Terrahaxs: GitOps Terraform CI/CD
Hey r/devops!
I'm Gabe, the founder of Terrahaxs, a GitHub Application that makes it easier to get started with Terraform CI/CD.
Why did we build this?
—
We wanted something better than Atlantis and cheaper than TFE or Spacelift.
Atlantis gets the job done and we’ve used it. However, deploying Atlantis requires you to already have
Infrastructure setup and in place (i.e. VPC, subnets, K8s cluster, etc) and DevOps skills. Terrahaxs allows you to get started with Terraform CI/CD without needing to deploy anything. Terrahaxs is also highly available (something Atlantis does not support), has unlimited concurrency, and supports features such as drift protection.
Spacelift and TFE are great, but they are expensive. Terrahaxs is a cheaper alternative.
How does it work?
—
Terrahaxs is a GitHub Application that you install with a few clicks of a button. Once installed, it will look for a a Terrahaxs.yaml or atlantis.yaml file and start running your Terraform CI/CD commands. It is backwards compatible with Atlantis and implements most of the functionality with more coming soon.
Terrahaxs uses a runner to execute commands and the runner can be hosted by Terrahaxs, run on GitHub Actions, or self-hosted.
The ask
We would love to hear any feedback from people in the field on what we’ve built. Would you use this? It’s still early, there are kinks, but we really would love to hear your thoughts (positive or negative)! 😊
https://redd.it/10ycu2i
@r_devops
Hey r/devops!
I'm Gabe, the founder of Terrahaxs, a GitHub Application that makes it easier to get started with Terraform CI/CD.
Why did we build this?
—
We wanted something better than Atlantis and cheaper than TFE or Spacelift.
Atlantis gets the job done and we’ve used it. However, deploying Atlantis requires you to already have
Infrastructure setup and in place (i.e. VPC, subnets, K8s cluster, etc) and DevOps skills. Terrahaxs allows you to get started with Terraform CI/CD without needing to deploy anything. Terrahaxs is also highly available (something Atlantis does not support), has unlimited concurrency, and supports features such as drift protection.
Spacelift and TFE are great, but they are expensive. Terrahaxs is a cheaper alternative.
How does it work?
—
Terrahaxs is a GitHub Application that you install with a few clicks of a button. Once installed, it will look for a a Terrahaxs.yaml or atlantis.yaml file and start running your Terraform CI/CD commands. It is backwards compatible with Atlantis and implements most of the functionality with more coming soon.
Terrahaxs uses a runner to execute commands and the runner can be hosted by Terrahaxs, run on GitHub Actions, or self-hosted.
The ask
We would love to hear any feedback from people in the field on what we’ve built. Would you use this? It’s still early, there are kinks, but we really would love to hear your thoughts (positive or negative)! 😊
https://redd.it/10ycu2i
@r_devops
Terrahaxs
Terrahaxs - GitOps & Terraform CI/CD
Terrahaxs - Terraform CI/CD GitHub Application
Am I wrong to suggest that we should move away from in-house managed applications for SRE team?
So I recently joined a startup as head of SRE team of 4 engineers.
Two of the engineers have been with the company for a long time. There brilliant engineers, but one of them is quite stubborn and has strongly opinionated.
One of the problems I see is that the whole build and deployment happens in a server that is in-house built. Sort of like Jenkins, but it is way more integrated in the the process.
The devs have absolutely no idea how the build and deployment works. And it's basically this one engineer who builds and maintains this system.
For example, Cloudformation yaml files are generated in code. Rather than just writing the yaml. This, at least for me, makes the whole this very black box to everybody, unless you have time to through a ton of Ruby code to understand what's going on.
I suggested that we should, at least for production, should make the process more streamlined and try to decouple it from this system. Since it is a point point of failure and we don't need that in production deployment path.
I also opined that for a small team like us, we should try to use managed services much as we can, and try to move away from in house built and maintained services. Every in house managed services is costly to maintain.
Understandably my opinion was not well received by this engineer, although other engineers agreed with it.
One of the arguments was that devs do not have to worry about build and deployment and it's the responsibility of the SRE team. And that having one central place everything happens is easier to maintain than 5 different managed services.
I strongly think using managed services is better as it helps with continuity, and maintaining that platform. Rather than having an in house system, which is mainly maintained by one engineer.
I don't want to create too much rift as this engineer has been with the company for a long time and he's the go to guy for any issue in the system.
But am I wrong?
Sorry for the long rant.
https://redd.it/10ybpx9
@r_devops
So I recently joined a startup as head of SRE team of 4 engineers.
Two of the engineers have been with the company for a long time. There brilliant engineers, but one of them is quite stubborn and has strongly opinionated.
One of the problems I see is that the whole build and deployment happens in a server that is in-house built. Sort of like Jenkins, but it is way more integrated in the the process.
The devs have absolutely no idea how the build and deployment works. And it's basically this one engineer who builds and maintains this system.
For example, Cloudformation yaml files are generated in code. Rather than just writing the yaml. This, at least for me, makes the whole this very black box to everybody, unless you have time to through a ton of Ruby code to understand what's going on.
I suggested that we should, at least for production, should make the process more streamlined and try to decouple it from this system. Since it is a point point of failure and we don't need that in production deployment path.
I also opined that for a small team like us, we should try to use managed services much as we can, and try to move away from in house built and maintained services. Every in house managed services is costly to maintain.
Understandably my opinion was not well received by this engineer, although other engineers agreed with it.
One of the arguments was that devs do not have to worry about build and deployment and it's the responsibility of the SRE team. And that having one central place everything happens is easier to maintain than 5 different managed services.
I strongly think using managed services is better as it helps with continuity, and maintaining that platform. Rather than having an in house system, which is mainly maintained by one engineer.
I don't want to create too much rift as this engineer has been with the company for a long time and he's the go to guy for any issue in the system.
But am I wrong?
Sorry for the long rant.
https://redd.it/10ybpx9
@r_devops
Reddit
r/devops on Reddit
Am I wrong to suggest that we should move away fro... - 2 votes and 8 comments
I have an app to build, all my designs are done, prototype flawless. Should I use ChatGPT for the hell of it?
It a basic app that could be built with some HTML/CSS, JavaScript, maybe some php or node. Webapp it? Or Android/iOS it? Or all three (webapp/Android/iOS)?
https://redd.it/10yg1hh
@r_devops
It a basic app that could be built with some HTML/CSS, JavaScript, maybe some php or node. Webapp it? Or Android/iOS it? Or all three (webapp/Android/iOS)?
https://redd.it/10yg1hh
@r_devops
Reddit
r/devops on Reddit: I have an app to build, all my designs are done, prototype flawless. Should I use ChatGPT for the hell of it?
Posted by u/Likeitisouthere - No votes and no comments
Easy Prometheus/Grafana Setup With Dashboards Repo
So I came across this while streaming yesterday and setting up prometheus and grafana on my kubernetes cluster I use on stream. This thing was so easy to setup and includes a bunch of pre-built Grafana dashboards already for you for your kubernetes cluster.
Highly recommend, I have also included a link to the part on my stream where you can see some of these live if you are curious how they look but I'm very impressed.
​
The actual link to the prometheus/grafana bundle: https://github.com/prometheus-operator/kube-prometheus
​
My twitch link to the section showing the dashboards: https://www.twitch.tv/videos/1731954476?t=02h02m15s
​
Hope this helps for anyone that might be struggling to get this going.
https://redd.it/10xvczs
@r_devops
So I came across this while streaming yesterday and setting up prometheus and grafana on my kubernetes cluster I use on stream. This thing was so easy to setup and includes a bunch of pre-built Grafana dashboards already for you for your kubernetes cluster.
Highly recommend, I have also included a link to the part on my stream where you can see some of these live if you are curious how they look but I'm very impressed.
​
The actual link to the prometheus/grafana bundle: https://github.com/prometheus-operator/kube-prometheus
​
My twitch link to the section showing the dashboards: https://www.twitch.tv/videos/1731954476?t=02h02m15s
​
Hope this helps for anyone that might be struggling to get this going.
https://redd.it/10xvczs
@r_devops
GitHub
GitHub - prometheus-operator/kube-prometheus: Use Prometheus to monitor Kubernetes and applications running on Kubernetes
Use Prometheus to monitor Kubernetes and applications running on Kubernetes - prometheus-operator/kube-prometheus
which one would you prefer
If anyone work in both places comment the below pros and cons
View Poll
https://redd.it/10yhi77
@r_devops
If anyone work in both places comment the below pros and cons
View Poll
https://redd.it/10yhi77
@r_devops
Reddit
r/devops on Reddit
which one would you prefer
Moving from developer job to cloud architect (terraform) job?
Hi folks, did any of you moved from a software developer job to a cloud architect job?
I received an offer from a company and talked with one of their employees to get an idea of what they do. He told me that they design cloud architectures and 80% of the job is writing terraform modules. They also write lambda functions in python/javascript sometimes.
At the moment I work as a backend java developer and I think I would miss coding, but I know cloud market is hot and cloud architect is a niche role which could pay better in the future.
What do you think? I'm 1year into my career. Would it be a good choice to switch?
https://redd.it/10yjgl6
@r_devops
Hi folks, did any of you moved from a software developer job to a cloud architect job?
I received an offer from a company and talked with one of their employees to get an idea of what they do. He told me that they design cloud architectures and 80% of the job is writing terraform modules. They also write lambda functions in python/javascript sometimes.
At the moment I work as a backend java developer and I think I would miss coding, but I know cloud market is hot and cloud architect is a niche role which could pay better in the future.
What do you think? I'm 1year into my career. Would it be a good choice to switch?
https://redd.it/10yjgl6
@r_devops
Reddit
r/devops - Moving from developer job to cloud architect (terraform) job?
Posted in the devops community.
Intern in DevOps as future SWE (CANADA)
I'm doing 2 internships back to back in DevOps and it's really interesting. As an undergrad engineer sould I land internship in fullstack also or DevOps is more lucrative in the long run?
https://redd.it/10y5401
@r_devops
I'm doing 2 internships back to back in DevOps and it's really interesting. As an undergrad engineer sould I land internship in fullstack also or DevOps is more lucrative in the long run?
https://redd.it/10y5401
@r_devops
Reddit
r/devops - Intern in DevOps as future SWE (CANADA)
Posted in the devops community.
Version control with git + CI/CD for Wordpress.
Googling suggests several potential options for version controlling a WordPress site using git and potentially setting up a deployment pipeline for it.
Does anybody have any experience of this at all that they'd care to share?
https://redd.it/10y4o47
@r_devops
Googling suggests several potential options for version controlling a WordPress site using git and potentially setting up a deployment pipeline for it.
Does anybody have any experience of this at all that they'd care to share?
https://redd.it/10y4o47
@r_devops
Reddit
r/devops on Reddit
Version control with git + CI/CD for Wordpress. - 2 votes and 1 comment
I'm excited about how hard it was to push a change into a cluster I manage, so I blogged about it
Hi folks! 👋
After 4 hours of jumping through various hoops to get a change into our dev/prod clusters, I'm so happy that it's done, that I thought I'd write up the process, since (in hindsight, not at the time!) it's quite gratifying how hard it was to push something into production and have the various checks ensure that what comes out the other end is secure and supportable :)
Here's my midnight ramble: https://geek-cookbook.funkypenguin.co.nz/blog/2023/02/11/layered-kubernetes-security-is-a-pita/
D
https://redd.it/10yozmw
@r_devops
Hi folks! 👋
After 4 hours of jumping through various hoops to get a change into our dev/prod clusters, I'm so happy that it's done, that I thought I'd write up the process, since (in hindsight, not at the time!) it's quite gratifying how hard it was to push something into production and have the various checks ensure that what comes out the other end is secure and supportable :)
Here's my midnight ramble: https://geek-cookbook.funkypenguin.co.nz/blog/2023/02/11/layered-kubernetes-security-is-a-pita/
D
https://redd.it/10yozmw
@r_devops
geek-cookbook.funkypenguin.co.nz
Why security in-depth is a(n awesome) PITA - Funky Penguin's Geek Cookbook
Is it easy to deploy stuff into your cluster? Ha! 0wn3d. It's SUPPOSED to be a PITA!
Is there a way to disable a duplicate workflow running from a trigger in Github Actions?
I've created a workflow that is triggered by a review being request on a pull request, and notifies a slack channel. I do this using this trigger:
name: PR Raised
on: pullrequest:
types: [reviewrequested]
The Issue I am having is that when more than 1 reviewer is added to a pull-request, the workflow runs more than once and delivers multiple notifications to Slack. Is there a way to add a condition within the YAML workflow so that, if a job is already running for this trigger, another one does not run, so that there is only 1 slack notification delivered rather than 1 for each reviewer?
Thanks, I hope I made this clear to understand.
https://redd.it/10yq5gv
@r_devops
I've created a workflow that is triggered by a review being request on a pull request, and notifies a slack channel. I do this using this trigger:
name: PR Raised
on: pullrequest:
types: [reviewrequested]
The Issue I am having is that when more than 1 reviewer is added to a pull-request, the workflow runs more than once and delivers multiple notifications to Slack. Is there a way to add a condition within the YAML workflow so that, if a job is already running for this trigger, another one does not run, so that there is only 1 slack notification delivered rather than 1 for each reviewer?
Thanks, I hope I made this clear to understand.
https://redd.it/10yq5gv
@r_devops
Reddit
r/devops - Is there a way to disable a duplicate workflow running from a trigger in Github Actions?
Posted in the devops community.
Aggregating Kubernetes Events
We started our k8s journey a few months back. We have been using kubectl or argocd to look at kubernetes events as needed. Recently I learned they are only available for an hour.
I found kubernetes-event-exporter. Bitnami has packaged it into a Helm chart. I configured it to use Loki for storage from an open issue on the original repository.
How are you aggregating k8s events?
https://redd.it/10xxxwl
@r_devops
We started our k8s journey a few months back. We have been using kubectl or argocd to look at kubernetes events as needed. Recently I learned they are only available for an hour.
I found kubernetes-event-exporter. Bitnami has packaged it into a Helm chart. I configured it to use Loki for storage from an open issue on the original repository.
How are you aggregating k8s events?
https://redd.it/10xxxwl
@r_devops
GitHub
GitHub - resmoio/kubernetes-event-exporter: Export Kubernetes events to multiple destinations with routing and filtering
Export Kubernetes events to multiple destinations with routing and filtering - resmoio/kubernetes-event-exporter
Docker on vast.ai GPU
Greetings,
New guy here. Is anyone with vast.ai experience here? I'd like to know if there's a way to manually set up docker after spinning an instance on vast.ai.
I rented a GPU. I installed docker on it. Docker doesn't start after that, and gives the error, "Host is down".Any way around it would be appreciated.
Thank you
https://redd.it/10yt3mw
@r_devops
Greetings,
New guy here. Is anyone with vast.ai experience here? I'd like to know if there's a way to manually set up docker after spinning an instance on vast.ai.
I rented a GPU. I installed docker on it. Docker doesn't start after that, and gives the error, "Host is down".Any way around it would be appreciated.
Thank you
https://redd.it/10yt3mw
@r_devops
Vast AI
GPU Infrastructure for AI Agents | Vast.ai
Rent high-performance cloud GPUs at low cost with Vast.ai. Instantly deploy GPU rentals for AI, machine learning, deep learning, and rendering. Flexible pricing, fast setup, and global availability
Name for devs, testers and devops together.
Which word can I use to refer to developers, testers and devops experts at the same time?
https://redd.it/10ytm7y
@r_devops
Which word can I use to refer to developers, testers and devops experts at the same time?
https://redd.it/10ytm7y
@r_devops
Reddit
r/devops - Name for devs, testers and devops together.
Posted in the devops community.
Keeping vendor providers on track?
The situation: our service provider has limited capacity in terms of their resources. They also do not extend their roadmap out past a month. How can I, as a client (of a fortune 200 company) motivate the vendor to A. Move more quickly to more efficiently meet our business needs and B. Minimize slippage? C. Extend their roadmap out further?
https://redd.it/10yvuq9
@r_devops
The situation: our service provider has limited capacity in terms of their resources. They also do not extend their roadmap out past a month. How can I, as a client (of a fortune 200 company) motivate the vendor to A. Move more quickly to more efficiently meet our business needs and B. Minimize slippage? C. Extend their roadmap out further?
https://redd.it/10yvuq9
@r_devops
Reddit
r/devops - Keeping vendor providers on track?
Posted in the devops community.
What's DevOps like in Telecom?
Is it mostly managing (virtual) network functions? Sounds like an interesting space that isn't managing databases and websites/apps.
https://redd.it/10yvr7u
@r_devops
Is it mostly managing (virtual) network functions? Sounds like an interesting space that isn't managing databases and websites/apps.
https://redd.it/10yvr7u
@r_devops
Reddit
r/devops - What's DevOps like in Telecom?
Posted in the devops community.
As DevOps-led automation has increased, machine identities are posing a threat to traditional cybersecurity, one of the challenges in managing the growing number of machine identities is the way systems authenticate them.
Clearly with DevOps led automation have come some issues, real ones, cybersecurity needs to step up their game due to the changes that have come thanks to DevOps, the new threat are machine identities.
What do you think is the best way to prevent machine identities from turning it into a security mess?
Source: https://thefintechspot.com/3-steps-to-mitigate-security-issues-created-by-machine-identities/
https://redd.it/10yyy45
@r_devops
Clearly with DevOps led automation have come some issues, real ones, cybersecurity needs to step up their game due to the changes that have come thanks to DevOps, the new threat are machine identities.
What do you think is the best way to prevent machine identities from turning it into a security mess?
Source: https://thefintechspot.com/3-steps-to-mitigate-security-issues-created-by-machine-identities/
https://redd.it/10yyy45
@r_devops
GBHackers - Latest Cyber Security News | Hacker News
3 Steps to Mitigate Security Issues Created by Machine Identities
As enterprises have embraced DevOps and containerization, cybersecurity is facing a changing landscape. Typically, security platforms focus on guarding network boundaries and verifying human identities that access a network. However, as DevOps-led automation…
Azure Security
Are there any good sources for learning Azure security?
https://redd.it/10z0jga
@r_devops
Are there any good sources for learning Azure security?
https://redd.it/10z0jga
@r_devops
Reddit
r/devops - Azure Security
Posted in the devops community.
Node and Chef Cookbooks
I am currently learning how to use Chef, and I have a question regarding nodes and cookbooks. Can a node be linked to multiple cookbooks? If so, is it typical for nodes to be linked to several cookbooks in larger, more complex setups?
https://redd.it/10z036c
@r_devops
I am currently learning how to use Chef, and I have a question regarding nodes and cookbooks. Can a node be linked to multiple cookbooks? If so, is it typical for nodes to be linked to several cookbooks in larger, more complex setups?
https://redd.it/10z036c
@r_devops
Reddit
r/devops - Node and Chef Cookbooks
Posted in the devops community.
What is your opinion on using an all in one platform like ADO, GitLab Ci/Cd vs. multiple tools you need to integrate together?
Hello everyone! I’m joining a team that is new to DevOps practices and is running on Azure. I’m tempted to start with ADO since it’s easy to integrate in their environment and I’m building from the ground up, which makes an all in one platform appealing. However I don’t want to miss out on other tools that specialize in a certain aspect.
Just wondering what everyone thinks of these all inclusive platforms vs. combining multiple tools from multiple vendors.
https://redd.it/10z2aag
@r_devops
Hello everyone! I’m joining a team that is new to DevOps practices and is running on Azure. I’m tempted to start with ADO since it’s easy to integrate in their environment and I’m building from the ground up, which makes an all in one platform appealing. However I don’t want to miss out on other tools that specialize in a certain aspect.
Just wondering what everyone thinks of these all inclusive platforms vs. combining multiple tools from multiple vendors.
https://redd.it/10z2aag
@r_devops
Reddit
r/devops on Reddit
What is your opinion on using an all in one platfo... - No votes and 2 comments
Is the Azure DevOps cert worth it?
The company I work for is 100% Azure and I was looking at getting the AZ-400 to learn about their tools. But since MS bought Github it looks like they abandoned their own devops tools in favor of that. I'm still majority ops, so this would also be a learning path for me.
https://redd.it/10yyu0n
@r_devops
The company I work for is 100% Azure and I was looking at getting the AZ-400 to learn about their tools. But since MS bought Github it looks like they abandoned their own devops tools in favor of that. I'm still majority ops, so this would also be a learning path for me.
https://redd.it/10yyu0n
@r_devops
Reddit
Is the Azure DevOps cert worth it?
2 votes and 6 comments so far on Reddit