What's your org strategy to manage your prod k8s clusters ?

I've joined lately an org with quite the messy infrastructure, they have 4 clusters on gcp for prod env, and the cluster nodes are quite far behind in terms of version in comparison the the managed control place, they didn't upgrade until now, because they were like... prod, working, no touch. So yea they were afraid to break it, lately the team has been reformed and we agreed to make it priority to keep our infra to date, and it fell on me.

so, what is your process for managing your clusters ? do you just upgrade manually and hope nothing breaks, also is there any utilities to help making the upgrade process smoother in the future(using terraform, ansible ?)

https://redd.it/sm5x4b
@r_devops

Deploy same stack several times with kubernetes

Hey guys, i have a question

My deployment atm is:
A container having a django app with a container having postgresql, deployed as a stack with docker-compose -p (tag)


Every user i create a stack for him with his volumes and i route the traffic to his stack using sub domains

For example a user John and a user jane:
Docker-compose -p john
And
Docker-compose -p jane
On the same docker-compose.yml file

That way i have the same stack deployed 2 times each isolated from the other, then with nginx i route jane.mywebsite.com
And john.mywebsite.com each to his stack

My question is how can i automate this deployment with kubernetes and with CI/CD

I have looked around and found that i can isolate deployments in kubernetes with namespaces but namespaces doesnt give me the ability to control/update the containers of all stacks at the same time

Thanks, appreciate the help

https://redd.it/sljzuh
@r_devops

Pros and Cons of GitLab for CI|CD?

what are some experiences you've had with Gitlab, we are looking into it mainly for CD since we deploy to production quite a bit.

https://redd.it/slid4w
@r_devops

Do any companies/projects publish their Terraform code publicly?

I’m looking for Terraform examples from companies/projects. For example, Arch Linux has all their Ansible/Terraform in a public GitLab repo.

https://gitlab.archlinux.org/archlinux/infrastructure

Are there any other examples like this? Looking more for companies/projects instead of a random person’s homelab.

https://redd.it/smfr2e
@r_devops

A friend tried to talk me into DevOps.

Well, title.

Right now I am a student of Earth and Environmental Science and I am failing hard. We have a large IT scene in my city and a friend who is a back end developer with a masters degree in computer science tells me it is easy getting into it if you know how to google and some stuff about computers.

I told him that I can’t code whatsoever. I tried learning C# once but it was boring me out of my mind so I stopped after hello world.

But I am good at figuring out how software operates however obscure the UI may be and I am quite skilled at solving software and hardware related problems (identifying and fixing) by using what I know and combining that with google.

He told me DevOps it is for me and DevOps guys are sought after as well. So I decided to try out a bootcamp and then find a job. My alternative would be a state supervised school where you work half the time in a company and the other half go to school to learn theory. It is shit pay for three years but after that it’s pretty on par with what I know of Junior Devs income.

That job would probably involve more practical work, assembling computer systems at large scale for companies or managing the IT infrastructure of buildings and such. (There I would learn basic python only)

So final question: Does DevOps sound like something I could do as a complete beginner or is that more something for people who know some coding or scripting?

https://redd.it/smcn5v
@r_devops

Is multi-master possible with k3d? If not or it's a hassle to set up, are there any good self-hosted options that support it?

I'm looking to kind of simulate a production HA environment without paying crazy high cost of EKS/AKS/GKE. This is specifically for a home environment though as I want to be able to test things like operators, CRDs, and other various concepts and tools.

https://redd.it/smc870
@r_devops

K3s, Jenkins and Docker Build

Going to ask here incase someone can help.

I have a K3S cluster running Jenkins with the kubernetes plugin. I can get my builds to build, spinning up build agents in pods. I cannot for the life of me get docker build to work at all.


Dond:

Agent docker-kdb22 is provisioned from template docker
---
apiVersion: "v1"
kind: "Pod"
metadata:
  labels:
    jenkins/jenkins-jenkins-agent: "true"
    jenkins/label-digest: "1f9ffaa0a312a3be56683597d58f3df0d8226bdb"
    jenkins/label: "jenkins-docker_docker"
  name: "docker-kdb22"
spec:
  containers:
  - command:
    - "cat"
    image: "docker:latest"
    imagePullPolicy: "IfNotPresent"
    name: "docker"
    resources:
      limits: {}
      requests: {}
    securityContext:
      privileged: true
    tty: true
    volumeMounts:
    - mountPath: "/var/run/docker.sock"
      name: "volume-0"
      readOnly: false
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
    workingDir: "/home/jenkins/agent"
  - env:
    - name: "JENKINS_SECRET"
      value: "********"
    - name: "JENKINS_TUNNEL"
      value: "jenkins-agent.ci.svc.cluster.local:50000"
    - name: "JENKINS_AGENT_NAME"
      value: "docker-kdb22"
    - name: "JENKINS_NAME"
      value: "docker-kdb22"
    - name: "JENKINS_AGENT_WORKDIR"
      value: "/home/jenkins/agent"
    - name: "JENKINS_URL"
      value: "https://jenkins.ci.svc.cluster.local:8080/"
    image: "jenkins/inbound-agent:4.11-1-jdk11"
    name: "jnlp"
    resources:
      limits: {}
      requests:
        memory: "256Mi"
        cpu: "100m"
    volumeMounts:
    - mountPath: "/var/run/docker.sock"
      name: "volume-0"
      readOnly: false
    - mountPath: "/home/jenkins/agent"
      name: "workspace-volume"
      readOnly: false
  hostNetwork: false
  nodeSelector:
    kubernetes.io/os: "linux"
  restartPolicy: "Never"
  serviceAccountName: "jenkins-agent"
  volumes:
  - hostPath:
      path: "/var/run/docker.sock"
    name: "volume-0"
  - emptyDir:
      medium: ""
    name: "workspace-volume"

script:

node('docker') {
    stage('Build') {
        container('docker') {
            echo 'Building....'
            sh 'docker pull alpine:latest'
        }
    }
    stage('Test') {
        echo 'Testing....'
        sh 'docker image tag alpine:latest container-registry-docker-registry.prod.svc.cluster.local:5000/baseimages/alpine:latest'
    }
    stage('Deploy') {
        echo 'Deploying....'
        sh 'docker image push container-registry-docker-registry.prod.svc.cluster.local:5000/baseimages/alpine:latest'
    }
}

I get

[Pipeline] {
[Pipeline] stage
[Pipeline] { (Build)
[Pipeline] container
[Pipeline] {
[Pipeline] echo
Building....
[Pipeline] sh
+ docker pull alpine:latest
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[Pipeline] }
[Pipeline] // container
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: script returned exit code 1
Finished: FAILURE

I've followed just about every guide on google i can find and my config looks ok.

(using helm chart currently for jenkins)

https://redd.it/sml8of
@r_devops

Is multi-master possible with k3d? If not or it's a hassle to set up, are there any good self-hosted options that support it?

I'm looking to kind of simulate a production HA environment without paying crazy high cost of EKS/AKS/GKE. This is specifically for a home environment though as I want to be able to test things like operators, CRDs, and other various concepts and tools.

https://redd.it/smc870
@r_devops

Where and how to start carrer ?

Guys please help me
First whats best programing languges to learn ?
Seconnd best certifications?
Third what else is good to learn ?

And ia it true that DevOps have good salary or there are better jobs ?
I study computer scients.
Thatnk

https://redd.it/sl8r79
@r_devops

What's your go-to website for DevOps related content?

Where do you usually go whenever you like to read any DevOps related content?

Can be tutorials, news, opinions, or just anything but related to DevOps.

View Poll

https://redd.it/smqrqy
@r_devops

Which tools can be used for creating such video visualisation ? Link added in description.

https://www.linkedin.com/feed/update/urn:li:activity:6894913691352186880/

https://redd.it/smr39g
@r_devops

Secrets Management with terraform

Just getting back into Terraform after a few years (last version i worked with was something like 0.11) and was wondering if someone came up with a good way of handling secrets in Terraform. Previously to manage secrets in saw AWS Secrets Manager for example we had to have these massive .tfvars files with all of the secrets in it, which both made it a pain to manage across team members since you can't really version control it due to it containing secrets and kinda defeated the purpose of using the centralized secrets management in the first place. Has this changed at all since then?

https://redd.it/smu8b1
@r_devops

Questions about Devops learning with Django and costs.

Hey everyone,

I am a sysadmin who wants to slowly move closer to the Devops world and I have been researching best ways to learn. I have an old Django application that I used to host on a linux wm running on digital ocean. I abandoned that project a while ago, but I would like to redeploy it and also use this as a learning opportunity for the Devops world.

Many of these techonologies can probably be considered overkill for my small personal project, but this is simply for me to learn enterprise level Devops stuff.

So here is what I roughly think I would like to setup:

\- Dev and Prod environments created/destroyed with Terraform on AWS.

\- CI/CD pipelines.

\- Automated testing

\- Dockerizing the application and its possible dependencies.

\- Maybe even Kubernetes for orchestration.

I discovered this course on udemy and it seems to have almost everything, but the costs are too high to actually leave the project running after the project is completed:

https://www.udemy.com/course/devops-deployment-automation-terraform-aws-docker/

So is there any possibility to setup the tech stack that I want and also keep the costs somewhere in the 10-20 dollar a month range? I would like to actually leave this project running so to keep me motivated to actually finish it and make it good.

Thanks in advance!

https://redd.it/smq1vy
@r_devops

DevOps Adoption Checklist

Software releases can be significantly accelerated by implementing DevOps techniques. DevOps cannot be purchased, bolted on or simply declared. Here's a checklist to help you adopt DevOps within your organization.
Explore our complete checklist.

https://redd.it/smvuof
@r_devops

Technology News

Hey guys, I’m a junior DevOps engineer and when I was interviewing I got the questions “where do you get your tech news?”. As a career changer and recent CS grad I didn’t (and still don’t) have an answer. I’m an up front guy and just told the interviewer I was working on it and mainly followed Reddit pages (lol).

So, I am still looking for some great places to stay up to date so I figured I’d ask the devops community, can anyone share where they go?

Fun fact: I didn’t get the job where I told them Reddit was my main source of tech news - could be related but I doubt it. Either way it’s funny.

https://redd.it/smuoyr
@r_devops

Devops/Cloud vs Web3

Guys, what do y’all think about web3 ? Would it be a place for cloud/devops engineers, I’ve been thinking about this recently; cloud technology is basically the underlying infrastructure for web2 and there’s this worry I’m trying to break into a field that might already be going extinct.
Ps: I know this is a reddit sub but Iadded cloud tech for obvious reasons.

https://redd.it/smufhm
@r_devops

Those hiring devops people - do you typically require a technical test when hiring at a fairly senior level? If so, what form does it take?

Anyone else working at a senior level - what tests have you been required to take at interview?

https://redd.it/sol2pd
@r_devops

What the heck is an artifact repository?

I was wondering how many of you have used an artifact repository?

https://redd.it/soqycv
@r_devops

Switching from DevOps to Solutions Architect...thoughts?

I've been in DevOps roles for 7-8 years now. I recently received a Solutions Architect offer from a great tech company (not FAANG but a tier or two below).

I'm tempted to take it but wanted to hear reasons why I shouldn't.

Why I'm considering it:

* My ceiling as a DevOps eng is quite low, I've never been the most technical or best eng compared to peers. I'll always have a job but it'll be at small no-name shops which has the accompanying smaller pay.

* I've failed a few interviews at similar companies for DevOps roles even after weeks-months of practicing, learning my mistakes, etc. Things like leetcode (which I've been asked) I've practiced but have struggled with even easy.

* Have always wanted to work for big tech - the speed, colleagues, and working on "sexy" products that my friends and family use has been a dream of mine.

* SA seems like a more defined path at other tech companies as well as leveling for promotions

* The generalist and big picture aspect of SA fits me well

Why I shouldn't take it:

* I could keep betting on myself - growing my eng skills to get a job at a similar company which will pay higher

* I don't think there's going back from this decision, I looked around on Linkedin and hardly anyone goes from technical > SA > back to technical

https://redd.it/sotcyz
@r_devops

Anyone here have experience working at Disney as SRE contractor?

What does their conversation rate to full time look like? How is their overall culture, etc. etc. I'm considering a contract-to-hire over there and want to know the details. Well aware of this incident but am wondering if maybe they've learned their lesson? I dunno just looking to get opinions on the subject of being a SRE at Disney. I feel like the name brand recognition alone might be worth it even if the contract just expires in 18 months without conversion to full time.

https://redd.it/sov00u
@r_devops

Lessons learned from the top 250 starred repos on GitHub

We did a research on the correlation between enablement of security features (starting with branch protection) and the quality of the PR reviews. Here are some of our results: https://www.arnica.io/blog/how-do-top-open-source-projects-protect-their-code

https://redd.it/sogqgt
@r_devops