Good questions for a "Devops Manager" position

Looking for good questions for a "Devops manager" role.

Our org has dedicated "devops engineers" who manage the CI\\CD pipeline & SRE responsibilities on a per team basis. Some teams have more than one engineer depending on the # of services they support, devops engineers are part of a scrum team and their work shows in JIRA along with the development work for the same team. We are 100% cloud based, mostly in AWS 100% IaC (Terraform). Most of our work is pretty standard websites or web services along with a decent amount of EMR.

Looking for open ended questions to ask our candidates.

https://redd.it/uqvsmt
@r_devops

Site Live & Hosted Elsewhere - But, Need WP Staging Site

Hi,

Our initial website was created with React and it's hosted through AWS. Every edit is sent through our dev team overseas. We want to give our design/copy team access to a CMS (wordpress) to make quick edits.

We're trying to draft/stage a WP website and wondering the best way to do this. It seems like we have to buy a new domain, hosting, and download wordpress in order to start creating a staging site. Eventually, we'll redirect our true domain to wordpress, but we want to have a website fully designed before doing this.

Any ideas on best practice here?

https://redd.it/ur8opf
@r_devops

Devops for a non dev shoP?

So, I work for a shop that has 0 dev presence. We don't write anything above scripts for specific tasks, which are already stored in Git and fully tested via a drone pipeline.

We're primarily a Windows shop, with a very minimal Linux and container footprint.

I'm wondering on the best way to introduce more Devops mindset into an environment such as this. We've already moved to using things like Packer for our image builds, but would love to transistion over to Terraform if possible. In addition, using things like Ansible for VM deploment/Network Deployment/etc are on my short list. But I feel there has to be 'more' than that, as those are things I could do just as easily with Powershell native.

Thoughts?

https://redd.it/urcjz2
@r_devops

Expectations from a Principal Software Engineer (DevOps)

The following job advert for a "Principal Software Engineer (DevOps)" appears to have a high degree of technical skills that are required. Is this realistically what the industry expects or is the employer/recruiter casting a very wide net and hoping to find a candidate that closely matches the skillset?

**Culture fit is everything here, although you will need strong technical experience as well in:**


* Using the right tools are essentials to DevOps practices, the DevOps engineer should understand and have some knowledge on a variety of tools. Ideally have some experience in following toolchain :
* Project and Product planning tools ( e.g., JIRA, Confluence )
* Build and hosting technologies ( e.g., Kubernetes, Docker )
* Infrastructure as Code tool s ( e.g., Cross Plane, Terraform , CloudFormation, Azure Resource Template )
* Source code control tools (e.g., GitHub, GitLab, Bitbucket )
* CI/CD pipeline tools (e.g., GitHub Actions, Jenkins, AWS (Amazon Web Service) CloudFormation + AWS Code Pipeline, Azure DevOps, Bitris e )
* Observability tools (e.g., Splunk )
* Continuous Feedback tools (e.g., ServiceNow, JIRA service management, InstaBug )
* Expert in at least 1 to 2 programming languages below:
* Back-end runtime : C# .NET Core, Java, Node.js, Golang.
* Scripting language : YAML, JavaScript, Shell script
* Command-line interface : Unix, PowerShell, AWS cli, vi, vim
* Front -end : ReactJS, Angular
* Mobile : iOS (Swift), Android (Kotlin)
* Databases : SQL DB (SQL, Oracle, PostgreSQL, Aurora) and NoSQL DB (DynamoDB, Cosmos DB, Snowflake, Google Big Query)
* Automated testing frameworks : Module based, library architecture, Data Driven, Keyword Drive, Behaviour Driven.
* Expert and enterprise experience in modern application design patterns:
* REST API services
* Containers services
* Serverless application
* Deep knowledge and understanding of different hosting pattern covering IaaS (Infrastructure as a service), CaaS (Container as a Services) , PaaS (Platform as a Service), SaaS (Software as a service)
* Enterprise e xperience in at least one of the following cloud hosting platforms:
* AWS cloud – desirable
* Microsoft Azure
* Google Cloud Platform
* Excellent communication and collaboration skills and experience working in a matrix organisation structure, previous experience working under Spotify model or similar agile framework is highly desirable
* You are passionate about keeping up to date with the latest technology

https://redd.it/ure5x4
@r_devops

I'm currently in the process of screening tests for devops bootcamp but I'm afraid it will negatively affect me in the long term

so here's a TLDR:

I've been studying programming for a few months looking forward to start applying soon after I finish Data structures and algos together with a few resume projects but now a GF's friend is an HR in a Devops bootcamp so I can get in for free and they give a job at the end of it if I pass 2 tests in the middle of the bootcamp (currently im on the 3rd out of 4 screening exams for the bootcamp itself)

But im afraid it might damage my software career in the long term since I will be doing devops for some time instead of pure software engineering.

However it might be even easier to land a coding job in the future with all this experience anyway if i'm not mistaken.

I'd like to hear some advice from you guys

https://redd.it/urh7op
@r_devops

What are some really good courses for Docker & Kubernetes?

So I'm someone looking to get into DevOps and I was wondering what the best way would be to learn Docker & Kubernetes from scratch. Are there any Udemy courses that you guys recommend? Any roadmap containing different online courses that you guys recommend?

https://redd.it/urlc3e
@r_devops

DevOps vs Platform Engineering vs Performance Engineering

Hello Everyone - I've been talking to DevOps experts on LinkedIn trying to understand the area of Platform Engineering. Any experts on this forum here who could provide some background on what this field is about? Is it separate from development and DevOps teams - looks like a single team in most small businesses takes care of DevOps and Platform Engineering. Anyone here who is also familiar with Cloud performance engineering?

Reason for this clarification is because I am trying to learn what a current DevOps process looks like (meaning the typical workflow), tools used today - what's working well and what isn't working well, what type of workloads do you typically deploy over a public cloud - any automation that is working well along this DevOps pipeline etc.,.

​

https://redd.it/urk57j
@r_devops

Moving from ops to devops not realistic?

I work as a systems administrator, and I mostly deal with Windows Server, identity management, and on-prem virtualization. I'm currently working on implementing Terraform and Ansible in our environment a meaningful way, but this is challenging since it's a solo project with no guidance other than online documentation.


I have only used PowerShell for my automation up to now. Being told I need to know software development, data structures and algorithms is daunting. I'm not sure teaching myself any of these is viable, since I don't have a computer science degree and my previous attempts didn't go well.

The more I read about the topic of DevOps, the more I feel like it's not really viable for a systems admin to move into DevOps without a CompSci background, am I interpreting the situation correctly? The folks on the sysadmin subreddit don't seem to understand what DevOps is, and seem to parrot that it's just someone who build CI/CD pipelines or implements IAC.

https://redd.it/urei8n
@r_devops

Install a PowerShell module in an Azure Pipeline

Is this the correct syntax to install a PowerShell module in an Azure Pipeline?

- task: PowerShell@2
inputs:
targetType: 'inline'
script: |
Install-PackageProvider -Name NuGet -Force -Scope CurrentUser
Install-Module -Name ReportingServicesTools -Force -Scope CurrentUser

When I run the pipeline I get an error:

========================== Starting Command Output ===========================
##command"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -Command ". 'E:\Build1_work_temp\c9a6e80e-2701-48bf-ac75-1e04f5ef1267.ps1'"
WARNING: MSG:UnableToDownload «https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409» «»
WARNING: Unable to download the list of available providers. Check your internet connection.
WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
Install-PackageProvider : No match was found for the specified search criteria for the provider 'NuGet'. The package
provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified package has the tags.
At E:\Build1_work_temp\c9a6e80e-2701-48bf-ac75-1e04f5ef1267.ps1:2 char:1
+ Install-PackageProvider -Name NuGet -Force -Scope CurrentUser
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (Microsoft.Power...PackageProvider:InstallPackageProvider) Install-Pac
kageProvider, Exception
+ FullyQualifiedErrorId : NoMatchFoundForProvider,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackagePro
vider

I don't know if this is related to the syntax or if the agent actually doesn't have internet access.

** edit **

The agent does have internet access as this task worked:

- task: CmdLine@2
displayName: Ping Google's DNS
inputs:
script: 'ping 8.8.8.8'

​

https://redd.it/urqsoe
@r_devops

Test Data Management

Hey All,

I'm looking on some advice for a solution for test data at my company. We are currently using a product called actifio to replicate and dedupe our prod data so we can then mount virtual copies for our Dev and QA environments. Not sure how many people are doing anything like this or if we are just odd ducklings in this regard, but we have several large databases and a bunch of smaller ones that we routinely refresh from our production data so that our development and QA environments have valid data to test with. Due to the size of the data we need something that virtualizes the data so that we don't need 25 copies of all of it. We also can't go to the cloud so I need something that we would host on prem. Or are we just doing things completely wrong and coming at the solution sideways. If there is another way to handle databases for Dev/QA that would also be appreciated. Thanks in advance for any advice you can give.

https://redd.it/urvf48
@r_devops

Larry Ellison on cloud computing - has this aged well?

13 years ago Larry Ellison dismissed Cloud Computing as another fad

"Maybe we'll just change some of the wording on our ads"

"The computing industry is the only fashion industry that changes faster that the clothing fashion industry"

"They said open source was going to kill our software"

"The first thing they said was mainframes are going to die, but watching mainframes die is the slowest thing ever"

Was he right in some ways, too dismissive in others? What do you think?


Video for context/source:

https://youtu.be/0FacYAI6DY0

https://redd.it/urw2yk
@r_devops

Automate All the Boring Kubernetes Operations with Python

Hi /r/DevOps,

Today I published an article titled "Automate All the Boring Kubernetes Operations with Python", where I explain how you can use Python's Kubernetes client library to automate common tasks such as creating/patching resources, watching events, accessing containers and more.

Here's the link: https://betterprogramming.pub/automate-all-the-boring-kubernetes-operations-with-python-7a31bbf7a387

Feedback is very much appreciated!

https://redd.it/us72zr
@r_devops

Lessons Learned Using Vault As A Secret Store

Hi,

some time ago I have presented on a local meetup on a topic of Secrets Management and so I have collected my notes on HashiCorp Vault operation and put it to a blog post. Hope someone finds it useful.

https://www.malgregator.com/post/lessons-learned-using-vault-secret-store/

https://redd.it/usb0ys
@r_devops

About to give up on GitLab (ACL). Any advice appreciated

Disclaimer: Forgive me if If this has been asked before and I just fail at searching or if I'm violating any post guidelines.

​

Quick notes:

Licensing level is flexible. Saving money is good but meeting our goals is better

We have a partitioned, seperate lower env vs prod env, jenkins environment currently. This solves all of our regulatory requirements for separation of duties but jenkins is a lot more hands on, jenkins groovy dsl and addon management is a constant cat mouse issue, and we would like to divest ourselves of custom code where possible ease the maintenance burden.

​

High level goals:

Allow developers to execute pipeline actions/deployments to lower level environments.

Prevent developers from starting any pipeline actions that would result in a deployment to production/ protected environments. Allow a separate privileged group to perform these actions.

​

Basic problem:

Gitlab pipeline ACL is controlled by the yml config. There doesnt seem to be a way to both limit what access groups/users have access to execute on a pipeline at a granular enough level.

​

What has been tried:

* Configuring runners to only be accessible to certain groups and structure group membership in different ways to allow a pipeline to \*see\* a runner but only in for certain user logins
* Result: Doesnt seems workable. Runner visibility seem to be binary, the job can either see the runner or it cant. If it can see it then it can run on it and if it cant, well it cant. there doesnt seem to be any user context to filter on.
* Creating parent Gitlab yamls in other project that are locked to specific groups for editing and used as the base configuration for all other pipelines to inherit from.
* This works well from a yml config sharing perspective but there doesnt seem to be a way to **force** a project inherit from these configs. A user can simply write their own config and targe a production runner and potentially break something. And even if you lock down the merging and setup protected branches, pipelines can be run on branches and use whatever tml is also in that branch so the user could break production with a branch version of a yml config
* Creating protected environments - this seems like its the encouraged path to protect deployments but it seems... incomplete?
* Were still kind of exploring this option but its not obvious to us yet how this will be any better then the above two scenarios

​

Stuff not tried yet:

* publishing artifacts to a different location in gitlab and locking down the pipeline deployment from there.
* seems doable but also kinda defeats the purpose of having a nice connected pipeline to watch a artifact move through the envs
* Plugins or Addons
* not opposed to it but havent explored it enough. somewhat hesitant about external modifications just to achieve what seesm to be very basic acl

https://redd.it/usf09a
@r_devops

Larry Ellison on cloud computing - has this aged well?

13 years ago Larry Ellison dismissed Cloud Computing as another fad

"Maybe we'll just change some of the wording on our ads"

"The computing industry is the only fashion industry that changes faster that the clothing fashion industry"

"They said open source was going to kill our software"

"The first thing they said was mainframes are going to die, but watching mainframes die is the slowest thing ever"

Was he right in some ways, too dismissive in others? What do you think?


Video for context/source:

https://youtu.be/0FacYAI6DY0

https://redd.it/urw2yk
@r_devops

do you read devops news?

I work with several clients in the DevOps / DevSecOps space and I'm curious what news / websites you look at for industry news?

If you don't care to read industry news, but prefer blogs, podcasts, etc. please share those insights too!

https://redd.it/usje9o
@r_devops

What makes a good DevOps manager?

Interested to see what everyone thinks makes a good DevOps manager. What things should they do? What should they avoid doing? What makes them a top 10% manager? What do you hate when a manager does? What matters most to you about your manager?

https://redd.it/ustzqj
@r_devops

How do you document CI/CD: containers, pipelines, toolchains, etc?

as the title explained: how do you document your containers, pipelines, repositories, environments, etc... ?

​

do you have anything automated? do you follow any convention, any framework?

​

as for me, i manage a huge gitlab space, we've 200-300 repositories, with 20-30 centralized pipelines. we are dealing with python, java, node pipelines. quality gates with sonarqube, xray and other security tools. we are dealing with an artifactory and a sonatype instance.

we've also a legacy jenkins instance with 30, 40 pipelines. we're usign maybe a 100 vms divided in various clusters.

we release a product that is composed by almost 20 containers, and we manage 3-4 releases in parallel.

as an architect i've inherited a confluence space with a huge mess of pages and sections. basically documentation is unexisting.

pipelines are not documented and I don't have any clue how to start organize things. i'm leading 4 team mates and all devops/ci-cd activities are "oral handovers"

to start automatizing things i've written a python script that parses the ansible hosts.ini and publish on confluence the list of environments/server. it's integrated into a gitlab pipeline, so anytime someone updates the hosts.ini, confluence page gets updated. it's just a simple thing, but still useful to the developers team

https://redd.it/ut397y
@r_devops

How do you document CI/CD: containers, pipelines, toolchains, etc?

as the title explained: how do you document your containers, pipelines, repositories, environments, etc... ?

​

do you have anything automated? do you follow any convention, any framework?

​

as for me, i manage a huge gitlab space, we've 200-300 repositories, with 20-30 centralized pipelines. we are dealing with python, java, node pipelines. quality gates with sonarqube, xray and other security tools. we are dealing with an artifactory and a sonatype instance.

we've also a legacy jenkins instance with 30, 40 pipelines. we're usign maybe a 100 vms divided in various clusters.

we release a product that is composed by almost 20 containers, and we manage 3-4 releases in parallel.

as an architect i've inherited a confluence space with a huge mess of pages and sections. basically documentation is unexisting.

pipelines are not documented and I don't have any clue how to start organize things. i'm leading 4 team mates and all devops/ci-cd activities are "oral handovers"

to start automatizing things i've written a python script that parses the ansible hosts.ini and publish on confluence the list of environments/server. it's integrated into a gitlab pipeline, so anytime someone updates the hosts.ini, confluence page gets updated. it's just a simple thing, but still useful to the developers team

https://redd.it/ut397y
@r_devops

Devops more ops then dev?

If I look at the current state of DevOps in my country (Netherlands) it has not become what I expected.

Instead of seeing developers maintaining their own infrastructure work or developers and operations working together in one team. In my opinion it's nowadays some ops guys doing some DevOps work like: IaC, writing CI/CD pipelines for developers, maintaining stuff (observability) etc.

Is this really what it become? and does this sound familiar to you guys? Im quite dissapointed to be honest as a junior

https://redd.it/ut3kgu
@r_devops

What makes a good DevOps manager?

Interested to see what everyone thinks makes a good DevOps manager. What things should they do? What should they avoid doing? What makes them a top 10% manager? What do you hate when a manager does? What matters most to you about your manager?

https://redd.it/ustzqj
@r_devops