What's the better solution for Prometheus?

Hi, I have an eks cluster and all nodes are fully private. Currently, I installed Kube-Prometheus-Stack on it. But I need a centralized solution. If the whole cluster is down or something then I need to find why easily with my centralized data. Also in the future, I will have more than one cluster. So I need to view all metrics and data in one place.

What's the best way I can archive that? Any suggestions?

https://redd.it/111pjc7
@r_devops

One vs multiple CABs?

Does your company have separate CABs for infrastructure vs app dev changes? I’m interested in the pros and cons of each scenario.

View Poll

https://redd.it/111nuqz
@r_devops

Are there tools you can use to improve your docker containers like Docker Slim?

What are some useful tools out there?

https://redd.it/111snfj
@r_devops

Devops bootcamp or something similar

I am looking at making a possible career change and was discussing different options with a friend of mine. He suggested DevOps because he believes that based on my skills/interests, that I would enjoy it and ultimately do well. That being said, I am in a completely unrelated field currently and would be starting effectively from scratch. I know I have a long road ahead of me, but I was wondering if there are any recommendations for bootcamp or something of that nature that can help kickstart everything for me. I was looking at the one by The Linux Foundation but saw some not so great reviews from some of you which gave me pause.

I saw the "how to get into DevOps" post but didn't see much in the way of bootcamps for someone with no experience. Unless that's just not a great route to take for this field.

That all being said, I would appreciate any advice/direction that you may have for an inexperienced beginner such as myself. Thank you in advance!

https://redd.it/111sny9
@r_devops

Would you be interested in a podcast on career transformation?

A few days ago I asked this in the community, I had been in this situation where I was struggling to get guidance and mentor support for my career transformation, So I decided to do something about it.

Alongside side my friend, I have started a podcast where I am interviewing guests who have transformed their careers in Information Technology, discussing their journeys, challenges and solutions.

Also, one of the key aspects is that I am requesting these guests to provide mentor support to the community.

The target domain is IT, cyber-security, telecom, cloud, DevOps and ITES.

I hope by doing so, I can share back something with the community.

Do let me know if you are interested and I can share the details.

https://redd.it/111uqrp
@r_devops

winrm issues with packer

I am working on creating Windows 10 images (Windows is not my strong suit but I digress) with Packer. I am using https://github.com/rgl/packer-plugin-windows-update provisioner as the last step to update Windows and this is where my build fails most of the time - I get an i/o error

Failed to send shutdown command: unknown error Post "https://x.x.x.x:5985/wsman": dial tcp x.x.x.x:5985: i/o timeout

For some reason the firewall profile was changed to public (from private), which blocks winrm. Why is Windows update changing firewall profile to public? There was no reboot, which could possibly explain the behavior.

I said earlier that build fails most of the time because it does not fail all the time - probably fails 9 out of 10 times. I think I'd be much happier if it was consistently failing the same way. Has anybody encountered this and found a fix/workaround?

The workaround I have thought of (over the weekend) is to create a scheduled task before windows updates. The task would switch firewall profile to private every 10 seconds or so. I can then remove the task after windows updates. This seems pretty hacky though.

https://redd.it/111e883
@r_devops

Looking for tool recommendation

Hi,
I am looking for a tool to do the following:
Given a list of Azure VM images, create a vm from each of them, run a script on all of them, and output the result.

Essentially, I want a way to test what version of a specific command is running on each VM image I am using.

Thanks

https://redd.it/111e3gt
@r_devops

How DevSecOps Safeguards Your AWS Cloud Better?

DevSecOps is not just a buzzword, it's a mindset that can make a significant difference in securing your AWS cloud. With the increasing number of cyber threats, it's crucial to prioritize security at every step of the development and deployment process. Our blog post explains how DevSecOps can safeguard your AWS cloud better. Check it out now!

https://www.umbrellainfocare.com/blogs/how-devsecops-safeguards-your-aws-cloud-better

https://redd.it/1122nwc
@r_devops

AWS EKS cluster setup

Hello People

I created a EKS Cluster based on the documentation , and i used the VPC Yaml provided by AWS for VPC with public and private subnets.

Followed step by step , deployed a sample app and it seems OK

Just wanted to make sure if i should worry about creating a cluster provided by the docs .

https://docs.aws.amazon.com/eks/latest/userguide/creating-a-vpc.html

https://redd.it/1123ztw
@r_devops

All You Need to Know in 12 Minutes: Pods' Requests and Limits in Kubernetes

https://youtu.be/lKH1K5R3kqg

https://redd.it/1124bc1
@r_devops

Manually Configuring in Chef Nodes

How would you manually configure a chef node? (Say you wanted to add a file or delete a file manually) Do you use some sort of knife utility to enter into the node, or do you just SSH into the node like you would any other server? What is the best practice?

https://redd.it/1126rlz
@r_devops

Incident Management has come a long way.... interested in its journey leading to SRE?

Excited to see the interest in SRE in this community! We at Squadcast are hosting a webinar on the evolution of Incident Management. Your perspectives could enrich the discussion. If you're interested, sign up for the webinar[\[Evolution of Incident Management from On-Call to SRE\]](https://www.squadcast.com/evolution-of-incident-management-from-on-call-to-sre?utm_source=reddit)

https://redd.it/1127jwb
@r_devops

Service Registry/DNS Recommendations

We are building a new environment where different versions of various services will be deployed. When a request comes in to ServiceA, it will be routed to a particular version based on an HTTP header specifying the version.

Our services are currently deployed to AWS Elastic Container Service. We probably want to continue that but we could go in a different direction.

Right now, we are thinking that we want to use DNS. When a new version of a service (with for example version 12345) is deployed, it registers itself with the DNS server at 12345-service.example.com to be distinct from an existing service (for example abcde-service.example.com). Then a request specifies 12345 or abcde in a header and Nginx (or perhaps some other tech) routes the request appropriately.

I would use some flavor of AWS load balancing (the APIs are pretty good) except that we would like developers to be able to deploy this system locally using Docker.

Any suggestions as to a container deployable DNS server that allows registering/unregistering via API? Any other thoughts or suggestions?

Thanks in advance.

https://redd.it/11294l8
@r_devops

How do I use "-dev" similar to "-SNAPSHOT" in Jfrog Artifactory for gradle artifacts.

I'm new to this so please excuse the dumbness in this post.
I'm publishing gradle artifacts with version "-dev" to Jfrog artifactory, I need this to behave similar to "-SNAPSHOT" but it doesn't seem to do so. Jfrog Artifactory appends a timestamp to "-SNAPSHOT" versions but not "-dev" versions. Please refer to the screenshots attached for more clarity: https://imgur.com/a/Cz89wq1

This is the relevant layout settings for my repository:
Folder Integration Revision RegExp: SNAPSHOT|dev

File Integration Revision RegExp: SNAPSHOT|dev|(?:(?:\\d{8}.\\d{6})-(?:\\d+))

How do I achieve the same for "-dev"?
Is my approach wrong? Any input is appreciated.

https://redd.it/112aogq
@r_devops

How do I learn to love Kubernetes

It’s Valentine’s Day, which is a holiday about love, so what better day to ask a question of what advice would you give to someone so that they would learn to love Kubernetes?

https://redd.it/112bnxt
@r_devops

Team retrospective sessions for DevOps

More recently I've become responsible for organizing my team's retrospective sessions and I was wondering if there were any thoughts and experiences from the community on whether retrospective sessions are as useful for DevOps/SRE teams as they are for purely development oriented teams and what formats have you either been a part of or applied in your own team that you feel has worked.

Historically we used pretty much the same templates as the dev teams used which was basically a run through stuff done/stuff coming up and then a post-it style board with 4 sections - what went well, what went wrong, things to improve and appreciations. I think I feel that's a bit stale and could do with something either more engaging or more interesting, though I think there's clearly value in look at the what are we proud of having completed/what did we fudge up categories.

Curious to hear other experiences and opinions

https://redd.it/112ama5
@r_devops

Search Through Your Cloud Infrastructure with CloudQuery and Elasticsearch

https://www.cloudquery.io/blog/search-through-cloud-infrastructure-with-elasticsearch

https://redd.it/11246pw
@r_devops

What are some great platforms to help implement devops practices?

Never used one but i have a feeling there are platforms that can be used to define pipelines / workflows for infrastructure provisioning, configuration management and more that are both operations and developers friendly.

For example, developers could use that platform to provision on demand environments after that pipeline / workflow was configured. That workflow will connect to defined secret and configuration management system, provision new kubernetes environment for developer, connect to helm repository and deploy all applications and create + provide dns record for that new environment.

Platform that will allow for one place to provision everything and monitor status of all that is provisioned.

Maybe help with blue / green or canary releases.

Are there good platforms like this that worth checking out?

We're running on kubernetes (GKE/EKS...), using helm, terraform and planning to introduce argo project.

https://redd.it/112fwpw
@r_devops

From Head of Technology to Head of Infra

Hello r/devops !

I need some help from the seasoned folks around y'all

I've started my career as a developer, went all through the hoops until I landed as Head of Technology in a medium sized company

In this role I was overlooking everything from product, dev, infra, 3rd parties integration etc etc

I've also had some surface-level hands on experience with clouds (mostly spinning VMs and configuring GWs/FWs)

I was recently offered a Head of Infrastructure role in a large (think Fortune 500 large) company,

While I understand the basic terminology and I have a rather good grasp on architecture, I've never dealt with such scales.

Here's where you come in -

Any resources, any blogs, podcasts, books, YouTube channels and the likes you can recommend I consume before stepping into the role.

Anything and everything goes, my goal is to study as much as possible without a specific focus before I begin.

Thank you

https://redd.it/112gzv8
@r_devops

Blog: Why CI/CD security starts with source code

Great blog article on the utility of shift left methodologies & modern devops security tooling

https://www.arnica.io/blog/why-ci-cd-security-starts-with-the-source-code

https://redd.it/112gxmt
@r_devops

FutureStack Roadshow returns to Sao Paolo and San Francisco! Join the New Relic team onsite for free workshops, food and drinks, and demos to up your observability game. See you there!

Hey, r/devops!

Great news: FutureStack Roadshow is back! We have two exciting, free, in-person upcoming events:

[FutureStack Roadshow Sao Paolo](https://newrelic.com/events/2023-03-08/futurestack-brazil?utm_source=reddit&utm_medium=community&utm_campaign=amer-fy23-q4-futurestack%20san%20francisco) \- March 8, 8AM - 5:30PM @ Casa Bisutti
[FutureStack San Francisco](https://newrelic.com/events/2023-03-15/futurestack-san-francisco?utm_source=reddit&utm_medium=community&utm_campaign=amer-fy23-q4-futurestack%20san%20francisco) \- March 15, 9AM - 5PM @ SPIN San Francisco

# What is "FutureStack" and why should I attend?

* Learn how to elevate your observability game during hands-on workshops and courses.
* Form a deep understanding of what your peers are doing in a way that’s only possible through interactive in-person sessions.
* Plug into exclusive technical breakout sessions not available online and take your know-how to the Nth degree.
* Be the first to see new innovations New Relic is bringing to market.
* Beat the New Relic team at Ping Pong and gain bragging rights!

Hope to see you there!
\-Chris & the team @ New Relic

https://redd.it/112kfso
@r_devops