AWS privacy and security’s feedback

Hey! So, for our online event platform, we use Amazon Web Services (AWS) infrastructure. We have heard a lot about the security and privacy systems that Amazon uses to protect data, using all kinds of fancy stuff like the shared responsibility model, Advanced Encryption Standard (AES), and all these security and compliance certifications like SOC 1, SOC 2, and PCI DSS (don't even ask me about the last ones meaning).


But here's the thing, we wanna know what you think about AWS and how they handle privacy and data storage. Have any of y'all had any issues or concerns about this?

https://redd.it/12za2i4
@r_devops

Docker: Will my container contain source code?

Hi,

Getting ready for demo.

The back-end is written in Golang.

I remember that I have to make a Dockerfile, and K8S yaml.

But will my container contain my Golang source code or how can I make it not?

I just want it to execute a binary file and that’s it.

Thanks :)

https://redd.it/12zb4tp
@r_devops

Using GlusterFS as a storage for Kubernetes?

Hi all. I have a managed k8s on DigitalOcean and I want to use GlusterFS (mostly because of read-write-many one volume to be accessed by multiple pods).
The trick is to initialize glusterfs and a volume from k8s (as StatefulSet?) - all from the glusterfs to be controlled in k8s.

Does anyone of you did this? What's your experience, is it a good idea and where can I look for more implementation details (I'm new at k8s)?


Thanks!

https://redd.it/12zd9h1
@r_devops

Noone mentions Backup in devops? Is Veeam knowledge important?

IT admin trying to learn more about cloud/devops.

Is Veeam (Backup & Replication) needed for Cloud/Devops in AWS. Or is it better to just use some kind of Region or Availability Zone Duplication to carry out backup duties.
How do you backup your data in the Cloud (from instances, databases etc.)?
I normally don't hear much about this topic in devops so would be interested in hearing your thoughts on this.

https://redd.it/12zek00
@r_devops

IaC best practices level up your DevOps security (+ Free Cheat Sheet)

Hi folks

If you're looking to improve the security of your IaC, this blog post is for you. It breaks down the different stages of the DevOps software development lifecycle and provides best practices and tools for each one. There's even a PDF cheat sheet for easy reference.

Hope you enjoy it

https://blog.gitguardian.com/infrastructure-as-code-security-best-practices-cheat-sheet-included/

https://redd.it/12zf0tq
@r_devops

NewRelic and CloudWatch integration

At the moment we are shipping metrics from cloudwatch to newrelic using the built-in integration option that pull metrics on 5 minute interval.

I found out that there is an option to push metrics using kinesis firehose from aws to nr. Has any of you switched approaches or have implemented the kinesis firehose metric streaming?

I wonder what are the gains besides latency reduction from 5mins to 1min. Is streaming more expensive or cheaper comapared to newrelic polling integration?How would you rate the effort required to migrate? I've noticed there are articles, ready made terraform snippets.

Thanks!

https://redd.it/12zfvdw
@r_devops

DevOps Jobs list. (EU & UK, India and USA)

We created a list of DevOps, SRE and Platform engineering roles, with a particular focus on Terraform and Infrastructure as Code (IaC) positions.

The list features various job posting from companies looking for experienced DevOps, SRE and Platform engineers. The job postings are grouped into separate tables by region (EU & UK, India and the USA). It also has a column specifying if the job is remote or not. Feel free to contribute and add more jobs & regions to this list

https://redd.it/12zjo2f
@r_devops

FYI to anyone running Terraform on a Mac, you may need to re-install it

https://discuss.hashicorp.com/t/hcsec-2023-01-hashicorp-response-to-circleci-security-alert/48842/4

https://redd.it/12zki4z
@r_devops

Front End Observability with Grafana Faro

Grafana made its Frontend Observability tooling in Grafana Cloud available as public preview 2 days ago (24th April). This effectively is their open source frontend library Grafana Faro and Grafana Agent receiving the data and passing it on to Loki and Tempo. Could be a nice addition instead of sentry or new relic if Grafana tooling is already deployed.

An introduction and examples with some screenshots:

https://blog.mayflower.de/15107-grafana-faro-frontend-observability.html

https://redd.it/12zkey6
@r_devops

Looking for a tutor to help in a project involving Docker, AWS, Kubernetes and EKS, Kafka and publish-subscribe, Circuit breaker and bulkheads

I have developed a Node.js application using MySQL database, and I need to dockerize it, and deploy it to AWS using a provided CloudFormation template. I also need to:

* Move the containers to Kubernetes (K8S) using Amazon’s Elastic Kubernetes Service (EKS).
* Use a K8S liveness probe to monitor services.
* Book service will call an external recommendation engine (external service that will be provided).
* Create a circuit breaker for the interaction with the external service.
* Define an asynchronous messaging interaction using Kafka (Kafka cluster will be provided) and create a Kafka consumer (asynchronous service) that will send an email to newly registered customers.

Can anyone help me with this? I need to get this done soon, and I'm seriously overwhelmed. Please don't tell me to spend some weeks to learn everything first, I really don't have much time that's why I need a private tutor. Willing to pay.

If there is anyone who can help me in these tasks, I would be super grateful. Also if this isn't the right place for this post, please guide me to where I can get help. Thanks in advance!

https://redd.it/12zt0o6
@r_devops

Self-Hosted, Distributed, No-code Performance Testing Platform

Hello Everyone,

Last year, we released the Ddosify Engine, a high-performance load testing tool on GitHub. With its simplicity and powerful features, it quickly gained nearly 7K stars. During this time, we actively engaged with Ddosify users to understand how we could further simplify the performance testing process. The most common feedback indicated the need for an easy-to-use with No-code UI and distributed performance testing platform.

We are thrilled to announce the release of Ddosify Self-Hosted on GitHub today. Unlike the Ddosify Engine, this version features a No-code UI and supports distributed traffic generation.

Here are some key features of Ddosify Self-Hosted:

Postman Import: Seamlessly import Postman collections and convert them into load testing scenarios.
Correlation: Extract variables from previous phases and pass them on to subsequent ones.
Assertion: Ensure response data meets your expectations.
Debugging: Examine request and response data before initiating the load test.
Environments: Save constant values as environment variables.
CSV Data Import: Import test data from CSV files and incorporate it into the scenario.

We have spent months developing this product and are eager to hear your thoughts. Thank you in advance for any feedback you can provide!

https://redd.it/12ztjvn
@r_devops

DevOps - Bait and Switch

Hey All,

I'm coming from a developer background and recently joined a F500 in a DevOps role. For some context, I worked as a full-stack developer for approximately 3 years in a startup with a completely cloud-native environment where I gained a lot of hands on Azure experience. While working I also obtained 2 Azure certs.

I recently went through the job hunt, and got an offer approximately 3 months ago with the for a DevOps role to work on AWS (current job). I figured it would be an interesting challenge and allow me to learn a new cloud provider while building skills in a larger organization. Unfortunately however, I feel like it was a bait and switch.

Upon joining the team and getting to know the application and systems, it turns out that the team I am working with is completely on-prem trying to migrate a legacy application to microservices for almost 2 years without any definite forecast in the short/medium term to actually deploy them to AWS. The interview and the job description mentioned most of the work will be AWS based. Right now it feels like a SysAdmin role, which isn't exactly what I was expecting.

On the positive, I am learning a ton about networking and on-prem infrastructure, but I am worried my cloud skills, and by extension dev skills (since there isn't much allowance for any programming due to the organizational structure) will start to decay. What should I do in a situation like this? Should I stick it out? I currently have another offer for a full-stack dev role, although, the pay is slightly less.

Thanks for any feedback!

https://redd.it/12zvj2a
@r_devops

For everyone doing their client work - what are your rates and how do you even determine what your rate is?

Hi everyone,

I’ve done work for clients through agencies before with the agency even paying me market rates. That being said, how do you figure out what rate the agency is charging the client? If you’re doing work for clients directly, what rates are you charging? I might have an opportunity coming up to do work directly for a startup so I’m trying to find resources on what to charge - I definitely don’t want to sell myself short.

https://redd.it/12zzu9c
@r_devops

Are these good replacements ageing software?

I'm thinking of replacing a very old set of observability tools with a more modern and supportable set of tools. The original tools were hacked together 7 years ago but none of the original staff are around to update them or grow them into the new requirements we have - namely lots more data of every kind and multiple new data sources. the systems keep running out of storage or manual intervention way too much of the time We currently have a mixture of NxLog, LogStash, Metricus, Graphite, and Logic Monitor plus we have metrics feeding in from third-party systems. I'm thinking of using :

- fluentd to replace nxlog, logstash, metricus
- a Prometheus server to replace graphite storage and Riemann filters
- and then everything feeds off the central Prometheus server for alerting and shipping and reporting for instance to pager duty/splunk ops and Azure storage for long-term archive.

What do you think?

https://redd.it/1300hvw
@r_devops

Varnish in front of IIS

This is a really stupid question from someone not super experienced with backend / devops but:

I think varnish is a caching reverse proxy right? So am I right in that you would need one single instance in front of each webserver instance (eg a container)?

Or is it one instance one front of ALL webserver instances? confused. Thx.

https://redd.it/1300ej0
@r_devops

Was told "<tool> can be configured with <language> because it is written in <language>", am skeptical.

Hi all,

Unsure of where to ask about this, but since I was told the following during a DevOps bootcamp I thought I'd try my luck here.

Often, the last time being when teaching Kubernetes, a teacher told my class that "this tool is written in some programming language, which explains why it can be easily configured using the same language, or why it is more compatible with some other software which has ties to said language".

This quote is as vague as it was originally told, the teacher in question said this multiple times in various ways, and isn't the best of speakers.

I am skeptical about that statement.

Surely, once code is compiled the resulting binary becomes completely independent of the language it was originally programmed with?

What would make sense to me is "this tool includes an API which was developed to be especially easy to use with the same language it was written with".

Kubernetes is written in GO, and so is Podman. But that alone doesn't make them particularly compatible? This compatibility would come from the developers' design choice, right?

https://redd.it/1303yuf
@r_devops

Writing a Kubernetes Network Plugin (CNI) in Rust

https://thetechtrailblazer.blog/2023/04/27/writing-a-kubernetes-network-plugin-cni-in-rust/

https://redd.it/1303q6q
@r_devops

Help: Docerkize IIS app and SQL server with windows authentication

I have .net4.5 and used Docker to run asp.net on IIS app using windows server core image. But how do I containerize a SQLsever db with windows authentication?

https://redd.it/12zyo5f
@r_devops

How do you manage your container lifecycle?

I wrote some notes since it seems nontrivial to clean up old images without mutating the tag. Am I missing something please? https://dabase.com/blog/2023/container-lifecycle/

https://redd.it/1302hwu
@r_devops

Learnings from integrating JMX based metrics from Java applications into time series databases

https://last9.io/blog/learnings-integrating-jmxtrans/

https://redd.it/1308y1v
@r_devops

Is "Certified GitOps Associate" a joke or desperate attempt by CNCF?

Why does CNCF the want to sell certs so desperately?

https://redd.it/1309zrg
@r_devops