What do you use for externalizing APIs?

Hey,

Hope it's okay to ask this here, I'm slowly getting into the devops side of things, experience largely based in the legacy era.

I've been asked to take a look into what we can do to make some of our apps ( standard apps, think jira / jenkins ) available for responses from other SaaS services. I was taking a look into Apigee and Azure API Man ( we are hosted on Azure ). I think these may be overkill / over priced for what we require.

I think we essentially need an API Proxy, something that can receive json and then trigger a process internally to make an API request to the internal apps.

Any suggests on any other solutions I could take a look into?

Thanks in advance.

https://redd.it/10j89be
@r_devops

Simple, open-source, lightweight stress tool

https://github.com/ddosify/ddosify

https://redd.it/10jafut
@r_devops

DevOps training project ideas

Hi all,

I am currently on a path of self-learning after recently becoming the Cloud/DevOps person at my workplace. I come from a physical/on-prem infrastructure background rather than development.

Looking to push myself and increase practical experience. I've looked through the roadmap and know what I need to learn.

I'm looking for some examples of personal projects I can focus on that would replicate a real world scenario - something I can use to say 'I have demonstrable experience of doing xyz'

Thanks!

https://redd.it/10jbmfn
@r_devops

Are there any DevOps podcasts that you would recommend for learning purposes ?

.

https://redd.it/10jecii
@r_devops

Self-made API Gateway in a MicroService architecture ?

I'm starting a new project where I want to explore the construction of a microservice architecture for a e-commerce website. The whole ecosystem would be made of the following components:

A `register` microservice that handles the account creation (email-password || SSO) / reset password features
An auth microservice that handles authentication by issuing JWTs with embedded permissions
An `inventory` microservice that handles CRUD of sellable items
An order microservice that handles order requests from buyers
A `pdf` microservice that handles creation/distribution of PDF invoices using templates
A storefront microservice that serves the front-end app to buy stuff


All these services would be independent units running in a self-hosted Kubernetes cluster. I will be writing these in different languages (Python/Golang/Node) and they should still be able to interact with each other. The whole system would be supported by one PostgreSQL database.
I want to support a complete observability stack, with a focus on distributed tracing. For this I will use Loki/Grafana/Tempo/Mimir (LGTM), and hopefully be able to implement log-to-traces and traces-to-metrics.

With this in mind, I have a few questions:

Should I build my own API Gateway or are there tools out-there that could do the heavy lifting for me ? I imagine having this API gateway having an Ingress on api.foo.bar/, requests from my users would be POST api.foo.bar/auth/ + {email,password} which would then be internally routed to POST https://auth.svc/. I have seen this article which shows that it shouldn't be more than a 100 LoC in Golang ;

Should the API gateway be doing authorization instead of delegating this to the microservices themselves ? Does blocking requests at the gateway level, before they access the service have any advantages ? I fear this pattern would lead to rewriting code of the APIG each time a new service is added.

Would sharing database tables between services be an issue in the future ? auth and register would both be reading/writing to a User table. How would you share the database model, handle the migrations too ?


I'm still learning about this kind of architecture, so feel free to share your experience with it and any common pitfalls I could avoid !

https://redd.it/10jc02k
@r_devops

Ubuntu 22.04 RDP breaks connection and takes me to the login screen

What is this issue with login when RDP connecting on Ubuntu 22.04? I connect successfully with Remmina, but when I try to switch to just single screen in Displays, the connection breaks and the server takes me to the login screen.

Here it says to install this Gnome extension and log out from Ubuntu (server machine) and then log in from Remmina, but then it won't connect to the logged out Ubuntu at all. How do you solve this?

https://askubuntu.com/questions/1411504/connect-when-remote-desktop-is-on-login-screen-or-screen-locked-without-autolog

https://redd.it/10jke2a
@r_devops

How do you debug and log CI docker-build failures?

As intended, I have Jenkins Pipelines connected to Github repositories of my developer's services and a function that builds the service for them on commit. Sometimes, of course, the pipelines fail. My Jenkinsfiles are split into stages, but even that doesn't make it clear enough why it failed. More specifically, if the developer introduced a build-error, we have to scroll through logs until we understand in what layer the error occurred and why.
Is there any method or tool to extract build logs, errors and status without string manipulation or other Jenkins hacks? I could send this result to slack or any other place, but I need first to make it clear why the pipeline failed, and if it failed on build, why specifically did the build fail.

https://redd.it/10jgrih
@r_devops

is DevOps just another job now?

So I've been around a while and when the conversation and thinking began to change in my circles around 2010-2012, DevOps was a concept , a culture. Building on Agile principles and bringing in the thought leadership of the likes of Jez Humble and a dozen others.

It was universally felt at that time that you couldn't have a "DevOps engineer" and job postings for that role were mocked as recruiters and orgs not having an understanding of what DevOps was..

Rolling forward 10 years..DevOps engineer is now a commonly found standard role which seems to me to be an owner/enforcer of automation tooling..

Conversations I'm having with newer "thought leaders" sound very much like DevOps is just tooling and I'm doubting my own understanding or recollections of the past.

Seeking discussion and viewpoints on this ideally from others who were around pre 2012 and have worked through this evolution.

Does the original DevOps still exist? Did it ever? Or has it become something else now?

https://redd.it/10jnyyd
@r_devops

Career Options as a CS Sophomore

Hello everyone! I am a 2nd year Computer Science Student. I've been checking out DevOps quite lately and I eventually want to work as a DevOps engineer after graduation. However, as I've heard from this sub, I can't work as a DevOps straight as a freshman out of college since I may need experience as a software developer and internships are quite rare. If this is 100% true, what other career options can I purse that'll help ease me to getting eventually to DevOps (cloud engineer, solutions architect...?).

https://redd.it/10jnwu2
@r_devops

Learning how we can make code interviews better, especially for neurodivergent applicants.

I've been reading studies and anecdotes about code interviews and the plight of neurodivergent applicants (those with autism, dyslexia, anxiety disorders, and similar) and started writing about how to try to make them better. I'm not making any money on this work. I just want to share what I learn to improve life for everyone.

What I am asking is for ideas, stories, studies, support groups, corrections, or clarifications to improve what I have learned so far. If this goes well, I'll try to turn it into a talk to apply to present to events like DevOpsDays or other similar gatherings.

This is what I have so far. If it helps you, feel free to share it with those who may need to see it. If I'm just full of BS, also let me know so I can fix it. https://www.linkedin.com/pulse/your-code-interview-discriminatory-heres-how-fix-daniel-gentleman

https://redd.it/10jj06v
@r_devops

How to connect a message broker as an Argo event source?

https://medium.com/memphis-dev/connect-memphis-as-an-argo-event-source-5ae05bae01d8

https://redd.it/10jcswn
@r_devops

Experiences with Visual Studio App Center?

I'm requested to investigate this and decide if it is worth it for one mobile application.
What's your experience? Do you think it helped? Was it challenging to learn?

https://redd.it/10jclpq
@r_devops

Small team of data analysts using SQL, Python and PowerBI, should we use Git or Github?

Hey guys, I work in a small team of data analysts, I myself have been an analyst for 5 years now (1.5 with this company) and we're a small team of 5. We mostly write SQL code to query databases but have some specialty projects that use python to create sql db's that we are hoping to take to the cloud and also a ton of PowerBI reports. Is it necessary for me to put forward the business case that we we will need a organisational Github account to keep our code, would there be a cheaper version such using Git to version control files in our google drive ,or is that a bad idea? (please go easy on me, I watched a video about git on youtube on saturday night while rocking daughter to sleep so I have no idea what I even don't know, let along what I know.) Also is Github secure since the code we write queries organisational databses and the like, would we need to make any changes for security purposes.

https://redd.it/10jcljv
@r_devops

Introduction to DevOps

Free online course

Introduction to DevOps

DevOps helps in efficient software development, and this course aims at introducing you to DevOps, an in-demand industrial skill.

https://formationgratuite.net/Introduction-to-DevOps

https://redd.it/10jd3z4
@r_devops

AWS API Gateway error

AWS API Gateway is throwing - {"message":"Forbidden"}

​

My architecture looks like - Route 53 --> AWS API Gateway --> ALB --> Fargate

I created a domain using Route 53 and validated it. I attached this custom domain to API Gateway. I also added the ALB integration using private resource option and VPC link and the route I have configured is "ANY /{proxy+}". On my ALB, listener is port 80. I have opened security groups for pretty much all traffic for testing purpose. It works when I directly hit from ALB url. My ALB is internal but I tried it with Internet facing ALB also.

​

I feel like I am messing up in VPC Link, what subnet should I use private or public? I tried both.

​

I do not understand where this is going wrong, do tell me if I missed a step. Thanks!

https://redd.it/10iibyz
@r_devops

Work split on modules vertical or horizontal

I worked in cooperations where every developer had one module for himself to work on and if they weren't experts in their layer (e. g. databases) they would ask for others so while every developer was responsible for only his module each module was rather the result of teamwork than of just one individuals' work.

I am now working in a cooperation where a whole team of 5 developers works on one module. The database expert does one layer, the frontend expert does one layer, the deployment expert does one layer, etc. If the deployment expert does not have time you will have to wait a few sprints and if the deployment expert does not like a certain module, he might use his authority as an expert to delay things since other employees are not allowed to do his work since there might be errors. Management is scared of angry customers so they do everything to avoid that.

I know that nothing is black or white but which of the following ways of developing software in a company with SAFe and agile is better if one could even say that. My point of view may be highly subjective that is why I want to know the perspective of someone else.

https://redd.it/10ifcsv
@r_devops

I'm running k8s IPv4/IPv6 dual-stack in production

Curious about people's experience with this

View Poll

https://redd.it/10ih1cg
@r_devops

Anyone use AWS Managed Prometheus Grafana? Confused because it looks like a non-managed prometheus solution?

I started looking at Amazon's solution for prometheus to try to get away from managing my own prometheus database and stack and (like most AWS products) it seems to be designed in a roundabout and confusing way.

Looking at the architecture graph here, it looks like you still need to run your own stack and prometheus database, and you forward your data to a write endpoint. I was expecting to not do that and to simple be able to direct their managed prometheus instance to scrape my exporter endpoints.

Am I missing anything here? Has anyone made this work with their use case?

https://redd.it/10hvvwi
@r_devops

From your experience, what are some use cases that make you use an APM provider like Datadog, NewRelic, blah, blah? Instead of lean open-source solutions (Prometheus, Jaeger, Loki)?

Can you guys give me actual use cases instead of a feature list?

https://redd.it/10k0oc8
@r_devops

Taking over internal tools built by ppl who quit (DevOps/SRE)?

So,

Ppl here say that there is no DevOps without Dev part, so lets assume someone wrote very complex internal tooling that is extensively used by the company.

But the ppl who wrote that quit the company some time ago. The knowledge about how stuff works in details was lost.

You are left with various Java and Go services that are required by the platform to operate but you have no idea how they work.
Most stuff works based on magic injections of extensions.

Whats your methodology to reengineer all knowledge that was lost :D ?

https://redd.it/10k4tgj
@r_devops

Datadog questions

Hi guys, where do you ask your datadog related questions? i see their r/datadog channel is dead and their slack has 0 replies in most of the questions, thanks!

https://redd.it/10k1gnc
@r_devops