Use multiple cloud-init datasource in VMware

I have little issue understanding how cloud-init datasource work and hope for your advice.

I deploy a VM using terraform from the ubuntu cloud image Ova.
This image supports userdata via parameters which are picked up by cloud-init on boot. Works as expected and solves my problem bootstrapping a VM.

Cloud-init also has the VMware datasource which is provisioned by extra parameters on the VM itself. This datasource is behind the ovf datasource in cloud init by default. Side note, VMware datasource is available in cloud init by default. This was an extra step in earlier versions.

So now I'm curious how cloud-init should work when I provision userdata on both datasources. When I debug available datasources in the vm both are detected with Ovf in the first place, followed by VMware.

In the logs I can see Ovf datasource is executed. VMware seams to be ignored.

So should cloud-init even consider the VMware datasource if Ovf is present?

https://redd.it/uf7bvi
@r_devops

GitGoat - deliberately misconfigured GitHub org

Pretty cool way to generate dummy data on GitHub, such as invite members, add them to Teams, commit code and secrets, raise & review PRs, and configure different branch protection policies (such as CODEOWNERS).
Link: https://github.com/arnica-ext/GitGoat

https://redd.it/ufbrx4
@r_devops

Vault HA mode(OSS) vs Vault Enterprise

Hashcorp vault enterprise provides three main features, performance replica, disaster recovery, and namespace. Well my use case is not required to go with disaster recovery and for performance replica i can setup Vault OSS with consul backend and run many active cluster which will be equivalent of performance replica, Is my understanding s correct will that feasible to not to use license and still have the same what Vault Enterprise

https://redd.it/ufdrv4
@r_devops

Is my expectations for candidates too high?

So we’re taking interviews for a senior DevOps role.

Most of the candidates are good with just tools, they know how to make a declarative pipeline with Jenkins, kubernetes deployments, daemonsets etc., Prometheus, grafana.

When we start to talk about systems, most candidates have no idea. For example, when I ask candidate who possess a CKA certification about the function of kube proxy, they really have no idea. Just saying kube proxy takes care of networking is a good answer? Expecting a candidate to know what subsystem of Linux is used by kube proxy is too much?

Expecting a candidate to know what layer of OSI does SSH belong irrelevant to DevOps?

Some basics about SSH/DNS/HTTP/TLS are essentially for any DevOps/systems engineering role imho, but candidates pursuing DevOps as a career lacks these.

Sorry for the rant, what I’m coming to ask is, just knowing to operate tools without giving a damn about the internals good enough ? How do you select people?

Edit: I see lot of engineers don’t like the idea of asking a osi reference as a question, just to let you know, I don’t cling to the osi and reject them for not knowing it. All I’m talking about is, lacking in basics of systems like DNS, ports, HTTP and etc. I’m sorry if I didn’t make it clear at my initial attempt.

https://redd.it/uffq2u
@r_devops

Out the Womb, Straight into DevOps

I will be joining all you guys as an associate devops engineer after graduation. If there is 1 piece of advice you could give me, what would it be?

What tool or concepts do you wish you knew when starting out? Any advice is much appreciated!

UPDATE: Thank you to everyone who commented! Everyone gave good advice and I really appreciate it!

https://redd.it/uerrww
@r_devops

How important is Design Patterns in a non-SWE role?

I am a self taught sysadmin, worked decades in the field and trying to gain dev competency, although I dont intend to be a full blown SWE. I know there are massive gaps in my knowledge and I am looking into "Design Patterns" and woah... the rabbit hole is deep. I am starting to think I cant even say I know Python now.

My question is: how important is "Design Patterns" for a devops/SRE role? Would you expect someone in this role to know it? Would a job that requires Python knowledge also require a good appreciation of "Design Patterns"?

https://redd.it/uf1ufp
@r_devops

How does your dev team onboarding look like?

Do developers install all dependencies (go/node/python/php/etc) and versions locally? If so, how do they manage to use the exact same setup as the rest of the team?

How do they make sure that their precommit hooks are aligned with the exact same tooling as the rest of the team?

Have you considered using a remote development workspace solution?

I’m looking for a way to simplify my team’s onbording setup by using their laptop as a gateway to a remote workspace where they could clone repos, push docker images faster with a faster connection, run the exact same versions and tools with a click of a button. Is this a common problem?

https://redd.it/uex0vq
@r_devops

PCI evidences located on servers

Asking folks who are in the devops team. Do you folks download credit card evidences like application log files from your linux servers? Or is there another team like application developers that downloads it? I'm just quite annoyed today that I had to do it. I believe it should be done by developers. However, they keep on saying we don't have access to PCI environment. What is your process?

https://redd.it/uey24x
@r_devops

Releasing some free tools ⚒️ 🪛🔧

I made a free web app to perform functions like DNS lookups, port checks port scans, IP Information gathering, hash generation, blacklist checks, subnet calculation and more.. saves me some time in the infosec/net-sec space.

Hope you enjoy! 🎸🤘🔥

Net-Tools.io

https://redd.it/ufr7qz
@r_devops

react app deployment in the cloud

So I have to deploy a react app on cloud

Assume a million Hits in future ( 1-3 years ).

Think of it as q checkout plug-in. It is not a static site as it will take inputs and do things like retrieval., authentication etc and much more.

What's the best way to deploy this and its implications.

Currently deployed on a node based docker image on Ubuntu using npm start as the entry point. This is through azure app service

Is docker the right choice ? Can another server like be used instead of npm with better performance.

Can a smaller image be built without using the node image ?

Any other things that I should think about.

Thank you in advance

Does docker make sense here

https://redd.it/ufrwcd
@r_devops

Do you do Application support as DevOps engineer?

I am quite new to DevOps and have been working for a software company scale-up. We are not a big team and we take care of the builds, deployment, automation, collaboration with Devs etc, so the usual tasks required from a DevOps engineer. On top of that though my team takes care of the application support of the software we are selling, including being on-duty 1 week per month. While i enjoy some of the work, the on-duty is a bit tedious as it happens quite often that non-technical users would log silly cases and it feels a lot like 1st line support. Another aspect is that the company is developing around 20+ products meaning while on duty we often get cases about functionalities we did not know existed... As far as I know DevOps teams do need to carry the pager but I was under the impression that it is mostly about failing releases, problems with infra, services etc and not about application support..

https://redd.it/ufzap7
@r_devops

What are your strategies or advice on a new devops engineer learning to support an application?

I recently got a new role as a devops/sre engineer from a network engineer background and is wondering how do people "learn" applications to be able to provide operations support?

In networking, we engineers just have to have a solid understanding of standard networking protocols and we can start troubleshooting in most environments. However, in the app world, there is no "standard" protocols and we seem to need to troubleshoot incidents with little understanding of what is happening in the application. I'm kind of lost at the moment and would appreciate some advice on how to get started

https://redd.it/ug0ll3
@r_devops

ansible - Not sure where to begin

Undergrad student here -- I have a devops project I'm working on and need some guidance. My professors and TAs are confusing me even more so I've turned to reddit.

I'm building, testing (running project test cases), and deploying an open source project by having a specific job for each using ansible.

I'm starting off with the build job. The open source project repo defines steps in the readme on how to get it started but I'm confused on how to translate that into lines in ansible. Any help is appreciated.

https://redd.it/ug5ubs
@r_devops

For those looking to make a career switch to devops, did it ever feel overwhelming with all the things you need to know?

Right now I'm learning Python because I feel like many IT careers (not just devops) would benefit from learning it, but when I start to see everything else you need to know it feels like it's neverending.

How do you usually manage not jumping between things, I know you can't learn everything at once but at what point do you go from learning one thing to learning another thing simultaneously?

https://redd.it/ug939g
@r_devops

Ansible for windows?

Are there any programs I can use to configure \~40 computers? My company updates their software (.exe) once a week, and requires:

1. Updating \~5 softwares (.exe), which requires uninstalling and reinstalling
2. Pulling changes from 3 repositories on GitHub
3. Reinstalling the python virtual environment (lots of pip install commands)

I currently use Jenkins, but have been running into significant configuration drift because some pipelines may error out. I heard Ansible is a good program, but noticed it is mostly for linux. Are there any alternatives for Windows?

https://redd.it/ugfd8w
@r_devops

Some practical learnings while participating in on-call rotations

I wrote a short blog post on some practical learnings I gained while participating in on-call rotations. Read it here: https://ernestas.me/on-call-leave-it-better-than-you-found-it

https://redd.it/ugjs4r
@r_devops

Monthly 'Getting into DevOps' thread - 2022/05

What is DevOps?

[AWS has a great article](https://aws.amazon.com/devops/what-is-devops/) that outlines DevOps as a work environment where development and operations teams are no longer "siloed", but instead work together across the entire application lifecycle -- from development and test to deployment to operations -- and automate processes that historically have been manual and slow.

Books to Read

The Phoenix Project - one of the original books to delve into DevOps culture, explained through the story of a fictional company on the brink of failure.
[The DevOps Handbook](https://www.amazon.com/dp/1942788002) - a practical "sequel" to The Phoenix Project.
Google's Site Reliability Engineering - Google engineers explain how they build, deploy, monitor, and maintain their systems.
[The Site Reliability Workbook](https://landing.google.com/sre/workbook/toc/) - The practical companion to the Google's Site Reliability Engineering Book
The Unicorn Project - the "sequel" to The Phoenix Project.
[DevOps for Dummies](https://www.amazon.com/DevOps-Dummies-Computer-Tech-ebook/dp/B07VXMLK3J/) - don't let the name fool you.

What Should I Learn?

Emily Wood's essay - why infrastructure as code is so important into today's world.
[2019 DevOps Roadmap](https://github.com/kamranahmedse/developer-roadmap#devops-roadmap) - one developer's ideas for which skills are needed in the DevOps world. This roadmap is controversial, as it may be too use-case specific, but serves as a good starting point for what tools are currently in use by companies.
This comment by /u/mdaffin - just remember, DevOps is a mindset to solving problems. It's less about the specific tools you know or the certificates you have, as it is the way you approach problem solving.
[This comment by /u/jpswade](https://gist.github.com/jpswade/4135841363e72ece8086146bd7bb5d91) - what is DevOps and associated terminology.
Roadmap.sh - Step by step guide for DevOps or any other Operations Role

Remember: DevOps as a term and as a practice is still in flux, and is more about culture change than it is specific tooling. As such, specific skills and tool-sets are not universal, and recommendations for them should be taken only as suggestions.

Previous Threads
https://www.reddit.com/r/devops/comments/tv01vk/monthlygettingintodevopsthread202203/

https://www.reddit.com/r/devops/comments/t4fozq/monthlygettingintodevopsthread202203/

https://www.reddit.com/r/devops/comments/ru3zhm/monthlygettingintodevopsthread202201/

https://www.reddit.com/r/devops/comments/r6myz4/monthlygettingintodevopsthread202112/

https://www.reddit.com/r/devops/comments/qkgv5r/monthlygettingintodevopsthread202111/

https://www.reddit.com/r/devops/comments/pza4yc/monthlygettingintodevopsthread2021010/

https://www.reddit.com/r/devops/comments/pfwn3g/monthlygettingintodevopsthread202109/

https://www.reddit.com/r/devops/comments/ow45jd/monthlygettingintodevopsthread202108/

https://www.reddit.com/r/devops/comments/obssx3/monthlygettingintodevopsthread202107/

https://www.reddit.com/r/devops/comments/npua0y/monthlygettingintodevopsthread202106/

https://www.reddit.com/r/devops/comments/n2n1jk/monthlygettingintodevopsthread202105/

https://www.reddit.com/r/devops/comments/mhx15t/monthlygettingintodevopsthread202104/

Please keep this on topic (as a reference for those new to devops).

https://redd.it/ugqrkn
@r_devops

Monthly 'Shameless Self Promotion' thread - 2022/05

Feel free to post your personal projects here. Just keep it to one project per comment thread.

https://redd.it/ugqs3a
@r_devops

Which IDE/Editor is Your Daily driver?

In last few years I tried Vim with bunch of plugins, NeoVim, Emacs (Vanila, Spacemacs and Doom), VsCode (also with neovim), Acme (from Plan9), IntelliJ GoLand, Sublime Text... I'm curious, which IDE/editor with external tooling is Best for You.

View Poll

https://redd.it/ugstjr
@r_devops

Those of you using prometheus as part of your observability stack, what approach did you take to scaling to scrape 25+ clusters, and why? Is Thanos the answer to my problems?

Hi everybody,

First post, longtime lurker :) .

So recently i've been tasked with implementing prometheus/grafana in our org as part of our preparations to get good devops strategies in place, as we are now aiming to hit zero downtime deployments in production.

We've got almost 50 clusters to scrape, and I'm thinking about the most efficient way to scale prometheus to handle all this ingestion, while having some breathing space for future growth.

Particularly as there is a non-zero possibility of another \~100 clusters to be provisioned in less than 24 months.

My ideal outcome is that all metrics will be available via a single grafana instance, and we can manage alerting from there for all clusters, but I'm worried about if this will be doable at scale.

I understand that Thanos (https://github.com/thanos-io/thanos) was built with the idea of improving prom's scalability and availability , and will be testing this shortly, but would love to hear from others that have tried various approaches to try to solve this challenge.

At the bottom of the github link above there are two architecture diagrams for possible implementations, has anyone used it before, and how did it pan out?

Before learning of thanos, I was thinking of running prom on each cluster, and then having a "master" instance of grafana to offer us a centralised view in grafana, but i'm sure there's a better approach to this.

In terms of configuration, I'm installing the prometheus/grafana operator using the helm charts in the community repo: https://github.com/prometheus-community/helm-charts

https://redd.it/uhmk77
@r_devops

How do I find out which container is responsible for a specific docker overlay folder?

I'm inside a VM which runs multiple docker containers. We have inspected some logs and noticed that in the VM's /app/docker/overlay directory there's a bunch of folders (presumably from the containers). They have hashed names like "jsdnjenljf8239ujsdkaldkoksdjo". Anyway, how do I determine which container is responsible for a particular directory like "jsdnjenljf8239ujsdkaldkoksdjo"?

​

https://redd.it/uhcerd
@r_devops