Moving from DevOps to SWE role

I interviewed last week internally for a Java Server Dev position and although they are still interviewing externally, the hiring manager and another senior dev I work with in that department told me they would like to move forward with me if I’m interested. My current position is devops engineer. This Java role has no on call. Has anyone here moved from a devops role to an swe role? How was the transition?

https://redd.it/xznsaq
@r_devops

What is the difference between the term api testing and interface testing?

Aren't they both testing how data is transferred from the mating software?

https://redd.it/xzqfkg
@r_devops

what questions to ask to the interviewer?

Hello,

I started giving interviews and I am always hesitating when the interviewer asks me if I have any questions. Then I have to think twice what to ask and I ask this:

"I like to keep myself updated with the current industrial trends. Does your company has any employee education program or support for their certification?"

I am not sure if that question is a good one. Could you please share what would be the good questions to ask?

I was told that it is must to ask questions at the end of the interview otherwise it shows that you are not really much into learning about the company. Not sure how true is that.

Thank you.

https://redd.it/xzrwfb
@r_devops

How do you distinguish between end to end and integration testing?

I've seen them used interchangeably a lot, and I've seen projects that have both without a clear distinction for what the difference is.

I've ended up just dropping the phrase integration test from my projects and only using e2e, as I've found it to be less ambiguous.

Is there a real definition out there somewhere that draws defining lines for when a test would go into one suite or the other? Or is there just naturally a lot of overlap? And if there is a lot of overlap, does it make sense for one project to have both types of test suites?

https://redd.it/xztk9a
@r_devops

Concourse task: Getting log on erro?

I have a ton of concourse jobs that automate deployments. If a task fails, I post to a special slack channel via an email with just a note that it failed. I'd like to attach the log for that task so I can see what's going on without having to log into concourse.

onfailure:
put: send-an-email
attempts: 1
params:
subjecttext: "((ENVIRO)): Failed to create BTP stemcell pipeline"
bodytext: Check concourse pipeline at <<path to pipeline>/${BUILDPIPELINENAME}/jobs/${BUILDJOBNAME}/builds/${BUILDNAME}"

I'm not a Concourse pro. Can someone point me in the direction how to get the task log and attach it to the email?

https://redd.it/xzxkmk
@r_devops

Getting build log on failed Concourse Task?

I have a ton of concourse jobs that automate deployments. If a task fails, I post to a special slack channel via an email with just a note that it failed. I'd like to attach the log for that task so I can see what's going on without having to log into concourse.

onfailure:
put: send-an-email
attempts: 1
params:
subjecttext: "Pipeline failed"
bodytext: Check concourse pipeline at <<path to pipeline>/${BUILDPIPELINENAME}/jobs/${BUILDJOBNAME}/builds/${BUILDNAME}"

I'm not a Concourse pro. Can someone point me in the direction how to get the task log and attach it to the email?

https://redd.it/xzygqd
@r_devops

thoughts on book: The unicorn project by Gene kim

Have read the pheonox project and it was decent read. What are your thoughts on it's sequel

The unicorn project

https://redd.it/xzun9w
@r_devops

Cloud computing adoption survey: University research

Hi all,

I am an information systems management student, currently writing my dissertation about cloud computing adoption for European and US SMEs.

The goal of the dissertation is to potentially create a new cloud onboarding strategy that companies can use when deciding to move their operations from on-premise to the cloud.

Part of the research consists of investigating the organization's experience through the use of an online survey.

If you have been part of a digital transformation that included the adoption of cloud services I would really appreciate if you could spare 15 minutes to share your insights in the following Google Forms Survey: https://forms.gle/9cdNFwJX3DVHCuYG8

Thank you.

https://redd.it/xzu6z8
@r_devops

Build system for a multi repo project

I'm not a DevOps engineer but I take on a lot of DevOps and pipeline building tasks at work. I work at a start up so neither my team nor I have a lot of experience with build tools or organizing growing projects into something that isn't a convoluted mess. Since I don't have anyone I can ask what the best way to do this, I wanted to ask people with more experience how to handle this growing ecosystem.

&#x200B;

Problem:

We have 5 projects that are all distributed across 5 different repos with their own dependencies and setup scripts. They are all developed separately and when you string all of them together you get a full application. The issue is that development and testing the system as a whole or the integration of a couple of systems requires going into each repo, checking out the correct branch, reinstalling changing dependencies, deploying it on the local machine and then working with it. There are a lot of automatable steps but they all have to be done manually. The majority of these repos have been containerized.

&#x200B;

Solution 1:

What I want to do is have a build system that you can feed a couple of parameters to and it will spin up the different components, deploy them and provide you with an application ready to test. My first pass was to throw a couple of the components into a docker compose file and deploy it. This doesn't scale well since I need to be able to deploy any of the 5 projects in various combinations so I would need like 5\^5 different combination of docker compose files.

&#x200B;

Solution 2:

My second plan (where I am right now) is to write a command-line python program that you provide args for which projects you want to pull and deploy and create a dynamic docker-compose yml file. As I was planning this out, I realized I was just trying to build a custom build system mostly as a wrapper around docker compose. I'm not opposed to that but if a tool to do this already exists I should leverage that rather than try to reinvent the wheel. Eventually I want to put this into jenkins as well to make the CI pipeline better for integration level testing.

&#x200B;

Advise?:

So I wanted to ask, is there a tool that is better suited for this? Since this is all local I didn't think ansible was the right tool. I looked into bazel and that didn't seem like it was the right tool either. The issue isn't compiling the different projects, its deploying them in a custom manner. I'm open to any critic of my thought process right now.

https://redd.it/y05xdi
@r_devops

Is deploying a Nomad config the same as deploying back end code to a server?

I am guessing it's just ssh into the server and then calling git pull and then running the orchestrator with "nomad run" in the shell, but I am wondering if it's actually more complicated.

https://redd.it/y06ua3
@r_devops

What is the most esoteric database found in your production environment?

I want to learn more about other databases, see if there’s one that covers an interesting use-case.

https://redd.it/y01yke
@r_devops

Alert/event aggregators?

What is your stance on event correlation vendors? I’m talking about those that aggregate and correlate alerts, perform root cause analysis etc. For anyone using these vendors, are they providing actual value they claim? I’m talking about SNOW ITOM, Moogsoft, Big panda and similar. Interested in hearing opinions.

https://redd.it/y06mgf
@r_devops

Apache 403 Error You don't have permission to access this resource.

Hi all

I wrote an ansible playbook that deploys a wordpress host with the click of a button. It worked except when I went to add the ssl cert. I have had to play about with the apache conf file and it has resulted in numerous errors including not being able to read the website style, and not redirecting properly and now with my latest iteration im getting a 403 error.

&#x200B;

No doubt its something misconfigured in the .conf file which ive show below.

&#x200B;

:/srv/www# ls -lrth
total 4.0K
drwxr-xr-x 5 www-data nogroup 4.0K Oct 9 13:10 wordpress

&#x200B;

<VirtualHost :80>
ServerName mysite.co.uk
ServerAlias www.mysite.co.uk
DocumentRoot /srv/www/wordpress
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.mysite.co.uk [OR]
RewriteCond %{SERVER_NAME} =mysite.co.uk
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost :443>
ServerName mysite.co.uk
ServerAlias www.mysite.co.uk
DocumentRoot /srv/www/wordpress



Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mysite.co.uk/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.co.uk/privkey.pem
<Directory /srv/www/wordpress>
Options FollowSymLinks
AllowOverride all
DirectoryIndex index.php
Require all granted
</Directory>
<Directory /srv/www/wordpress/wp-content>
AllowOverride all
Options FollowSymLinks
Require all granted
</Directory>

</VirtualHost>

&#x200B;

/etc/apache2/sites-enabled# ls -la /etc/apache2/sites-enabled
total 28
drwxr-xr-x 3 root root 4096 Oct 9 21:58 .
drwxr-xr-x 9 root root 4096 Oct 9 21:56 ..
drwxr-xr-x 2 root root 4096 Oct 9 21:37 backups
-rw-r--r-- 1 root root 345 Oct 9 21:03 wordpress-le-ssl.conf
lrwxrwxrwx 1 root root 33 Oct 9 21:27 wordpress.conf -> ../sites-available/wordpress.conf
-rw-r--r-- 1 root root 424 Oct 9 14:07 wordpress.conf.bak
-rw-r--r-- 1 root root 1841 Oct 9 18:40 wordpress.conf.bak.09101940
-rw-r--r-- 1 root root 1242 Oct 9 21:56 wordpress.test.conf

any help would be appreciated. Thanks in advance

&#x200B;

***********updating with more info***************

Apache up and running

/etc/letsencrypt/live# systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-10-09 21:59:24 UTC; 2h 21min ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 5080 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Process: 5552 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Main PID: 5085 (apache2)
Tasks: 7 (limit: 1143)
Memory: 18.7M
CPU: 737ms
CGroup: /system.slice/apache2.service
├─5085 /usr/sbin/apache2 -k start
├─5562 /usr/sbin/apache2 -k start
├─5563 /usr/sbin/apache2 -k start
├─5564 /usr/sbin/apache2 -k start
├─5565 /usr/sbin/apache2 -k start
├─5566 /usr/sbin/apache2 -k start
└─5567 /usr/sbin/apache2 -k start
Oct 09 21:59:24 ip-172-31-2-184 systemd1: Starting The Apache HTTP Server...
Oct 09 21:59:24 ip-172-31-2-184 systemd1: Started The Apache HTTP Server.
Oct 10 00:00:18 ip-172-31-2-184 systemd1: Reloading The Apache HTTP Server...
Oct 10 00:00:18 ip-172-31-2-184 systemd1: Reloaded The Apache HTTP Server.

however there are some errors in the logs. They look to confirm what i suspected, and thats that there is something wrong in the .conf file. client denied by server configuration

Mon Oct 10 00:00:18.307276 2022 mpm_prefork:notice pid 5085 AH00163: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2 configured -- resuming normal operations
Mon Oct 10 00:00:18.307301 2022 core:notice pid 5085 AH00094: Command line:

'/usr/sbin/apache2'
Mon Oct 10 00:00:28.478617 2022 authz_core:error pid 5563 client 205.210.31.158:61332 AH01630: client denied by server configuration: /srv/www/wordpress/
Mon Oct 10 00:09:24.974556 2022 authz_core:error pid 5562 client 35.195.135.67:59210 AH01630: client denied by server configuration: /srv/www/wordpress/xmlrpc.php
Mon Oct 10 00:19:08.730886 2022 authz_core:error pid 5565 client 120.24.52.65:37542 AH01630: client denied by server configuration: /srv/www/wordpress/xmlrpc.php
Mon Oct 10 00:22:30.532975 2022 authz_core:error pid 5566 client 192.241.214.214:53134 AH01630: client denied by server configuration: /srv/www/wordpress/actuator

&#x200B;

https://redd.it/xzz1nx
@r_devops

Do we need leaders in a devops team?

So working in a smal devops team , working to move a onprem winform app to the cloud. And in the team we all have strengths and weaknesses. And for the last year we have been pushing out value every day. And out of the blue one of the devs got promoted to department lead, and the dev should now be our leader. And this got me thinking, would the power shift in the devops team be a bad thing? Do we need leaders, we have product owners.

https://redd.it/xzptla
@r_devops

How to deal with an already shitty status quo?

Whenever I check any devops resources, with enough digging, there's sufficient resources out there covering most crucial (and usually problematic) aspect of the development life cycle. They usually paint the perfect picture, assuming that all IT projects will start after reading that very devops book, article, vid ... my point is what if you ended up with a very large codebase,without automated tests, opposing goals across operations, devs, business? How to improve assuming that the worst case has already happened ex: deployments take days, require planning, lots of time wasted, bugs, conflicts, inability to make small changes and test one's work, ... you get the picture.

https://redd.it/y0bzon
@r_devops

I just canceled a technical interview due to the “assignment”. Sanity check

So I’ve been talking to this slightly post-startup company in Northern Europe which needed someone to come in and lead the migration work to Kubernetes and basically own the whole platform from code to production.

This is something I already have experience doing so it seemed like a great fit. First interview goes well, I chat with the CTO who I would be reporting to. Company seems progressive and with a good product.

Then comes the technical interview invite. They want me to design the golden path for their company from code to production and give a 40 minute presentation on it.

I’m initially skeptical as this sounds like “hire a consultant for free”. And when I start calculating how long it will take me to research, design and create this presentation I come to a complete halt.

I ask them if a 10 minute presentation will suffice. Their reply is basically, no but you can have more time to prepare if you’d like.

I said no thanks and canceled the interview. To me this sounds both ethically questionable and completely disrespectful of my time. Do companies really demand this much time from candidates these days?

https://redd.it/y0gows
@r_devops

Patterns for deploying application infrastructure in ArgoCD based GitOps setup

So hello dear YAML engineers, I am currently working on a project where I am facing some dilemmas, in how to handle the continous delivery of applications in my setup. To be more precise I am unsure of the best way to handle the deployment of infrastructure which is ancilliary to application, such as databases, redis caches and similar. More details about setup and more concrete questions in section below.

&#x200B;

Current tech-stack is basically following:

\- AWS fully in cloud

\- Kubernetes

\- Terraform for infrastructure

\- ArgoCD + Argo Rollouts for deployments

\- Jenkins for building and triggering stuff

\- Low level infrastructure such as networking, DNS setup, security groups, EKS cluster provisoning, logging and supporting functions are taken care of by separate platform team. We basically get a fully functional EKS cluster and AWS account, and are free to hack away at it, but only for purposes of application. We collaborate with platform team in case that we need some changes on networking ( which is basically never ), but we are otherwise free to provision anything and everything we need for our applications and we are free to install what we want in the clusters made available to us.

&#x200B;

Current setup is that we have three repositories like following:

\- One repository is for application source code, build scripts, tests and etc. Plain and simple.

\- Second repository is for declarative description of resources, which we need to have deployed by Argo in an App-of-Apps pattern ( here app-of-apps is needed since we operate the same application in multiple different configurations )

\- Last is our infrastructure repository, where we manage our Terraform code, with one folder per cluster.

On the infrastructure side we are currently only provisoning application-related infrastructure, namely RDS instances, Elasticache for Redis, DynamoDB tables and Elasticsearch clusters from time to time.

My questions are following:

\- Would it make sense to keep the infrastructure code togehter with application code? If yes, then where would I provide the values to my Terraform modules, which differ on per-environment basis? Concretely if have nonproductive and productive environment, which are based on same TF module ( which should now live with application source code), but are supplied with different values for variables, where would I place these values and where would I specify the version of the module I want to have for which of the environments?

\- Does it make sense to treat deployment of application-related infrastructure as part of the continuous delivery pipeline? I would have something like a presync hook for ArgoCD, where Terraform resources are applied before application is deployed. Alternative to this would be having fixed "infrastructure environments" ( consisting only of ancilliary services used by application ) and then deploying application "into these environments", which would mean simply configuring the application with correct URLs.

I would also be interessted if there is tooling concetrated on deploying the application together with application-relevant infrastructure, while excluding the "lower-level" infrastructure. I have heard of KubeVela, but I have read very few experience reports online.

&#x200B;

I am thrilled to hear your 2 cents on this.

https://redd.it/y0glfi
@r_devops

What are the biggest security challenges for CI/CD in 2022?

I am currently thinking about how to improve our build environment with regards to "I don't trust the admin", but "I want the admin to maintain my nodes". What are your challenges regarding security & CI/CD in 2022?

Maybe even challenges when adopting a SaaS CI/CD provider and rolling/maintaining your own platform instead?

View Poll

https://redd.it/y0cre3
@r_devops

Skipping GitHub Actions jobs while maintaining branch protection rules that require them

How to work around some quirks and limitations of GitHub Actions to skip CI jobs that aren't necessary in certain scenarios, without breaking branch protection rules that normally require those CI jobs to succeed:

https://blog.pantsbuild.org/skipping-github-actions-jobs-without-breaking-branch-protection/

https://redd.it/y0ku2a
@r_devops

Gradle and Software composition analysis

Why do SCA tools require a gradle build before scanning whereas for other projects just scanning package.json is sufficient without build?

https://redd.it/y0n45s
@r_devops