Terraform Module Registry vs GitHub

I'm wondering what the benefits of a private Terraform module registry are over just sourcing your modules from a private GitHub repo?

The main consumers of the modules are going to be technical/developers, can't they just find the module they want/need in GitHub?

You can also version modules in GitHub with tags.

What other use cases/reasons are there for a private registry?

https://redd.it/1103z0l
@r_devops

windows 2022 EC2 Userdata powershell script isnt running

Im new to all of this but trying to get the userdata to automatically install WSL1 ansible jenkins I can run every command individually when i start a new instance but isnt running upon start up if theres any gurus that can spot an issue please help!

<powershell>

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linu

[Net.ServicePointManager\]::SecurityProtocol = [Net.SecurityProtocolType\]::Tls12

$fileToCheck = "Ubuntu1804.appx"

if (Test-Path $fileToCheck -PathType leaf)

{"File does Exist"}

else

{Invoke-WebRequest -Uri https://aka.ms/wsl-ubuntu-1804 \-OutFile Ubuntu1804.appx -UseBasicParsing}

Add-AppxPackage .\\Ubuntu1804.appx

Write-Output "Installed the ubuntu18.04"

invoke-expression -Command "Add-AppxPackage .\\Ubuntu1804.appx"

Write-Output "Installed the ubuntu with backup attempt"

$str1="/Users/"

$str2="/AppData/Local/Microsoft/WindowsApps/ubuntu1804"

$hdd_name=(Get-WmiObject Win32_OperatingSystem).SystemDrive

$username=$env:UserName

[String\] $ubuntu1804_path=$hdd_name+$str1+$username+$str2

dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

wsl --set-default-version 1

wsl --update

$str1=" install --root"

$set_user=$ubuntu1804_path+$str1

invoke-expression -Command $set_user

wsl sudo apt-get install -qq -o=Dpkg::Use-Pty=0

wsl sudo apt update -qq -o=Dpkg::Use-Pty=0

wsl sudo apt install -y

wsl sudo apt install ansible -y -qq -o=Dpkg::Use-Pty=0

wsl sudo apt-add-repository ppa:ansible/ansible -y

wsl sudo apt-get install -y python3-pip libssl-dev

</powershell>

https://redd.it/10yw441
@r_devops

Refreshing knowledge on web app deployment (CDN, load balancers, DDoS protection, etc)

I've worked at big co's for 10+ years where all of this stuff was taken care of by separate team(s). Now I find myself at a seed stage startup and we're gearing up to launch our product.

I haven't done this in years (no time for side projects anymore, kids etc) so I'm keen to brush up on the latest best practices and so on.

We're on GCP, and deploying a typical react FE (with SSR) and a BE API. Everything is currently on some canned Cloud Run domain behind an auth wall. So the upcoming work is to productionise the public-facing infrastructure.

https://redd.it/1106hu5
@r_devops

Dynamic Version number in a pipeline

Hi!
So a developer recently updated a project to python 3.10 from 3.7 - obviously that made the pipeline fail because the python docker image was based on 3.7. For our python projects we use poetry and define our dependencies and python version in a toml file.
My idea was to parse this toml and fetch the python version needed and store this as a variable and pass this to the docker image tag.
Do you think this is a future-proof approach or would you solve it in a different way?

https://redd.it/10yjtxl
@r_devops

A convenient way for backing up and restoring your installed packages

Do you ever change your laptop/computer and wish that there was an easier way to reinstall all your packages from popular package managers such as Homebrew, etc. As a developer, it's redundant to always reinstall my Homebrew packages.

PRP CLI tool: https://github.com/Liopun/prp

This tool is a solution for automating restoring/reinstalling your Homebrew packages. All you have to do is run the tool on your current system and that gives you full portability of your Homebrew packages.

It saved my day!!!

https://redd.it/10y7bzv
@r_devops

Food Order App and Eks

Should i use spot instances or on demand for a eks cluster im deploying an food order app .

https://redd.it/110an97
@r_devops

USING CI/CD to test multiple layered applications

So far, I’ve used CI/CD to build and deploy simple web projects, like Flask with its own web server, or SSG. Testing is pretty straightforward: you spin up a container, run unit tests and if you’re happy go ahead and deploy it.

What if you have a more complex stack, like Java+NodeJS? Do you build a single container with everything (doesn’t sound good to me), do you spin up multiple containers (or even clusters) on the fly for unit testing, or what?

Sorry if my question is too basic, haven’t found much on the Internet.

https://redd.it/110bfsg
@r_devops

Deployment scripts vs individual CD steps

Which do you prefer to use in your CD pipelines?

View Poll

https://redd.it/110cp32
@r_devops

Suggest container Linux distro go to deploy Kubernetes on a Bare Metal Server

Understand that bare metal isn’t always the best deployment approach for Kubernetes, the highest reason is simply that we need to spend lowest cost, our team cannot afford GKE or AWS EKS. I'm not biggest head here, but I have permission to choose solution, and I willing to deal with headache. We used to run Docker on Debian hosting, then now moving to container distribution option. I searched then get too much option to consider.

Now I'm still wondering with Alpine or Fedora CoreOS. And sad that I don't have any compare matrix with clear criteria. We're just heading to a stable option with less critical bug, as least as not crash frequently also easy to automate process in the future. What's your suggestion option for production workload? And is there any special note when we pick this option at all?

https://redd.it/110bts6
@r_devops

How do I push a specific image to a specific repository on Docker hub?

I’m a relative docker noob. I have several images on my machine, which I have seen when I run docker images. In particular, the first two lines of the output are as follows:

&#x200B;

|REPOSITORY|TAG|IMAGE ID|CREATED|SIZE|
|:-|:-|:-|:-|:-|
|flask-app|v1.1|8aadfefa0b2d|28 minutes ago|118MB|

I also have several repositories on Docker hub.

So, the question is: how do I push the image flask-app to a repository named flask-repo? What is the exact syntax to use for this? I’m really confused by all the slashes and colons required when I read the docs. The docs also seem to assume there’s only one image on my machine, but like I said, I have several: how would docker know which one to push?
Another bonus question, isn't "flask-app" the name of my image? I didn't create any repositories on my machine, they're on Docker hub. What's the difference between an image's name and it's tag? Which is more important?

https://redd.it/110ds77
@r_devops

A self hosting app to create one-time shareable secrets.

https://github.com/rpgeeganage/ots-share-app

I created this in last couple of days. I was let go from my software engineering job 2 weeks ago, I started building this last week while preparing for interviews.

1. Creates shareable links which valid for a maximum of 24 hours.
2. The contents are encrypted with AES in CBC mode, with a 256-bit key. (Using Crypto-js)
3. Passwords are NOT sent to the backend server.
4. The app periodically deletes encrypted content after it expires, and the encrypted content gets deleted once the web UI fetches it.

https://redd.it/110csxv
@r_devops

How do you request and manage certificates on the application gateway level?

Long story short: We use cert-manager to generate TLS certitifates. Works perfectly. The problem is that I need the certificate at the Azure Application Gateway (TLS/SSL termination past the gateway) level, which in turn requires the certificate to be present at the Azure Key Vault.

Right now we are manually logging in with a service principal and push the certificates into Azure Key Vault. The entire process includes > 100 lines of code to just copy a certificate into the key store. Isn't there an easier way?

Seems like there should be an easy solution to this, but I can't seem to find any...

https://redd.it/110bi53
@r_devops

EBay watcher/ view bot


Hi, is there a view bot that increases your views on your listing, in order to boost it and reach more people? I don’t know much about coding and any help is greatly so appreciated. Please guide me if this is not the appropriate sub for this question.

https://redd.it/110cm3p
@r_devops

How to build a release from a fork on GitHub using Actions?

I am trying to build a fork of Deno on GitHub using Actions. Specifically I have commented lines in Cargo.toml to not include features that will not be used in the resulting deno executable. This is my first edit excluding certain features

[workspace]
resolver = "2"
members = [
#  "bench_util",
  "cli",
#  "cli/napi/sym",
  "core",
  "ops",
  "runtime",
  "serde_v8",
#  "test_ffi",
#  "test_napi",
#  "test_util",
#  "ext/broadcast_channel",
#  "ext/cache",
  "ext/console",
  "ext/crypto",
  "ext/fetch",
#  "ext/flash",
#  "ext/ffi",
  "ext/http",
  "ext/net",
  "ext/node",
  "ext/url",
  "ext/web",
#  "ext/webgpu",
  "ext/webidl",
  "ext/websocket",
#  "ext/webstorage",
#  "ext/napi",
  "lockfile",
]
# ...

and so forth.

I have essentially no experience using Rust or GitHub actions. Is this possible? What do I need to do to build a release that I can download locally to test? Thanks.

https://redd.it/110m71x
@r_devops

Kubernetes: converting terraform deployments and resources to something better, like helm?

Hello /r/DevOps :)

Our predecessors have used terraform for everything. its not bad, but we do have to keep messing with the "state" of application deployments, configurations and associated settings inside kubernetes. It's not really a nice way to handle these things.

What I'm after is a useful tool that would help us convert these deployments to a helm chart.

The way we see it is that helm would suit us better should we decide to use something like flux or argo in future, but it seems like a lot of work to manually roll our own helm charts with values etc.

https://redd.it/110o1ka
@r_devops

Will working on one cloud platform pigeonhole me?

I've got experience with AWS and Azure, more on the Azure side. I've just accepted a new role which is Azure with a bit of on-prem. Do you think working more on Azure for a couple of years will make it harder for me to get a job that's AWS in the future?

https://redd.it/110p0hr
@r_devops

Is there anything you would improve?

FROM node:14-alpine

WORKDIR /app

COPY package*.json ./

RUN npm install

COPY . .

EXPOSE 1337

CMD [ "npm", "start" ]

What can I add to this simple node container? Could you provide a list of things I could add to this to make it more usable or improve performance?

https://redd.it/110w1ft
@r_devops

Question about Docker Compose for a project on remote machine

Hello! I have a project with a docker-compose.yml file and it runs locally without any problems since the code is located on a local machine but I want to run it on a remote host, preferably without placing there the whole source codebase.

Googling I found some suggestions to that but I'm struggling to get which solution is what I should go with or maybe there is even a better approach:

1) just upload it to registry and then docker pull it on a remote machine. The drawbacks here apparently are that free hub is limited space-wise and that I will also have to modify docker-compose.yml for a remote machine (right now it specifies where to find Dockerfile for each service, for remote it seems I'd have to use image: myname\myimage instead)

2) use docker context, create remote context, docker context use remote, docker compose up -d and it will be uploaded to a remote machine. Nice but very slow for some reason...

3) save images locally \ load them on a remote machine after transferring them over scp. I can't explain why but I have that gut feeling it's not a good approach while technically it could work

4) git clone the entire project to remote and then docker compose up. Simple, will work, but I don't want to move codebase over there, it's not necessary to have all the code to serve an app

5) use known and esteemed tools for orchestration. Overkill for my goal so I think

https://redd.it/110wskq
@r_devops

Terraform scripts

Just wondering the good practice in other companies, do the dev needs to write the Terraform infra code for their own project or the DevOps guys takes care of that?

https://redd.it/110xb3p
@r_devops

SOS: Laid Off, Possible Internal Transfer to SWE/DevOps role

Hey everyone, I need some help deciding my future. I was laid off in mid Jan, but am in the company system until Mar 1st. I was working as a full stack developer. I have 8 years of experience. I also have SOME experience with DevOps, mainly setting up CI/CD pipelines (build, testing, deploy) for some smaller projects. I have minimal experience with setting up observability.

A manager from another team looked at my resume and submitted me for a role working as a senior software engineer with a focus on DevOps. I would be working on the core product (building CRUD APIs, AWS lambdas, etc…), but I would also be the go-to for setting up observability, alerts, and the design of SLO/SLI for the applications in our AWS environment as well as setting up the CI/CD pipelines.

With my limited experience in DevOps/SRE, is this a role I would crash and burn in? Or is it trivial enough to setup observability and get comfortable within a few months (1-2)? I’m horrified at the idea that I would be the go-to person for that. If the situation was reversed-an Ops person with limited development experience being thrown into a development-heavy role, I’d expect that person to struggle for about a year, especially as a go-to.

I’m going through many emotions with my layoff, but I’m pretty much looking for “DevOps is non trivial given your background, you should not be the go-to for that stuff, you will destroy your team” or “with your experience, it should be pretty simple and you’ll be flying in no time”. Thank you, everyone 🙏

https://redd.it/110xbma
@r_devops

Linux Skills

Hi. Can someone suggest some good resources to learn Linux for DevOps Engineers?

https://redd.it/110yeb6
@r_devops