Humble bundle cloud computing

Hello

What do you think about this :

https://www.humblebundle.com/software/complete-cloud-computing-bundle-software?hmb\_source=&hmb\_medium=product\_tile&hmb\_campaign=mosaic\_section\_1\_layout\_index\_1\_layout\_type\_threes\_tile\_index\_1\_c\_completecloudcomputingbundle\_softwarebundle


It seems affordable for starting aws or azure certs ?

Thank you

https://redd.it/13cm3hh
@r_devops

What next?

Hi all!

I'd like to hear your opinion on what should I focus next, as a DevOps engineer with \~1y of experience. Recently I was laid off from a startup company that didn't get the investment they needed, so I am currently applying for new roles.

I have a MSc in System Engineering, so I'd say that my networking and Linux skills are solid. When I say Linux, I mean higher level stuff, like terminal work, bash scripting, general file system and concepts understanding (I do not know kernel, cgruops, namespaces almost at all). I do know and understand networking protocols on different layers and am okay with security standards.

I have some experience with AWS cloud (mainly EC2, S3, Route53, ELB), but not at a great level. I do love working with cloud, though. I have solid automation experience through bash and python. I have wrote tons of Ansible playbooks for many servers. Created custom Linux distributions using Cubic. Setup VPN servers and client config files (Wireguard). I have very solid Docker knowledge, and OK understanding of Kubernetes concepts. We didn't use K8s in my previous company but I have completed some Udemy course and created some clusters on AWS, and made several deployments using different K8s objects. I wrote some BitBucket pipelines for CI/CD processes (most notable being the docker image building, pushing to hub, and deployment of a new container from newly published docker image). I have setup several Nginx servers and wrote config files, with TLS certificats as well. I do understand build process and getting artifacts for most programming languages, did some C++ back in college but am now rusty, but generally understand OOP. I also know some vanilla JS.

I think that my disadvantages are lack of actual K8S experience, lack of terraform, and databases. I am thinking on working on these, but not sure if that's smart. Maybe I should focus more on AWS and its services?

I really am hungry to learn and my journey so far has been really interesting to me, so I definitly find myself in this field long-term. However, I am now without a job and honestly struggling to find a new role.

What do you think I should learn short-term (to get a job), and what should my focus be on in long-term? I hope my questions make sense.

Thank you all!

https://redd.it/13cqjvd
@r_devops

Is this anti-devops pattern?

Currently at work, the devops team is the only team that uses Terraform. If they make a ci/cd which will allow developers to use Terraform for deploying their own resources like ec2, lambda, etc, will that be considered an anti-devops pattern?

https://redd.it/13csvh8
@r_devops

What the fuck is going on with github lately?

They've had 36 incidents since the start of March. Actions are having degraded performance on an extremely regular basis, and it's causing legitimate issues at my company since we rely upon actions for deploying and doing quite a bit of our work. Does anyone know what is going on over there? I really don't wanna have to rewrite all of my actions to run elsewhere, but they are making our team seriously consider making the move

https://redd.it/13cw9wm
@r_devops

Just started a director job at a company 5x the size of my last one and am quietly freaking out. Could use some advice on how to hold my crap together so I don't quit.

Was getting suspicious that the startup I worked for was on shaky legs so took an interview with a big, big health insurance company and ended up getting a more senior job than I thought. I answer to the CTO and have been tasked with modernizing sys admin set up.


The CTO says they understand that this “modernization” will take some time, but what they don’t see is all the shit that could go wrong all the time.


I’ve counted at least 5 related dev teams that aren’t coordinating at all and least 4 SaaS services that are completely redundant with each other.


I guess this is a vent but would appreciate to any help you can think of for not losing my mind.

https://redd.it/13cykjj
@r_devops

How do you guys manage "promotions" between environments with kustomize?

Hi!
I don't know if "promotions" it's the right term, but what i mean is the process of taking some stuff from an environment (eg. Staging) to another (QA or Production).

Very often i found myself struggling to take notes on what is changing in staging, that needs to be moved to other environments..
Sometimes can be only some env vars, sometimes entire microservices.

I don't know if i'm somehow hitting the limit of kustomize or i just need a new tool for manage that stuff.

How do you guys do it?

And also, sometimes i need to make changes to the actual deployments, and i can't just do them in the bases, because those changes would be applied in all the overlays (staging, production,...), so i found myself write a bunch of patch for each overlay, and it's not that clean..

https://redd.it/13d0ddl
@r_devops

Started a new job and feel like im completely under qualified

I recently switched jobs due to my old one not being a healthy environment. The new job I started I feel as though I don't know anything. Last decade of work experience I have gathered is just out the window. Will admit I am freaking out internally a little by how talented everyone is. Trying my best to learn and ramp up as quickly as possible. Any advice from you folks would be greatly appreciated!

https://redd.it/13d2tka
@r_devops

How to react to Condescending remarks by superior

So today I was tasked with creating a PR for a DNS change (Using DNS control). I created the PR but accidentally entered the incorrect DNS name. This DNS name is an application proxy DNS name given by Azure and is found in the Enterprise Application of Azure AD. Obviously these are all complex things to learn specially when this all new to you. My Boss then tells me in a Slack Huddle “ I don’t know how to Coach you. I am trying to find the gap but I can’t find it. It doesn’t look like you are understanding this at all” He then proceeds to draw a diagram in notepad and says “I even drew a visual diagram” again, this stems from one simple mistake in the DNS name for a new server that only one person uses. Any advise on how to handle this?

https://redd.it/13d1qxa
@r_devops

An AWS IAM Wishlist

I put together a [wishlist of top AWS IAM feature requests](https://www.zeuscloud.io/post/an-aws-iam-wishlist) based on conversations with devops and security folks:

* IAM Authorization Debugging
* Mapping of API Calls, IAM Permissions, and CloudTrail Events
* SCP Audit Mode
* SCP for Resources
* API Request Parameters as Condition Keys

Curious to hear what your biggest gripes have been with AWS IAM? Do these resonate with you?

https://redd.it/13d6dbp
@r_devops

WMS system for linear materials

One of our companies has a unique problem. At least something I've never experienced. We have a warehouse that handles polycarbonate sheets both as our stock and by consignment. We get the sheets at 50 ft lengths and cut it down to customer's specs. The remaining material, that is useful, we return to stock through a convoluted process of an excel file that's editing the database. To me, that excel file is worrisome given you could zero out everything in the warehouse and no one would be really know who did it. It has happened before.

So! I'm looking for a WMS that has a pick process and a return excess material function.

Anyone know of a solution that does that or can provide insight in how they've cleanly resolved such a problem?

https://redd.it/13d7wju
@r_devops

Wanting to break into DevOps

Hey there, I’m a IT Support Specialist trying to break into DevOps(specifically Azure). Just trying to see which path is good to take as well as which certs, labs, and study labs to utilize. Thanks in advance.

https://redd.it/13d8y7q
@r_devops

What products does your org pay to license?

Title pretty much says it all. What products or services do you see the value in paying for, specifically for support licenses? Versus using community / free / libre open source products. Why?

https://redd.it/13dazuy
@r_devops

Am I a bad platform engineer or am I just a bad platform engineer at this company?

I am struggling to understand what to do. I switched jobs last year because while I was kicking ass at a mid-sized local company on a small devops team, I wasn’t getting paid quite what I thought I should be. So, I switched to a senior platform engineering role at a coastal company, fully remote and got a significant pay bump. However, I have been floundering according to my superiors. I recently got feedback that they’re questioning why I’m a senior.

This company is very large and the infrastructure is both complex and broad. The architects and people who’ve been at the company for years are super smart, super capable and do things quite faster than me. It’s been depressing. I feel like I was a big fish in a small pond in my last job and I almost singlehandedly migrated the companies cloud apps to a Kubernetes cluster with a service mesh. But now I feel like a small fish in a big pond. And its not that I don’t understand IaC, K8s, CICD or any of the cloud native technology. It’s more that I haven’t been able to complete any big projects or show off any high visibility effort because everything I have been doing has been internally facing to our team. I do struggle to code better (this position uses more javascript than I’ve ever had to touch before) so I have had to learn a lot. But I also struggle with the processes of creating design documents and goal gates. I just wanted to build cool stuff and instead I’m more or less vaccuming the floors. I don’t know if working for a multinational company with high-level engineers is for me, but I don’t know where else to go that will pay me this much. I’ve been doing this for 8 years. I have taught devops principles at tech conferences and I can’t somehow keep up.

EDIT: I’ve been at this new company for almost a year. I got a bad annual review last year but I had only been there a few months and I chalked it up to a steep learning curve. Then, my boss and three other people on my team left. I was actually doing pretty well over the past few months but the feedback that I’m struggling is coming back.

https://redd.it/13dbccy
@r_devops

Running DataDog agent as a sidecar container for APM in ECS Fargate

Hi,

So we are using ECS EC2, and running our DataDog agents per host. Now we want to move to Fargate and debating how to integrate the DataDog agent.

There are two (?) ways:

\- Run DataDog agent as a sidecar. One for each ECS task.

\- Send APM metrics from application to an external DataDog agent and the agent will send it to DataDog.

​

First option, is clearly the easiest.

However, there is concern than running a sidecar per task (we would usually run around 1000 ECS tasks), would be a considerable cpu/memory overhead to the task.

But considering the overhead of maintaining DD agents and updating the application to send metrics to DD agents, I think running sidecars is the efficient solution.


How can I convince the team the running a sidecar does not drain too much resources.

Do you guys know any numbers on this? Or any advice on this?

Thank you.

https://redd.it/13dbpj4
@r_devops

What are skills you wanna master at work to make your life easier?

title of the post

https://redd.it/13dezxd
@r_devops

Whats the deal with azure devils?

I’ve been looking for a new job and for some reason most of the recruiters here (Costa Rica) need azure devops specifically. Most of my experience is with gcp and aws but I’ve worked with azure, just not as a devops type role. What’s the deal? Are there features/cost savings that make it popular?

https://redd.it/13d5u1c
@r_devops

Breakfast puzzle for DevOps Experts

Please reply with your scores :D

​

https://funfordevs.com/

https://redd.it/13d2ain
@r_devops

Local Development Technologies?

Currently working for a startup that does local development via docker-compose and mounting the source code into the containers as volume mounts. It works but as the app gets bigger it becomes more of a burden on peoples machines to run it all and compiling/pulling dev images is cumbersome when libraries need to change

What technologies is everyone using to do local development? What have you found that works and what should you stay away from?

Currently looking at switching to telepresence or something like devspaces with our migration to K8s but not sure yet

https://redd.it/13d1i36
@r_devops

I can't believe it's not DNS - Or how I spent a weekend fighting networking in Kubernetes

This is a short writeup on the debugging I did trying to figure out why DNS was completely broken in my fresh Kubernetes install. It seems like it's something that could be hitting a lot of deployments so I hope some of you find it useful.

I should also add that networking is not my strongest domain, so please let me know if you see any inaccuracies or have something to add!

https://redd.it/13dj0bh
@r_devops

Is it okay if IaC is not part of CI/CD pipeline but a separate process?

Let's consider there are multiple projects (development teams) inside one organization. Each one works on their own product with DevOps goals in mind so they can deliver software quickly and reliably to its users with the help of CI/CD process. One thing that is not automated *by product teams* is the process of infrastructure provisioning. It is assumed they are provided with infrastructure by the infra team to deploy their project to (for example slice of the on-prem Kubernetes cluster).

​

In that same organization, there is an infra team that manages the company's on-premises infrastructure. They are responsible for managing bare-metal servers, VMs, k8s clusters etc. They do this in an IaC manner so (apart from bare metal maybe) they can provision set of VMs, k8s clusters or new tenants in existing k8s cluster with a click of a button.

​

As you can see there is a clear separation between infrastructure provisioning (good thing it is IaC though) and delivery of the software on that (CI/CD pipeline).

​

If teams were deploying their software to the cloud they could provision the infrastructure they need during CI/CD process because:

\- cloud has "infinite" resources

\- there is an API so it is self-service

\- there is a natural force that keeps you from requesting too much - cloud costs

​

Although the self-service part could be solved on-premises by deploying some sort of private cloud, resources are not "infinite" in this case and no real money is involved. Currently, when a new product team requests a slice of infrastructure for their needs there is a manual sanity check if the request seems reasonable for a project scale and might require approval from a manager. After getting approval infra is provisioned with a single click of a button and the product team can run their project on that.

​

What would you say about DevOps practices at that company? Is that separation between infrastructure provisioning and CI/CD process a common thing or it is a priority problem to be addressed?

https://redd.it/13djxu0
@r_devops

Database VM access restriction from Kubernetes pods

Hi

We have a MariaDB database which is on a VM and applications deployed on Kubernetes trying to connect to it.

The problem is, in order to give access to pod A with username X on Kubernetes we have to allow all Kubernetes IP ranges as the pod doesn't have a static IP, so pod B can also try to connect to the database using X username.

Is there any solution to this issue?

​

Update 1: If pod B somehow gets A's credentials, it can connect to the database as well, but if A was hosted on a VM and B on a separate VM, we could tell MariaDB to only allow connection from A's VM IP.

Update 2: Our K8S and VMs are on-premise

https://redd.it/13dkxro
@r_devops