules enabled for Apache (httpd) $ sudo httpd -M
****Look for lua module, you can also add “| grep lua” at the end of the above command
\-  Step 3: Find the lua module configuration file $ ls /etc/httpd/conf.modules.d/
****You should see a file named “xx-lua.conf”
\-  Step 4: Disable lua module $ sudo vim /etc/httpd/conf.modules.d/00-lua-conf
****open the file, press “i” to modify the file, place a “#” in front of “LoadModule lua_module …”, press “ESC” to finish editing, and enter “:wq” to save the changes and quit
\-  Step 5: Restart httpd to apply the change $ sudo systemctl restart httpd
\-  Step 6: Ensure lua module is disabled $ sudo httpd -M | grep lua
**** If nothing returned from the above command, that means lua module has been disabled. Once lua module has been disabled, Inspector will automatically remove the security notification shortly.

Anyone else seeing this? I would think this is an AWS team thing they should do in the background (we're using elastic beanstalk).

We're also no using apache (but it is downloaded of course).

https://redd.it/se5mar
@r_devops

Where do you find people passionate about devops in a purely management perspective?

I have a wonderful problem, my volunteer organization has tons of very capable developers coming together to build something awesome they could never do alone.

However, right now things are pure chaos and we need people who can understand and manage people to help.

Sadly, unlike the game development industry, there doesn’t seem to be any classified area to try to find these kind of people on Reddit.

Where do people passionate about these sort of things come together to work on projects or to find projects to work on?

It should be noted that I run a volunteer organization that has a massive positive impact but the people who volunteer do it for the sake of the impact and not the funds.

https://redd.it/se0xgl
@r_devops

How to Install and Configure SonarQube on CentOS 8 | Step by Step SonarQ...

How to Install SonarQube on CentOS 8, Install and Setup PostgreSQL 14 Database For SonarQube,Configure SonarQube

​

\#sonarqube #installsonarqube #devops

https://www.fosstechnix.com/how-to-install-sonarqube-on-centos-8/

https://redd.it/seu09p
@r_devops

What's your monitoring stack?

Myself and others in my organization are unhappy with our monitoring software and are reconsidering it. I'm curious what everyone else is doing for this.

What do you use for monitoring?

What do you monitor with it? Is it mostly cloud resources? Do you monitor any physical hardware such as firewalls, SAN, esxi cluster?

Do you have it set up to run any sort of automated first response if an alert condition is met, and if so, how is that set up?

How are alerts sent to responders?

https://redd.it/sevtqs
@r_devops

We looked at job descriptions for SREs at GitLabs, Microsoft and others

The SRE role has shifted quite a bit over the last few years,we looked at job descriptions from companies like Linkedin, Microsoft and others to see what they're looking for!

https://redd.it/sex2sa
@r_devops

Kubernetes: The Documentary PART 1

https://www.youtube.com/watch?v=BE77h7dmoQU

https://redd.it/sewoaa
@r_devops

Running scientific code (testing) on the cloud

I am currently finishing my master thesis and I have a lot of hours of testing to go (CPU intensive, on my 5800x it takes 15 hours x 30 seeds) and I would like to ask you if you know any solution (cloud) that you think might help me to not run all this in my computer... I don't really care if it takes the same time, I just don't want to have my desktop gasping for weeks + it makes a lot of noise.

​

My code is a simple object oriented program written in python and currently my IDE is Pycharm.

I wanted something extremely easy that just let's me use my computer as a master and the code would be running on other machines but without a lot of difficulty.

https://redd.it/sew0yu
@r_devops

Only slightly off-topic: A comment about Java

In a conversation with co-workers, the topic of Java came up. We don't use Java in our industry. One co-worker told us of his experiences with Java:

"I knew Java once. Intimately. I taught her how to play Sudoku. She said she would help me get a job, but she never did. Then she ghosted me and went to Oracle, and everybody started talking smack about her."

https://redd.it/setymd
@r_devops

What would you recommend as first steps in awc?

to start learning, some hands on and stuff

https://redd.it/sdrp48
@r_devops

Make your DevOps Team Happy with this PagerDuty + Discord Integration

PagerDuty has incredible support for their Slack integration, but if your team collaborates mainly in Discord, then you’re sadly out of luck.

I saw this blog post where you can create a PagerDuty integration for Discord users -- one that gets you started quickly and is fully customizable to your needs, and help your DevOps team :)

PagerDuty + Discord Integration

https://redd.it/sdi7hx
@r_devops

Tools for complex infrastructure as a code

Is there any possibility to deploy a complex infrastructure in a virtual environment?

Let's say that an organization wants to virtualize its network which consists of some servers in a DMZ (email, web, VPN) and also a internal component (maybe a Active Directory network).

Is it possible to code not only the topology of this network but also its configuration? Ex: the configuration of the web server (with all the applications and users and etc.), the mail service (users), vpn (users, certificates, etc.), the AD part (complex config...users, policies, etc.)...

Does anybody know what are the tools that are needed to create this....using some scripts ar some yaml files or whatever...? So, basicaly I want to run a single script or something ang after its execution to have the infrastructure deployed and configured.... What stack of products should I use in order to have the best results?

https://redd.it/sddbva
@r_devops

Question about working at Slower.AI

I am being courted by Slower.AI and I am having difficulty finding information about working there as well as the culture of the company. My Google-fu is bringing up old, outdated, shallow, or unrelated information (because of the ambiguous name). Does anyone have any input?

FYI - I'll be doing Senior DevOps/SRE work working on different cloud platforms. I've been in DevOps for 15 years and enjoy what I do.

https://redd.it/sf5kyh
@r_devops

Microservices policy workflow for Kubernetes

Hey folks

We are structuring the workflow for defining application policies on Kubernetes and scaling it across multiple clusters.

I've put this interactive workflow together and would love to get your feedback on the approach and initial policies covered:

https://shipa.io/kubernetes-policies/

Everything done through the UI can also be done using the major IaC tools (Pulumi, TF...) and embed it into the CD pipeline.

The goal is to address different security requirements for different projects, teams, or applications without having to define policies at the object/infrastructure-level and detach it from things such as API version, controllers, and all.

Thoughts?

https://redd.it/sewm16
@r_devops

Redis cluster with Docker Swarm or use AWS elastic cache?

Hey guys please share your pros and cons about using Docker swarm to setup your own redis cluster versus using a cloud service like aws elastic cache. Cheers

https://redd.it/sejb6u
@r_devops