When did it become standard for every job interview to require homework on top of 4-5 rounds of interviews?

I've been hearing the market is hot so I went to look for myself. I've gone through quite a few interviews and every one of them has required a take home skills assessment on Hacker Rank. I went through the first few but after that I just started declining the tests. I just don't have the time/capacity to dedicate 6 hours of interviews/testing per job right now. I can understand the appeal to weed out people but there has to be a better way. This used to be unique to FAANG companies but it seems to have caught on. Are there any DevOps/SRE jobs out there that don't structure their interviews like this? What has your experience been like?

https://redd.it/uix61t
@r_devops

GitHub Actions Security Best Practices cheat sheet

Been compiling security best practices when it comes to GHA and learned quite a bit in the process. Hope you find it useful!

https://blog.gitguardian.com/github-actions-security-cheat-sheet/

https://redd.it/uj13sq
@r_devops

How many (AWS) accounts do you have?

How many AWS accounts does your organisation have? Why that number, and what's the organisation strategy behind it? When do you add a new account? What are the best practices with accounts?

I'm curious because where I work we have, very roughly, one account per environment (dev, staging, prod) per repository. As a dev I find it hard to figure out where everything is, but then I'm not a devops person.

^(Assuming you're using AWS. Question is specific to AWS, but probably applies to other platforms too.)

https://redd.it/uj8yzi
@r_devops

Best CI/CD Practices on AWS and Kubernetes

We have a pretty standard NodeJS app. I am moving away from Elastic Beanstalk to K8s.

So far I have... Bitbucket Pipeline > Build Container > Push to ECR.

My question really is... whats the best practice for the next step? There are plenty of guides but many of them seem to assume you are using a myriad of other external tools, which I really dont see the necessity of.

My main issue is how to manage updates across our 3 envs, dev, uat, prod. Do I use different container repos for each, and have each of my 3 branches push to those?

How do I trigger the rollout of the new images, and specify which image should go to which, automatically?

I was thinking I can tag the images with {ENV}-{API_VERSION}-{BUILD_NUMBER} so that on any given image I can tell exactly what env + version it is, and how current it is, but how that gets executed in Kubectl is giving me issues.

Ive got dev and uat on one cluster and prod on another, all seems fine when I do it manually. I just need to piece this together in CI/CD now.

Any help is massively appreciated. Cheers!

https://redd.it/uiu0am
@r_devops

Role of AI/analytics in Devops/SRE scene ?

I hear all over the news that lots of non tech related industries are using data and analytics for decision making and improving performance — such as sports , advertising , sales.

Where does AI/analytics fit in with Devops-SRE Venn diagram wise?

I understand that some tech products are using ML/AI to find anamolies in logging data and alerts. Any other good use cases for AI that make sense? Can it help with CI-CD — or the process for building out infrastructure for the software to run on?

https://redd.it/ujhh9h
@r_devops

DevOps.com on why you need to back up your GitHub repositories

You’ve probably heard the joke that there are two types of people in IT: Those who do backups and those who will start. Though it’s still valid, this joke has become less relevant to businesses and professionals. The IT industry has been increasing expenditures on security for years, and backup is a critical area. However, despite the growing awareness of the need for backups and the wide availability of modern backup solutions, the problem still exists. The number of security breaches is growing, and the topic of data security looks like an endless arms race. So what can organizations do?

Find that out in this article: https://devops.com/why-do-you-need-github-backup/

https://redd.it/ujik66
@r_devops

DevOps.com on why you need to back up your GitHub repositories

You’ve probably heard the joke that there are two types of people in IT: Those who do backups and those who will start. Though it’s still valid, this joke has become less relevant to businesses and professionals. The IT industry has been increasing expenditures on security for years, and backup is a critical area. However, despite the growing awareness of the need for backups and the wide availability of modern backup solutions, the problem still exists. The number of security breaches is growing, and the topic of data security looks like an endless arms race. So what can organizations do?

Find that out in this article: https://devops.com/why-do-you-need-github-backup/

https://redd.it/ujik66
@r_devops

Current Windows / Azure Sysadmin interested in DevOps

### Background
I am a Sysadmin at a large MSP. I mostly deal with Windows and macOS. I am advanced level with PowerShell scripting, I have some limited experience with Python and Bash (just haven't had much need for either). I have a strong background with Azure / M365 (Enterprise admin certified) also VMWare and Hyper-V virtualization. I try to automate everything I can when I can in my job. I am getting a bit bored with it and I feel like DevOps or straight development might be a better fit for me.

If you were in my position, how would you start working towards a DevOps career?

https://redd.it/ujsa7v
@r_devops

Best and cheapest way to run lambda functions

Hello!I'm a JR Devops engineer tasked with reducing time and cost of some lambda functions we run on EC2 instances.

Currently we use hourly spot runs (to minimize cost), with most of the time being spent on installing requirements (python project, being cloned and set up from scratch every run).

How can I utilize a docker here?

I have read about Amazon ECS, serverless, and some other solutions, but i'm not sure which is the best case for our use.

Maybe utilize Docker? How do I go on about creating a docker image from this project and run it on an EC2 instance without having to set up the whole environment (especially requirements).

Edit:To be clear, I don't want hand to hand guiding, just a point out of best services to use.

Thanks!

https://redd.it/ujmbau
@r_devops

Engineers Who Redesigned and Successfully Rebuilt an Already Established, Painfully Disorganized and Manually Built Cloud Infrastructure - How did you do it?

Azure, GCP or AWS. I’ve rebuilt one in the past and prefer to not have to do it ever again. I’m curious how others accomplished this massive undertaking.

https://redd.it/uk3rpd
@r_devops

What's your preferred container Linux distribution?

There are plenty of alternatives but three big players (from my point of view):

* [CoreOS Fedora](https://getfedora.org/en/coreos?stream=stable)
* AWS [Bottlerocket](https://aws.amazon.com/de/bottlerocket/)
* [Flatcar](https://flatcar-linux.org/)

We run container workloads on AWS EKS, Rancher on VMware and may be other platforms in the future. I'm searching for a container Linux distribution which could fit all these use cases.

So my question is: What's your preferred distro for running these workloads. Are there any better candidates or do you run multiple different distros depending on the use case?

https://redd.it/uka05x
@r_devops

Sharing Junior DevOps interview questions I have been asked.

OS questions were for Linux.

1. You connect two PCs with an Ethernet cable, what shell commands you'll use so they can communicate?

2. Difference between TCP and UDP packets.

3. How to check open ports on current PC and some other PC?

4. How to check the amount of free RAM? How to make the results more human friendly? :)

5. How to check average load?

6. What do two exclamation marks mean in user entry in /etc/shadow?

7. How to execute something inside a Docker container?

8. What are the replication tiers of Azure Storage Accounts?

9. What are the main components of Ansible?

10. How to create a new branch in git?

11. The difference between git merge and git rebase.

12. What are mutable and immutable objects?

13. Difference between Python tuple and list.

14. How to design High Availability system on-prem or in the cloud?

15. How to see pods from other namespaces in Kubernetes?

16. How to see the amount of CPU cores?

17. What to put in the first line of a Bash script? (shebang)

18. Why do we use DNS?

19. Does Terraform support multiple clouds at once?

20. What is the CIDR notation?

21. ARM templates. Main components (parameters, variables, resources, output).

22. What is CI/CD and why do we use it?

23. What databases do you know? Relational vs non-SQL? Basic queries?

24. How would you parse JSON files?

25. How to check who's currently logged in?

If you have work experience, they'll just ask you what kind of problems you faced and how did you solve them + some of the questions above, so they know you didn't lie on your resume.

https://redd.it/ukfl9y
@r_devops

I need advice for my gitlab integration on a personal project

Hello there, I am seeking advice for my already overly complicated project.

For context, I use Gitlab CD/CI tools at my job and I absolutely love them, and I would have liked to use them as well for a personal project. I am a junior web developer and far from a devops expert, mostly an enthusiastic hobbyist and I mostly want to get to know a little bit more about devops doing so. I don't want my project to be deployed on the internet, I just want it deployed on my local network at home.

I would have liked to set pipelines so that when my master branch is modified, Gitlab would build and deploy it on a raspberry pi on my private network.

My first idea was to use docker on my raspberry pi that would run three containers exposing three ports on my local network : one for Gitlab, one for Sonarqube and one for my project. Doing so, everything could run at home, easily communicate with each other and I would have been perfectly happy. The main issue is that a raspberry pi, mine is a 3B+, is far from being a war machine and would most probably not be able to handle it (or would it ?)

This leads me to two alternatives : Considering that I will most probably only use my personal laptop for this project, I could have a local Gitlab on a docker on my working machine and keep everything local. The other way would be to use the regular gitlab.com and deploy to my raspberry from the internet, needing that I expose a port of my private network, which I am pretty sure is an overly risky solution for the newbie I am, is it really ?

I do know that this is completely overkill for my small project but out of curiosity for devops, I really wish I could set up all of this.

Thanks to anyone who made it this far and thanks in advance for your advice !

https://redd.it/uklncg
@r_devops

How do you manage your Helm packages for production?

I'm interested in how the community manages Helm for production, do you use Terraform and Helm provider? Do you use CI/CD with the Helm CLI as the deployment mechanism?

I've used both, generally prefer a pipelined cli driven approach, besides the obvious benefits of having Helm deployments stored in state files, I don't see a strong reason for deploying it in Terraform (same for native k8s).

https://redd.it/ukxt2v
@r_devops

Jira Integrations

My company like a lot of them out there use Jira. I have no ability to influence that in any way to get away from the entire Atlassian suite, so this isn't an option. We run in a federated environment which makes authentication .... tricky with some things. My end goal is to have a single application I can use to get status on JIRA things, interact with our JIRA tickets/issues/stories from that same tool, and then pop back over to keep coding without breaking my workflow.

I'm actively moving my workflows to use Dendron with vscode to keep track of my thoughts and meetings and asks and my own personal tips/tricks/discoveries. The vscode JIRA plugin doesn't quite fit the bill. I can leave comments, but I can't say resolve issues since we require a reason for resolution or closure and that breaks the plugin. I looked at maybe mirroring into Trello, and using a plugin to drive trello but that'll be prohibitively expensive.

Is my only option to roll my own? I've looked at kanban boards in vscode and i don't think it would be super terrible to convert to MD for those and then back to jira-ese. Anyone else built a single pane of glass like this before?

https://redd.it/uklag9
@r_devops

Wrote up a post on backup and disaster recovery planning

Hey folks,

I'm relatively new to writing, but I am really enjoying trying to document up some of the things I've learned from being in Dev Ops for 10-ish years. One of my favorite topics is backups/disaster recovery planning and testing. I think it's because I'm a fairly anxious person, and having a solid backup program has really helped me sleep at night.

Designing a Backup and Disaster Recovery Plan

If you have feedback, other perspectives, please hit me up. I'm still new to writing. I'm planning on going through each of the facets listed here: The Many Facets of Infrastructure.

https://redd.it/ul7ixk
@r_devops

How to value equity vs up front cash?

Hey all, I'm doing a negotiation for the next step of my career and I'm struggling to really grasp the value and reality of stock options and job titles and what direction to go in it.


One company is giving a massive raise (30-35%), title increase to management and very little stock. The other is giving a much smaller raise (10%) and monstrous pile of stock. Both numbers are life changing but I guess I don't understand why company A would give so little stock or why company B would give so much or even how to properly evaluate the differences.


They're both unicorns valued over $1B & etc.

​

Any help from veterans of the process would be appreciated.

https://redd.it/ulsyux
@r_devops

How I learned to stop worrying and love the YAML

Following on from my Deploying Kubernetes Cluster in absurd languages is my next blog post,

How I learned to stop worrying and love the YAML

https://redd.it/ulrlsq
@r_devops

Have there been any pipeline exploits that have been made public?

I've been putting a lot of time recently into getting a firm grasp on pipeline security. But I'm curious about how much of a threat this is.

If code is being pushed to a private Github (with in-team code review), then being built via Github actions / cloud provider pipeline, doesn't that make the whole thing pretty secure from bad actors.

Yes there could be dependancy issues, there could be an NPM that has bad code pushed to it / exploits found etc.

I'm not arguing against checking / securing these things, I'm trying to understand the actual risk involved.

So I'm curious whether there have been any exploits / hacks etc that have used the pipeline to get data / do bad things in prod environments?

Edit: just to add, the responses so far just show me that I know nothing at all!

https://redd.it/umc6o6
@r_devops

Leaving a high-tech company that you don't feel aligned with

Have you ever worked in a high-tech product company, but in a sector that is not "aligned" with your values or whatever you like?

Let's imagine that you're working on really cool stuff, but you're also increasingly feeling that technique isn't enough if you don't feel aligned with the product / industry you work for.

Thinking about changing company cause you (a bit of) a sense of failure because you feel like you're giving up on something very cool.

Has this ever happened to you? What would you do in such a situation?

https://redd.it/umf3v7
@r_devops

My DevOps Checklist

https://www.thecodedmessage.com/posts/process-checklist/ is what I personally look for in a new project I’m joining and what I strive for in my own projects. What do you think is important that I don’t mention? Anything you guys disagree with?

https://redd.it/umi62m
@r_devops