How long does it take for your company to install software for you? (for restricted local admin environments)

I wrote a few weeks back about not having admin access.


One of the problems with not having local admin access is the inability to install software (which isn't a bad idea considering software installs are the most common attack vector). So I'm ok with this so long as the company process is built properly.


So I followed the company process, submitting a request to install Wireshark on my local machine. I submitted the request on April 6th, was asked on April 20th if I was "approved" to use this tool, and finally today (April 22nd) the software was made available to me in the software portal so I can actually install. It's a few versions behind at this point, but whatever, at least I finally have it installed.


So to recap, I could download and install Wireshark myself in <5 mins. Or, via my **awesome** company process, submit a request and have it installed 16 days later.


Am I crazy for thinking this is unnecessarily long? Wait a day, two days, three even? Sure, not everyone can jump on something right away. But does it really make sense for a software install (really, just a check box to enable it to appear in my software portal) take 16 days?


Yes, I work for a large financial organization and we are very bad with process and doing anything quick or modern... I've been here for a few years now and it's stuff like this that makes me want to jump. I've tolerated it for a few years and "gave it a chance" to improve, but after 3 years I think I've given it all the chance it deserves.

https://redd.it/u9ebo4
@r_devops

Who should be doing oncall?

At the company I work for, we are two DevOps engineers (myself and another colleague), and we have been doing the oncall duties for a few years. We manage all the infrastructure and we do are former full-stack engineers from the same company, so we have full context of the product code and the infrastructure as well. This means that, when an incident arise, we are very capable of solving it, including making product code changes when needed.

However, the company has grown a lot recently, both in the number of developers and the product itself (many new functionalities, etc.). My colleague and I are no longer writing product code every day, so it's hard to keep up with the product code changes. Meaning that we would probably need a considerable amount of time to understand what is going wrong with the code before we can solve it.

My question is, who is usually doing oncall at your current companies?

- If answer is the developer engineers ==> How can they respond when there's an issue related to infrastructure? (eg: a server instance going down)

- If answer is DevOps engineers or sys admins ==> How can they respond when there's an issue related to the product software? (eg: a non obvious software bug causing downtime or performance degradation)

https://redd.it/u9ligp
@r_devops

What would your ideal technical interview look like?

I am a DevOps engineer, not a recruiter. My team does technical/meet the team interviews for candidates. I want to make a technical interview process that avoids all the annoying shit other companies do. I have my own ideas but wanted to take into account other people's too.

For example: Fuck coding interviews. I don't care if you memorized the syntax, that's what Google is for. Plus I think most people are significantly worse at coding/typing when people are sitting there staring at them, so it's not an accurate measure of anything.

https://redd.it/u9sah8
@r_devops

What would your ideal technical interview look like?

I am a DevOps engineer, not a recruiter. My team does technical/meet the team interviews for candidates. I want to make a technical interview process that avoids all the annoying shit other companies do. I have my own ideas but wanted to take into account other people's too.

For example: Fuck coding interviews. I don't care if you memorized the syntax, that's what Google is for. Plus I think most people are significantly worse at coding/typing when people are sitting there staring at them, so it's not an accurate measure of anything.

https://redd.it/u9sah8
@r_devops

OpenSSL vulnerability CVE-2022-0778

Source: https://www.bleepingcomputer.com/news/security/palo-alto-networks-firewalls-vpns-vulnerable-to-openssl-bug/amp/

Now that it's been patched, let's discuss - was anyone here impacted? We had Threat Prevention so nothing came up.

https://redd.it/u9wlbw
@r_devops

Terraform for Devops (Real world experience)

Guys, Would like to know few things about Terraform:

1. what does your day look like with Terraform?
2. Where do you store terraform State files and templates?
3. how do you use it in multi-account cloud environment?

Would be nice if you can give real world example of how large scale environment with terraform look like. Thankyou!

https://redd.it/u9oqp5
@r_devops

Pulumi as an alternative for Terraform?

Has anyone here worked with Pulumi before as an alternative to Terraform?

https://redd.it/ua3oby
@r_devops

I was denied a raise because I'm not from the US

I've been working for this company for a couple of years now, I joined as a senior devops, and last year I was promoted to head.

After a month, I found out I wasn't getting a raise because "I was already making way more money than average devops in the country I'm from". I argued that I'm not working for the country I'm from, and I'm not a devops anymore, to which my boss said "that's what they told me and it's based on the data they have, so bring me data"

Sure thing.

I started interviewing and getting certified, in a month I was able to get a few offers, all for senior devops, and all with bigger compensations. I also got certified, and the average salary for the people that have this certification is 150k USD a year. Yes, I know certs don't mean anything, but apparently, HR folks in my company like averages, so that's data they can understand. Or so I thought.

I was screenshotting and sending the certifications and offers to my boss as I was getting them, and my boss brought this to the HR's people's attention. I don't know what they talked but basically, my boss said that his hands were tied and that they can only give me a raise after I'm done with my current project, which is kind of critical for the company's existence.

So, I have conflicting parts of me trying to take action. My childish /r/nuclearrevenge inner voice says "let the project blow up and take your payment in blood" but I wouldn't sleep well with that, my boss is super cool and is trying his best, it looks like he has no voice in the company anymore, I'd rather quit and let them figure it out than pull a piece of shit move like that. Part of me wants to deliver the project and then quit, to professionally send a big fuck you "look at what you did". And part of me just wants to deliver the project and then deliver just the bare minimum not to get fired and pursue other projects on the side.

I'd love to hear some opinions and criticisms. Especially if I'm doing something wrong.

https://redd.it/uabiq3
@r_devops

What is all the fuzz about Terragrunt about?

Hi there,

I am reading about Terragrunt in this sub more and more. We are also using it in a project at work but still I don't get the real benefits over terraform. One of the mayor points is "modules". But - as I understand it - I can write modules in TF as well and configure them via parameters or variables. So I don't understand the real difference between the typical terragrunt.hcl files (that contain only the input parameters for all modules) and a typical .tfvars file (that does kind of the same)?

&#x200B;

What are your takes on that, where are the real benefits over TF and how did your structure betweens TF and TG change after adoption?

https://redd.it/uab5ji
@r_devops

when creating a Dockerfile, is it mandatory to put a COPY command? what will happen if I didn't put the copy command, Thank you



>FROM python:3.9
WORKDIR /project
RUN pip install --no-cache-dir -U pip
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
CMD ["python", "main.py"]

so my question is what will happen if i remove this and build the docker image,

https://redd.it/uapx2t
@r_devops

Introducing Git+ for GitLab, all-in-one GitLab App you need

After some time we are finally launching our Git+ App, that will allow you guys to perform lots of desktop GitLab operations directly from phone.

&#x200B;

Browsing latest notifications, reacting to Issues and Pull Requests, Organising Issues with labels, assignees, Browsing your files and code - all of that and more !



Available on both iOS and Android !

iOS:

https://apps.apple.com/sk/app/git-for-gitlab/id1607749970

Android:

https://play.google.com/store/apps/details?id=com.gitlabplus.app&hl=en&gl=US

https://redd.it/uat1qs
@r_devops

Input on my study path to step into DevOps


Hey everyone, I need some feedback on my planned study path for the next few months. I've been a sysadmin for nearly 3 years and I want to move into a devops role in the near future.

My company has a devops team, but it's not in their interest to move me into there for the time being since I'm the only one in my current team for my region and timezone.


I was planning on going for the following certs to start applying to jobs:

- EX294 (RHCE, Ansible Cert. I have this exam on Tuesday)

- DO180 (another RH exam, intro to containers basically)

- Either AWS or Azure fundamentals exam

- Then terraform, not sure how accessible their certs are, but a friend recommended a TF course on Udemy

- I'm not following any particular program but I'm improving my scripting skills with bash/python

Do you guys thing this is a good starting point? I'd appreciate any suggestions :)

ps: I have an active RHLS, so any courses there take priority since they're free :)

https://redd.it/uarh7i
@r_devops

Help me understand vpc’s and calculating cidr range’s

As a software engineer, I’m ashamed to admit that I do not understand them. I want to stop feeling lost in conversations with our ops team.

What’s the best resource you’d point a junior on your team who wanted to learn?

https://redd.it/uaxbkx
@r_devops

Government SWE or Amazon Cloud support associate for path into Devops/SRE

Government SWE or AWS support job

I am about to graduate with a degree in computer science from a small state school and I currently have 2 offers. One with a government defense contractor as a software engineer , working with military weapons, aerospace , and other areas with the opportunity to gain a security clearance with a pay of 77k but will have to relocate. However, I sometimes see on here how government jobs are not too good for your career.

The other job is a cloud support associate role with Amazon web services starting at 67k but is fully remote. This job will focus on trouble shooting and solving customer cases with their cloud services. Amazon will provide training on the cloud services and this sounds like a great opportunity to learn a lot directly from Amazon and also have a top company on my resume early in my career.

Im leaning towards wanting a career in devops but not 100% sure of which area I want to go in yet. im looking for the best opportunity to learn and gain experience for future employment opportunities.

any suggestions or recommend a path I should take ?

https://redd.it/uaxjwi
@r_devops

DevOps conference List - may 2022 update

I have prepared a list of online conferences for DevOps and SREs.

The list is available on my blog (https://www.czerniga.it/2022/02/13/devops-online-conferences-list/) as well as on GitHub (https://github.com/czerniga/devops-online-conferences). If you want to add a new conference create a new Pull Request in the repository on GitHub.

I also list some upcoming conferences below:

|Date|Conference|Agenda|Price|
|:-|:-|:-|:-|
|26 – 27 April 2022|DevOpsDays Kraków 2022|https://dodkrakow.pl/schedule/|FREE|
|26 – 29 April 2022|DevOpsCon London|https://devopscon.io/london/program-london/|£ 512 - 1196|
|10 May 2022|DockerCon 2022|https://docker.events.cube365.net/dockercon/2022|FREE|
|10-12 May 2022|DevOps Enterprise Summit|n/a|$450|
|16-18 May 2022|ChefConf '22|https://www.chef.io/chefconf/agenda|FREE|
|16 – 20 May 2022|KubeCon / CloudNativeCon Europe 2022|https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/program/schedule/|FREE / € 75|
|24-26 may 2022|DevOps Pro Europe 2022|https://devopspro.lt/schedule/|€ 270 – 1130|
|9 June 2022|Conf42: Site Reliability Engineering 2022|n/a|n/a|
|12-17 June 2022|Agile + DevOps West|https://agiledevopswest.techwell.com/program/schedule|n/a|
|20-23 June 2022|DevOpsCon Berlin|https://devopscon.io/berlin/program-berlin/|€ 476 - € 1169|

https://redd.it/ubgjhr
@r_devops

Is an easy interview a red flag?

Just got made an offer for a role. It was a two stage interview with no tech test. First stage was just general devops questions, second stage was scenario based questions. Honestly I feel I'm too junior for this role and I'm quite nervous to take it. Is an easy interview a red flag?

Edit: there's a lot on the job spec that I don't know, such as K8's, Selenium.

https://redd.it/ubi17s
@r_devops

KubeCon Europe Drama!

Apparantly the CNCF removed the mask mandate for KubeCon Valencia because Spain (the host country) also removed the requirement across the country.

Queue some backlash from the Twitter community, specifically Kat Cosgrove (https://twitter.com/Dixie3Flatline/status/1517485638462803969?t=h1ZcWoDjWnMzHw2nXzldgg&s=19) and the CNCF basically tried to cite her and said her conduct was not appropriate.

TechTwitter blew up at the CNCF, and then the CNCF shortly reversed the decision.

https://redd.it/ubbp5t
@r_devops

DevOps Bulletin Newsletter - Issue 48

Hey folks,
My weekly DevOps newsletter aka DevOps Bulletin -  Digest #48 is out. Check out a sneak peek of the topics covered on this weekly issue:

* ⭐️ “**ArgoCD best practices you should know**” - In this article, you’ll explore some of the best practices of Argo and learn how you can validate your custom resources against these best practices.
* 🔒 “**How to secure Deployments in Kubernetes**?” - Security is crucial ‌for containerized applications that run on a shared infrastructure. In this post, you’ll learn how to secure ‌Kubernetes deployments and applications in general.
* 💡 “**Build Preview Environments on AWS for CI/CD workflows with Terraform CDK**” - In this tutorial, you will build preview environments on AWS using Terraform CDK and deploy a React application.
* 😄 “**Take the pain out of git conflict resolution: use diff3**" - The diff3 conflict resolution strategy is a hidden gem in git that can save you an uncountable conflict-resolution headaches and turn git conflict resolution into something of a joy.
* 🧠 “**Monitoring a garage door with a Raspberry Pi, Rust, and a 13Mb Linux system**” - For geeks like me, this is a super fun project. It sends an alert via Mattermost when the garage door has been left open for more than 5 minutes.
* 🎧 Podcast of the week goes to “Kube Cuddle” by Rich Burroughs - In this episode Rich speaks with Celeste Horgan from Stripe. Topics include: **How developers can get better at writing docs**, what makes a good concept doc, “blank is a blank that does blank”, the difficulty with making big changes in the Kubernetes documentation, the Dockershim deprecation, inclusive naming, and many others.
* 📦 Project of the week goes to “Cog” - **Cog is an open-source tool that lets you package machine learning models in a standard, production-ready container**. With Cog, you define your environment with a simple configuration file and it generates a Docker image with all the best practices: Nvidia base images, efficient caching of dependencies, installing specific Python versions, sensible environment variable defaults, and so on.

Complete issue: [https://www.devopsbulletin.com/issues/kubernetes-container-security](https://www.devopsbulletin.com/issues/kubernetes-container-security)

Feedback is welcome :)

https://redd.it/ubjcgv
@r_devops

Jenkins MultiBranch Pipeline

Published my 7th video in the series "Jenkins Tutorials for beginners" and this time it is for

"Jenkins MultiBranch Pipeline" 🔥🔥🔥

&#x200B;

If you are a beginner at Jenkins/DevOps, I'd suggest you check out the previous videos in this playlist as well to get started with Jenkins and understand the concept of CI/CD.

In this video, we will be looking into Jenkins multibranch pipeline. Video #6( Jenkins CI CD Pipeline Tutorial) is the pre-requisite for this video so, make sure you watch that before this one.

When we are working in an enterprise-level organization or a company that utilizes git-based SCM to its full capabilities including pull requests, git-flow, git branching, etc. then it is really hard to maintain multiple Jenkinsfile for one repository and to create a separate Jenkins pipeline for each of the branch is a hassle, and could introduce a lot of technical debts that is when Jenkins multibranch pipeline comes to the rescue. It scans the complete repository and finds out all the Jenkinsfile(s) in multiple branches and creates separate Jenkins pipelines for all the branches with the Multibranch pipeline as the master job.

&#x200B;

https://youtu.be/nYDBfjXgYFE

Below is the playlist for "Jenkins Tutorial for Beginners":🔥

&#x200B;

https://www.youtube.com/watch?v=oUdB2XqtGmk&list=PLl4APkPHzsUV3pz6zRpFJe3A4wTM2Pjvv

&#x200B;

Please check out the below videos in the playlist and many more to come!

\#1 What is DevOps, Agile and CICD

\#2 How to Install Jenkins on Ubuntu in different ways

\#3 First Jenkins CICD Job with Maven and GitHub

\#4 How to Integrate Jenkins with GitHub

\#5 Jenkins master slave architecture

\#6 Jenkins CI CD Pipeline as a code

\#7 Jenkins MultiBranch Pipeline.

https://redd.it/ubq9zc
@r_devops

Golang for devops

Hello everyone

I have been writing for some time on how to use Go for Devops. Instead of publishing a list of separate articles and tutorials, I have decided to put everything together in a coherent form as a book.

I was wondering if there are any topics that you would really like to see included in book about using Go for Devops?

Currently, my draft version has the following sections / chapters (draft titles, but they relay the contents):

Introduction to Go
Building apps and scripts
Script scaffolding
Command line tools using go
Talking to clouds
Working with databases
Working with API's
Common recipes

https://redd.it/ubup4i
@r_devops

Good resources for ansible & terraform CI/CD

Hey everyone, I am looking for some resources to help brush up on how to integrate terraform and ansible in CI/CD. I would also love to hear how your companies automate deploying IaC.

Thanks!

https://redd.it/ubzc3i
@r_devops