When should code get merged to dev?

If you google CI/CD you get a lot of high level theory. And it's a good goal anyway, but a lot of us don't have true ci/cd setup. What I realized is that I don't know what is normal for when code gets merged to dev. Like what is the step by step for a developer. They write code on a branch. I know some people commit often, even if it doesn't work. And others only when it does work. But where does it go from there. Bonus points if you can tie in jira ticket statuses. :)

https://redd.it/si91n7
@r_devops

How to export AWS AMI to OVA/VMX?

I am building an AWS AMI with Packer, I want to export that image, I want to use it on prem, on vmware environment, according to the docs you can export AMI to vmdk, vhd or raw format.

1. Can you somehow export baked AMI directly to OVA? I can export ec2 instance to OVA but that's not what I need at the moment.
2. Can you convert vmdk to ova using Packer somehow? I know you can convert from ova to vmx with Packer.

Ideally, this should be completely automated, which is why I am using Packer. The final result should be a machine image I can deploy to vSphere.

I am a newbie, not sure if this is a right approach.

https://redd.it/si4s5u
@r_devops

FluentD vs Logstash

Hello all,

Im doing research on few logging solutions. Ive been looking into ELK vs EFK vs Grafana Loki.

For folks who have experience with using/operating them, I would like some input. More specifically on ELK vs EFK. In which scenarios would you prefer to use? What are advantages/disadvantages over the other? How does it scale? What are its limitations?

Really appreciate all your input. Thank you!

https://redd.it/sggsml
@r_devops

Cloud Architect VS Solutions Architect at AWS

Hi, can anyone please explain to me the difference between a Cloud Architect role VS a Solutions Architect role at AWS?

I am trying to understand the difference between the 2 roles because the job description seems to be identical.

Does one role have an upper hand over the other?

https://redd.it/sidgfy
@r_devops

Encrypting Outlook emails

Not sure if this is the right place for this but I cannot find proper steps on Google.

Because when I go to Preferences - Account - Security .
The certificate option is shown in grey(not clickable).

I wanted to know how to generate this S/MIME certificate.


Thanks

https://redd.it/siladf
@r_devops

Monitoring Custom App with Grafana

So long i have been using ELK for custom stuff that do not provide a ready prometheus exporters, using a custom script solution that will generate my log which i will send to elk to visualize and monitor.

I would love to understand how i can accomplish the same thing with Grafana and i assume prometheus.

For example, i want to monitor the status of a certain service of mine -only- and some stuff related to that service.

How can one accomplish this? By the way bare metal instance, it's my lab that i am testing these stuff out.

https://redd.it/sil1mo
@r_devops

Open source alternatives to elasticsearch/kibana for log analysis

Im looking for free open source alternatives to elasticsearch/kibana for log aggregation and analysis like searching through them or graphing them.

I have a pretty simple set up. Logs go to a syslog server and i use rsyslog's om-elasticsearch package to get the logs into elasticsearch. Then i hook up kibana to it for searching and graphing.

Elasticsearch/kibana are good enough but i want to know what else is out there. What are you using?

https://redd.it/sims0x
@r_devops

Ridiculous prices for some tools?

What are your thoughts about the pricing in regards of developer and DevOps tools?

When I look at tools, especially anything that can upgrade security in applications or libraries, the cost just takes leaps and/or bounds.

For the bare minimum of functionality you pay a large sum (often without support), before you need to spend (at best) a few times more to get the functionality which makes the tool more viable.

Especially the jump to "Enterprise" is hefty for someone who needs the functionality but is just going to have one server up and running (with database and backup ofc).


edit: I don't mind paying for products and support, but at some given price level it feels like you're being used.

https://redd.it/sio11g
@r_devops

When a non techie asks you what you do, what do you tell them so they don't fall sleep?

Sometimes when people ask me what I do, I just end up giving generic answers like developer (even though technically I am not), or computer engineer so I don't have to over-explain and make the conversation dull with technicalities. Or when I rarely want to get fancy I tell them that "I help create a factory floor where developers can produce work more efficiently."

What about you?

https://redd.it/sinxiq
@r_devops

Using SQL to analyze OpenTelemetry traces

A presentation from John Pruitt of TImescaleDB hosted by the Data on Kubernetes Community. It went down really well with the viewers as a different approach to this challenge. The software is open source software (Promscale), and the demo is available for you to download and explore.

YouTube video: [https://www.youtube.com/watch?v=Kid4X-XHfaE](https://www.youtube.com/watch?v=Kid4X-XHfaE)
Demo repo: https://github.com/timescale/opentelemetry-demo

The underlying proposal for the Promscale project is that offering SQL analysis for observability opens the opportunity to use skills many DevOps people already have to drill down into their data. No learning curve, just dig in and look. An added bonus is that long-term storage allows you to watch for trends and patterns. Hope that readers might find the content useful or thought-provoking.
Transparency: I work for Timescale

https://redd.it/sio457
@r_devops

Is there a way to add a short/alias command for AWS Slack chatbot?

I've recently started playing around with some chatops things. One thing I have currently in place is a way for developers to invoke an AWS batch job which replaces staging databases from Slack using the AWS Chatbot Slack integration.

This all works good but the command to do it is long and hard to remember. Does anybody know if there is some way that you can somehow alias a shorter slack command either a /something or !command etc. instead?

https://redd.it/siq7mo
@r_devops

Possible to find fully remote work in US, if Im located in Europe?

Hello fellow DevOps members!,

I am not currently happy with my current salary in EU (Slovakia), having just 10euro per hour. I would like to move forward in my life and get something better. I have a knowledge of bash/zsh, debian/ubuntu, ansible, SQL, Git, Openstack, Grafana, Prometheus, python, and few more. Currently I have under my development more than 340 ubuntu servers.

Is it possible to get a DevOps job fully remote without visiting actual company, just work remotely from my country?

If I will be full time employee, how the company will do taxes for me?

Or even is it possible to be paid out directly on paypal or any other virtual platform?

https://redd.it/sit0cr
@r_devops

An alternative to Jira

Hi,

Just wanted to know what do you all use for managing scrums? I feel like we are paying way too much for Jira and Confluence than we need to and since we a small team(<12) we feel it is kind of an overkill. So what are some other alternatives to these services?

Thanks

https://redd.it/sivf9e
@r_devops

CI/CD pipeline creation training resources?

I'm not that familiar with creating and working with a CI/CD pipeline but I would like to learn more and actually get to the point I could run small training sessions at my company. Any suggestions on how to gain that familiarity and then be able to share that information? Thanks ahead of time!

https://redd.it/siwu7j
@r_devops

Is it possible to learn DevOps without having a Dev or Ops background?

I am going to go through the Mycroft DevOps course

https://redd.it/sixwrs
@r_devops

The Canary Deployment Strategy and When to Use It

The Canary Deployment Strategy and When to Use It

https://redd.it/siw009
@r_devops

DevOps Team Lead - what to expect

Senior Software Architect here with 20 YOE . . . currently job hunting and ran across a DevOps Team Lead role that fits my salary requirements and tech stack experience. I had one interview already and doing a panel interview with some key stakeholders soon.

I'm passionate about DevOps, very familiar with CI/CD pipelines through Azure DevOps server, and of course I have many years of .Net dev and MSSQL system architecture/design in my corner.

Just curious on what to expect - what is a "DevOps Team Lead" to you? Any pointers for the interview process?

Thanks!

https://redd.it/sj1bco
@r_devops

Best job title for future career growth - recruiter eyeballs

I'm starting a new gig and I get to pick my title. The job posting was DevOps Engineer but what I'm really going to be doing is closer to Software Engineer (infrastructure) or maybe Software Engineer (Developer Productivity).

Regardless of how I feel about how we all feel about 'DevOps is a culture not a role' what do you think is the best title to use so that in the future when I'm interested in making a move, i can rank high on recruiter searches?

https://redd.it/sj33in
@r_devops

Replace Docker desktop with Lima on Mac OS

https://itnext.io/replace-docker-desktop-with-lima-88ec6f9d6a19

https://redd.it/sj403n
@r_devops

Easy Database Management solution for self hosting in a docker container?

Heavily considering migrating a small web app off of Heroku, trying to decide the best way to host the database. Is there something like Scalegrid that I can self-host for a database running in a docker container? Or should I just fork out money for a managed solution like GCP's Cloud SQL. I'm trying to keep everything on one cloud. I don't know much about devops; I don't trust myself to write my own scripts or something to backup the database myself.

https://redd.it/sivr61
@r_devops

An SME guidebook to security with Kubernetes

I am sharing my knowledge and research on "Addressing security with containers – an SME perspective"



It is crucial to think about security from the very beginning of the project. As a first step, SMEs have to be cautious about the code being built. Let’s say you use a particular programming stack for building microservices architecture – Java. The development teams need to focus on security vulnerabilities that could arise from their particular application in Java and ensure they address them.

As a first step, they need Static Application Security Testing (SAST) tools to conduct a source code analysis. The second step is, while building an application, many third-party software components may be used. To address this particular risk, a Software Composition Analysis Tool is a must. It helps address vulnerabilities identified in third-party components. These are the two main areas an SME should focus on.

As a third step, let’s say you’re using Docker as your container technology. To create your container, make sure you pull out only a hardened image or instance from Docker Hub or any other repository. CIS benchmarks act as a guiding light to ensure images are always secure. For example, this can be one of the checks in securing the Docker image. The Docker image OS instance does not have any default credentials – such as ‘Admin’ as username and password. So, while importing Docker images, CIS controls should be applied to build a secure image. For this, you’ll need different scanners. Qualys has a container or registry image scanner which companies could use to build secure images.

All the applications or software components that have been scanned go into the secure image. After this, you need to make sure that secure code is now deployed in the Docker image. Then you have container image scans. These will scan for any container-related vulnerabilities.

These three security procedures are mandatory in order to ensure that your early cycles or phases of Kubernetes are really secure.

The final step is to look at doing Security Configurations Checks on Kubernetes. Companies can use CIS-defined baselines to help build a highly secure environment altogether.

These four components are required for any organization – SAST tools, Software Composition Analysis Tools, container image scanners, and running a configuration scan on Kubernetes.

&#x200B;

Share some love if you like my first post in this group

###

https://redd.it/silged
@r_devops