Picking incident severity levels

It sounds really obvious, but if you're ever unlucky enough to be building your company's incident response process, you'll be forced to decide what severities to use.

Lots of the literature is really dense and designed for mega-corps, not your average growing company.

My colleague Stephen has written about how to pick good incident severities, leaning on the experience we've had with our (incident.io) customers and the processes they implement.

For some pragmatic advice and first principal thinking, here's the post:

https://incident.io/blog/designing-your-incident-severity-levels

https://redd.it/suq371
@r_devops

Is Jenkins best suited for my usecase?

I'm trying to deploy a nextjs(react) app and I want the flow to look something like this
Commit is made to repo on github -> VPS is notified via webhook -> VPS builds docker image shuts down previous image and then runs the new one


From what I'm seeing I think Jenkins can do what I want to do but there may be a better way to do it


I'm very new to devops so feel free to give me any advice if there is a better way to do what I'm trying to do

https://redd.it/sur26h
@r_devops

Moving from long-lived to ephemeral environments: why and how?

My company is hosting a webinar on March 2nd about the move from long-lived to ephemeral environments in pre-production workflows. If you're in the process of doing this at your company, drop by or sign up to catch the recording.

https://redd.it/suvtrg
@r_devops

A Postgres toolkit that might be handy

Can be useful if you are managing Postgres. In this docker image, I've collected many Postgres tools that can help with development and maintenance after the release. It can help to generate realistic mocking data, import/export data from files can perform complete Postgres benchmarking (generates test data and benchmarks queries).

It also can help with making backups and saving to S3, as well as scheduling them. Includes a browser-based version of VS-code, terminal, filebrowser, and jobs scheduler.

I open-sourced it in this repository

https://redd.it/sup6u7
@r_devops

Drupal and DevOps... examples, resources.

Hopefully this is the correct place to ask. I'm looking for examples, resources or learning material on using drupal within a DevOps framework. Currently I'm building backend resources for our drupal devs and it's getting old. Since our organization is retooling I would like to automate as much as possible. I have a vision in my head of how it would work but it would help if I could see an examples and access to materials where I can fill in the gaps of my knowledge (which with the retooling is a little wide now). Any 👉 in the proper direction would be appreciated...books, Google searches, videos, courses...etc.

-Editing to give clue as to the tools available.

Azure DevOps, Azure, AWS, Terraform plus others.

https://redd.it/suzfz0
@r_devops

Hiring Managers - what projects do you look for on a “Junior” or “New” persons resume?

Currently looking to shift my career into DevOps.

I’ve done my research about what certifications I want to pursue and obtain… but are there any good projects for new people cracking into DevOps to do and list on their resume? I plan on having a “projects” section on my resume. I was wondering if there were any good resources to start from or follow along to the point where I can put them on my resume with the technologies/tools used.

If you’re a hiring manager or been in DevOps for awhile… what types of “Junior” projects would you want to see on a resume that says you are willing to learn in a Junior role, but have a good grasp of the basics down?

Any suggestions?

https://redd.it/sv3hgi
@r_devops

Does your company use DORA metrics? Do you find them useful or are they just Marketing/Sales bla-bla?

We‘re moving to the cloud and our implementation partner company keeps bringing up DORA metrics.

Do you have an opinion?

Further info: https://cloud.google.com/blog/products/devops-sre/using-the-four-keys-to-measure-your-devops-performance

https://redd.it/sv4fzg
@r_devops

Centralize AWS Cloudwatch security alerts



Hi,

I'm trying to create some security alerts for a cloudwatch log group from a cloudtrail org trail. My setup is the following, 3 accounts (master, dev-1,dev2), org trail enabled and pushing events to a s3 bucket and a log-group, both deployed on the master account. I created some security alerts on the master account, like failed console login, and I'm able to trigger the alert and an SNS notification by failing the logins on all 3 accounts. The problem is that I don't have the context from which account triggered the failed logins alert. All the alerts have the master account as the trigger account, I guess it makes sense since the log group and alerts are on the master account, but is there a way to know which account triggered the alert? Basically, I'm trying to centralize the security alerts for all my accounts.

Does anyone have an idea how to achieve this?

https://redd.it/suzaz3
@r_devops

How do you scan your docker images?

I am looking for any online tool to scan images in docker hub for vulnerability. I need a way to certify to management that the image is clean. Any site that allows you to enter a image name and give you vulnerability report? Is rebuilding the image on my own the only way?

https://redd.it/sv6vw7
@r_devops

To those that use sumo logic ... is it expanding or nah?

My org just did a POC with sumo and a few other logging/SIEM vendors including elastic and logrhythm. We're leaning toward sumo logic but are confused by the mixed reviews we've seen.

I'm curious to hear from people whose orgs use some in some capacity in prod. One sure fire way to know if something is good, in my opinion, is if the people that have it are expanding it and landing more stuff in it over time, or if they kinda keep it sequestered and eventually move off of it (this is kinda what we did with zabbix).

View Poll

https://redd.it/sv5q9m
@r_devops

Building and scaling a cloud foundation team

Hey guys,

We at meshcloud are currently working on a website that helps you build a cloud foundation team, a team that focuses on the acceleration and adoption of cloud usage at organizations.

The website is not fully finished yet but we feel like it is already quite valuable. Perhaps some of you are interested and could leave us with some feedback, that would be awesome :-)

You can find the website here: https://cloudfoundation.meshcloud.io/

https://redd.it/svdrxk
@r_devops

The 4 Stages of DevOps Adoption to Maximize Business Success

The business environment is very dynamic today with continuous changes happening in all possible areas including IT, infrastructure, and training. These changes impact the development process because of increased demands from customers with shorter delivery times. This promotes agile practices and is recommended to be included in the process. In between this entire process, the two main teams of the systems need to be integrated and follow an order in collaboration with each other. The tasks of a development team are not over once the deployment has been achieved. They need to be passed on to the production environment along with all recommended changes within appropriate timelines to be able to achieve concrete company goals.

That’s why you need DevOps adoption to be integrated into your organization’s development process.

Read the full article The 4 Stages of DevOps Adoption to Maximize Business Success

https://redd.it/svfagd
@r_devops

7 Must-Haves For Ultimate AWS Security

AWS makes our life easier in many ways. But, as it often happens, in an attempt to address all possible needs, it ended up with just too many features to keep an eye on. Newbies or small teams that cannot have a dedicated AWS admin, may get lost or spend too much time managing and configuring it.

In a new blog series, I help you to set up an AWS account from scratch. We start with security. Read the article to learn the 7 must-haves of it: setops.co/blog/aws-account-security-must-haves

Have you already encountered the same thoughts on AWS or other providers about securing your Account and how to do it right?

https://redd.it/sverg2
@r_devops

Free domains for your experiments, hackathons, etc.

I have just released this project (https://github.com/Olivr/free-domain) that could be proven useful when you need temporary access to a domain for your experiments.

Behind the scenes of this project completely managed in Github:
I'm using Terraform and Cloudflare for managing the domains.
Valid PRs are auto-approved for both registrations and modifications.
Domains can be mofified/renewed only by their original owner (I am using git blame to authorize modifications)
Emails are sent before expiration and domains are auto-deleted upon expiration.
You can check out the code for some dirty bash glue 😜

If you guys are willing to try to hack the automated PR system, please do so I can improve it!

https://redd.it/svjh8h
@r_devops

DevOps salaries

Let me start off the sharking. Sharing helps everyone know what they are worth.

Currently underpaid working at a major Boston hospital making 110K. Stayed there way too long, time to move on.

https://redd.it/svl7jk
@r_devops

Portfolio project ideas/sources

I am a network engineer looking to break into an SRE/Devops role. I've spent the better part of the last year or so studying/researching/labbing various devops related technologies/tools. The courses that I took were all separated from eachother. For example, I've taken a few courses on Kubernetes, a few on terraform, a few on AWS/Azure, etc. This has helped me understand each technology separately but I'm struggling to piece them all together.

​

I want to create a portfolio of sorts that I can put on my github to showcase my skills. My idea was to build an application, hosted in AWS with a full ci/cd pipeline, where changes made to code in github kicks off a deployment. Are there any resources that you all can suggest that sort of ties everything that I've learned together in a structured format? I feel very comfortable with the tools that I've learned, but I do not have any real world experience from the application development side of things. All of the courses that I took just glossed over creating an application and/or straight up gave me an application to use.

https://redd.it/svkxz3
@r_devops

Azure centralized logging solution for application

We have several app services in our azure environment and looking for the recommended tool for centralized logging. Im familiar with Graylog and Splunk but hopefully Azure has their own similar tool. I started looking into it but wanted to get advice from my peers regarding what Im trying to accomplish and if its even possible.


My questions are:
1. Does Azure have a realtime centralized logging tool that can be used for application logs where we can send all logs to and query that is similar to Graylog or Splunk?
2. If so, what is your experience using it with this type of use case? Is it worth exploring it or should i use 3rd party tool like graylog, splunk, datadog, etc?

https://redd.it/svn98x
@r_devops

How do you call metrics trace and logs in one word?

I am trying to create guide for younger devops and describe my job as a responsible for metrics, trace data and logs transmitting in our system. How should I call all of that data in one word?

https://redd.it/svpd2u
@r_devops

DevOps Tools Currency best practices

Every org has minimum 5 to 10 devops tools. How to maintain their patching and current upgrade efficiently. Are there any tool or any best practices.

https://redd.it/svo1rd
@r_devops

🎉My company is hosting a webinar on March 2nd around moving from long-lived to ephemeral environments.

Get a sneak peak here! and learn more about it 👀

https://redd.it/svsr0n
@r_devops

Who has high-level IAM roles in your organization?

Who has high-level IAM roles (e.g. Owner) in your organization, and what steps have been taken to ensure they aren't misused or compromised?

https://redd.it/svsekk
@r_devops