software dev --> devops?

Is it possible? Is it easy? Can I do something to prepare? I love operations, and system administration. But will devops be different enough from software development to warrant a switch? If anyone has experience on either side, I'd love your input. What makes devops so different from a development job?

https://redd.it/sk0osp
@r_devops

Azure Devops interview questions|Devops InterView questions

https://www.youtube.com/watch?v=DQv8qFilcE8

https://redd.it/sk4q6g
@r_devops

What certs do you think provide the most future value in the industry?

So I'll start by saying I'm not big into certifications. I already work in the industry (holding no certs currently) at a well respected company so I'm much more into the whole "practical experience over certs" mindset.

But I'm starting to think ahead to moving somewhere new in a couple of years and negotiating for a higher salary. I think having some good certs would make my resume stand out more and give me leverage for negotiating higher pay. My current company will pay for cert tests and, at the very least, studying for them might be a good refresher opportunity on different concepts and theory.

So what do you think is providing the most value to companies in 2022? And what will be valuable in the future?

I'm definitely eyeing the CKA. I was also thinking about working my way up to the DevOps Professional cert for AWS since I think that demonstrates being well-rounded. Thoughts?

https://redd.it/sjx1kq
@r_devops

Subreddit Icon r/zerotier •Posted byu/MakingStuffForFun just now Sending a print job from within a Docker container to a ZeroTier networked printer when a webhook triggers

Hi all,

Now this is fun.

I have a zero tier network with the following goal...
- my local machine hosting a physical printer
- my remote server listening to a webhook
- when remote server picks up webhook signal, it processes data on the remote server and sends print job to my local printer.

What I have working...
- zerotier setup on both machines
- printer setup with CUPS on both machines
- can print from remote server to local machine's printer via CUPS interface / test print
- webhook listener is written and receiving webhooks and processing data

It's all done, except this one step:

The webhook listener on my remote server is written in Flask / Python and running in a Docker container. So it works perfectly, however... how can I get the Docker container to access the xerotier network, so it can see the 'local' printer and print?

This is one step I didn't consider when choosing docker and wonder if I have to can Docker altogether. I'm truly hoping I don't have to.

Is anyone skilled in this here?

Thank you

https://redd.it/sk4m0n
@r_devops

OpsGenie user/team sync with AzureAD

Hi,
I am running a OpsGenie for my alerts. My users and teams are defined in AzureAD. It would be difficult to manually create teams and users in OG. And my users and teams change regularly. I wonder if there is a way to automatically sync my users and teams with OG?

Thanks

https://redd.it/ska8m9
@r_devops

Infrastructure as Code: Announcing the Ably Control API GitHub Action

I'm excited to announce the Ably Control API GitHub Action! With this Action you can create Ably apps and API keys straight from your GitHub workflow, ensuring a reliable and repeatable process of creating your cloud infrastructure. Read the full blog post for more information.

https://redd.it/sjm1fc
@r_devops

Looking for feedback on infrastructure plan

Hi,

I am a developer but have recently found myself doing a lot more DevOps stuff and really enjoying it. I am still learning - so please bear with me! I am currently in the progress of helping to update my company's hosting infrastructure alongside the SysAdmin and just looking for some validation that what we have planned is possible and a good way to go. I welcome all feedback and suggestions.

The current situation;We host a couple of hundred PHP websites across multiple web servers, using Virtualmin. Most of what we host is WordPress with a handful of bespoke PHP applications. Most of the sites are low traffic, with some being a bit busier and some having big traffic spikes.

What I have working as a proof of concept;I am using self-hosted GitLab for deployments using Docker. I have Traefik as a reverse proxy to direct traffic to the appropriate container. And using Traefik to manage SSL certificates with LetsEncrypt. Although I think I am going to swap out Traefik for Nginx as a reverse proxy, as this will better complement existing knowledge (as this is what we currently use in production).

For simplicity, I have merged Nginx and PHP-FPM into a single container for each site. I have opted to not put MySQL into a container and just run this on bare-metal. Also, given the number of low traffic sites, my current plan is to have a handful of MySQL instances that will be shared, rather than having an instance of MySQL per site.

I am pretty happy with that setup so far. Although I welcome any kind of feedback.

What I need to do next and need to do some learning/reading;The next step for me is to implement Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash) for logging and alerting which looks fairly straightforward.

Following that, I need to introduce Varnish caching (which I am currently learning about). I am a little undecided if having 1 Varnish instance per host or 1 Varnish instance per container would be better. I am leaning towards 1 per container so I can easily configure Varnish per container and hopefully make the backend configuration simpler.

Beyond that, I want to look into Kubernetes for auto-scaling and help out with the traffic spikes.

Is there any other technologies you think I should also be looking at to complement our stack? Or recommend any particular resources to help with my learning based upon this suggested stack?

TIA.

https://redd.it/skd0me
@r_devops

GO recommended over python for devops in 2022?

Hello, studying for becoming devops atm and I see go is recommended over python for a programming language? Any thoughts as to why? My devops friend says Python should definitely be the go to

https://redd.it/skczfz
@r_devops

Managing json config files for apps deployed to k8s at scale

Hello all,

we have several applications which are deployed to k8s (AWS) cluster on regular basis. Each of those apps use their own json config file with structure similar to the one below:

{"entity-1": {
"user": "user1",
"password": "pass",
"some_details": {
...
}
}}

As you can see there is also sensitive data, password, in the json (so far they were part of git repo but I managed to convince stakeholders to not do that any more).

Those json config files were mounted to pods as secrets/config maps.

When developers add a feature to the app additional objects are also added to the json file (sometimes with another user/password).

When you have multiple apps each with its own json config file it is difficult to manage that when it comes to deployment as it doesn't scale (i.e.: manually).

Do you have any idea how to make it scalable but also safe from automatic deployment point of view ? Where do you keep all those json files safely and deploy them automatically with all the password inside ?

I can use i.e.: AWS Secrets Manager but should I put the whole json config file in it or a subpart (just with the user/password) ? If subpart how to merge it with the rest of the json config file (as mounted secret/config map)?

​

Update: it is all about automatic deployment from CI/CD

https://redd.it/sji332
@r_devops

He passed CKA, CKAD, CKS in 6 months preparation without prior experience

https://training.linuxfoundation.org/blog/success-story-three-kubernetes-certifications-help-prepare-for-solution-architect-role/

​

Wow, unbelievable, I wonder how many people can achieve that in such a short time.

​

LF: How long did it take you to prepare for the certification?

TI: In total for the three certifications, I prepared for 6 months. I didn’t have any hands-on experience before that time.

​

LF: What resources did you use to prepare for the exam?

TI: I read books, explored the official website for the certifications and Kubernetes, and took online courses.

https://redd.it/skgq63
@r_devops

Are IAM roles infrastructure or app config?

We're somewhere in the middle of a long process of splitting up our monorepo to individual code repositories and came across a design decision that we need to make.

Some of our services require access to certain AWS services (S3, secrets manager, KMS) during runtime. Currently, IAM roles and policies needed by the service are deployed together with the service using Terraform as a single operation.

We've split out the infrastructure stuff to a separate repository, so things like Kubernetes cluster operations are handled independently of application deployment. But IAM configuration is neither here nor there. If we keep our IAM configuration in the infra repo, any change to application code that requires a change in permissions would require a separate, coordinated deployment of infrastructure changes. This adds operational overhead. The other option is storing IAM roles and policies in the application repo, allowing the app and its developers to manage their own permissions requirements. While this may be faster, it's also a potential security concern.

The other issue is the tooling we are currently using to deploy infrastructure (Terraform) is different from the tooling we are planning on using for application deployment (ArgoCD + Helm). I'd really rather we didn't have to trigger an infrastructure pipeline on every app deployment, but I also don't want every app repository to manage its own set of IAM roles and policies, both to avoid security concerns as well as tooling explosion. After writing this, I'm leaning towards central management of IAM as infrastructure.

So what do you do? Is IAM for applications part of app configuration or part of cloud infrastructure? Should it be centralized in one infrastructure repository or managed independently as part of app configuration?

https://redd.it/skgfis
@r_devops

Which os should I use inside docker?

Centos is becoming centos stream which is basically a beta version for rhel, is there a alternative os similar to centos which provides stable security updates for a longer period of time.

https://redd.it/sjgoyf
@r_devops

Too Simple To Fail: Marrying Nomad, Caddy, and Wireguard

I've been tinkering in my homelab with some solutions in my Nomad-based container cluster and wrote up some results from replacing my old Traefik setup with an approach that uses a combination of wireguard for inter-service communication, consul-template for generating dynamic Caddy configs, and then relying on Cadddy for its reverse proxying and TLS features. Thought it might be interesting to y'all.

https://blog.tjll.net/too-simple-to-fail-nomad-caddy-wireguard/

https://redd.it/skln79
@r_devops

What attracts you to DevOps

Hello Everyone,

​

I wanted to start a thread to learn a little bit about what makes DevOps tick. Since I am in a position where I constantly engage with DevOps / SREs It would really love to learn what you look for in a job.

I know salaries are competitive, especially where I am recruiting in California. So I like to know the kinds of fringe benefits, perks, and programs that entice DevOps people to take a second look at a job posting!

​

Thanks in advance!

https://redd.it/skkren
@r_devops

How do you use Jenkins?

Hello guys! I'm a sysadmin and started recently to learn DevOps stuff in order to upgrade my career. It seems I have some trouble understanding Jenkins because I cannot see what real life problems can be resolved by Jenkins. How do you use it in your organization? Could you please provide some examples? One friend showed me that he gets code from git and run it on jenkins and I cannot understand why taking code from git and run it locally can help me. It would be great if you can provide some practical use cases. Thanks and sorry if you find my lack of knowledge offensive or funny.

https://redd.it/skmtq3
@r_devops

Would you consider the DevOps Role as more of a lone-wolf or teamoriented job-Role?

Hey guys,

im currently a sysadmin working my way towards devops and iam trying to figure out if the job is what i think it is...
Since its very important to me to be working in a team environment i was thinking if you guys who are working as devops already think that the typical devops role is more a lone wolf type of role or a teamplayer oriented role? Or ist it impossible to generalize this?

Greetings and have a great weekend

https://redd.it/skonwo
@r_devops

How do you deliver updates of desktop applications to customers?

Hello,

I have created multiple one-off desktop applications but what if they had many features to be added over time. How does one send updates without moving builds and files through mails and drives?

https://redd.it/skr5wy
@r_devops

Making Jenkins Pipelines more like a DAG

Hi! At my org we're eventually going to make the transition to gitlab. One feature I'm particularly looking forward to is the ability to make pipelines like they're a DAG:

https://docs.gitlab.com/ee/ci/directed\_acyclic\_graph/


Is there a way to simulate this in a Jenkins pipeline? One of the biggest problems my project is facing is long build times because nothing is parallel, plus certain stages fail due to dumb things like network timeouts. While we retry certain parts of our pipeline, this doesn't always work. It would be nice to be able to restart the pipeline at certain points, remembering any stashes we made in "parent" stages. I did find this stackoverflow page, but I was wondering if there were any other thoughts here:
https://stackoverflow.com/questions/38129745/jenkins-build-pipeline-restart-at-stage

https://redd.it/skpulk
@r_devops

How do you collaborate Terraform and Terragrunt code?

Coding and running terraform code locally is good for testing.

Working in a team, the requirement for CI arises and you can’t keep running the code from your local dev environment.

Doing a research I’ve found Atlantis the only open source project that does CI for Terragrunt. Other projects are CircleCI (SaaS). Are there any other options? How do you collaborate and run Terragrunt code in your team?

What’s your workflow?

https://redd.it/skp3bs
@r_devops

I’ve just realized something that my boss probably hates to hear. I think that the point of DevOps is for employees to have free time.

That means they may not always be busy. But you have to consider this is the goal in order for the team to have free time to help swarm issues and ensure quality.

https://redd.it/skxe5f
@r_devops

From power industry to devops

Hi,

I believe all of you here have just good passion in devops. I'm a plant engineer which is so far off in software but would be willing to learn to the devops industry. What are the things i need to do to start entry jobs for me to become devops? I'm 29 yrs old. Can I still do it or is it too late for me?

https://redd.it/sl024l
@r_devops