Any recommendations for CLI wrappers?

I currently have a makefile with a bunch of kubectl, helm, and aws commands for various environments. This is pretty ugly / brittle as the commands are duplicated for each environment, and I'd like to be do something like `<something other than make> apply_xyz -env staging`or `<something other than make> apply_xyz -conf ./staging.yaml`.
I recall seeing a CLI wrapper project maybe half a year ago from a DevOps influencer type that looked promising, but I can't recall who it was, or what the project was called.

Does anyone have any suggestions? I'd rather a more basic wrapper, vs doing my own in with fabric, etc.

https://redd.it/13137hi
@r_devops

Is this stack good enough to get a cloud devops role?

I am currently a network admin looking to transition into cloud devops by sometime in 2024.

My predicted stack by the eoy should be:

-terraform
-Ansible
-kubernetes
-docker
-CCNA
-Az-900

Will this be enough for me to transition?

https://redd.it/1313ril
@r_devops

DevOps redirected to "study" work for AI project

Hello guys,

I need some help/hints for the following ticket since i am kinda confused. I used to work always as sys admin or DevOps but since there are no more projects they ask us to do "study" work and contribute on confluence pages for a AI project.

So they ask us this:

Complete a comprehensive analysis of all the network planning (cellular and non-cellular) software landscape, listing all tools used and categorising them by logical criteria (tbd based on analysis) but inclusive of market share.

Examples: Atoll / ABWave / Etc.

&#x200B;

&#x200B;

I dont have any idea about this type of IT since it was never in my job listing so i am trying to figure out how i should approach it...I checked Atoll but still i am not sure i make much of sense and if this is enough...

https://redd.it/1316ub9
@r_devops

How important is Software Craftsmanship at your work ?

How much care your company puts into developing software ?

Do they follow best practices, make sure to properly plan and prepare everything, create documentation, design papers, testing strategies, code quality gates, technical dept management, give development enough of time to create proper solutions.

How many companies even stay adamant about the way they produce software over the years ?

How many of you heard about Software Craftsmanship ? Does anyone even follow the manifesto at work ?

https://redd.it/1318mf2
@r_devops

GHA/ADO - Manual deployment of YAML pipeline to multiple environments - single pipeline with env selection vs separate pipelines per environment

GHA = GitHub Actions, ADO = Azure DevOps

Assuming I have 3 environments, dev/test/prod.

I use trunk based development. After every commit to the trunk, CI pipeline is run to build artifact & upload it as pipeline artifact. CD pipeline for dev environment is then automatically run when CI finished. This CD pipeline deploys only to the DEV env.

TEST and PROD deployments are manually triggered in our case right now. Also DEV sometimes has to be manually rolled back to previous artifact.

In case of manually triggered pipelines would you prefer to:

1. Have separate piplines for separate environment - like deploy_dev.yaml, deploy_test.yaml, deploy_prod.yaml. They can be parametrized by variables inside YAML template. Templates can be used to not repeat everything yet pipeline using templates would still be duplicated in some way.
2. Have single pipeline with Azure DevOps environment as a parameter - when triggering we can selecct whether to deploy specific artifact to dev, test or prod. Everything which needs to be parametrized can be parametrized via library group (ADO) or environment vars/secrets (GHA).

Why don't I use single multi-stage pipeline with stages for all environments? Because in our case deployments to test and especially prod environments are not really automated and Azure DevOps doesn't provide great support for manually triggering stages in multi-stage pipeline (they did with classic release pipelines).

I have seen both approach and I do not have a strong opinion. But I lean towards second option.

What are your thoughts?

https://redd.it/131a1vt
@r_devops

API7 Cloud Integrates with Kubernetes Service Discovery

https://api7.ai/blog/api7-cloud-integrates-kubernetes-service-discovery

https://redd.it/12ze1dz
@r_devops

For anyone that's created their own company to do contract work, how did you set up your company?

I'm interested in trying to find some side work due to a slew of expenses coming up shortly and looking to get something set up to protect myself and utilize as a financial vehicle in addition to my day job. Does anyone have experience in doing this and how they structured themselves they can share?

https://redd.it/131cpj6
@r_devops

Fortify FOD

So we are trying to pack our code as zip which lies in our git repo at location (parrot/deploy/java/app).

My question is, does fortify FOD expect the code to be present at a particular directory within the zip for eg. (fortify upload.zip/src/app)?

Or do I package the parrot/deploy/java/app folder directly.

https://redd.it/12zdh1h
@r_devops

How to Improve Your App Observability (Easily) with Grafana and OpenTelemetry

Check out the tutorial about your app observability: https://brightinventions.pl/blog/how-to-improve-your-app-observability-easily-with-grafana-and-opentelemetry/?fbclid=IwAR0eQJISS3lRTHvG_MTYK8wQ9xxP6ulm-IaV2viJamWzNzxiHDpc7KxvR2U&utm_source=reddit&utm_medium=organic_social&utm_id=blog_tech

https://redd.it/131lky6
@r_devops

Keep telling PM theories something doesn’t work

So we program email templates. Client refuses to test in anything other than the janky version of Outlook for emails that go to their clients as they don’t understand each email system has its own quarks.

Anyways full QA and UAT on this product.

Client submits a bug ticket that image reported as missing in Gmail.

Between me (programmer who didn’t even program this new product), PM and QA team we spent nearly all day trying to figure this out. I kept saying it had to be a filename issue. We can only test for this issue in the production environment because of how the stage environments are set to convert all recipient emails to out test inbox in Outlook… After about 3/4 of the day completed it is determined the filenames the client used when they uploaded had spaces and it is a known bug since 2014 that Gmail can’t render the images that have a space in the name.

https://redd.it/131myxn
@r_devops

Intelligent next-gen editor for infra-as-code

Hi everyone, we’ve been working on an adaptive architecture engine as part of the open-source Klotho (github), and are now adding an intelligence layer on top of it we call InfraCopilot that features:

- High level editor - Start with a high level design and let InfraCopilot fill in the details
- Rearchitecting with confidence - Change architecture components and designs while InfraCopilot adjusts the rest to work with your changes
- Text + Visual editing - Use the UI or text based commands for maximum productivity
- Exporting Infrastructure-as-Code - Generate a deployable version of any of your architectures.
- Syncing with Github - Save and resume your work using your GitHub repo

We’re sharing the early access with the community - What are the last 2 Infra-as-Code tasks you had to do that took you more time than you were hoping?

https://redd.it/131psex
@r_devops

Beware of pricing tricks from Kodekloud

Their annual subscription was 135USD.......but recently after a "discount", the cost went up to 180USD.

https://redd.it/131r8q8
@r_devops

Best Practices for Managing On-Call Rotations

Here's an article with tips on how to best manage on-call rotations! Those lessons were hard-earned from over a decade in the trenches!

https://certomodo.io/best-practices/incident-management-oncall.html

https://redd.it/131un1v
@r_devops

How do I restrict access to a Vercel app to traffic from my companys VPN?

I have this complex form I have deployed on Vercel and I only want people to be able to view it from the company VPN. How do I go about this? Do I dockerize the app with nginx and set up some rules, or do I use some Vercel plugin?

P.S: Can you pause or shelve a deployment? I can only see an option to delete but not to pause or take something offline.

https://redd.it/131ylq0
@r_devops

Octopus Deploy with TFS

Hi, We are considering Octopus but we still use TFS not GIT.

How's their support for TFS?

https://redd.it/131tmpm
@r_devops

Best AI course for a senior DevOps engineer?

I am a senior DevOps engineer with some backend knowledge.
I have recently worked on several projects, and I am now interested in learning how to use AI and integrate it into my daily work and projects.

Can anyone recommend an AI course that covers the basics of AI and its implementation in projects using Python?

https://redd.it/1324o7i
@r_devops

Best way to control Code PR Merge/Approval at Github/Gitlab level or at Argo/Jenkins Level?

I might be wording it wrong here, but basically I want to hear out opinions on best way to handle the code deployments onto EKS Setups.

Do we put a guardrails and validate that we are merging the right code at Gitlab/Github and then let the Dummy CD tools (Like Argo or Jenkins) pull and push the code or do you think the best way is to let users provide an option at Argo (or Jenkins) to approve the code coming to their end and let the deployment goes through??

&#x200B;

Any thoughts on this silly topic??

https://redd.it/131sba9
@r_devops

Dev podcast listeners - what do dev podcasts never talk about?

Basically the title. If you listen to dev podcasts, what topics do you feel are not getting enough attention? What should be talked about more? What would you like to hear?
I'm an editor at a new dev podcast, I feel like "Top 10 AI dev tool" listicles created with ChatGPT are getting kind of boring. Would love to hear your thoughts.

https://redd.it/131swu7
@r_devops

Is there any good Open Source Alternative to Ploi, RunCloud, ServerPilot...

Like the title said, is there any open-source alternative to those services that is equal in features?

I want an open source alternative that I can install on one server and have the ability to connect an manage many other servers.

https://redd.it/1329kd7
@r_devops

Issue with ingress-nginx on Windows

https://github.com/kubernetes/ingress-nginx

&#x200B;

Read the docs, but this command doesn't work:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml

&#x200B;

I get:

Resource: "batch/v1, Resource=jobs", GroupVersionKind: "batch/v1, Kind=Job"

Name: "ingress-nginx-admission-patch", Namespace: "ingress-nginx"

for: "https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml": Job.batch "ingress-nginx-admission-patch" is invalid: spec.template: Invalid value: core.PodTemplateSpec{ObjectMeta:v1.ObjectMeta{Name:"ingress-nginx-admission-patch", GenerateName:"", Namespace:"", SelfLink:"", UID:"", ResourceVersion:"", Generation:0, CreationTimestamp:time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC), DeletionTimestamp:<nil>, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string\]string{"app.kubernetes.io/component":"admission-webhook", "app.kubernetes.io/instance":"ingress-nginx", "app.kubernetes.io/name":"ingress-nginx", "app.kubernetes.io/part-of":"ingress-nginx", "app.kubernetes.io/version":"1.7.0", "controller-uid":"8326bc68-6f8c-426f-91d5-72d58694b3e7", "job-name":"ingress-nginx-admission-patch"}, Annotations:map[string\]string(nil), OwnerReferences:[\]v1.OwnerReference(nil), Finalizers:[\]string(nil), ManagedFields:[\]v1.ManagedFieldsEntry(nil)}, Spec:core.PodSpec{Volumes:[\]core.Volume(nil), InitContainers:[\]core.Container(nil), Containers:[\]core.Container{core.Container{Name:"patch", Image:"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v20230312-helm-chart-4.5.2-28-g66a760794@sha256:01d181618f270f2a96c04006f33b2699ad3ccb02da48d0f89b22abce084b292f", Command:[\]string(nil), Args:[\]string{"patch", "--webhook-name=ingress-nginx-admission", "--namespace=$(POD_NAMESPACE)", "--patch-mutating=false", "--secret-name=ingress-nginx-admission", "--patch-failure-policy=Fail"}, WorkingDir:"", Ports:[\]core.ContainerPort(nil), EnvFrom:[\]core.EnvFromSource(nil), Env:[\]core.EnvVar{core.EnvVar{Name:"POD_NAMESPACE", Value:"", ValueFrom:(*core.EnvVarSource)(0xc00a791ac0)}}, Resources:core.ResourceRequirements{Limits:core.ResourceList(nil), Requests:core.ResourceList(nil), Claims:[\]core.ResourceClaim(nil)}, VolumeMounts:[\]core.VolumeMount(nil), VolumeDevices:[\]core.VolumeDevice(nil), LivenessProbe:(*core.Probe)(nil), ReadinessProbe:(*core.Probe)(nil), StartupProbe:(*core.Probe)(nil), Lifecycle:(*core.Lifecycle)(nil), TerminationMessagePath:"/dev/termination-log", TerminationMessagePolicy:"File", ImagePullPolicy:"IfNotPresent", SecurityContext:(*core.SecurityContext)(0xc00a0ea5a0), Stdin:false, StdinOnce:false, TTY:false}}, EphemeralContainers:[\]core.EphemeralContainer(nil), RestartPolicy:"OnFailure", TerminationGracePeriodSeconds:(*int64)(0xc0104743c8), ActiveDeadlineSeconds:(*int64)(nil), DNSPolicy:"ClusterFirst", NodeSelector:map[string\]string{"kubernetes.io/os":"linux"}, ServiceAccountName:"ingress-nginx-admission", AutomountServiceAccountToken:(*bool)(nil), NodeName:"", SecurityContext:(*core.PodSecurityContext)(0xc00a6ed4d0), ImagePullSecrets:[\]core.LocalObjectReference(nil), Hostname:"", Subdomain:"", SetHostnameAsFQDN:(*bool)(nil),

Affinity:(*core.Affinity)(nil), SchedulerName:"default-scheduler", Tolerations:[\]core.Toleration(nil), HostAliases:[\]core.HostAlias(nil), PriorityClassName:"", Priority:(*int32)(nil), PreemptionPolicy:(*core.PreemptionPolicy)(nil), DNSConfig:(*core.PodDNSConfig)(nil), ReadinessGates:[\]core.PodReadinessGate(nil), RuntimeClassName:(*string)(nil), Overhead:core.ResourceList(nil), EnableServiceLinks:(*bool)(nil), TopologySpreadConstraints:[\]core.TopologySpreadConstraint(nil), OS:(*core.PodOS)(nil), SchedulingGates:[\]core.PodSchedulingGate(nil), ResourceClaims:[\]core.PodResourceClaim(nil)}}: field is immutable

https://redd.it/132buze
@r_devops