How to test Kubernetes api?

hello there,

i have a web app that runs a lot of background jobs on Kubernetes. in our code we connect to Kubernetes and run a job on it.

i want to test this on our development setup. can i run a mini-kubernetes or something on docker to mock this ?

what do you use for this kind of scenarios ?

or should i just create another cluster just for testing things out ?

https://redd.it/xyp9ai
@r_devops

How to upgrade your Helm Charts?

Just a short article on upgrading your Helm charts using the helm diff extension

https://renjithvr11.medium.com/how-to-upgrade-your-helm-charts-2856afb5d400?sk=547e1562762c56639fe8e47d3258e116

https://redd.it/xy1wha
@r_devops

SSL Cert issue Ubuntu EC2 Wordpress site

Hi all

Im having some issues installing an ssl cert on my wordpress site hosted on a ubuntu ec2 instance

the site works but is not secure until i add the following to my /etc/apache2/sites-enabled/wordpress.conf file

<VirtualHost \*:**443**\>

DocumentRoot /srv/www/wordpress

**SSLEngine on**

**SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt**

**SSLCertificateKeyFile /etc/apache2/certificate/apache.key**

<Directory /srv/www/wordpress>

&#x200B;

<VirtualHost *:443>
DocumentRoot /srv/www/wordpress
SSLEngine on
SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
SSLCertificateKeyFile /etc/apache2/certificate/apache.key
<Directory /srv/www/wordpress>
Options FollowSymLinks
AllowOverride Limit Options FileInfo
DirectoryIndex index.php
Require all granted
</Directory>
<Directory /srv/www/wordpress/wp-content>
Options FollowSymLinks
Require all granted
</Directory>
</VirtualHost>

once those changes are made and apache is restarted my ip no longer shows my wordpress site but instead just shows the default apache page.

root@ip-172-31-2-98:/etc/apache2/sites-enabled# sudo a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
tcp6 0 0 :::80 :::* LISTEN 30744/apache2
tcp6 0 0 :::443 :::* LISTEN 30744/apache2

Any help would be appreciated. Thanks in advance.

https://redd.it/xyso1c
@r_devops

DataDog Custom Metrics

Hey

I'm currently using DataDog Cluster Agent installed via helm Chart in Kubernetes and Metrics are scrapped by the Agent. 

I have checked multiple docs from DataDog about the custom metrics and how it affects the Billing, and I'm confused. Anyone knows what's the best way to avoid sending metrics to be counted as custom metrics or how to reduce the amount of them? What is the native protocol to send metrics to avoid being counted as custom metrics? Is it a DagStatsD integration? 

I was looking here:

1. 

>This client automatically injects telemetry about itself in the DogStatsD stream. Those metrics will not be counted as custom and will not be billed

https://docs.datadoghq.com/developers/dogstatsd/high_throughput/?code-lang=go#client-side-telemetry
https://github.com/DataDog/datadog-go#monitoring-this-client

2. 

>If a metric is not submitted from one of the more than 500 Datadog integrations it’s considered a custom metric(1).
A custom metric is uniquely identified by a combination of a metric name and tag values (including the host tag).

https://docs.datadoghq.com/account_management/billing/custom_metrics/

3. But later when I open the integration page for example OpenMetrics I find it confusing

>All the metrics retrieved by this integration are considered custom metrics.

https://docs.datadoghq.com/integrations/openmetrics/

4. It seems that the way to reduce the volume is by using Tags configuration.

>Note: Only configured metrics contribute to your Ingested custom metrics volume. If a metric is not configured with Metrics without Limits™, you’re only charged for its indexed custom metrics volume.

https://docs.datadoghq.com/metrics/metrics-without-limits/

https://redd.it/xyugd0
@r_devops

Moving beyond solo scripting into CICD

I currently work in the networking field of IT operations. My background is in IT, not computer science. That said, I have learned a couple of languages along the way as I've scripted a lot of components of my roles. I primarily use Python (Nornir and custom-fit REST APIs), as well as Ansible CLI.

How do I learn CICD, or Git, or how to be collaborative when most of my automations are solo endeavours? In the networking world, I'm one of very few who knows any programming at all, but I'd like to understand how to make these developments collaboration focussed moving forward so I can "graduate" from a "script developer" to a something closer to holding a DevOps hat.

Right now, I occasionally use Git to a very small degree when developing my automations to track my changes, milestones, feature adds, etc. That's it. No hooks, no automated unit testing, etc. These have been topics that I just haven't learned yet as programming hasn't been my primary skill, but rather associative to my networking studies.

https://redd.it/xy0k62
@r_devops

How do you block any ticket merge when the unit tests don't run in a Github repository?

I am guessing this is done through a Github action, but I would like to know how the solution looks like to implement such a CI/CD solution to prevent faulty code from being merged into production.

https://redd.it/xxpfrs
@r_devops

Schema migrations on RDS from github actions

We run a number of laravel apps that require schema migrations on deployment from time to time. These RDS instances are in private subnets so obviously github actions can't reach them.

Our current solution is for the GH workflow to trigger a jenkins task from a jenkins machine we have in the same vpc.

Not particularhappy with this solution (although it works fine) and wondering if anyone has any other suggestions or ideas on how to approach this

https://redd.it/xz4gvm
@r_devops

DevSecOps Azure

Goodnight guys! I just had a 1:1 with my manager and we talked about career progression since I’m in my early career. I work at a consulting firm and you can play many roles. I work under the azure security team and wanna do DevOps. In the future I would like to be a solutions architect. He gave me some topics I should like into and get comfortable with Azure Bicep & DevOps, Terraform, and Python. He told me I can use Python as a wrapper for Terraform, I’ve been Googling and I don’t know what exactly that’s means any suggestions? Links? Videos? Guides? On how to do that. Was also thinking about doing that coursera Google python automation course to get my python skills up.

https://redd.it/xz88j3
@r_devops

Great resource

https://github.com/bregman-arie/devops-exercises

https://redd.it/xz9sa7
@r_devops

How do you separate your vpc network?

What are the factors you're looking at for a microservice application? Below are some of the things that comes into mind:

* Each application has its own VPC network
* Everything resides in the same VPC network but each application is separated using different sets of subnets
* ...

https://redd.it/xzc9dz
@r_devops

Please suggest infrastructure for a SaaS app

Hello,

I'm here looking for help/suggestions after lurking around a lot.

I've created a web app which consists of the following components (docker containers):

|App|CPU (limit)|Memory (limit)|
|:-|:-|:-|
|backend PROD|250m|512Mi|
|2 x workers PROD|250m|256Mi|
|API PROD|250m|512Mi|
|backend DEMO + API DEMO|250m|256Mi|
|2 x worker DEMO|250m|128Mi|
|3 x JS apps (js, SSR, static)|200m|256Mi|
|helper|200m|256Mi|
||||

Right now they are all hosted on a Linode kubernetes cluster connector to DigitalOcean managed DB.

Why? I wanted to learn a little bit of kubernetes and needed a secure place to store my data (with backups and point in time recovery if needed).

But I'm looking for alternatives, the cost of all this is almost $80 per mo (cluster, db, load balancer).

I need a place where I can just throw a dockerfile and in return I get a domain.

I've managed to move JS apps to Vercel hobby, which is more than enough for me. But I still have the other components.

What would you do to lower the cost of this and also managed less infrastructure? (I don't wanna deal with VPS upgrades, hardening, patches...etc)

&#x200B;

PS. currently looking fly.io , they have some cheap VMs I can use for workers ($2/mo) and even some free ones. I'll make some calculations.


LE: JS apps were moved to vercel

&#x200B;

Thank you.

https://redd.it/xxucvm
@r_devops

Choosing the most convenient software for my business

Hello there. I just started testing the Azure DevOps platform. It looks great but from experienced users in these platforms, how to decide which one would suit my business more? Also, what things should I consider when I choose a DevOps platform? I use Azure Cloud for my work and GitHub, Gitlab, Kubernetes, and Docker. I tried Jira and ClickUp apart from Azure DevOps (a longer time than AzureDevops). I want to establish my startup in one single DevOps platform.

https://redd.it/xxtx8r
@r_devops

How to do 1:1:2 traffic loadbalancing for 3 apps in K8s with ingress?

Requirement - Deploy 3 applications each with a traffic weight - 25%,25%,50%.

I was able to do a canary load balance with ingress for 2 apps with 25% and 75% by creating a simple ingress for old-app and a ingress for new-app with canary-weight == 25%.

But I'm unable to figure out how to do it among three apps.


Note - this has to be done withing k8s,minikube. Three apps will be deployed with their own services, then ingress layer to be added.
Any perspectives, hints, or solutions are welcomed.

https://redd.it/xzgk4e
@r_devops

Q/A opensource tool for organisation wide?

Hi there, I wanted to onboard my company to use an org-wide common tool for asking questions/ans. Basically a forum to discuss anything.Are there any recommendations for such a tool? Or any better way to organise this?

Note: I am not looking for tools like slido, something that can be used as a question bank.

Below is an example of one paid tool

https://www.discourse.org/

https://redd.it/xxn8p6
@r_devops

How do you work on personal projects when services are so expensive?

I’m thinking of getting into devops but something that deters me from becoming invested is the cost/risk associated with everything you do in the cloud. Compared to general scripting/programming of small projects run locally for no cost, what projects do you like to make in cloud service providers & how do you not get bothered by the costs associated with them? I’m aware of freemium plans, and I’ve only worked a little in AWS, but the possibility of accidentally choosing a wrong plan and getting a steep bill are worrying. I guess my main question, coming from a noob is what personal project ideas interest you in the cloud for practice do you like to work on that don’t burn a whole in your pocket? Thanks

https://redd.it/xzk63q
@r_devops

New job + Anxiety help?

Hello there, let me explain. I have like 2.5y of experience in DevOps.

Started this year at 20K, then jump to another company for 41K, and now just did the same for 74K. Let me tell you this is a lot of money at least in my area.

I've been suffering from anxiety from day 1, thinking about im not the right for this job, that even if I have passed through 5 tech interviews 1h each, I'm a fraud and I'm going to get fired soon. I feel like bullshit and seems that everyone else here have so much experience from me.

Have you ever felt something similar? What is something I could do to deal or handle it?

https://redd.it/xzo0zy
@r_devops

Moving from DevOps to SWE role

I interviewed last week internally for a Java Server Dev position and although they are still interviewing externally, the hiring manager and another senior dev I work with in that department told me they would like to move forward with me if I’m interested. My current position is devops engineer. This Java role has no on call. Has anyone here moved from a devops role to an swe role? How was the transition?

https://redd.it/xznsaq
@r_devops

What is the difference between the term api testing and interface testing?

Aren't they both testing how data is transferred from the mating software?

https://redd.it/xzqfkg
@r_devops

what questions to ask to the interviewer?

Hello,

I started giving interviews and I am always hesitating when the interviewer asks me if I have any questions. Then I have to think twice what to ask and I ask this:

"I like to keep myself updated with the current industrial trends. Does your company has any employee education program or support for their certification?"

I am not sure if that question is a good one. Could you please share what would be the good questions to ask?

I was told that it is must to ask questions at the end of the interview otherwise it shows that you are not really much into learning about the company. Not sure how true is that.

Thank you.

https://redd.it/xzrwfb
@r_devops

How do you distinguish between end to end and integration testing?

I've seen them used interchangeably a lot, and I've seen projects that have both without a clear distinction for what the difference is.

I've ended up just dropping the phrase integration test from my projects and only using e2e, as I've found it to be less ambiguous.

Is there a real definition out there somewhere that draws defining lines for when a test would go into one suite or the other? Or is there just naturally a lot of overlap? And if there is a lot of overlap, does it make sense for one project to have both types of test suites?

https://redd.it/xztk9a
@r_devops

Concourse task: Getting log on erro?

I have a ton of concourse jobs that automate deployments. If a task fails, I post to a special slack channel via an email with just a note that it failed. I'd like to attach the log for that task so I can see what's going on without having to log into concourse.

onfailure:
put: send-an-email
attempts: 1
params:
subjecttext: "((ENVIRO)): Failed to create BTP stemcell pipeline"
bodytext: Check concourse pipeline at <<path to pipeline>/${BUILDPIPELINENAME}/jobs/${BUILDJOBNAME}/builds/${BUILDNAME}"

I'm not a Concourse pro. Can someone point me in the direction how to get the task log and attach it to the email?

https://redd.it/xzxkmk
@r_devops