What is a good way to automate the process of pushing code from the dev branch to the production branch for all of our repos?

As the comment above says any recommendations would be greatly appreciated.

https://redd.it/sq292i
@r_devops

Why do y'all hate Jenkins? (What pipeline tools do you use?)

Seen several posts/comments about people hating Jenkins but haven't really been able to discern why. We use Jenkins to a very basic level for our builds to environments, then self-hosted bitbucket pipelines for pre-merge unit testing. Going to be looking to soon reworking our use of Jenkins to actually write out pipeline steps to account for deploying the first microservice.

Before doing that I want to make sure I do my due diligence in seeing why people hate jenkins and debating on if we should move away from it. If you hate jenkins and have moved to something else, what was it and why?

https://redd.it/sq5c2o
@r_devops

Found out I was being underpaid by about $30K in my last position.

Not sure who needs to hear this, but in my last gig I was making $150K TC with some shitty public stock options and that seemed like the ceiling from my initial research. My boss recently forced me out of my position so I figured "hey, why not see how much more I can get without going to MANGA type companies because fuck leetcode." Plenty of companies out there have been okay with me mentioning $180K TC as a figure with $170K minimum base. Been at this about 10 years now with only 4 or 5 of those being serious SRE experience with Kubernetes, AWS, and Terraform and am located in Austin, Texas. Have a pending full time offer for $160K base with $20K yearly cash bonus and no stock options to deal with or worry about. Just figured I'd throw this out there for anyone else in a similar spot, as SREs we get to charge top dollar to do this work because of both the nature of the work when it comes to automating all of the things and that pure developers tend to hate doing it and just want to focus on the app code (yeah yeah I know SREs are supposed to be able to code too blah blah blah). Figured we could maybe turn this into a salary sharing thread too so feel free to post title, location, and salary for easy way to contribute.

https://redd.it/sqdkni
@r_devops

Opta, a high level abstraction for Infrastructure-as-Code

I thought the r/devops subreddit might be interested in this project I just found!

https://github.com/run-x/opta

https://redd.it/sq5804
@r_devops

DevOps with TDD?

Has anyone figured out an easy way to implement TDD inside their iac repos? How are you guys testing your changes safely? I’m new to this world and we seem to create a test service deployed in its test environment every time we are making a major change. Seems like there should be an easier way.

https://redd.it/sq4t99
@r_devops

How much of your time do you spend doing pure Linux administration as a DevOps engineer?

I'm coming from a Software Engineering background and was wondering if it's pertinent that one migrating over to DevOps first learn linux administration before doing anything else. I know how to use linux and the command line but I don't know how to manage users / groups / permissions or deploy an NGINX server as an example. Should I start learning linux administration before I even begin to touch docker, kubernetes or terraform? I really don't want to dive straight into containerization and struggle because I didn't study administration first.

https://redd.it/sqc9fa
@r_devops

Has anyone implemented ‘Central’ CI/CD Pipelines

I want to bring control over our pipelines and have thought up the idea of running all our CI/CD pipelines from our admin cluster.

When a developer performs a PR, this will trigger the application build pipeline to run in the admin cluster. The deployment of the container will be directed to the Dev or Test cluster.

Has anyone deployed this or similar pattern, and are there any drawbacks to it?

Thanks

https://redd.it/sq0l62
@r_devops

To All the people who transitioned to DevOps...

To All the people who transitioned to DevOps( QA->DevOps, Dev->DevOps, Others IT,NonIT->DevOps) \- We need one help from all of you.

How you guys learned the real time experience/production troubleshooting experience for DevOps Job before moving to DevOps jobs

Doing Reading About DevOps culture ,Side Projects and practising tools is enough to handle real time scenarios in DevOps Jobs?

Basically this question is from People who is not having support from organisation (not allowing internal transition) and only way to get into DevOps by switching company

https://redd.it/sqj4c2
@r_devops

Achieving good development to production flow with kubernetes

Hi,

I want to help companies get from X to Y where Y is hopefully a much faster and much more productive place for developers and operations. I think I know what Y is, but I'm not sure how to get there.


Y would look something like this (1-2 development, 3-4 ops):

1. Developer is working on a service with his IDE while the service is in the dev k8s cluster in the developers namespace (not on his laptop on minikube) and he can test it by API or by going to the dev website. This seems to be the most undeveloped area of the kubernetes ecosystem.
2. This one is already accomplished: when developer is done, he pushes and pipeline is triggered to test code and if it passes, creates PR. When dev is done, he puts relevant people as reviewers and assigns code review status in jira.
3. Service's PR is approved and ci is triggered to create image + update services repo with new tag for a tool like argocd to do CD. This will hopefully shift us to gitops.
4. Argocd style tool will trigger and deploy and rollback if pre-defined rules are met (latency spike for over 1 minute / x amount of 4zz-5zz errors in y minutes....) + run qa tests in some cases.
5. I want a secret update to trigger re-creation of all deployments that use that secret (currently we use vault for secrets if it helps).

What tools / practices could help me achieve Y state? 

Thanks for any advice!

https://redd.it/sqo09t
@r_devops

How would you go about a full Operating System upgrade on a large fleet of servers?

How would you automate the upgrade of OS of a large fleet of servers? Can it be done with Go? What would the best practices be?

https://redd.it/sqnshr
@r_devops

Is the book "Terraform: Up & Running" still relevant in 2022?

I am looking for resources to learn Terraform. I see that the book "Terraform up and running, 2nd edition" (https://www.amazon.com/gp/product/1492046906) has good reviews but it was written in 2019 when Terraform was still in version 0.12. Now it is in version 1.1.2.

I don't know how much difference that makes for someone who wants to get an overall tour of the tool. Is the book still relevant or should I be looking for more up to date resources?

https://redd.it/sqqfz0
@r_devops

A dashboard to handle SSL certificate

Hello all,

We have a serious problem in managing SSL certificates in our environments, especially the ones used by ibm websphere, is there any dashboard solution that i can use where i can see all my SSL certificates and sending me alerts when the expirations day is close??

Thank you all,

https://redd.it/sqq7xe
@r_devops

Is the book "Terraform: Up & Running" still relevant in 2022?

I am looking for resources to learn Terraform. I see that the book "Terraform up and running, 2nd edition" (https://www.amazon.com/gp/product/1492046906) has good reviews but it was written in 2019 when Terraform was still in version 0.12. Now it is in version 1.1.2.

I don't know how much difference that makes for someone who wants to get an overall tour of the tool. Is the book still relevant or should I be looking for more up to date resources?

https://redd.it/sqqfz0
@r_devops

Automating GitHub users' access

Does anyone know of an open source project for automating GitHub user access via the API and pull requests?
I worked at a company a while back that had an automated tool for this.

e.g. Are you a new team member?...add your name to the json file of this meta repo, make a PR and the lambda function (?) will add you to the relevant repos for your team. If a team member leaves, anyone can make a PR and the former team member's access is gone. The tool we had even handled AWS permissions.

What I like about this approach is that the burden doesn't fall on one individual (admin, DevOps, etc) and it could tie into LDAP/AD.

I've googled for another similar project but didn't find anything. I thought I'd check here before building it from scratch.

https://redd.it/sqsou2
@r_devops

Which company is killing at devops?

Note: This is not a job post.
I was just curious to know if as a devops engineer, you could land in one dream company which would it be?

Which company is killing at devops? I know about Netflix, Spotify and Amazon though.

https://redd.it/sqs9qy
@r_devops

What AWS service is crucial / very useful in day to day operations, but often overlooked?

This is an open question, it could be anything from WAF to AWS config idk. As per title, what AWS service has changed a lot for you in your day to day operations, but is unpopular?

https://redd.it/sqt5j8
@r_devops

Rebasing and force pushing

When do you decide to do a rebase rather than just push another commit to go back to the state you want. And how do you rebase and force push safely?

Edit: I’ll add a particular example. Say you have a feature branch where master has been updated since you branched it. Do you rebase the feature branch and force push or merge.

https://redd.it/sqwzo5
@r_devops

What is your coding skill level and what is your language of choice?

As I'm trying to land a job at one of the bigger companies (e.g., Disney, Netflix, TikTok, Amazon, Google, Tesla, etc.) instead of the smaller startups that I've worked at most of my career as a DevOps engineer, Cloud architect, or systems engineer, one my of main weaknesses (that I've noticed) is coding. Specifically around solving exercises on leetcode, hackerrank, etc. Even though I know how to code in Python and PowerShell, in my day-to-day, I'm using logic to interact with other systems. Moreover, I understand and leverage fundamental programing concepts like if statements, loops, variables, functions, etc. I don't really deal too much with classes and beyond. Unfortunately, since most bigger companies use those types of sites like leetcode and hackerank as a benchmark, what advice do you have on those types of problems? Admittedly, I'm not too good in math and I didn't goto college. I'm more self taught and have been in IT a long time. I was thinking of focusing on pre-algebra, then college algebra, then business calculous. This should help me better be able to identify how to solve these problems, then the syntax seems like the easier portion. The problem is i have no idea what approach to take when i look at this problems on those sites.


In summary, which would you recommend? Should i
1. stare at leetcode problems until i get it?

2. Ensure that i have the fundamental knowledge of pre-algebra, college algebra, and business calculous which would make it more approachable and I only have to focus on the syntax of the language?

3. Something else i haven't thought of...

​

I know this is a long post but I want to be intentional as possible and learn from my peers. What are your thoughts?

https://redd.it/sqx7bx
@r_devops

Very Sus/Scammy-Sounding Interviewees This Past Year

I've interviewed dozens of people over the past few years. What I've noticed recently, as DevOps-type jobs' pay has gone through the stratosphere, is what I can only classify as job seekers who are straight up lying or being coached in interviews.

Here's what I've noticed about how it goes with these types of interviews:

1. The interviewee sits so close to the screen you can only see just their face, and usually no neck, shoulders, or torso visible.
2. When asked to summarize their job history by an interviewer, the interviewee reads a prepared script that is keyworded all about the same, the commonality of the language pattern having a lot of "such as" phrases. Following their eyes on camera, I can tell they start with their eyes at the top and their eyes go down the screen as they read.
3. When asked to quantify their proficiency in a certain area (say from 1-10), they usually say somewhere from 6-8. Upon asking them to explain how to use said tool or to explain when you would decide to use a part of the tool over another, they seem to immediately shift their view, as if to start searching for the answer. After a few seconds, they say "can you hear me?" like we had lost connection. When watching them, I can tell there is no loss of connection. After we go back and forth saying we can hear them now, they suddenly have a canned, but still very generic response to the question asked. For example, if I were to ask when to use an Ansible role, they would eventually come up with what an Ansible role is defined as and say that. Knowing what to look for now, I asked them to explain to me how to use an Ansible role in an actual playbook. They usually at this point start rambling in generalities and when pressed, cannot provide the answer.
4. Any topic the interviewee knows they immediately say what the answer is; any one they don't, they will use the excuse of a connectivity issue or that they could not hear. But it's only for something they don't know.
5. All the questions are answered in general, sometimes highly-keyworded terms. Never any specifics you would expect if someone had hands-on knowledge.

Has anyone else noticed these patterns lately? What do you do to quickly weed out these types of job seekers? Is this a widely known thing?

Thanks!

https://redd.it/sqz6u6
@r_devops

Picking between a contract or staying as an employee (does the contract sounds more DevOps?)

I recently interviewed for a 12 month contract position and got an offer. I'm currently an employee for a different company.

The contract sounds more interesting as it'll involve embedded device deployments using OCI runtimes where my current place doesn't use containers because of separation of concerns span across too many shared scripts executed by several pieces of software that isolating the dependency trees would required time the project does not have time to allocate.

Mainly I prefer OCI and CI/CD development work over pure configuration management of VMs with no other type of work in sight for the next year aside from writing network policy scripts on a fairly large and confusing code base that management agrees needs refactoring but there's no time for it.

I'm trying to ask how'd you determine what road you'd accept to continue down on? The OCI & CI/CD development 12 month contract or the nice stable job where it's clear what you'll be exposed to over the next year with maybe the opportunity to help refractor the code base into using OCI containers.

Container building, managing them, managing the VMs and CI/CD development is what I thought I was hired for in my current DevOps role. But it's turning out to be VM package maintenance, patch package upgrades, and network policies. Is that the typical DevOps employee role because of its long term needs are more firefighting than a contract to create reproducible environments to run software in? I can't tell if I'm being shortsighted or too new to the field or if staying leads to what I thought DevOps would be when someone else is offering the work on a contract (so you know to some degree it's not being changed on you but you probably will deal with feature creep).

Thank you for your input.
I did software development for 8 years before getting into DevOps.

https://redd.it/sr03nd
@r_devops

Hashi Boundary vs. Teleport vs. StrongDM;

Is anyone using these tools to manage cloud application access? I am wondering what mass like or ⠀dislike about these tools or if any of them are any good.

https://redd.it/sqyk1r
@r_devops