Best way to do AWS GraphQL Serverless?

My initial proposed architecture (bad):

1. API Gateway > Based on Route > Appropriate Next.js Lambda > Calls its own Monolith Lambda Container (Fastify Mercurius).
2. Each Next.js Lambda has its own Monolith Lambda it calls.
3. I have a total of 3 different Next.js Lambdas based on API Gateway routes.

Problem:

1. I realized that I did not consider a schema stitching.
2. Meaning each separate monolith lambda has the same duplicated schema.
3. This is kind of broken attempt to do microservice per view...

Best Solution?:

1. Not sure if I can implement Fastify Mercurius with the way Apollo does Federated GraphQL schema, but honestly Federated GraphQL schema is all very very complicated to me.
2. All my Next.js views should call the same Lambda monolith that holds all the GraphQL schema., but I should separate each resolver into its own Lambda.
3. There are two parts to this Schema and Resolvers.
4. Keep Schema as Monolith (due to complexity of Federated GraphQL), but only resolvers are microservices.
1. Should monolith schema be Lambda Container or AWS AppSync (Direct Lambda) heard horror stories of VTL. Both are serverless
5. Resolver Lambdas will all be connected to RDS Proxy. And still all be connected to single host, single database, multi-tenant shared database (tenantId key).
1. Or would it be advisable to do single host, database per set of lambdas?
1. Aka: all user resolvers connect to the user database, all orders resolvers connect to the orders database.

https://redd.it/yq1o37
@r_devops

Devops project for course I've been working on

I'm working with another colleague to teach a course on devops. I'm trying to find a project that the students could use that would allow us to demonstrate the tech below. Part of the problem is it needs to be complex enough to make sense to use terraform but at the same time simple enough to where the students are learning more about the concepts/process than spend time trying to debug code in the app/project.

Also, feel free to give additional thoughts.

* Docker - Creating a custom image, covering the usage of layers and optimization. (private vs public repository as well)
* Using CI/CD to run some basic tests and deploy to AWS using Terraform (my experience with CICD is mostly gitlab but I believe creating the pipeline in jenkins and potentially github actions would be a good call)
* Terraform - Basic use of terraform wihin AWS (will also talk a bit about ansible)
* Monitoring - I've worked mostly with prometheus/grafana so will probably look into using this.
* Orchestration - This is going to be a future goal as neither I nor my colleague have significant experience with it. I've worked mostly with rancher and she's working on picking up Kubernetes.

I'm really not sure what else to cover. This is an beginner-intermediate course just to show how things work together in the devops world.

https://redd.it/ypyueq
@r_devops

What should you document in a local development environment repository?

I have a Github repo consisting of a bunch of scripts and docker-compose files that starts RabbitMQ, the React frontend app and 3-4 node.js backend services. I am wondering what needs to be in the README file of that repo and what other documentation I should put inside of it to help developers who will have to run through the codebase when I leave.

https://redd.it/yq5cql
@r_devops

What are the top 10 devops skills you should have?

I am trying to purchase some books to get good at devops although I am not very good at it, so it would help to know what I should focus on.

https://redd.it/yq5feg
@r_devops

How to Implement recovery plan, monitoring and alerting on GCP

Our infra runs on GCP. We have
* Several Cloud Run services
* 2 App Engine services
* Cloud SQL
* LB

I'm tasked with creating for each service.
* 1 recovery plan
* monitoring
* alerting

I have some questions

* How to get started with recovery plan (what is it, how to do it on GCP)
* Monitoring & alerting - Are guides on integrating Data Dog with GCP Operation Suite and Ops Genie

Thanks!

https://redd.it/yq75pd
@r_devops

Gantt Chart app

Hi. Maybe you guys can help me. I’m looking for an app to better visualize the project schedule and based on gantt chart idea. What is your first choice?

https://redd.it/yq5lke
@r_devops

GUI for config, no git. (keycloak) terminology?

How to call it, if a tool has a nice GUI for configuring, but this has the drawback, that you can't keep the config in git.

For example keycloak is such a tool.

Is there a term for this?

https://redd.it/yqb0ez
@r_devops

How can I increase my chances to get an entry level DevOps remote job in a Company that is based in the USA?

I do not live in the USA and can't leave my country as of now. However, the job market and salary figures look much better in the USA.

How can I ensure to land a job?

I also need to mention that I do have a degree in CS and have good coding knowledge. However my experience in the Industry is none.
Also, I graduated in 2020. After that I opened up a business and wasn't really successful there.

I am thinking of doing some online courses when it comes to Devops. I do have some basic knowledge that I think is required for it, e.g. Linux, CLI, Network, OS and Cloud Computing.

I need a job right now and I hope some of you guys can help me with it. Thanks.

https://redd.it/yqcbva
@r_devops

Cake v3.0.0 released

Highlights of this release

.NET 7 Support & C#11 Support
TaskOf<T>
Multiple target support
Improved build providers

More details at release blog post: https://cakebuild.net/blog/2022/11/cake-v3.0.0-released

https://redd.it/yq1c5j
@r_devops

How do non-devs report issues and bugs at your company?

My co-founder and I have experienced this problem in our previous jobs, where non-technical people (users or internal) would report issues but would miss important context. This meant that by the time someone had time to look at the issue, they always needed to first find the reporter to understand what he meant, etc. It also meant that tracking the error in the logs was difficult as the error was not fresh anymore. We would love to hear how you solve these problems at your companies.

https://redd.it/ypmast
@r_devops

How can I practice scripting in Python and Bash for DevOps-related projects? I am proficient in PowerShell, but I haven't seen a use case for Python yet.

Hi,
I am proficient in Azure, Terraform, and PowerShell. I have seen Python & Bash are popular for scripting DevOps-related tasks, what type of tasks would these be and how can I simulate an environment I can practice this with?


Thank you!

https://redd.it/yqilwi
@r_devops

Need opinion: why running container within systemd unit is not generally used/not popular?

Hi, I need to do a zero downtime deployment, where server packed into docker image.
Currently I came to a simplest solution to start container as part of systemd service unit.

Like this:
```
[Service\]
ExecStart=docker run --net=host --rm --name=blue registry.gitlab.com/mysuper/server:0.0.1
ExecStartPost=/bin/bash -c "check container status, healthcheck until server ready + timeout handling"
```
Pros:
\- `systemctl start myservice` will end with success when server is fully ready and can accept connections, or with error. So no need to do other checks. (easy to use with ansible)
\- my container depends (requires, after) on network and docker units, that give some guarantees about environment.
\- `systemctl enable myservice` gives me container start after reboot out of the box.
\- Service unit as a single point of truth.
\- start, stop and status works as expected for any other service

Cons:
\- one orchestration system uses another one. and that is bad. (not sure why)
\- ExecStartPost looks ugly, and takes about 20 lines of concatenated bash code
\- ???

I have checked tons of articles about blue/green deployment with docker and didn't find such approach anywhere.

What drawbacks do you see in it?

Thanks!

https://redd.it/yqj70x
@r_devops

How to find a job where I'm not the smartest one in the room

I am not trying to toot my own horn, but I feel exhausted by my colleagues and the amount of assistance they require. I wish it was just specific to my current team, but my former team at the same company and my former company had similar issues.

When I'm new to the tech stack, I love it. I have to learn all new things and it excites and motivates me. However, after about 6 months I feel a bit bored and all of my colleagues start coming to me for help. I'm a people pleaser, so that doesn't bother me, but after explaining things 1000x and writing documentation that people don't read... I stop giving a fuck. I do not care to help my colleagues limp along and provide half-assed solutions to their tickets because they cannot think outside of the box or even follow my thinking when I present dynamic options.

I feel fulfilled by my job when I'm learning new things and thinking creatively, but those things seem to have a short lifespan.

I am looking around for other career options, but it seems impossible to know what I'm walking into. How do I vet job opportunities? Do I need to go to the interview and ask them questions? What questions would I ask and how should I consider their (biased) answers?

Is Sr DevOps not the right thing to look at? Maybe I should be focusing on architecture or management? Any advice welcome!

https://redd.it/yqks6z
@r_devops

Building The Right Product & Building The Product Right - Lessons from a Product Leader at OutSystems

Hey guys!

I'm back again with a DevOps content marketing piece that I believe can actually be useful so I'll risk getting torn to pieces on here (just kidding, I've had mostly positive reviews <3)

Anyway, if you're looking for the key to better collaboration between Product and Engineering teams, read this thang! It has a couple of really nice product/engineering process frameworks and touches on goal setting, Product Development Lifecycles, Engineering Metrics etc.

Feedback on this is highly appreciated :)

We decided to collab on this blog post because we had previously written about Measuring Engineering Productivity, and this was the perfect way to get the POV of a Product Leader.

https://redd.it/yqnp7i
@r_devops

Devops Salary Comparison to SWE?

What does the salary level and growth look like for devops engineers, and how does it compare to that of SWE? I've heard from a senior SWE friend that Devops engineers make about as much as SWE at entry/early levels in their paths, but in order to keep up in pay down the line, devops engineers usually have to move up to management (and away from a hands-on technical role) while swe can stay in a technical role with increasing pay levels. Is this accurate?

For context, I'm pretty fresh in the workforce. I graduated relatively recently (2021, majored in computer engineering, mainly focused on the software development area of things), and got an entry level job at a consulting company straight out of college. There, after a 3 month rotational training program, they gave us a choice between the app dev and infrastructure horizontals and I wasn't sure so I let them decide. I now have about a year of experience in a devops role working primarily in GCP and while the work is interesting, I'm just not sure if I'm making the right choice money wise. As I'm about equally as interested in devops as I am in software development, I want to get a better understanding of possible paths I can take.

&#x200B;

Any insight is much appreciated :)

https://redd.it/yqpwnm
@r_devops

Is the Google SRE handbook outdated? It says it was published in 2017, which is an eternity ago in DevOps time.

Google is of course the golden cow of SRE, which means it should have a good book for SRE... But its textbook is from 2017 according the footer. Is it still a worthy resource or should it be ignored in favour of something more current?

https://redd.it/yqroux
@r_devops

Self hosting web-server for nodejs app with postgres and redis

So, I'm not sure this is the right place but i will take my shot.

I'm a web backend developer trying to setup a web server for my remote development purposes.

I need a node.js (nest.js to be specific) app to be running and it will be connected to postgres and redis docker containers in the same machine and i want to access my api from my router's static IP. I tried couple things but failed miserably. Since it falls into devops area, i dont want to dive deep into researching and experimenting.

At this point what steps I need to follow to be honest.

Is there a guide or app preferably with gui serves to this purpose?

https://redd.it/yqt459
@r_devops

How many of you are currently using ArgoCD for GitOps?

I’m doing a bit of market research and would like to know how many of you are using ArgoCD.

Also, either your company name or an estimate of the size of your company in the comments would also be very helpful and may be useful in helping folks with their decision to adopt Argo.

If you have been using Argo, what are some of the things you enjoy, and what are some of your pain points?

NOTE: I am not affiliated with the Argo project; this is for market research only.

View Poll

https://redd.it/yqohld
@r_devops

QA in devops

hello everyone we are a team running a few k8s clusters hosted on aws we do the infra through terraform and applications are deployed via argocd , we have clusters for dev test and production what other steps can we do to ensure qa cycle

https://redd.it/yqmt94
@r_devops

SSL Termination for SQL

Hi,

I have a use case where we have a database in PaaS offering and we are able to connect to the database over an SSH Tunnel.

We have an EC2 node in AWS which will open up an SSH tunnel to the database and allow incoming TCP traffic from a specific set of IPs.

The SQL Clients are another PaaS offering so they can't establish direct SSH connections to the database therefore we're routing them through our jump host EC2.

So right now our architecture looks something like

SQL Client -> EC2 -> (SSH Tunnel) Database

Unfortunately, the database provider have told us they will not be enabling SSL connections so we cannot setup TLS/SSL connections from start to finish (their argument is that it's inside a VPC and we already can open connections using SSH so additional layer is pointless)

But we'd still like to use SSL to our EC2 machine so it looks something like

SQL Client (TLS) -> EC2 -> (SSH Tunnel) Database

What are the recommendations here? I took a look into ProxySQL and it looks like since v2, it can do frontend and backend SSL connections. I have it locally working on a docker setup.

I'd like to know if this is the only option or if there are better alternatives anywhere?

https://redd.it/yqzlxy
@r_devops

Calling all contractors & founders, need a hand!

Me and a colleague/friend want to start our own shop.

We want to provide to our (future) customers a reference architecture for Kubernetes and cloud native applications.

We want to give our customers the best implementation and architectures, help them to solve “unknowns-unknowns”, plan and of course implement the required and right solutions.

We both have worked for big tech companies, startups and hedge funds in the last 12 years and managed/automated large scale systems (our current datacenter have over 40k instances - around 3MLN CPUs 160kTB of memory across all machines), we both are skilled system and software engineers!

We want to start our own shop, BUT…

We are engineers/architects, we have never done sales/marketing/social media (he’ll this is the only “social” I have) and we have no idea how to reach our customers, understanding what’s the right market, WHERE is the right market, etc etc!

How do you guys find new customers?

Any suggestion for someone who’s starting now?

All feedback are appreciated!! (be harsh too I don’t mind. In fact, I appreciate radical honesty)

Cheers

https://redd.it/yr0nod
@r_devops