Using Sentry in a NR shop? Justification

I am looking to introduce Sentry for error triage, but we are a big NewRelic shop and there is a large feature overlap. There always is with observability tools.

Is anyone running both tools and can help with some justifications I can throw to leadership? The error triage system in Sentry is exactly what we need in our tool belt, but I don’t know if that will overcome the NR maximalists. I am not throwing shade, NR fcking rules - it’s APM is waaaay behind Sentry here though, which makes sense as this has always been their bread and butter.

Maybe I should reach out to Sentry for a use case? Big company here, thousands of servers.

https://redd.it/sh38rc
@r_devops

GitLab Down

Looks like major outage: https://status.gitlab.com/

Incident Status

Service Disruption

Components

Website, API, Git Operations, Container Registry, GitLab Pages, CI/CD - GitLab SaaS Shared Runners, CI/CD - GitLab SaaS Private Runners, CI/CD - Windows Shared Runners (Beta), SAML SSO - GitLab SaaS, Background Processing, GitLab Customers Portal, Support Services, packages.gitlab.com, version.gitlab.com, forum.gitlab.com, Canary, dashboards.gitlab.com

Locations

Google Compute Engine, Azure, Digital Ocean, Zendesk, AWS

https://redd.it/sh3yn1
@r_devops

The things that drive you nuts the most with Jenkins

Hi all, I’m a cloud engineer and got setting up Jenkins for a smaller team of developers as a task for the next 3 weeks, and since I have some terrifying memories of using Jenkins from years back, I’d like to save myself from the possible horrors this time.

I remember constant struggles with plugin dependencies, scaling Jenkins was always a chore as well, with the need to handle everything configuration-related in the UI repeatedly. Painful updates – I remember manually replacing war files in Tomcat. And God forbid if Jenkins went down. It’s a miracle that I’m not yet bald at the ripe age of 31, from handling all the cases when Jenkins just straight up shat its pants.
I’m wondering if there are any more problems that I haven’t thought of, that I should keep in mind for when I’ll be handling this task.

Apart from the problems, are there any new interesting (and better of course!) ways to run Jenkins?
I saw that running Jenkins on Docker is probably the easiest way to go about setting up a basic instance but all of us know that there’s much more to it than that and there’s always a need to set up integrations with eg. various auths, persistence etc.

https://redd.it/sh4ia7
@r_devops

Does coding necessary for DevOps engineer

what are the key places using coding of either Python or Golang of DevOps world? Why coding must.

https://redd.it/sh3xoy
@r_devops

DevOps Bulletin Newsletter - Issue 36

Hey folks,

DevOps Bulletin - Digest #36 is out, the following topics are covered:

🔒 Kubernetes API access security hardening: Do you want to implement strong authentication and authorization in the Kubernetes cluster you manage? Learn about the best practices concerning API access control hardening in the Kubernetes cluster.
🤩 10 real-world stories of how we’ve compromised CI/CD pipelines: Everything from Jenkins to Docker to Kubernetes to laptops are mentioned, there’s probably something relevant to your environment
🚀 GitHub Actions through annotated examples
⭐️ Introduction to eBPF and how it can be used to add security, networking, and other capabilities in the Linux kernel space
PostgreSQL guide: If you are a PostgreSQL data architect or an administrator and want to understand how to implement advanced functionalities and master complex administrative tasks with PostgreSQL, then this guide is perfect for you.
🎬 The official Kubernetes Documentary: this film captures the story directly from the people who lived it, featuring interviews with prominent engineers from Google, Red Hat, Twitter and others. So exciting to see how the whole Kubernetes journey started ❤️

Complete issue: https://www.devopsbulletin.com/issues

Feedback is welcome :)

https://redd.it/sh7nw6
@r_devops

HOW to leverage Github Actions and Terraform

I'm looking at ways to better use GH Actions in support of deployment methods.

We currently build out multiple environments that are the same(ish).

- each customer is a new AWS/Azure/GCP environment
- all environments conform to an overall architectural and security standard but many components and services are configured specific to the client.
- some clients may have pieces others don't
- I'm mostly only interested in deployment and not on-going operations.

We layout our TF code with each tool or system in a folder. EG 'iam/security/database/app1/etc...'

As these environments are built out essentially folder by folder over weeks and months having a GH action attempt to deploy everything at once is obvisoly a non-starter.

Should I have a single action for each folder, expecting engineers to add the action when they start their work on that piece?

Or is there a way I can have GH actions only attempt to TF fmt/init/plan/apply on the changed files and assume the rest of the environmental dependencies are there?

Or something else entirely?

https://redd.it/sh9ew8
@r_devops

Cherrybomb is a CLI tool that helps you avoid undefined user behavior by validating your API specifications.

Cherrybomb is a CLI tool that helps you avoid undefined user behavior by validating your API specifications.

​

https://github.com/blst-security/cherrybomb

https://redd.it/shbldd
@r_devops

API Integration Advice

Hey guys,

​

So I've been in the data integration game for some time, but I'm kinda embarrassed to admit I've usually been looped in when the API endpoints/middleware are already well-established and it's just straightforward implementation.

​

If you were doing an API integration (from scratch) between, for example, an ecommerce back-end like WooCommerce and another service, what kind of infrastructure/orchestration would you need to configure/setup to lay the proper foundation?

​

Thanks everyone - I always have found the feedback and discussion here really informative and helpful!

https://redd.it/shbe2e
@r_devops

Host system running different OS distro in docker container - any negative effects?

I was just thinking: does it make a difference if I use an Ubuntu based image and run it on a different OS family, e.g. CentOS or Fedora? Any performance implications?

https://redd.it/shfb7c
@r_devops

Automating role-based authorisation strategy in Jenkins

I’m using the role-based authorisation strategy plugin GUI to manually administer and assign permissions to different roles, based on the projects/folders required.

Has anyone had experience automating this? Something such as jenkins configuration as code, but without the need to restart jenkins each time a new role/project is onboarded.

I have found a hacky solution that uses a custom .json file to list the roles and groups as they’re added, and a groovy system config script to read these changes.

My confusion lies in where to feed in this script/.json file. Putting it in the dockerfile would require a new image to be built and a jenkins restart for the changes to take effect right?

The plugin doc mentions a script, but doesn’t provide much information on how and where to implement it in the jenkins controller build process, in the beginning or as a pipeline job itself…

How are you managing your jenkins roles and permissions matrix for projects?

https://redd.it/shennc
@r_devops

Changing of mindset

Starting taking ownership of devop functions at my job. Working with Cloud formation and Release management. My boss has given me full ownership of these processes meaning I should be single point of truth for any fixes or updates. I am really struggling with this because I have always sent problems to more senior members to show me how to fix them. Now I am that person who should have the solutions. How does a devops/ software programmer become better at being the owner of a process ?

https://redd.it/shjhu5
@r_devops

What VPN/access solution do the big tech companies use?

What does Microsoft/Apple/Netflix etc use for allowing employees to access internal systems?

I'm a jr DevOps engineer working for a (currently small) startup, looking to employ thousands of people a year, and have been tasked with looking into highly scalable remote access solutions. I would like to know what existing companies use for this, and what any of you would recommend.

https://redd.it/shjs0i
@r_devops

CentOS8 core package repositories are no longer available

We've been waiting for it to happen, and today docker images and cloud compute nodes are no longer able to access the core CentOS8 image repos:

CentOS Linux 8 - AppStream 113 B/s | 38 B 00:00

Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist

The command '/bin/sh -c yum install -y rpm-build rpmlint yum-utils elrepo-release jq' returned a non-zero code: 1

Makefile:77: recipe for target 'centos-8' failed

Same error occurs for all repos, just appstream comes first.

This occurs with trusted images and AWS AMIs, because the repo mirrorlist is now inactive.

https://redd.it/shbdbv
@r_devops

(New project / feedback request) - ssm-provisioner - A script that provides the ability to provision AWS instances via SSM

Hey all,

Thought I'd post about a new project I've been working on during my free time - ssm-provisioner.

I'll keep this somewhat short, but the main point of this project is to offer a simple method of SSM-based provisioning through Terraform.

Obviously, provisioners are not an ideal choice in most situations, but I've occasionally found need of something like this for personal projects where I'm not entirely worried about "production" quality deployment, but still would rather have a more secure option for live provisioning.

That's about it! It runs on the MIT license, and I'll be leveraging a formal semantic release and test process for it - mainly so I can keep some of my NPM and miscellaneous maintainer skills a bit more sharp.

Let me know what you think, and feel free to add issues, feedback, perhaps even some code if you'd like. I'll be fine tuning the contribution process, test suite, etc - for an upcoming "stable" release after I've had some good run time and feedback for this.

https://redd.it/shmgj3
@r_devops

How important do you think communication skills (particularly documentation and presentations) are to a DevOps Architect role?

I know this is really open ended and probably could be significantly different from company to company (20 person startup vs a 1000 or 10k person company).

I personally think of architects as extremely influential people in a company, not just good designers, but good evangelizers, communicators, able to draw out people's concerns and issues in order to best solve for them in a broadly adoptable manner.

But I want to get other people's opinions. Have you ever seen an architect thrive who wasn't very strong in communication/presentation skills?

https://redd.it/shnqhf
@r_devops

New developer

This might be a dumb question but I am making a career change I was making a plan to move into IT but I enjoy developing more do I need any IT experience to get a position as a frontend or backend? Also what’s the best way for me to get a position?

https://redd.it/shhnqm
@r_devops

Best resources on latest DevOps practices and trends

Where do you guys go for latest DevOps practices, trends, and news? Preferably something more technical.

https://redd.it/shqnrv
@r_devops

Should I buy KodeKloud subscription?

I'm a second year CS major and currently thinking of getting a KodeKloud subscription.

1) Is sit worth it?

2) Should I get the standard or Pro subscription?

Also, I have just started my DevOps journey so any piece of advice is much appreciated :)

https://redd.it/sh2uy0
@r_devops

Kubernetes, Openshift and Docker Swarm differences and comparison?

Hi, I am looking for a website or book etc where I can find the differences and comparison between Kubernetes, Openshift and Docker Swarm. Can you recommend any source where I could find this?

https://redd.it/sgyn0m
@r_devops

Top DevOps Trends for 2022

DevOps is already making headlines across the business world. In this blog post, we’ll introduce you to the new and emerging DevOps trends that will become more apparent in 2022.

https://redd.it/sht5j2
@r_devops

mULti-cloud kubernetes and whatnot

We’re in the process of deploying everything to multiple cloud providers. We’re already in GCP, AWS is next then Azure. Mostly we’ll be using Kubernetes for the applications and such. For some reason, management wants us looking into the Kubernetes managed services for each provider (EKS, AKS, GKE) which makes no sense to me, really. I think it’d be easier to deploy our own vanilla Kubernetes setup so it’s more “write once, run everywhere”…heh. I know there are tools to abstract out some of the managed specific bits, but I’m still leery.


Anyway, I’m totally open to being wrong, but I’d like to hear from others on which direction they went and why. Preferably from those who have hundreds of applications with 25k+ instances in each provider. Thanks for any insight/links/whatever!

https://redd.it/shutbk
@r_devops