From power industry to devops

Hi,

I believe all of you here have just good passion in devops. I'm a plant engineer which is so far off in software but would be willing to learn to the devops industry. What are the things i need to do to start entry jobs for me to become devops? I'm 29 yrs old. Can I still do it or is it too late for me?

https://redd.it/sl024l
@r_devops

Akamai self learning

Can someone suggest any online course of akamai in youtube, udemy or any platform.
I was unable to find any kind of akamai focussed video series.

https://redd.it/skot58
@r_devops

Can someone clarify Devops tools?

So I'm trying to wrap my head how everything fits together:

- Docker is for creating containers, sort of smth in between a virtual environment and VM used for delivering my site and its dependencies (do I have to include the installed version of Python in the container or do I install it on the VM?)

- Kubernetes is used to manage clusters of nodes running containers, right?

- Git is our versioning control system

- what are Terraform, Ansible and Jenkins and what are their differences/uses?

- are there other tools I am missing?

I'm planning on building a Django project, even if its a small site I want to configure it the full dev ops way to scale in the future if possible, and get some experience early, any tips?

For starters I'm thinking of running on Heroku but to be able to later deploy on a Cloud provider if needed. What's unique to Heroku to just get started? I also want to be able to pull data from other sites directly into the project/database.

https://redd.it/skmjvt
@r_devops

incident communication best practices

this is arguably one of the most important aspects to effective incident response. what do you find challenging or works well in your org? we wrote about the stages of it here as well.

https://redd.it/skl167
@r_devops

HashiCorp Vault difficult to install in AWS EC2 with SSL or am I a newbie?

Attempt 1:

Tried installing it with AWS Cloud formation, the fields inside AWS didn't match their medium post or youtube video. [https://www.hashicorp.com/resources/deploy-a-production-ready-vault-cluster-on-aws-in-5-minutes\]

Attempt 2:

Tried installing it with Terraform following along a YouTube series

https://www.youtube.com/watch?v=7qynYJI3lRk&list=PLesRB-DxZa8aTqGMk1MIRmR0zzfrCq1ck&ab\_channel=TechGuidesandThoughts

At this point I'm 3 hours in, wanting to blast my head off.

Attempt 3:

https://gist.github.com/goforbg/0abe3264ef082963d6491e28f100549a

I stumbled upon a script that installs it using docker compose, which worked well.

Everything worked well in the third attempt, it was with docker-compose. But I got stuck trying to install the SSL certificate using the one tutorial the internet pointed me towards - https://www.monterail.com/blog/2017/lets-encrypt-vault-free-ssl-tls-certificate.

6 hours in, I hate myself.

Then after a lot of digging I got to know, the author actually mismatched the keys to be put inside the config! https://github.com/hashicorp/vault/issues/2641

I have decided I don't care anymore. I would happily pay AWS Secrets Manager instead.

https://redd.it/sl5vsz
@r_devops

Complete opensource ci cd tools

Hi, I am new to ci & cd and have to set up both.I was going to use jenkins but while exploring other post relevant to it everyone seems to discourage it.Seems like gitlab is popular choice but i want something opensource.So, What are completely open source ci, cd tools like jenkins.

https://redd.it/skif8r
@r_devops

Maintaining up to date customer documentation with regular releases

I'm trying to figure out what the best balance for being able to release new features/UI changes quickly while still allowing our customer facing documentation to be up to date as quickly as possible.

While this doesn't directly relate to the work 'DevOps' do, I figured this would be the best community to ask what you or your companies do with regards to this.

Any common practices in the SaaS space in this area, or is it a constant scramble? Is the release schedule dependant on all resources being ready prior to push to prod, or is there an expectation that there will be lag.

Any input on this subject would be deeply appreciated, I struggle to find anything meaningful on the subject.

https://redd.it/sl9h36
@r_devops

Any companies that offer fully remote and no grinding leetcode

In my current role, i make 100k and i am the only devops who manages terraform, eks cluster, cicd jenkins, scripting, logging with opensearch. I feel like i can upgrade my pay a little by switching. I have a good knack for learning but can’t bring myself to grind those data structures and algo interviews. I liked my work as if was a chill environment but now there’s daily scrums and burn down charts and accountability which kills the fun and creativity for me. Any recommendations please. Thanks

https://redd.it/sl8xfe
@r_devops

Automate HTTPS Certificates with Ansible Roles ft. Let's Encrypt & CloudFlare

I wrote a tutorial in which I talk about automating the process of fetching of HTTPS certificate from Let's Encrypt and configure it with nginx.

https://santoshk.dev/posts/2022/automate-https-certificates-with-ansible-roles/

This post is also part of ongoing Ansible series.

https://redd.it/slbqi6
@r_devops

How to convince your customer to use automations/pipelines?

Hello everyone, I work as a Consultant and I have to assist customers in their cloud migration journey. My current customer is annoying, we are using Terraform to create aws resource but we are manually deploying it by typing terraform apply. How can I convince my customer to automate the process using CodePipeline. Can someone suggest me really strong points?

https://redd.it/slaxnm
@r_devops

aws-iam-authenticator not found error in jenkins pipeline for my eks cluster

Hey guys

Apologise for the bad screenshot coz I kinda forgot how to take one on Linux as I'm running linux.

To the issue: I'm trying to set up a pipeline for my eks cluster using Jenkins but I keep getting the attached screenshot error

I have installed aws-iam-authenticator
Set up the kubeconfig file with the right certificate and endpoint
Added the AWS credentials on Jenkins for AWS account authentication

The confusing part is I can run that I can run the aws-iam-authenticator command inside the Jenkins container but I keep getting the aws-iam-authenticator command not found error in the Jenkins interface as the pipeline fails.

What am I doing wrong

Edit: just discovered that I can't attach screenshot here but the error message I get is "aws-iam-authenticator not found" even though the command runs fine in my Jenkins container from any dir

https://redd.it/sl688l
@r_devops

How to manage application configuration with Git and GitOps

I'm curious to hear how other people and organizations are managing application configuration. To summarize the present situation in my organization: we have a microservice architecture that is comprised of roughly 150 services spread among 3 Kubernetes clusters. We also have three separate environments that are completely segregated from one another: test, staging, and production. All the environments are identical. Each Kubernetes cluster has Consul deployed and running a Consul cluster. We leverage Consul KV functionality to store and retrieve application configuration. Currently, there are no processes or automation in place. I and a few others have privileged access to add/edit/delete KVs and manage the values manually. It's really suboptimal, to put it mildly.


I would like to move to store the configuration in version control (Git) and require pull requests to make any changes to Consul KVs. On merge, a process and/or tool will do a diff between Consul and the source in Git and make the appropriate changes to update Consul. Where I am struggling is the best practices approach. Since each Kubernetes cluster houses different applications I believe it makes sense that each should be its own repository: cluster1-config, cluster2-config, cluster3-config. But I'm not sure what the best approach is to the repo structure. My first instinct was to create a branch per environment, but I've seen a few posts suggesting that was an antipattern (ex: https://codefresh.io/about-gitops/branches-gitops-environments/) Since the configuration is different per environment I was thinking about a structure like the following. Each environment is a directory and all the KVs values are stored under it. I'm confident I could make something work this way, but having never done this before I'm not sure what the best practices are, or if I'm going to make things harder on myself down the road.


Another item I need to consider is while we are only in the EAST US region right now, eventually, we will go multi-regional, and each region may have its own configuration, which may result in re-visiting this structure.


test/
ingresses/
ingress1.json
ingress2.json
ingress3.json
thirdparty/
thirdparty1.json
thirdparty2.json
thirdparty3.json
cors-policy.json
proof/
ingresses/
ingress1.json
ingress2.json
ingress3.json
thirdparty/
thirdparty1.json
thirdparty2.json
thirdparty3.json
cors-policy.json
prod/
ingresses/
ingress1.json
ingress2.json
ingress3.json
thirdparty/
thirdparty1.json
thirdparty2.json
thirdparty3.json
cors-policy.json

https://redd.it/slffu2
@r_devops

Anyone heard of applicare Monitoring? I tried searching online but couldn't find a lot of data.

So I work for a company that mainly work in a Java environment (Jboss, wildfly.. Etc.) my boss told me to look into Applicare Monitoring software but the problem is I couldn't find anything about them, a few posts and a website he saw a demo that it can monitor Wildfly servers and Mysql on a query level which he emphasize about (he wants to monitor certain queries and process) among other things. I'm more familiar with Prtg in a windows environment, I tried searching online for a software (preferably open-source) that can monitor Java application, Linux and Mysql queries, till now Im still searching but I wanted to ask if anyone here fits with this scenario and can share some insight on it? As wto what type of Monitoring You use for Linux as a whole and Java App servers in specific?

https://redd.it/slh301
@r_devops

DevOps vs. Developer responsibilities

It's kindof a long story but basically we don't have DevOps in my organization right now. Our developers, whether they be junior or senior level, pretty much handle the entire application lifecycle themselves from end-to-end. They get requirements, they design, they build, they choose when/how/where it is deployed. Source control usage is spotty. CI/CD pipelines are largely absent, although we have a few here and there, mostly on projects where I was the lead dev because I demanded it.

If it matters, we're talking largely .Net development, and we do have Azure Devops.
I'm looking to propose some sweeping changes on our lifecycle management/strategy to get us on the right track.

I'm curious to hear from others, what are the boundaries between Developers and DevOps teams?

Do devs handle the CI side (build pipelines/pull requests) and DevOps provisions resources and handles the release/deployment side?

Is it typical for devs to retain access and ability to deploy to non-production test/dev/sandbox systems? Perhaps even retain administrative access on these systems?

How does testing typically fit in, is this a responsibility of DevOps or separate QA team?

https://redd.it/slhqt6
@r_devops

AWS Aurora Technical series (PostgreSQL)

Hey everyone,


I recently started a technical series to dive into AWS Aurora - https://www.jerrychang.ca/writing/aws-aurora-technical-series.


I thought I’d share as it may help some people, and of course, happy to hear your feedback on it if you have any!


Thanks!

https://redd.it/slhawu
@r_devops

Homelab(s) & Recommendations?

1) If you were interviewing someone from the operations side of things for a devops position, what would you ideally like to see within the homelab section of their resume?

2) Are there any solid recommendations for homelab work? Stephen Grider’s “Docker and Kubernetes: The Complete Course,” for example.

EDIT: For clarity, I’m looking to get into the devops field. Just looking for a little insight into how I can better prepare myself for interviews and all of that jazz.

https://redd.it/slh0az
@r_devops

Deploy to production: best practices?

Hi!

I have memories of the way a sysadmin was deploying to production in a company I was working for, many years ago: he would rsync/scp from staging to a new folder on the production server, and then change the `root` in the vhost file and then nginx reload (and then delete the old `root` folder if everything went well).

Is this the best practice? Or is there another, more commonly accepted way to do it?

For now I am using `git pull` and then `composer install` but it is not ideal at all... If I encounter an issue, the server will be in a broken state (please note that I am not a sysadmin or devop... I am a humble web dev).

Also, is it even possible to have zero downtime/bugs when the deployment implies running a few scripts that modify the database structure and update some stored data?

Thank you all :)

https://redd.it/slm9h1
@r_devops

I don’t know if I can make it past a phone screen

I’ve been working in devops for 5 years. In that time, I’ve migrated 3 companies from hosted solutions or monoliths to microservices in k8s. I’ve created and worked on IaC with terraform, written helm charts, done basic Linux server maintenance. I’ve written CI/CD solutions for maybe 100 different pipelines, using different pipeline solutions, implementing and debugging remote caching tools for many. I’ve written some bash scripts for local dev config. I’ve migrated cobbled together systems to AWS.

I can barely sort arrays. I need to Google how to mutate a graphql query. The most basic leetcode questions, like “dedupe 2 linked lists” stumps me. When it comes to actually coding an app, it looks juvenile and is in no way optimized, if I can even do it at all.

I feel like every position i’ve had I got by some miracle. I know imposter syndrome exists, but I really feel like it’s a justified thought in this case.

I want to move on to another position, but I could never make it past a phone screen where they want me to whiteboard a question about algorithms.

Do I need to go to school to get a CS degree? Would anyone ever take a chance on someone self taught, who has experience but none of the education background? Is there any situation someone would take a chance and hire aomeone like me?

https://redd.it/sln5qe
@r_devops

Examples of when you used multicloud infrastructures and whether it has been useful

I’ve got a fair amount of experience with infrastructure as code using HashiCorp’s Terraform but have only ever used one provider for my cloud infrastructure needs (i.e., AWS).

Have you incorporated multicloud solutions before and do you find that they have been beneficial for your projects/work? If so, did situations ever come up when you were glad that you had another cloud provider to depend on?

https://redd.it/slpds7
@r_devops

How do you deliver logs from ELK to users?

My experience in visibility and observability is quite poor, so I am a bit confused on this topic.

We have mostly monolithic PHP applications which have previously been running on ad-hoc managed servers, and have relatively recently been containerized and are now running on EKS. We have a single ELK stack collecting logs from production applications (and another for pre-prod) and other containerized tools, as well as storing infrastructure metrics from Prometheus, cluster events etc.

Most of the application logs are not in a consistent format (they were implemented as human readable log lines), although there are some exceptions, but no specific log format standard. Previously the users (development teams) have been used to having direct SSH access to the servers, where they could grep the logs and so on to diagnose issues. This would, of course, not make sense for the now containerized and auto-scaled workloads.

So the question is, how would you deliver the application logs to the developers? Currently we query for some application logs and present them as a table in Grafana, but that doesn't really meet their needs. Would you just give them access to Kibana and let them query everything themselves? That seems a bit excessive and I think it might be too complicated for daily troubleshooting. Is there a better way?

https://redd.it/slrao0
@r_devops

Is there an app to help manage multiple repos on a local dev env?

It's really common to have at least 2 repos that make up a working solution. My last project had 9.

Is there a tool that exists that can help manage these repos? Something with a UI that can show what's spun up and what isn't, which branch they're on etc...

I'm tempted to build one if not.

https://redd.it/slsmey
@r_devops