Unified Application Management under Cloud-Edge Collaboration: A Solution Based on OpenYurt and KubeVela

https://kubevela.io/blog

https://redd.it/10aqoaz
@r_devops

Moving from openlens to k9s after the 6.3.0 downgrade

Hey,


wanted to share my experience moving from openlens to k9s after the OSS version of openlens has been downgraded.


TLDR: k9s is provides all the features I used in Openlens previous to their downgrade in 6.3.0 and it will likely stay this way (since there is no commercial version of k9s and no company behind it).
Absolutely loving it so far.


https://mariuskimmina.substack.com/p/moving-from-lens-to-k9s-for-kubernetes

https://redd.it/10bomx3
@r_devops

Any training recommendations for Devops Engineer?

Working as Devops for 2 years, have 3 additional years as sys admin. Preparing for a AWS certification and Kubernetes certification as I do work on both. Been asked from my company that they would pay for any training that would improve my personal career development and skills. Any suggestions or recommendations. Should I get something towards management related? Or technical?.

https://redd.it/10bo8ub
@r_devops

Leaening Devops without its popular services

Hey there devops people, I'm currently a backend developer and I'm interested in learning more about Dev Op, to mess around with it and gain some experience.

The biggest issue is I live in Iran and almost all online services have placed sanctions on us. I can't have access to AWS, Google Cloud and so on.

Now my question is, how can I learn and be a devops engineer without relying on majority of popular online services?

https://redd.it/10bo793
@r_devops

We're running a DevSecOps / AppSec CTF

We're a UK based DevSecOps consultancy and we're running a DevSecOps themed CTF this year which is hopefully of interest to a lot of people here.

It will be open to all, completely free and with some prizes.

In time we will be adding details to ctftime.org and also back here on Reddit, but for know you can keep up to date on it via our LinkedIn https://www.linkedin.com/posts/punk-security-limitedwearesoooooexcited-ctf-devsecops-activity-7020005807530364928-OPsp?utmsource=share&utmmedium=memberandroid

https://redd.it/10bo1z7
@r_devops

ClickOps?

A friend of mine wants to build clickops tool for cloud resource management. I'm kinda against the idea as I'm already technical enough to use GitOps and such. But he insists that it'd be useful for people who have no idea what is gitops and terraform etc.

I'm wondering how realistic his idea is going to be in real life. What do you think? lol

Please share your thoughts if you were going to use such tools. How you're imagining it to be, if it ever to be useful to you. Personally, this idea is not clicking to me at all.

https://redd.it/10bzrml
@r_devops

I could use some suggestions

Devops is not my background. I recently took on a role where automated deployment is needed and I was studying devops technologies earlier last year til my bank account got low. :)

We do all our work through a website where you can deploy an entire environment with a button push. Good so far.

The problem is building the environments and configuring the individual operating systems takes forever.

Every environment gets a domain controller, a number of Windows boxes and 1 or more Linux boxes.

No environment can communicate with any other unless it is configured to do so and then mapped.

The site has an API that I can leverage to deploy templates and configure external access.

I'm not really sure which software options I should be looking at to accomplish this nor how to structure it.

Do I have an environment that calls the api to spin up a new environment, adds the VMs with something like terraform then builds using, I dunno, Puppet, then disconnects the new environment?

Do I have an environment template that is deployed, calls the api to add vms to itself, performs the builds and upon completion, removes the hosts that performed the build?

Is there a 3rd method I'm not imagineering?

What software combinations would work best for this setup?

https://redd.it/10c5n51
@r_devops

Open Source projects and DevOps tools

Is there a list of Open Source projects and the DevOps tools that they use such as GitHub actions, Ansible, Terraform, etc.?

I'm looking for a project to get involved in. Ideally I'd like something that has those tools I mentioned above plus go programming.

https://redd.it/10c59ym
@r_devops

How to parallelize integration tests?

I am currently using pytest to run integration tests. The test suite has 13 tests in total and takes around 40 minutes to run with 8 tests taking the bulk of the time. At the beginning of the test (once per session) a new product (which is to be tested using integration tests) is created using docker-compose ensuring no cache is being used for building the containers.

Now my question is, is there any way to parallelize this considering I have only one VM to run all the tests? I cannot use docker-compose to spin up multiple instances of the product since the ports will clash.

I am thinking of Docker in Docker but not sure if it will work properly or not.

I am also open to using multiple machines but I have no idea how I can run separate tests on separate VMS and then aggregate the results.

https://redd.it/10c9z54
@r_devops

Using multiple ci/cd providers at once

In the last few months, I saw some github projects using a mix of circle ci and github actions together in one code repository. I know that there are differences between the different providers. But... Is it common to use different ci tools at the same time?

https://redd.it/10byhzf
@r_devops

Redis timeouts: Error 110 connecting to <my_domain>:6379. Connection timed out.

I'm seeing intermittent errors in my logs from worker nodes that are trying to reach Redis:
```
Error 110 connecting to <mydomain>:6379. Connection timed out.
```
My app is deployed using docker-compose. The main container (Flask app) and the Redis container are on one VM while workers (Python RQ for async jobs) are on different VMs.

This is happening all of a sudden today and it's intermittent. There was absolutely no problem for months, which gets me thinking that it's a transient issue in the network?

Anyway, is there something I can do to fix this and avoid disruptions to my users? Thanks a lot.

PS. I'm not a devops guy.

https://redd.it/10ce04o
@r_devops

who make more salary, DevOps engineer or product manager?

I see many roles in product manager in softwy industry. Who make more salary DevOps or pm

https://redd.it/10camrg
@r_devops

Can I be a "full-stack" DevOps engineer?

I started to learn packer and docker as my first DevOps tools.. I already know Linux, Ansible and shell scripting. Is it feasible for one guy to setup the core DevOps cloud infrastructure of a company? I want to be a contractor and do this for startups or something. I don't want to be an app developer, I just want to setup the DevOps infrastructure for the app developers.

I understand I still need to learn AWS, Python, Terraform, Kubernetes, and probably some other stuff I don't know...

I really feel like I devoted alot of time to this, years in fact. Am I right to say this is some serious technical skills and I will be compensated accordingly ($200K a year)?

https://redd.it/10brsg4
@r_devops

Nomad Configuration

Hi, for work i am looking at and learning Nomad and can't seem to understand why this configuration won't work, its just a sample deployment of mongodb and mongo-express. The same deployment in k8s works fine, so i am slightly confused.

Would anyone be able to point out where or if there are any problems, my mongo-express job seems to not be able to speak to mongodb and i can't understand why.

TIA

job "mongo-workspace" {
datacenters = ["dc1"]
type = "service"
update {
max_parallel = 1
min_healthy_time = "10s"
healthy_deadline = "3m"
progress_deadline = "10m"
auto_revert = false
canary = 0
}
migrate {
max_parallel = 1
health_check = "checks"
min_healthy_time = "10s"
healthy_deadline = "5m"
}
group "mongodb" {
count = 1
network {
mode = "host"
port "mongodb" {
to = 27017
}
}
restart {
attempts = 2
interval = "30m"
delay = "15s"
mode = "fail"
}
service {
name = "mongodb"
port = "mongodb"
provider = "nomad"
}
ephemeral_disk {
size = 1024
}
task "mongodb" {
driver = "docker"
config {
image = "mongo"
auth_soft_fail = true
ports = ["mongodb"]
}
resources {
cpu = 1024
memory = 500
}
env {
MONGO_INITDB_ROOT_USERNAME = "admin"
MONGO_INITDB_ROOT_PASSWORD = "password"
}
}
}
group "mongoexpress" {
count = 1
service {
name = "mongoexpress"
port = "mongoexpress"
provider = "nomad"
}
network {
mode = "host"
port "mongoexpress" {
to = 8081
}
}
restart {
attempts = 2
interval = "30m"
delay = "15s"
mode = "fail"
}
ephemeral_disk {
size = 1024
}
task "mongoexpress" {
driver = "docker"
template {
data = <<EOH
{{ range nomadService "mongodb" }}
ME_CONFIG_MONGODB_SERVER={{ .Address }}
ME_CONFIG_MONGODB_PORT={{ .Port }}
{{ end }}
EOH
destination = "config.env"
env = true
}
env {
ME_CONFIG_MONGODB_ADMINUSERNAME="admin"
ME_CONFIG_MONGODB_ADMINPASSWORD="password"
}
config {
image = "mongo-express"
auth_soft_fail = true
ports = ["mongoexpress"]
}
resources {
cpu = 1024
memory = 500
}
}
}
}

https://redd.it/10cfrfp
@r_devops

How do you guys monitor saml2 cert expirations?

Hi, I need some advice. I need to check the expiration date of saml2 cert files. I tried using Python and that worked for https certs but not for saml2 certs. The files are on Red Hat servers...

How do you guys monitor the expiration dates on saml2 cert files?

https://redd.it/10ci4hu
@r_devops

1 year into devops and I am getting bored

This is my first job as in devops. Transitioned from BA to SWE to DevOps. I think I like coding more rather than a sysadmin.

I am bored as hell on creating scripts and managing infrastructure, specially platforms support on our web apps, and creating CICD pipelines.

Is this really the job? Kinda getting repetitive for me. Don't get me wrong but working as a BA and SWE, I was engaged to multiple problems depending on the field I am working with. But with DevOps, its basically the same regardless of what project I am assigned into.

https://redd.it/10cjddd
@r_devops

How do you think tier.run? Pricing as code

https://github.com/tierrun/tier


It's not my project. But I like its idea very much. It is a tool that lets you define and manage your SaaS application's pricing model in one place.

For now, it supports only Stripe. This is because Stripe supports more complex subscription billing solutions.

I found this product because we're looking for a solution to use feature flags to manage software entitlement more flexibly, especially relative to customers' billing systems. (ex. With tier.run, I can export a group of feature flag configurations to pricing.json and vice versa)

I still need to finish the research on using tier. Run and feature flags together. But I still posted a question here. You are talented, and your comments will inspire me.

https://redd.it/10ch1m0
@r_devops

Resume Review



Hi everyone, have been applying for full time jobs (Jr. and Associate Security/Cloud Engineer, some DevOps positions, etc) since I graduated this winter. Recently finished a personal project that I justa dded on my resume but was wondering if you could all offer critique on the arrangement, syntax, and wording. Thank you!!


Also, I'm not too sure if resumes are allowed on here, read through the FAQ and rules so I'm pretty sure I'm in the clear but if not sorry mods, please take it down. : )

https://imgur.com/a/ZFfiqlz

https://redd.it/108rs0o
@r_devops

It has been x days since devops roadmap has been mentioned.

If one of you was a hero you’d build us a simple site they tracked how many days it’s been since someone linked that shitty devops roadmap.

https://redd.it/10cqh1p
@r_devops

Developer decided to change project IaC tool while I was on vacation

TLDR: I went on vacation. The developers changed the application architecture and couldn't adjust the Terraform configuration files. AWS CloudFormation is a more familiar tool for them, so they just implemented deployment on CF. When I returned, the team leader (one of the developers) told me that they decided to move to another IaC tool that I will be supporting. I didn't participate in the decision-making process.

Full story:

Our project is a web application. There are two senior backend developers there. Terraform is used as a project IaC solution to deploy AWS Lambda functions and API Gateway.

I went to vacation for a week. During my absence, the developers changed the application architecture which impacted how the app builds and the number of deployed AWS resources. Deployment procedure has to keep up with the app needs, so it required modification of Terraform and Jenkins configuration. One of the developers—the team leader—tried to adjust Terraform configuration files, but he couldn't cope with it.

Release date was coming in a few weeks, and the developer wanted to be able to deploy his new changes to the development environment ASAP, so he decided not to wait for my return, but instead to set the IaC without my participation.

Since he is more experienced in AWS CloudFormation than in Terraform (and we also have is a similar project on CloudFormation that serves as an example), the developer just switched to CloudFormation and implemented the build and deployment logic that takes into account the new architecture.

When I returned, I was put before the fact that we move from Terraform to CloudFormation. Regardless of how good this solution technically is, I was furious that he allowed himself to make such a decision without taking into consideration my opinion.

The arguments the developer used for the switch were as follows:

* We didn't have time to wait for you to come back
* CloudFormation is better because it allows us to navigate in all your AWS resources from web console if you open the CF stack
* CloudFormation is better because we can deploy many dev stacks with different name suffixes (dev1, dev2, dev3) out of the box, but in Terraform you have to mess with state files to achieve that
* CloudFormation is better because all your configuration lies in a single file, while in Terraform you have to change a bunch of files
* There are some articles on the internet about why CF is better...

And he really used the word "better" trying to convince me.

Whether one tool is better than the other or not, obviously, is not a subject I wanted to bring up there. What I want to discuss is where is the line between a developer and a devops engineer responsibilities?

It so happened that the developers are used to run infrastructure deployment from CLI for deploying their feature branches in dev environment. They don't always use Jenkins because CLI way is "more convenient" for them to experiment with AWS.

And now I think if I should insist on a more formal and stricter workflow, where we have an agreement that whatever IaC feature or change the developers want, they come to me with the requirement list and I implement it from beginning to end. Because otherwise they start considering CLI deployment as part of their job and feel like they are in position to vote on what IaC tool is "better", which I think goes beyond their area of responsibility.

So what do you think, guys?

Can developers influence the decision about what IaC tool should be used on the project based on their definition of "convenient to use" (e.g. CF stack showing the resources is what convenient for them)?

Should I demand the developers to always use our CI/CD tool for any deployment, or developers' requirement to deploy from CLI (to dev environment) arguing that it is "easier/faster" is reasonable?

https://redd.it/10csnfm
@r_devops

AWS Lambda to deploy RDS migrations?

Curious about the practical pros and cons from the community and anyone’s experience if they’re willing to share.

Given my current operational landscape deployment and overall managing it seems trivial from a high level / conceptual technical perspective..?

I realize this is vague and I may get a lot of “depends on x,y,z” replies, but appreciate the feedback nevertheless - I’m not in a position to share many details.

https://redd.it/10csa78
@r_devops