Windows Based Environments and Single Source of Truth

I'm interviewing for a company who wants someone to come in and help implement good DevOps principals for their Windows Based Environment.
How would one keep a single source of truth in a Windows based environment with AD and version control? Is this even possible?
What does DevOps look like for those that are within these type of companies?

https://redd.it/zl6gj1
@r_devops

Should my CI/CD tool match my cloud provider?

I like using Azure DevOps but our web application is planned to be hosted on GCP. Is there a big difference between using Azure DevOps or Google Cloud Build on GCP? (Other than the normal difference between the two)

I'm mainly trying to understand the benefits of matching a CI/CD pipeline with its native cloud provider in this case.

https://redd.it/zl69wv
@r_devops

Can someone please help me trigger the Azure pipeline on PR acceptance or branch deletion?

I want to trigger an Azure pipeline on feature branches on PR acceptance, branch deletion, or merge (but the pipeline must run on the source branch). I need to do this because I want the predefined variables of the feature branch for the pipeline. For instance, $(Build.SourceBranchName). The Pipeline can run at any stage after all the changes in PR have been approved but the pipeline has to run on the feature branch and not on the target branch. Also, if there is any other way to access the feature branch's predefined vars in pipelines of other branches, please let me know. Thank you!

https://redd.it/zkw8go
@r_devops

aws presigned urls for multitenancy?

I want to have an app where multiple users upload files to a single S3 bucket, process the files and then place them to another S3 bucket where they can download the results.

I know how to do it for a single user but don't know how to convert it to be multitenant. Can I use presigned urls for upload and download so that I can skip the architecture changes?

Is that a recommended solution that is secure?

https://redd.it/zlen3p
@r_devops

Why is DevOps just Ops in 90% of posts here and job openings?

I get it there are two sides and often DevOps are there to deploy stuff but it feels way too one sided what am I missing?

https://redd.it/zlhoyq
@r_devops

New Devops Role

Hello Everyone,can anyone please guide me with the resources required for Devops Engineer role as I am switching into this role but not sure about the resources and courses to learn,also which websites we can refer to for entire Devops Engineer course for free

https://redd.it/zlhmpu
@r_devops

Msp devops shared tools

Hi. In the devops world where a company has multiple products how are the support tools managed ( monitoring, logging, etc)? In theory each team is managing its own stack but sounds unreasonably unproductive to have the same tools deployed over and over again...

https://redd.it/zllhw9
@r_devops

Why using Kaniko for building images when there's more privileged containers in play?

## Context
I've been hearing/studying a lot about Kaniko, but I'm not sure if it makes sense in every scenario.

Most people tend to highlight the security reasons for why running Kaniko is important when needing to use dind (docker in docker).

There are several privileged solutions, for example:

Gitlab-ci with Docker based runners (bind mounted to it's host sock), Portainer etc.

Yes, using Kaniko for building would decrease risks, but only if privileged containers are completely cut from the pipeline.

So, I wonder how you guys evaluate when to use it, and when it does not make sense at all.

## Sources
- https://github.com/GoogleContainerTools/kaniko

- https://docs.gitlab.com/ee/ci/docker/using\_kaniko.html

- https://www.youtube.com/watch?v=d96ybcELpFs

- https://gitlab.com/guided-explorations/containers/kaniko-docker-build

https://redd.it/zlmci2
@r_devops

Do you like being a devops engineer?

I am a devops engineer for the last 7 years now, and I feel like we have to keep learning new tools constantly to keep ourselves updated. This becomes a bit challenging at times.

https://redd.it/zln5r7
@r_devops

Sealed Secrets on Kubernetes with ArgoCD and Terraform

learn how to manage secrets securely on Kubernetes in the GitOps approach using Sealed Secrets, ArgoCD, and Terraform: https://piotrminkowski.com/2022/12/14/sealed-secrets-on-kubernetes-with-argocd-and-terraform/

https://redd.it/zln8co
@r_devops

hey guys I'm newbie to DevOps any advice

Hi there I'm new to this and trying to build my career around DevOps hopefully i can make it work any advice would be appreciated thanks in advance

https://redd.it/zlpink
@r_devops

Does every commit needs build and deployment -Continuous Integration ?

Hello, could you please clarify my doubts about the CI process when developing large-scale projects?

1. How does a developer test the functionality of their code after committing to a different branch?
2. Does each commit trigger an individual build, and does each build need to be deployed to test the functionality in the Dev environment? For example, I worked on minor functionality and committed my branch, and the CI tool triggered a build, ran unit tests, and generated a build file.
3. Where does this build go, does it go in an artficatory tool like Jfrog, and so on? Can I test its functionality before submitting a merge request?

​

Note :I m noob support engineer and sorry if this is such a silly question to ask

https://redd.it/zlq9go
@r_devops

Rotating secrets for on-prem infrastructure?

I was reading this article and it got me thinking. I feel like many are lazy when it comes to on-prem because it's not the cloud.

https://redd.it/zlrgcw
@r_devops

Free tool that let’s you query GPT3-based k8s expert

Hello everyone!

Together with few colleagues we built a tool that lets you discover kubectl commands using natural language. We know that Google and StackOverflow are great resources, but we've often found it difficult to express the right questions, especially when just starting out with k8s. Or you have to dig through endless answers to find the one you want. That's why we decided to use the power of generative AI (GPT3 and ChatGPT) to create PromptOps - so you can quickly find the kubectl commands you need.

Features:
✅ Ask Kubernetes questions in natural language, with support for conversations
✅ Each of the commands in the answers is validated
✅ You can share the conversation or just bookmark it for your own reference
✅ Completely free and no sign ups required!

👉 promptops.com

We are still in early development, we have a ton of ideas, but we wanted to hear from the experts. What do you think of the approach? Are the supporting explanations helpful? Let us know your thoughts!


Thank you

https://redd.it/zlxb9n
@r_devops

Best tools/resources for improving “developer experience.” Need to submit my 2023 asks next week.

Accepted a DevOps job earlier this year only to have a new director of engineering come on and want to restructure the team.

The good news is that the director of engineering really likes me and wants me to be in charge of the org’s developer experience.

From research and his expectations, it seems like the main idea behind developer experience is to improve the process around developers, so they can focus on coding. Which I think I might actually like a lot.

There’s some team-culture things I’ve read about that sound really interesting, but am looking for any tips on tools, conferences or workshops I can submit resource asks for that you would endorse.

Would appreciate any insights you may have as well as costs.

https://redd.it/zm0col
@r_devops

Are these any hidden fees or gotchas that I should consider before starting to use GKE autopilot?

Debating whether it is time for us to move away from self-managing scaling to allowing GKE do it for us. Would like to hear from those who have gone through the migration.

https://redd.it/zltrip
@r_devops

Got a job offer as a MS Azure DevOps what should I remember or need to learn?

A little background, I have 3 years experience only on both Shopify/Wordpress Front End developing, just finished a full stack web dev bootcamp last month. Tried google about it and its a really broad topic. Any tips or recommendations on what I should practice first?

https://redd.it/zly7gg
@r_devops

Best course of action Infrastructure(ops) to DevOps

Hi All
First off, I’ll start by saying I’m actually known as Automator lol by peers in tech community. I love automating almost anything with python. I work as infrastructure support engineer, operations mainly. I had massive aspiration to work as a network automation engineer(half way through CCNP). However one of the main reason behind that was not necessarily the route and switching aspect-it was the automation side.

As support engineer I am automating all aspects of our infrastructure. Recently automated saving configs of all network L2/L3 switches with a single python script. Also automated a spreadsheet of connected device for inventory(show mac address) this was done using python/panda lib and netmiko(ssh based module).

This resulted in saving countless hours of manual work as techs would have needed to trace each switch-port to each device.

Again another was the manager didn’t know which access switches all of the lIghtweight access points where connected to. Again I wrote a python script using using regExp/netmiko which shows which switch and port each APs was connected to etc.

Writing scripts such as end point availability ping to many devices in single broadcast domain etc.

At the moment I already have setup CI/CD pipelines using Jenkins/GitHub for all my scripts(hopefully will write a blog on how to setup a Jenkins pipeline with Terraform and checkout from GitHub) Very good with Terraform too!

My Linux skills is slightly below par, but currently using Ubuntu for day to day tasks.

Last but not least I absolutely love Docker! And have containerised all my python scripts. I already pushed few to Azure container registry. To cut the long story short I love automation! I believe devOps is way forward for me.

My background is freelance IT worker and now for past year work as infrastructure engineer in corporate environment. I hold a BSc in Computer Science(long time ago lol) and have several other certifications(MCP,CompTIA server+/net+ etc) What is the best course of action to move from support/infrastructure to devops? I’m currently working on obtaining az-700 and hopefully terraform cert after. Many thanks in advance!

https://redd.it/zm6wem
@r_devops

aws architecture questions

I want to do something similar to this:

https://github.com/aws-samples/amazon-textract-serverless-large-scale-document-processing/raw/master/arch.png

I have an app that uploads files to an S3 bucket, they get processed and the results get saved to another S3 bucket.

My questions:

1. How can the app retrieve the result? Should it poll the S3 bucket or the SQS queue?

2. How can I convert this architecture to handle multiple users? I mean multiple users using the same client app that uploads to a single S3 bucket. Is using presigned urls for upload (input) and download (output) a good way to do this?
It is important that user1 only has access to user1 files, user2 only to user2 files and so on.

https://redd.it/zm6844
@r_devops

Simple automation for a static AWS S3 hosted site



hello,

I have a simple static landing page hosted in AWS S3... in order to host it, I have followed the instructions here: https://channaly.medium.com/how-to-host-static-website-with-https-using-amazon-s3-251434490c59

Now, I will probably "launch" few more landing pages (about 10) and I was wondering how to automate the S3 provisioning and update once in a while the landing as well...

I use VScode, and trying to see if Terraform or Ansible would do the job...

As far as I am concern, for VM/container provisioning is typically done with Terraform, while Configuration management (push updates) should be done by Ansible....

the challenge here is that I am not provisioning a VM/container, but only an S3 bucket and setting up all the SSL certificates....

anybody can suggest the right approach, please?

Thank you

https://redd.it/zlqhgu
@r_devops

can a kubenet reuse docker bridge/service code?

If I have multiple AKS clusters using kubenet, can they all use the same docker bridge and service cidrs? I remember reading it in the docs, but wanted to be sure. Should we just reserve a 172.0.x.x/16 for docker bridge and some other unused cidr for service? I just want to make sure this won't conflict with any other vnets as we use internal ips only via a policy.

https://redd.it/zlvihc
@r_devops