Good resources for ansible & terraform CI/CD

Hey everyone, I am looking for some resources to help brush up on how to integrate terraform and ansible in CI/CD. I would also love to hear how your companies automate deploying IaC.

Thanks!

https://redd.it/ubzc3i
@r_devops

Work Item Scopes

This is a rookie question, but just wondering how do you keep your work items only with the scope of the project. Its getting confusing how I can see work items from other projects.

New to dev ops and want to know how to set this up.

https://redd.it/uc0a32
@r_devops

DNSControl - the most underrated DNS tool

dnscontrol is probably one of the least talked about DNS tools that is amazing to use.

Maybe my beard isn't gray enough (and everyone is talking about it/already knows), but if you have never heard of it until today, you're welcome.

https://redd.it/uc42vm
@r_devops

Looking to get into DevOps down the road.

Hi everyone. I’m sure this gets asked all the time so if there is something obvious that I missed, please let me know.

I am on a path to end up in DevOps a few years from now. Working my way up through a Systems Engineer path.

In your experience, what are the best things I can do now to best prepare myself for being a good DevOps Engineer?

Also, it seems that DevOps is a pretty broad category. What is DevOps to you in your specific role?

I have started learning Python and getting familiar with the idea of Docker. I run Linux as my daily driver so I am fairly familiar with that environment but still have a lot to learn. Any advice is appreciated. Thanks!

https://redd.it/uc20dp
@r_devops

Learning Puppet and Ansible

Hi, I am a network engineer, scope of my work is to managed, deploy, maintain servers, switches, routers.


For servers, we used puppet, for networking gears, we used ansible.


we widely used Juniper networks and debian distro for servers.


any advise where to get a reliable learning resources to study puppet and ansible?
Links for resources like Udemy is greatly appreciated.


Thanks a lot

https://redd.it/uca0s1
@r_devops

Linux repository manager for binary packages

Hi y'all!

I'm looking for a solution to host and manage artifacts that are actually Linux *ipk (just like deb) files for a custom solution. Right now we have a jenkins building some packages and we'll start to have plenty more soon.

So we need get something working to handle all the generated files, ideally indexing them (we have to use opkg for that), but to handle the versioning and storing.

For the time being we are looking into Apache Archive for it, but if any other FOSS and selfhosted solution is better I'm willing to do the switch!

​

​

Thanks!

https://redd.it/uce3hh
@r_devops

How can I get the last version number of my npm package and increment with one when republish with azure pipeline?

How can I get the last version number of my npm package and increment with one when republish with azure pipeline?

https://redd.it/uchotn
@r_devops

Money to work ratio

I’ve been working in devops for 3 years, I’ve only worked for a single company my entire career. I love my company and the people/culture, but the pay is less than what a lot of other tech companies offer. I started at 85k with a 10% yearly bonus reliant on company performance. I’m currently at 105k with the same yearly bonus. The work is interesting, but not extremely difficult and is fully remote. So I can work somedays 2-3 hours and that’s it. What’s everyone else’s experience? I’m trying to determine if this is a unique experience and I’m living my best life, or if this is a general experience. I’m based in Boston as an fyi for COL.

https://redd.it/ucjrw4
@r_devops

Circleci Can we use multiple workflows for multiple type?

I’m new in circleci. I want to install my infrastructure via terraform after that I also want to trigger my build, deploy and push command for aws side. But workflow does not allow me to use plan_approve_apply and build-and-deploy together in understand one workflow. I also try to create multiple workflows (like below example) for each one but also it didn’t work. How can I call both in single circli config file

My Circleci config yml file:

​

version: 2.1
orbs:
aws-ecr: circleci/[email protected]
aws-ecs: circleci/[email protected]
jobs:
init-plan:
workingdirectory: /tmp/project
docker:
- image: docker.mirror.hashicorp.services/hashicorp/terraform:light
steps:
- checkout
- run:
name: terraform init & plan
command: |
terraform init
terraform plan
- persisttoworkspace:
root: .
paths:
- .

apply:
docker:
- image: docker.mirror.hashicorp.services/hashicorp/terraform:light
steps:
- attachworkspace:
at: .
- run:
name: terraform
command: |
terraform apply
- persisttoworkspace:
root: .
paths:
- .

destroy:
docker:
- image: docker.mirror.hashicorp.services/hashicorp/terraform:light
steps:
- attachworkspace:
at: .
- run:
name: destroy
command: |
terraform destroy
- persisttoworkspace:
root: .
paths:
- .
workflows:
version: 2
planapproveapply:
jobs:
- init-plan
- apply:
requires:
- init-plan
- hold-destroy:
type: approval
requires:
- apply
- destroy:
requires:
- hold-destroy
workflows:
build-and-deploy:
jobs:
- aws-ecr/buildandpushimage:
account-url: "${AWSACCOUNTID}.dkr.ecr.${AWSDEFAULTREGION}.amazonaws.com"
repo: "${AWSRESOURCENAMEPREFIX}"
region: ${AWSDEFAULTREGION}
tag: "${CIRCLESHA1}"
- aws-ecs/deploy-service-update:
requires:
- aws-ecr/buildandpushimage
aws-region: ${AWSDEFAULTREGION}
family: "${AWSRESOURCENAMEPREFIX}-service"
cluster-name: "${AWSRESOURCENAMEPREFIX}-cluster"
container-image-name-updates: "container=${AWSRESOURCENAMEPREFIX}-service,image-and-tag=${AWSACCOUNTID}.dkr.ecr.${AWSDEFAULTREGION}.amazonaws.com/${AWSRESOURCENAMEPREFIX}:${CIRCLESHA1}"

​

https://redd.it/ucwtbi
@r_devops

IAM vs Authentication lib - what's the use case for each one of them, and why?

Is there any case it's preferred to use an authentication library like Authlib (python) or Passpost.js (node.js) instead of an IAM such as keycloak?

What are the advantages of one compared to the other?

https://redd.it/ucybpz
@r_devops

I came up with a DevOps joke as I couldn't find any to plagiarise

Why is it so hard to find DevOps professionals on Mars?


​

​

​

​

​

​

​

There's no Terraform there yet.

https://redd.it/ucz66o
@r_devops

Call another Jenkins job multiple times

I have a freestyle Jenkins job that has a parameter called branch, which is taken from a file.

Currently, in the file, it's defined to be equal to master:

branch=master

Then, as part of the build, it calls another Jenkins job with the branch variable.


 

Now, QA wants to have the branch variable have multiple values (for example branch=master,branch1).

Thing is, now I would have to call the other Jenkins job multiple times.

In Jenkins (preferably freestyle), is it possible to call another job multiple times in a loop with different values every time?

Thanks ahead!

https://redd.it/ud5yr9
@r_devops

Interview advice

I have a technical screening later this week that consists of “cloud operations and logging”

Any advice on programmatic things to keep in mind or any sample interviews in this area would be greatly appreciated.

https://redd.it/ud3aef
@r_devops

vkv: recursively list key-values entries from Vaults KV2 engine in various formats

Hi I wrote this small utility in order to view large and nested entries in Vaults KVv2 Engine. Maybe it is interesting for you guys. I plan to add more formats, for instance displaying the current used token capabilities on each path and entry:

https://github.com/FalcoSuessgott/vkv

https://redd.it/ud9jcm
@r_devops

There is no such thing as too much logging - or is there?

What’s a modern day best practice around logging? How do you approach this? I myself like to log as much as possible, my boss swears there should only be debug and error logs.

https://redd.it/udgohy
@r_devops

Is DevOps in my environment possible?

My company uses a bunch of different .NET apps, some are APIs hosted on IIS, some are Windows Services. They talk to each other using MSMQ (Windows Message Queue), and SQL Server is used for all data storage. Setting up a new client requires manually configuring all these things.


I'm trying to wrap my head around how I can create CI/CD pipelines for our software/services/database. Is CI/CD only meant for single apps/websites or can it be used for entire environments? Thanks in advance.

https://redd.it/udj8s8
@r_devops

AWS sanity check

I've just discovered something in my workplace's AWS systems that feels unusual to me, and I'm hoping you guys can help me check my sanity.

For non-production environments, we secure our public facing services so only the people working on them (developers, QAs, stakeholders etc.) can use them. No problems there, I've done that before. But as part of their approach to this, they put the load balancers into private subnets. Then for production, these are instead in public subnets.

This feels wrong to me. It means there is a very different architecture in production and non-production environments. It seems to go against the principle of having environments as similar as possible. When I've done this in the past, we've always put our public LBs in public subnets and we secure non-prod environments with a VPN.

Of course this is just based off my own experience and I can't be sure if my worries are unfounded. What do you guys think? Thanks.

Edit: Our service in this case is running in ECS fargate containers with an Application Load Balancer and RDS

https://redd.it/udo6tk
@r_devops

If I use release steps in my build pipeline, can I make it show up on the Azure Release page with green dots where it was released?

If I use release steps in my build pipeline, can I make it show up on the Azure Release page with green dots where it was released?

https://redd.it/udvj4o
@r_devops

Why developers hate shift left and related automation buzzterms

Here's a question. I work (in a business, not a technical role) in a company that develops a solution to help the engineering unit manage security without the overhead (helps the developers manage the Oss jungle). Now when I speak with developers, they explain that they resent shift-left buzz terms and that they don't feel that shift-left solutions are helping them or that automation promise is encouraging. I wanted to hear your feedback and learn more. Shift left means that engineering is becoming the center, the heart, where everything happens, isn't it? Automation is always a blessing, it removes manual work, isn't it? what am I missing here?

https://redd.it/ue066o
@r_devops

Why developers hate shift left and related automation buzzterms

Here's a question. I work (in a business, not a technical role) in a company that develops a solution to help the engineering unit manage security without the overhead (helps the developers manage the Oss jungle). Now when I speak with developers, they explain that they resent shift-left buzz terms and that they don't feel that shift-left solutions are helping them or that automation promise is encouraging. I wanted to hear your feedback and learn more. Shift left means that engineering is becoming the center, the heart, where everything happens, isn't it? Automation is always a blessing, it removes manual work, isn't it? what am I missing here?

https://redd.it/ue066o
@r_devops

What are the best cloud-agnostic tools you use?

what are the best cloud-agnostic tools to handle your infra that you have tested and approuved?

https://redd.it/udz5bl
@r_devops