How do I solve the lets encrypt rate limit issue with ambassador

Hello everyone please I need help with this. Our ambassador ingress controller generates our tls certs and secrets but a change was made in our environment and it caused an error with the host file so now the rate limit is high. I get an “too many certificates already issued for exact set of domains(10) in the last 168 hours”
I would like to know how lets encrypt counts so I know when we can generate a new one and how can I solve this too please. Does anyone have an idea?

https://redd.it/shxwpg
@r_devops

Tree people vs. Forest people

I wrote a post comparing what I call "tree people" to "forest people" and would be interested to hear what y'all think.

tl;dr Forest people are systems people and are disproportionately represented in DevOps. Usually we are right, but sometimes not.

badgateway.qc.to/tree-people-vs.-forest-people

https://redd.it/shxe1k
@r_devops

Mount S3 Objects to Kubernetes Pods

One of our customers asked for a solution to mount large files from S3 transparently to EKS pods.

Here's our solution - complete with a Docker image and a Helm chart:

https://dev.to/otomato\_io/mount-s3-objects-to-kubernetes-pods-12f5

\#kubernetes #eks #aws

https://redd.it/sgx57e
@r_devops

Choosing DevOps machine: MacBook Air M1 or new MacBook Pro with M1 Pro

Do you find that M1 MacBook Air with 16GB of RAM should be enough for DevOps tasks (VS code, IaC tools like terraform or ansible, cli tools, Docker, kubernetes, scripts writing in Powershell, bash, Python, from time to time coding and compiling applications in C#), or should I go with the new MacBook Pro with M1 Pro chip (8CPU/14GPU or 10/16 cores with 16GB RAM)?

https://redd.it/sgwslx
@r_devops

Secrets Management Options

So how do you guys manage secrets around the organization and around the app?


So in our current workflow, we deal with typically three types of secrets:
1. shared across the organization such as server access, SSL certs, other common login credentials etc.
2. shared across many projects such as same SMTP credentials, Common API keys etc.
3. shared across many applications in a single project such as DB credentials, API keys etc.


Our typical hierarchy looks like this

1. we have our main org
2. under this, we manage multiple projects (mainly related to client products) and products (our inhouse products)
3. under a single project, there can be multiple applications one for frontend, backend, api, etc.


So currently it's a hassle to manage secrets that's why looking for some elegant solution to manage such secrets.


Any good self-hosted tool is also good to have.

https://redd.it/si3vyd
@r_devops

Portainer Business Edition for free 5 nodes

https://www.portainer.io/pricing/take5

https://redd.it/si5x46
@r_devops

Does anyone here still use openSUSE as a distro? How does it compare to others like Ubuntu or RHEL?

Just curious what the pros/cons are. I am interviewing for a position at SUSE so curious if people still use it and how they like it as a general distro.

https://redd.it/si50sp
@r_devops

When should code get merged to dev?

If you google CI/CD you get a lot of high level theory. And it's a good goal anyway, but a lot of us don't have true ci/cd setup. What I realized is that I don't know what is normal for when code gets merged to dev. Like what is the step by step for a developer. They write code on a branch. I know some people commit often, even if it doesn't work. And others only when it does work. But where does it go from there. Bonus points if you can tie in jira ticket statuses. :)

https://redd.it/si91n7
@r_devops

How to export AWS AMI to OVA/VMX?

I am building an AWS AMI with Packer, I want to export that image, I want to use it on prem, on vmware environment, according to the docs you can export AMI to vmdk, vhd or raw format.

1. Can you somehow export baked AMI directly to OVA? I can export ec2 instance to OVA but that's not what I need at the moment.
2. Can you convert vmdk to ova using Packer somehow? I know you can convert from ova to vmx with Packer.

Ideally, this should be completely automated, which is why I am using Packer. The final result should be a machine image I can deploy to vSphere.

I am a newbie, not sure if this is a right approach.

https://redd.it/si4s5u
@r_devops

FluentD vs Logstash

Hello all,

Im doing research on few logging solutions. Ive been looking into ELK vs EFK vs Grafana Loki.

For folks who have experience with using/operating them, I would like some input. More specifically on ELK vs EFK. In which scenarios would you prefer to use? What are advantages/disadvantages over the other? How does it scale? What are its limitations?

Really appreciate all your input. Thank you!

https://redd.it/sggsml
@r_devops

Cloud Architect VS Solutions Architect at AWS

Hi, can anyone please explain to me the difference between a Cloud Architect role VS a Solutions Architect role at AWS?

I am trying to understand the difference between the 2 roles because the job description seems to be identical.

Does one role have an upper hand over the other?

https://redd.it/sidgfy
@r_devops

Encrypting Outlook emails

Not sure if this is the right place for this but I cannot find proper steps on Google.

Because when I go to Preferences - Account - Security .
The certificate option is shown in grey(not clickable).

I wanted to know how to generate this S/MIME certificate.


Thanks

https://redd.it/siladf
@r_devops

Monitoring Custom App with Grafana

So long i have been using ELK for custom stuff that do not provide a ready prometheus exporters, using a custom script solution that will generate my log which i will send to elk to visualize and monitor.

I would love to understand how i can accomplish the same thing with Grafana and i assume prometheus.

For example, i want to monitor the status of a certain service of mine -only- and some stuff related to that service.

How can one accomplish this? By the way bare metal instance, it's my lab that i am testing these stuff out.

https://redd.it/sil1mo
@r_devops

Open source alternatives to elasticsearch/kibana for log analysis

Im looking for free open source alternatives to elasticsearch/kibana for log aggregation and analysis like searching through them or graphing them.

I have a pretty simple set up. Logs go to a syslog server and i use rsyslog's om-elasticsearch package to get the logs into elasticsearch. Then i hook up kibana to it for searching and graphing.

Elasticsearch/kibana are good enough but i want to know what else is out there. What are you using?

https://redd.it/sims0x
@r_devops

Ridiculous prices for some tools?

What are your thoughts about the pricing in regards of developer and DevOps tools?

When I look at tools, especially anything that can upgrade security in applications or libraries, the cost just takes leaps and/or bounds.

For the bare minimum of functionality you pay a large sum (often without support), before you need to spend (at best) a few times more to get the functionality which makes the tool more viable.

Especially the jump to "Enterprise" is hefty for someone who needs the functionality but is just going to have one server up and running (with database and backup ofc).


edit: I don't mind paying for products and support, but at some given price level it feels like you're being used.

https://redd.it/sio11g
@r_devops

When a non techie asks you what you do, what do you tell them so they don't fall sleep?

Sometimes when people ask me what I do, I just end up giving generic answers like developer (even though technically I am not), or computer engineer so I don't have to over-explain and make the conversation dull with technicalities. Or when I rarely want to get fancy I tell them that "I help create a factory floor where developers can produce work more efficiently."

What about you?

https://redd.it/sinxiq
@r_devops

Using SQL to analyze OpenTelemetry traces

A presentation from John Pruitt of TImescaleDB hosted by the Data on Kubernetes Community. It went down really well with the viewers as a different approach to this challenge. The software is open source software (Promscale), and the demo is available for you to download and explore.

YouTube video: [https://www.youtube.com/watch?v=Kid4X-XHfaE](https://www.youtube.com/watch?v=Kid4X-XHfaE)
Demo repo: https://github.com/timescale/opentelemetry-demo

The underlying proposal for the Promscale project is that offering SQL analysis for observability opens the opportunity to use skills many DevOps people already have to drill down into their data. No learning curve, just dig in and look. An added bonus is that long-term storage allows you to watch for trends and patterns. Hope that readers might find the content useful or thought-provoking.
Transparency: I work for Timescale

https://redd.it/sio457
@r_devops

Is there a way to add a short/alias command for AWS Slack chatbot?

I've recently started playing around with some chatops things. One thing I have currently in place is a way for developers to invoke an AWS batch job which replaces staging databases from Slack using the AWS Chatbot Slack integration.

This all works good but the command to do it is long and hard to remember. Does anybody know if there is some way that you can somehow alias a shorter slack command either a /something or !command etc. instead?

https://redd.it/siq7mo
@r_devops

Possible to find fully remote work in US, if Im located in Europe?

Hello fellow DevOps members!,

I am not currently happy with my current salary in EU (Slovakia), having just 10euro per hour. I would like to move forward in my life and get something better. I have a knowledge of bash/zsh, debian/ubuntu, ansible, SQL, Git, Openstack, Grafana, Prometheus, python, and few more. Currently I have under my development more than 340 ubuntu servers.

Is it possible to get a DevOps job fully remote without visiting actual company, just work remotely from my country?

If I will be full time employee, how the company will do taxes for me?

Or even is it possible to be paid out directly on paypal or any other virtual platform?

https://redd.it/sit0cr
@r_devops

An alternative to Jira

Hi,

Just wanted to know what do you all use for managing scrums? I feel like we are paying way too much for Jira and Confluence than we need to and since we a small team(<12) we feel it is kind of an overkill. So what are some other alternatives to these services?

Thanks

https://redd.it/sivf9e
@r_devops

CI/CD pipeline creation training resources?

I'm not that familiar with creating and working with a CI/CD pipeline but I would like to learn more and actually get to the point I could run small training sessions at my company. Any suggestions on how to gain that familiarity and then be able to share that information? Thanks ahead of time!

https://redd.it/siwu7j
@r_devops