AWS Multi Region architecture without API Gateway

Hey guys ~

I’m looking to make my current architecture multi-region. I’ve read a little bit about options, but it seems like every stack involves Route 53 & API Gateway. My current stack does not involve any endpoints. What I currently have are multiple lambdas, ec2 instances, and a few databases. Aurora global db is obvious, but for ec2 & the lambdas, I’m a little confused on which direction to go.

For example, in the event of an outage in us-west-2, how would my lambdas in us-east-1 know there’s an outage and to failover? Again, makes sense using Route53 / api gateway, but I don’t have any endpoints.

Thoughts? Let me know if I should elaborate.

https://redd.it/10b1mid
@r_devops

A Public Git repository & misconfiguration detection tool

https://github.com/boringtools/git-alerts

https://redd.it/10b41jv
@r_devops

Mac or Windows

I’m an associate DevOps engineer and I work on a team that is mixed mac and windows computers. The other DevOps engineer works with a Mac, and he’s making a gentle push for me to switch over. He says in future jobs, being able to work proficiently with mac would be a better selling point. I understand I haven’t gone into detail about the work we’re doing or the tech stack, so I’m just looking for face value, general feedback.

I think typically this might be posted somewhere else, but since we’re mostly devops folks, what’s your experience in this debate?

https://redd.it/10b1c9h
@r_devops

What’s your opinion on “DevOps” as a job title (ie. DevOps Engineer)?

Thanks

View Poll

https://redd.it/10axvp2
@r_devops

Unified Application Management under Cloud-Edge Collaboration: A Solution Based on OpenYurt and KubeVela

https://kubevela.io/blog

https://redd.it/10aqoaz
@r_devops

Moving from openlens to k9s after the 6.3.0 downgrade

Hey,


wanted to share my experience moving from openlens to k9s after the OSS version of openlens has been downgraded.


TLDR: k9s is provides all the features I used in Openlens previous to their downgrade in 6.3.0 and it will likely stay this way (since there is no commercial version of k9s and no company behind it).
Absolutely loving it so far.


https://mariuskimmina.substack.com/p/moving-from-lens-to-k9s-for-kubernetes

https://redd.it/10bomx3
@r_devops

Any training recommendations for Devops Engineer?

Working as Devops for 2 years, have 3 additional years as sys admin. Preparing for a AWS certification and Kubernetes certification as I do work on both. Been asked from my company that they would pay for any training that would improve my personal career development and skills. Any suggestions or recommendations. Should I get something towards management related? Or technical?.

https://redd.it/10bo8ub
@r_devops

Leaening Devops without its popular services

Hey there devops people, I'm currently a backend developer and I'm interested in learning more about Dev Op, to mess around with it and gain some experience.

The biggest issue is I live in Iran and almost all online services have placed sanctions on us. I can't have access to AWS, Google Cloud and so on.

Now my question is, how can I learn and be a devops engineer without relying on majority of popular online services?

https://redd.it/10bo793
@r_devops

We're running a DevSecOps / AppSec CTF

We're a UK based DevSecOps consultancy and we're running a DevSecOps themed CTF this year which is hopefully of interest to a lot of people here.

It will be open to all, completely free and with some prizes.

In time we will be adding details to ctftime.org and also back here on Reddit, but for know you can keep up to date on it via our LinkedIn https://www.linkedin.com/posts/punk-security-limitedwearesoooooexcited-ctf-devsecops-activity-7020005807530364928-OPsp?utmsource=share&utmmedium=memberandroid

https://redd.it/10bo1z7
@r_devops

ClickOps?

A friend of mine wants to build clickops tool for cloud resource management. I'm kinda against the idea as I'm already technical enough to use GitOps and such. But he insists that it'd be useful for people who have no idea what is gitops and terraform etc.

I'm wondering how realistic his idea is going to be in real life. What do you think? lol

Please share your thoughts if you were going to use such tools. How you're imagining it to be, if it ever to be useful to you. Personally, this idea is not clicking to me at all.

https://redd.it/10bzrml
@r_devops

I could use some suggestions

Devops is not my background. I recently took on a role where automated deployment is needed and I was studying devops technologies earlier last year til my bank account got low. :)

We do all our work through a website where you can deploy an entire environment with a button push. Good so far.

The problem is building the environments and configuring the individual operating systems takes forever.

Every environment gets a domain controller, a number of Windows boxes and 1 or more Linux boxes.

No environment can communicate with any other unless it is configured to do so and then mapped.

The site has an API that I can leverage to deploy templates and configure external access.

I'm not really sure which software options I should be looking at to accomplish this nor how to structure it.

Do I have an environment that calls the api to spin up a new environment, adds the VMs with something like terraform then builds using, I dunno, Puppet, then disconnects the new environment?

Do I have an environment template that is deployed, calls the api to add vms to itself, performs the builds and upon completion, removes the hosts that performed the build?

Is there a 3rd method I'm not imagineering?

What software combinations would work best for this setup?

https://redd.it/10c5n51
@r_devops

Open Source projects and DevOps tools

Is there a list of Open Source projects and the DevOps tools that they use such as GitHub actions, Ansible, Terraform, etc.?

I'm looking for a project to get involved in. Ideally I'd like something that has those tools I mentioned above plus go programming.

https://redd.it/10c59ym
@r_devops

How to parallelize integration tests?

I am currently using pytest to run integration tests. The test suite has 13 tests in total and takes around 40 minutes to run with 8 tests taking the bulk of the time. At the beginning of the test (once per session) a new product (which is to be tested using integration tests) is created using docker-compose ensuring no cache is being used for building the containers.

Now my question is, is there any way to parallelize this considering I have only one VM to run all the tests? I cannot use docker-compose to spin up multiple instances of the product since the ports will clash.

I am thinking of Docker in Docker but not sure if it will work properly or not.

I am also open to using multiple machines but I have no idea how I can run separate tests on separate VMS and then aggregate the results.

https://redd.it/10c9z54
@r_devops

Using multiple ci/cd providers at once

In the last few months, I saw some github projects using a mix of circle ci and github actions together in one code repository. I know that there are differences between the different providers. But... Is it common to use different ci tools at the same time?

https://redd.it/10byhzf
@r_devops

Redis timeouts: Error 110 connecting to <my_domain>:6379. Connection timed out.

I'm seeing intermittent errors in my logs from worker nodes that are trying to reach Redis:
```
Error 110 connecting to <mydomain>:6379. Connection timed out.
```
My app is deployed using docker-compose. The main container (Flask app) and the Redis container are on one VM while workers (Python RQ for async jobs) are on different VMs.

This is happening all of a sudden today and it's intermittent. There was absolutely no problem for months, which gets me thinking that it's a transient issue in the network?

Anyway, is there something I can do to fix this and avoid disruptions to my users? Thanks a lot.

PS. I'm not a devops guy.

https://redd.it/10ce04o
@r_devops

who make more salary, DevOps engineer or product manager?

I see many roles in product manager in softwy industry. Who make more salary DevOps or pm

https://redd.it/10camrg
@r_devops

Can I be a "full-stack" DevOps engineer?

I started to learn packer and docker as my first DevOps tools.. I already know Linux, Ansible and shell scripting. Is it feasible for one guy to setup the core DevOps cloud infrastructure of a company? I want to be a contractor and do this for startups or something. I don't want to be an app developer, I just want to setup the DevOps infrastructure for the app developers.

I understand I still need to learn AWS, Python, Terraform, Kubernetes, and probably some other stuff I don't know...

I really feel like I devoted alot of time to this, years in fact. Am I right to say this is some serious technical skills and I will be compensated accordingly ($200K a year)?

https://redd.it/10brsg4
@r_devops

Nomad Configuration

Hi, for work i am looking at and learning Nomad and can't seem to understand why this configuration won't work, its just a sample deployment of mongodb and mongo-express. The same deployment in k8s works fine, so i am slightly confused.

Would anyone be able to point out where or if there are any problems, my mongo-express job seems to not be able to speak to mongodb and i can't understand why.

TIA

job "mongo-workspace" {
datacenters = ["dc1"]
type = "service"
update {
max_parallel = 1
min_healthy_time = "10s"
healthy_deadline = "3m"
progress_deadline = "10m"
auto_revert = false
canary = 0
}
migrate {
max_parallel = 1
health_check = "checks"
min_healthy_time = "10s"
healthy_deadline = "5m"
}
group "mongodb" {
count = 1
network {
mode = "host"
port "mongodb" {
to = 27017
}
}
restart {
attempts = 2
interval = "30m"
delay = "15s"
mode = "fail"
}
service {
name = "mongodb"
port = "mongodb"
provider = "nomad"
}
ephemeral_disk {
size = 1024
}
task "mongodb" {
driver = "docker"
config {
image = "mongo"
auth_soft_fail = true
ports = ["mongodb"]
}
resources {
cpu = 1024
memory = 500
}
env {
MONGO_INITDB_ROOT_USERNAME = "admin"
MONGO_INITDB_ROOT_PASSWORD = "password"
}
}
}
group "mongoexpress" {
count = 1
service {
name = "mongoexpress"
port = "mongoexpress"
provider = "nomad"
}
network {
mode = "host"
port "mongoexpress" {
to = 8081
}
}
restart {
attempts = 2
interval = "30m"
delay = "15s"
mode = "fail"
}
ephemeral_disk {
size = 1024
}
task "mongoexpress" {
driver = "docker"
template {
data = <<EOH
{{ range nomadService "mongodb" }}
ME_CONFIG_MONGODB_SERVER={{ .Address }}
ME_CONFIG_MONGODB_PORT={{ .Port }}
{{ end }}
EOH
destination = "config.env"
env = true
}
env {
ME_CONFIG_MONGODB_ADMINUSERNAME="admin"
ME_CONFIG_MONGODB_ADMINPASSWORD="password"
}
config {
image = "mongo-express"
auth_soft_fail = true
ports = ["mongoexpress"]
}
resources {
cpu = 1024
memory = 500
}
}
}
}

https://redd.it/10cfrfp
@r_devops

How do you guys monitor saml2 cert expirations?

Hi, I need some advice. I need to check the expiration date of saml2 cert files. I tried using Python and that worked for https certs but not for saml2 certs. The files are on Red Hat servers...

How do you guys monitor the expiration dates on saml2 cert files?

https://redd.it/10ci4hu
@r_devops

1 year into devops and I am getting bored

This is my first job as in devops. Transitioned from BA to SWE to DevOps. I think I like coding more rather than a sysadmin.

I am bored as hell on creating scripts and managing infrastructure, specially platforms support on our web apps, and creating CICD pipelines.

Is this really the job? Kinda getting repetitive for me. Don't get me wrong but working as a BA and SWE, I was engaged to multiple problems depending on the field I am working with. But with DevOps, its basically the same regardless of what project I am assigned into.

https://redd.it/10cjddd
@r_devops

How do you think tier.run? Pricing as code

https://github.com/tierrun/tier


It's not my project. But I like its idea very much. It is a tool that lets you define and manage your SaaS application's pricing model in one place.

For now, it supports only Stripe. This is because Stripe supports more complex subscription billing solutions.

I found this product because we're looking for a solution to use feature flags to manage software entitlement more flexibly, especially relative to customers' billing systems. (ex. With tier.run, I can export a group of feature flag configurations to pricing.json and vice versa)

I still need to finish the research on using tier. Run and feature flags together. But I still posted a question here. You are talented, and your comments will inspire me.

https://redd.it/10ch1m0
@r_devops