Would python’s tox build system count as infrastructure as code?

I recently started using tox at work. You’re specifying your environments, your commands to run within those environments. Does this not count as IAC? I’ve previously used vagrant, so I’m at least somewhat familiar with the concept. Or am I missing something?

https://redd.it/sm1sis
@r_devops

Road map for beginner

Hello everyone, could you help with a road map, I work as a Linux administrator for about two years and want to switch to DevOps.

For example at work I use:

bind, keepalived, iptables, gragana+prometheus, postgresql+pgbouncer, nginx+phpfpm, tomcat, graylog+splunk (a little bit EFK), veam+vsphere, docker.

In the process of learning Git, Gitlab, and GitLab-runner (I am trying to commit changes on the "bind" through Gitlab)

the above is made manually, without automation.

the following tools and technologies in what order should I learn?

Ansible,

terraform,

Cloud (Azure or AWS),

Kubernetes (managed k8s or local only).

https://redd.it/sm1183
@r_devops

How to use Jenkins the DevOps way in 2022

I've seen a lot of "Who would use Jenkins now?" posts on this board, and they tend to rub me the wrong way.

I think a lot of people here have a baseline understanding of Jenkins that is some variant of "Someone manually creates a pet instance and manually creates jobs using the web UI", which is obviously silly in 2022, and here on /r/devops to make a reasonable comparison it would make sense to compare against a properly DevOps-ified Jenkins deployment. This post hopefully will explain how to do that.

The basics of running Jenkins in a DevOps way:

1. Install it using automation. We mainly host it VM's, and provision with Ansible.

2. Do the base configuration (auth, plugins, etc.) using Jenkins Configuration as Code, as a part of #1: https://www.jenkins.io/projects/jcasc/

3. For jobs, create them in a GitOps-style meta language. Jenkins Job Builder is one good option: https://docs.openstack.org/infra/jenkins-job-builder/ . Using Declarative Pipeline is another option, and they can also be used in combination.

4. For task runners, primarily use Docker executors or ephemeral VMs. The images for these are created with Packer: https://www.packer.io , with installation tasks handled in Ansible so that they can be shared across all image types, and on physical hardware when needed.

5. Use Jenkins to automate Jenkins - have a job running out of CI that handles job creation (3) and image creation (4).

A good source for how to do most of the above is the Linux Foundation Release Engineering docs: https://docs.releng.linuxfoundation.org/en/latest/jenkins.html

Also, the general benefits of Jenkins are massive flexibility:

Works with any target test platform
Doesn't lock you into specific code hosting and review platform
Works in any environment - cloud hosted, on-prem, etc.
There's a plugin for everything, although you generally should pick maintained and popular plugins.

Now, not to say that Jenkins is perfect - it still has rough edges and legacy baggage, but in some cases it's the right choice. And if you run it the DevOps way, it's actually quite a slick and flexible system.

https://redd.it/sm4eux
@r_devops

What's your org strategy to manage your prod k8s clusters ?

I've joined lately an org with quite the messy infrastructure, they have 4 clusters on gcp for prod env, and the cluster nodes are quite far behind in terms of version in comparison the the managed control place, they didn't upgrade until now, because they were like... prod, working, no touch. So yea they were afraid to break it, lately the team has been reformed and we agreed to make it priority to keep our infra to date, and it fell on me.

so, what is your process for managing your clusters ? do you just upgrade manually and hope nothing breaks, also is there any utilities to help making the upgrade process smoother in the future(using terraform, ansible ?)

https://redd.it/sm5x4b
@r_devops

Deploy same stack several times with kubernetes

Hey guys, i have a question

My deployment atm is:
A container having a django app with a container having postgresql, deployed as a stack with docker-compose -p (tag)


Every user i create a stack for him with his volumes and i route the traffic to his stack using sub domains

For example a user John and a user jane:
Docker-compose -p john
And
Docker-compose -p jane
On the same docker-compose.yml file

That way i have the same stack deployed 2 times each isolated from the other, then with nginx i route jane.mywebsite.com
And john.mywebsite.com each to his stack

My question is how can i automate this deployment with kubernetes and with CI/CD

I have looked around and found that i can isolate deployments in kubernetes with namespaces but namespaces doesnt give me the ability to control/update the containers of all stacks at the same time

Thanks, appreciate the help

https://redd.it/sljzuh
@r_devops

Pros and Cons of GitLab for CI|CD?

what are some experiences you've had with Gitlab, we are looking into it mainly for CD since we deploy to production quite a bit.

https://redd.it/slid4w
@r_devops

Do any companies/projects publish their Terraform code publicly?

I’m looking for Terraform examples from companies/projects. For example, Arch Linux has all their Ansible/Terraform in a public GitLab repo.

https://gitlab.archlinux.org/archlinux/infrastructure

Are there any other examples like this? Looking more for companies/projects instead of a random person’s homelab.

https://redd.it/smfr2e
@r_devops

A friend tried to talk me into DevOps.

Well, title.

Right now I am a student of Earth and Environmental Science and I am failing hard. We have a large IT scene in my city and a friend who is a back end developer with a masters degree in computer science tells me it is easy getting into it if you know how to google and some stuff about computers.

I told him that I can’t code whatsoever. I tried learning C# once but it was boring me out of my mind so I stopped after hello world.

But I am good at figuring out how software operates however obscure the UI may be and I am quite skilled at solving software and hardware related problems (identifying and fixing) by using what I know and combining that with google.

He told me DevOps it is for me and DevOps guys are sought after as well. So I decided to try out a bootcamp and then find a job. My alternative would be a state supervised school where you work half the time in a company and the other half go to school to learn theory. It is shit pay for three years but after that it’s pretty on par with what I know of Junior Devs income.

That job would probably involve more practical work, assembling computer systems at large scale for companies or managing the IT infrastructure of buildings and such. (There I would learn basic python only)

So final question: Does DevOps sound like something I could do as a complete beginner or is that more something for people who know some coding or scripting?

https://redd.it/smcn5v
@r_devops

Is multi-master possible with k3d? If not or it's a hassle to set up, are there any good self-hosted options that support it?

I'm looking to kind of simulate a production HA environment without paying crazy high cost of EKS/AKS/GKE. This is specifically for a home environment though as I want to be able to test things like operators, CRDs, and other various concepts and tools.

https://redd.it/smc870
@r_devops

K3s, Jenkins and Docker Build

Going to ask here incase someone can help.

I have a K3S cluster running Jenkins with the kubernetes plugin. I can get my builds to build, spinning up build agents in pods. I cannot for the life of me get docker build to work at all.


Dond:

Agent docker-kdb22 is provisioned from template docker
---
apiVersion: "v1"
kind: "Pod"
metadata:
  labels:
    jenkins/jenkins-jenkins-agent: "true"
    jenkins/label-digest: "1f9ffaa0a312a3be56683597d58f3df0d8226bdb"
    jenkins/label: "jenkins-docker_docker"
  name: "docker-kdb22"
spec:
  containers:
  - command:
    - "cat"
    image: "docker:latest"
    imagePullPolicy: "IfNotPresent"
    name: "docker"
    resources:
      limits: {}
      requests: {}
    securityContext:
      privileged: true
    tty: true
    volumeMounts:
    - mountPath: "/var/run/docker.sock"
      name: "volume-0"
      readOnly: false
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
    workingDir: "/home/jenkins/agent"
  - env:
    - name: "JENKINS_SECRET"
      value: "********"
    - name: "JENKINS_TUNNEL"
      value: "jenkins-agent.ci.svc.cluster.local:50000"
    - name: "JENKINS_AGENT_NAME"
      value: "docker-kdb22"
    - name: "JENKINS_NAME"
      value: "docker-kdb22"
    - name: "JENKINS_AGENT_WORKDIR"
      value: "/home/jenkins/agent"
    - name: "JENKINS_URL"
      value: "https://jenkins.ci.svc.cluster.local:8080/"
    image: "jenkins/inbound-agent:4.11-1-jdk11"
    name: "jnlp"
    resources:
      limits: {}
      requests:
        memory: "256Mi"
        cpu: "100m"
    volumeMounts:
    - mountPath: "/var/run/docker.sock"
      name: "volume-0"
      readOnly: false
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
  hostNetwork: false
  nodeSelector:
    kubernetes.io/os: "linux"
  restartPolicy: "Never"
  serviceAccountName: "jenkins-agent"
  volumes:
  - hostPath:
      path: "/var/run/docker.sock"
    name: "volume-0"
  - emptyDir:
      medium: ""
    name: "workspace-volume"

script:

node('docker') {
    stage('Build') {
        container('docker') {
            echo 'Building....'
            sh 'docker pull alpine:latest'
        }
    }
    stage('Test') {
        echo 'Testing....'
        sh 'docker image tag alpine:latest container-registry-docker-registry.prod.svc.cluster.local:5000/baseimages/alpine:latest'
    }
    stage('Deploy') {
        echo 'Deploying....'
        sh 'docker image push container-registry-docker-registry.prod.svc.cluster.local:5000/baseimages/alpine:latest'
    }
}

I get

[Pipeline] {
[Pipeline] stage
[Pipeline] { (Build)
[Pipeline] container
[Pipeline] {
[Pipeline] echo
Building....
[Pipeline] sh
+ docker pull alpine:latest
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[Pipeline] }
[Pipeline] // container
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE

I've followed just about every guide on google i can find and my config looks ok.

(using helm chart currently for jenkins)

https://redd.it/sml8of
@r_devops

Is multi-master possible with k3d? If not or it's a hassle to set up, are there any good self-hosted options that support it?

I'm looking to kind of simulate a production HA environment without paying crazy high cost of EKS/AKS/GKE. This is specifically for a home environment though as I want to be able to test things like operators, CRDs, and other various concepts and tools.

https://redd.it/smc870
@r_devops

Where and how to start carrer ?

Guys please help me
First whats best programing languges to learn ?
Seconnd best certifications?
Third what else is good to learn ?

And ia it true that DevOps have good salary or there are better jobs ?
I study computer scients.
Thatnk

https://redd.it/sl8r79
@r_devops

What's your go-to website for DevOps related content?

Where do you usually go whenever you like to read any DevOps related content?

Can be tutorials, news, opinions, or just anything but related to DevOps.

View Poll

https://redd.it/smqrqy
@r_devops

Which tools can be used for creating such video visualisation ? Link added in description.

https://www.linkedin.com/feed/update/urn:li:activity:6894913691352186880/

https://redd.it/smr39g
@r_devops

Secrets Management with terraform

Just getting back into Terraform after a few years (last version i worked with was something like 0.11) and was wondering if someone came up with a good way of handling secrets in Terraform. Previously to manage secrets in saw AWS Secrets Manager for example we had to have these massive .tfvars files with all of the secrets in it, which both made it a pain to manage across team members since you can't really version control it due to it containing secrets and kinda defeated the purpose of using the centralized secrets management in the first place. Has this changed at all since then?

https://redd.it/smu8b1
@r_devops

Questions about Devops learning with Django and costs.

Hey everyone,

I am a sysadmin who wants to slowly move closer to the Devops world and I have been researching best ways to learn. I have an old Django application that I used to host on a linux wm running on digital ocean. I abandoned that project a while ago, but I would like to redeploy it and also use this as a learning opportunity for the Devops world.

Many of these techonologies can probably be considered overkill for my small personal project, but this is simply for me to learn enterprise level Devops stuff.

So here is what I roughly think I would like to setup:

\- Dev and Prod environments created/destroyed with Terraform on AWS.

\- CI/CD pipelines.

\- Automated testing

\- Dockerizing the application and its possible dependencies.

\- Maybe even Kubernetes for orchestration.

I discovered this course on udemy and it seems to have almost everything, but the costs are too high to actually leave the project running after the project is completed:

https://www.udemy.com/course/devops-deployment-automation-terraform-aws-docker/

So is there any possibility to setup the tech stack that I want and also keep the costs somewhere in the 10-20 dollar a month range? I would like to actually leave this project running so to keep me motivated to actually finish it and make it good.

Thanks in advance!

https://redd.it/smq1vy
@r_devops

DevOps Adoption Checklist

Software releases can be significantly accelerated by implementing DevOps techniques. DevOps cannot be purchased, bolted on or simply declared. Here's a checklist to help you adopt DevOps within your organization.
Explore our complete checklist.

https://redd.it/smvuof
@r_devops

Technology News

Hey guys, I’m a junior DevOps engineer and when I was interviewing I got the questions “where do you get your tech news?”. As a career changer and recent CS grad I didn’t (and still don’t) have an answer. I’m an up front guy and just told the interviewer I was working on it and mainly followed Reddit pages (lol).

So, I am still looking for some great places to stay up to date so I figured I’d ask the devops community, can anyone share where they go?

Fun fact: I didn’t get the job where I told them Reddit was my main source of tech news - could be related but I doubt it. Either way it’s funny.

https://redd.it/smuoyr
@r_devops

Devops/Cloud vs Web3

Guys, what do y’all think about web3 ? Would it be a place for cloud/devops engineers, I’ve been thinking about this recently; cloud technology is basically the underlying infrastructure for web2 and there’s this worry I’m trying to break into a field that might already be going extinct.
Ps: I know this is a reddit sub but Iadded cloud tech for obvious reasons.

https://redd.it/smufhm
@r_devops

Those hiring devops people - do you typically require a technical test when hiring at a fairly senior level? If so, what form does it take?

Anyone else working at a senior level - what tests have you been required to take at interview?

https://redd.it/sol2pd
@r_devops

What the heck is an artifact repository?

I was wondering how many of you have used an artifact repository?

https://redd.it/soqycv
@r_devops