But really, why is all CI/CD pipelines?

So I've been deep in the bowels of our company's CI processes the last month or so, and I realize, everyone uses the idea of a pipeline, with steps, for CI/CD. CircleCI $$$, Buildkite <3, GHA >:( .

These pipelines get really complex - our main pipeline for one project is ~400 lines of YAML - I could clean it up some but still, it's gonna be big, and we're about to add Playwright to the mix. I've heard of several orgs that have programs to generate their pipelines, and honestly I'm getting there myself.

My question/thought is - are pipelines the best way to represent the CI/CD process, or are they just an easy abstraction that caught on? Ultimately my big yaml file is a script interpreted by a black box VM run by whatever CI provider...and I just have to kinda hope their docs have the behavior right.

Am I crazy, or would it actually be better to define CI processes as what they are (a program), and get to use the language of my choice?

https://redd.it/10gzdqg
@r_devops

"Accredited" DevOps Training/Cert Courses?

Does anyone know of any courses offered to prep for eventual certification in either SRE or CI/CD (DevOps Institute certs) that are considered to be "accredited"?

Seems that's the only way I can use my education funds at work and the usual programs I go to (AWS Coursework, Cloud Academy, etc...) don't see to mention anything about being accredited.

Thanks!

https://redd.it/10gxw59
@r_devops

fargate with react

Hi all!
I have some deploys in ECS (fargate) a frontend and a backend. The frontend is in a public subnet while the backend is private. The frontend uses react with axios, and initially I wanted to use service discovery, but.. I just forgot about the fact, the requests are made from client side not server side. So even though my service discovery work fine, it's useless.
Was wondering if this issue could be bridged using API Gateway or not ? Not very familiar with APIG.
Other thing was to deploy another middle server which would act as a gateway, but still, not the best solution because I have to hardcode the host in the react app, so I'd need a sub/domain for this as well to not depend on the IP.
Looking for a solution, or any ideas if you have... I have some apps and wondering how could I solve the issue the possible easiest and cost effective way.

https://redd.it/10h0asx
@r_devops

hello one curso free

https://imersao.dev?bid=OLRJNNX

https://redd.it/10h88ja
@r_devops

Resume review - support engineer > cloud/Devops

Hey guys I’m currently a support engineer working on moving into a cloud engineering/ devops job I’m still working on updating my projects and adding new ones I found interesting while reading the cloud resume challenge guidebook and please note I’m still making adjustments to this while I keep learning and putting that knowledge to work in these projects any feedback would be greatly appreciated

https://imgur.com/a/exec3S0

https://redd.it/10gmx90
@r_devops

Do any CI/CD systems allow for retrofit of cross-cutting concerns?

I’m wondering if any CI/CD systems allow this, or even if it’s a good idea. The thought is wanting to implement the same type of cross-cutting concern across all or most CI/CD pipelines across an org.

If you know what you need in advance it’s easier to build it in from the start in a reusable way. But, we invariably never predict the future. As examples, say later on you realize you want to implement security/vulnerability scanning, or audit/metrics aspects (such as tracking of DORA metrics). Is it a feasible thought of trying to implement this once in the CI/CD system itself, or are you stuck manually updating hundreds or thousands of pipelines?

https://redd.it/10hg862
@r_devops

Secret Management Across Environments / Vault

My team is growing, and we're running into an issue now where managing secrets is just getting too crazy. It's happened several times where a secret deployed to our integration environment doesn't exist in production and it halts the release. We want to do a release to staging? Forget it... We'll have to wade through all the secrets added since the last deploy.

I was thinking of creating a tool that allows uploading secrets to our environments, but whenever you upload a secret to one environment it forces you to specify it for all of them. Then I realized this is too common of a problem and surely there is a better solution.

1. I started looking into Vault. I'm not sure what to think of it though. I also still don't feel like I'm getting it. It sounds like Vault wants you to deploy an instance of it per environment, instead of having a single instance over all environments. If I have an instance of Vault for every single environment, it seems like Vault doesn't really solve my problem.
2. I'm not an ops guy, but this is going to fall to me to champion it. I'm not really finding a full explanation of how this is all going to work together on GCP.
3. If a secret expires from vault (because that's a thing apparently?), how does the server get a new value? Is retrieving the new value manual or automatic?
4. Is it ok to deploy Vault to a serverless environment like CloudRun? This means that the container won't get CPU cycles unless there is an active request. Will this cause me issues?

https://redd.it/10hipa7
@r_devops

Do you use Intune?

What do you think about Intune? Are you using it? Or do you have specific reasons to not to? Are you using something else? Is Intune fitting into a a complete DevOps solution for your job? I'm curious how common Intune is for people into devops.

https://redd.it/10hkl0e
@r_devops

Git merge from development to production



The content of our file in the dev branch

>server: dev-server
parameters - 200|300

we change the parameters to 200, which needs to be moved to production. However the server portion should not be changed while merging. I am wondering how can/ways to achieve this using git?

prod configuration

>server: prod-server
parameters - 200|300

I know if we do a merge this will change the server portion as well.

As a side note we maintain git for maintaining the server configuration files for a Data quality software tool. This repository contains the configuration/files that is needed for that tool to be deployed properly.

There is shell script which takes this code from git and deploys to the server where the tool is hosted. After deployment, post a restart of the server, the changes will take into effect to the tool.

https://redd.it/10hl665
@r_devops

Containers

Nowadays 2023 and going forward, I'm pretty new to containers and currently learning, is worth at all learn Docker concepts or even use Docker within an Orchestration technology as Kubernetes? I know that Docker manages containers for Apps mean while the container Technology can be swap for another one like RKT or CRI-O.. I'm wondering if as of today 2023 is Docker a solid proposal for example for green field projects? .. I haven't heard too much about RKT or CRI-O ... Seems like the buzzword in regards of containers is Docker but I'm here asking you... Any feedback appreciated thanks !

https://redd.it/10hja1t
@r_devops

Devops or Full Stack Engineer - Career Path

Hi Im at a standstill as to what direction I should take my career. I recently got laid off my Technical Support Role and want to change my career. I have the option to enroll in a very good coding full stack bootcamp or to do a program preparing me to become a devops engineer.

​

I have a friend who does devops and he said it is not a bad job, however he is going to do something else as he does not light the odd hours. I also have fears that devops will change fast in the next 10-20 years. I want something high paying but stable. Please advice. Thanks

https://redd.it/10got1o
@r_devops

🚨 Terraform from 0 to Hero Blog Series

In the following weeks, I will be releasing a series around Terraform with beginner-friendly content that engages juniors and even non-technical people. I am going to take you through my 6-year journey with Terraform and how I believe you should learn it.

The first 3 episodes are already up and you can use this article as a table of contents: https://techblog.flaviusdinu.com/terraform-from-0-to-hero-0-i-like-to-start-counting-from-0-maybe-i-enjoy-lists-too-much-72cd0b86ebcd

Hope this will help beginners get a better grasp on the concepts and on what they should learn in order to get better.

https://redd.it/10hrk2s
@r_devops

junior dev ops here - need to configure Linux and Windows build/dev workstations on demand, for CI/CD pipelines and on-premise developers with special drivers/install processes that sometimes take 2-3 days manually. ML/AI. What tech stacks would you advise for config?

small shop. i'm currently working with devs in Machine Learning/AI and often we need to configure computers that utilize GPU/CUDA manually.

i'm in the process of setting up our build pipelines on gitlab with on prem workstations, but even that is taking quite a bit of time - we need both windows and linux runners and whenever a developer wants to integrate a new tool, we're going into each runner and going through the manual install process - AND ensuring each dev workstation is also updated. it just seems to be getting worse and worse each time and i'm struggling to keep up.

my knowledge of devops is really limited up to automated testing/build of applications and now it's going into IT infrastructure and I'm not exactly sure what tools I should be using. I'm manually installing drivers, configs on each computer (linux, windows) and sometimes there are so many areas of for human error or just losing track of what is installed on what.

on linux, i'm writing these extensive bash scripts that check and install the necessary dependencies (even downloading from our local nas ...) which devs can easily run and it'll update their workstations (or our runners) and I don't even know where to start on windows (the idea of maintaining a seperate set of powershell scripts that replicate the same purpose sounds insane to me in the long run).

Am I missing something? What tools should I be looking into?

https://redd.it/10ht39r
@r_devops

Fullstack DevOps is real and this is what it really means. And why you're probably not one..

DevOps is just a collaboration between developers and system administrators to help speed up the development process. It's NOT a mindset or culture as some of the people here like to say. Yes this closer working collaboration which can help to create a culture, but it's inaccurate to define it as such. True DevOps engineers are highly experienced full-stack developers.. Meaning they know both Dev side of things aswell as the Ops side.. Most people either only know Dev or Ops.. Its just that simple..

https://redd.it/10hvcim
@r_devops

Does anyone know the current status of Chick-fil-A’s per-restaurant Kubernetes cluster?

In 2018, CFA published a Medium post describing how they put a Kubernetes cluster in every restaurant to cache IoT events, auth, and a few other things.

Does anyone know if this is still running, and if so, what’s changed since this post?

https://medium.com/@cfatechblog/edge-computing-at-chick-fil-a-7d67242675e2

https://redd.it/10hw3yt
@r_devops

I created an open source secrets manager and Y Combinator just invested in it!

Super pumped to continue working on this and reduce some of the common pain points with secrets management us devs face. It's end to end encrypted like Vault but much easier to use with a growing list of integrations. Check it out! https://github.com/Infisical/infisical

https://redd.it/10i6ra1
@r_devops

Does trunk-based development still work for mlops and data science / AI heavy teams?

If you google trunk based development + mlops, you get very few hits. I'm curious to see if anyone here works with teams that build and publish machine learning models with decent success using trunk based development. As far as I know, the predominant model in the ML teams I've worked with was branch per environment, so, dev/stage/prod branches but we all know the challenges that style brings.

The reasoning I was always given was that data science / ml is much messier than pure software dev and therefore doesn't map well. I'm unconvinced.

So it was a surprise to see it recommended as the approach here by a thought leader in the ML world : https://www.databricks.com/explore/data-science-machine-learning/big-book-of-MLOps#page=1.

If you practice trunk based development on an ML team, please can you share how your team does it?

https://redd.it/10i2ixz
@r_devops

humor AWS CDK – Proposed Slogans

We are switching from CloudFormation (SAM) to AWS CDK.

It feels quite productive. This is my way to express gratitude.

https://ilya-sher.org/2023/01/19/aws-cdk-proposed-slogans/

https://redd.it/10ib1u1
@r_devops

Hashicorp terraform on psionline for non-English speakers

I have a doubt, I've already taken online exams through Pearson Vue and I know they offer a text chat for people who are not fluent in English.

​

Does PSI online have the same tool for those who are going to take an online exam without being fluent in English?

https://redd.it/10ic13p
@r_devops

how to automate AWS marketplace publishing with Ansible - A beginner's guide

Hello everyone,

I've been a long-time subscriber to this subreddit, but this is my first post. I recently published an article on automating AWS marketplace publishing using Ansible. If you're new to Ansible or are looking to streamline your AWS marketplace publishing process, this article is for you!

In this article, I cover the basics of Ansible, how to create an EC2 instance, create an Amazon Machine Image (AMI), and how to use Ansible to automate the publishing process on the AWS marketplace.

I also share some tips and best practices for using Ansible to automate your AWS marketplace publishing.

You can find the article here: https://medium.com/@arshad.zameer/getting-started-with-ansible-for-aws-marketplace-publishing-a547cc13d182

I hope the article is helpful to you. If you have any questions or feedback, feel free to comment.

Thanks for reading!

\#Ansible #AWS #AWSMarketplace #Automation

https://redd.it/10iaq9a
@r_devops

Salary Sharing Thread January 2023

This thread is for sharing recent offers you've gotten or current salaries.

Please only post an offer if you're including hard numbers, but feel free to use a throwaway account if you're concerned about anonymity.

Education:

Company/Industry:

Title:

Years of technical experience:

Location:

Base Pay

Relocation/Signing Bonus:

Stock and/or recurring bonuses:

Total comp:

Tech Stack:

Last thread was a huge success so bringing it back on popular demand

https://redd.it/10i1hq5
@r_devops