Coming from non IT background. Should I start with learning Linux? How is Imran Afzal’s video lectures on Udemy to learn Linux?

A friend suggested to begin with Linux to get into devops. Would like to know this community’s view. Thanks

https://redd.it/13cjzmm
@r_devops

Create windows node cluster Kubernetes in windows host

I have an IIS app with a docker image in windows/amd64 (arch). Looks like I need to create Kubernetes windows node cluster to orchestrate this docker in a windows host.

https://redd.it/13ff8gg
@r_devops

Is Dynatrace that bad?

I see mostly disparaging comments here about Dynatrace (most related to pricing). My company is positioning to use Dynatrace (money isn't an object for them), so pricing aside what can I expect?

My background is mostly working with open source stacks like Prometheus, Loki, Grafana, Tempo, etc.

https://redd.it/13c6467
@r_devops

How to increase visibility on GitFlow?

I'm working on a project that is relatively big, but very unstructured. Before I joined the team, they were working in some sort of trunk-based development, but with too many compromises. There are no feature flags, or even enough test coverage to confidently merge to master or do the deployments.

I decided that, given the lack of tests and bad integration pipelines, we're moving to Git Flow to enable more clarity about branches and environments until we build more maturity and implement the necessary stuff for TBD.

My question is, how to increase visibility about what is merged to where with GitFlow? Do you guys have any strategy to deal with that?

I have worked many years with both, GitFlow and TBD, but my main struggle with the former was to have a clear overview of the contents of each environment, especially for non-technical stakeholders like Product or QA.

https://redd.it/13fhpmn
@r_devops

How do you structure deployment workflows?

We've been busy the past year migrating our apps from docker containers on VMs to Kubernetes. We have Helm charts that get deployed via Terraform (helm provider) using Github Actions. We use three branches (main, acceptance and production), and only merge commits upstream. This kind of works, but leaves plenty of room for human error, as when we want to do a production deployment, the changes first have to go from feature branch > main (deploying to staging cluster) > acceptance (deploying to acceptance cluster) > production (deploying to production cluster).

Sometimes changes already get merged to the main branch to only be deployed on staging, but a deployment to acceptance comes in between and inadvertently deploys unwanted changes to acceptance.

I'm looking for a way to streamline this whole process, while retaining the advantages of automated pipelines.

https://redd.it/13fiv7o
@r_devops

Azure Pipeline Help!

Guys, I am an aws guy new on azure domain. Need to create a simple pipeline for both PHP and vue.js app. Basically, it is CD part, not needed for CI or build stages. Please check the below scenarios and help me how should i process or should I use ansible? Also let me know how permission should handle for this operation. Thanks.For PHP, steps are below:

pipeline will ssh/connect to azure vm server.

cd to app directory

git pull

composer install

For vue.js app, steps are below:

cd to app directory

sudo npm install

sudo npm run build

pm2 delete "name" 2> /dev/null || true

pm2 start npm --name "name" -- run start

https://redd.it/13fjy8b
@r_devops

How to deal with a junior devops who is also a tech lead

I am doing a contract with a tech startup and am a senior devops there. I have a junior who has been doing tech stuff for 3-4 years now and is decent ish at figuring out stuff. He questions literally everything and doesn't want to listen or accept an answer to anything. I have the choice of either getting frustrated for an hour or just letting him do his way in things and dealing with it later.

He also happens to be the tech lead and fairly up there in management buddy buddy with the CEO and CTO.

He is a big one of scrum, agile, stories and sprints so he hates how I have done a very fluid system of design on how we work because he can never commit any real time to working and my hours are on an as available status right now at about 20 hours a week.

I normally do a description, task details, research if needed, any instructions on how to do it if I have them and a testing plan is needed - some stuff I just figure he'd know to check like if we update a version of something or a node count etc.

I do have some tickets in there for more general stuff to be worked out as more details are available. We have something about docker today he brought in the CTO for and the result was what I said don't use docker but I had it as part of the ticket to research and test better ways though the devs wanted docker for it since that was their first google search result.

I'm wondering does anyone know how to deal with this? I don't want to cause conflict or get him in trouble or be rude it's just come to where some days I say fuck it and log off even though I have time and need to get work done.

https://redd.it/13fs2ne
@r_devops

Incident Write-ups

I'd like to share my insights on how to document an incident in preparation for a post-mortem!

https://certomodo.substack.com/p/incident-write-ups?sd=pf

(cross-posted from r/SRE)

https://redd.it/13fu6wy
@r_devops

Looking for a Windows utility to recursively search and replace text

We are moving a site in IIS to another server, and for testing we need to use a second URL as we cannot take the first site down. The new site has a login field that is currently failing, and we think it’s due to the way the login is potentially referencing the old URL somewhere for the return traffic. We found some hard coded references to the site name in some custom files already, but there are too many to search by hand. The person that made the site is no longer with the company and no other web developers, so by process of elimination I’m the SME. Can anyone recommend a method or utility in Windows 2019 that can recursively search a folder and file contents, and find and replace (or list) all specific instances of a search word or phrase? I told the network guy that he broke it, so I have a few days before he works it out.

Thanks!

https://redd.it/13ftur7
@r_devops

Is My Workload Normal

Hey everyone,

I wanted to share my current experience and workload in a new position I've held for about four months now. I've been in DevOps for about four years, and in my last role, I was part of a two-man team that migrated a multi-billion-dollar company from on-prem to AWS within a year, alongside some straightforward DevOps tasks. So, I'm no stranger to responsibility. However, my current role has left me questioning whether the expectations placed on me are typical for a DevOps role, or if I'm being stretched too thin.

Currently, I wear multiple hats: I'm the lead architect for an Azure migration project, responsible for implementing DevSecOps, and in charge of both the development and operations (infrastructure) teams for DevOps implementation.

Additionally, I've been assigned tasks that veer into the realm of a security architect rather than a traditional DevOps engineer. Here's a snapshot of what that entails:

- Integrating data privacy, industry regulations, and PCI impact assessments into the SDLC.
- Incorporating a standard set of security, privacy, and industry compliance requirements into every design.
- Defining a security component library for approved components and calls.
- Maintaining a common data catalog and defining data classification for each data item.
- Leveraging threat models to inform application security requirements and security architecture.
- Including mobile security requirements in designs.
- Implementing and managing various automated security tests, static application security testing (SAST), and dynamic application security testing (DAST) in the testing environment.
- Running denial of service and security stress testing before production deployment.
- Monitoring file integrity and handling reports of security vulnerabilities from end-users.

And the list goes on, with a variety of security testing and scanning procedures.

All these tasks are on top of my responsibilities as the lead architect for the Azure migration and my regular work as a DevOps engineer. The cherry on top? The deadline for these projects is set for November.

So, I'm reaching out to this community to understand if my experience is common. Are these expectations reasonable, or am I being spread too thin? I'd love to hear your thoughts and any advice you might have.

Thanks in advance for your insights!

https://redd.it/13fwwwd
@r_devops

Are these two equivalents and when should you use one over the other?

docker run -d --name sql-container --network mydockernetwork --restart always -e 'ACCEPT_EULA=Y' -e 'SA_PASSWORD=pass' -e 'MYSSQL_PID=Express' -p 1433:1433 mcr.microsoft.com/mssql/server:2017-latest-ubuntu

Is there any advantage in running a docker command like above instead of doing it like this:


version: '3'
services:
sql-server:
image: mcr.microsoft.com/mssql/server:2017-latest-ubuntu
container_name: sql-container
environment:
ACCEPT_EULA: Y
SA_PASSWORD: pass
MSSQL_PID: Express
ports:
- "1433:1433"
restart: always
networks:
- mydockernetwork
networks:
mydockernetwork:

https://redd.it/13fy5z2
@r_devops

Best practices for CICD process

We are a spring boot shop for the most part. Can any of you good people point me towards an article or a book that details a good CI process?

It, best way to deal with PR, how much validation should be done at the PR vs post merge? We keep updating our process ad hoc, looking for something to compare it too or use for reference.

I have spent considerable time online and this question is surprisingly hard to answer via google.

Thank you in advance.

https://redd.it/13fy776
@r_devops

The Cloud Native Playground

The Cloud Native Playground is in public beta - https://play.meshery.io. If you’d like to explore the Cloud Native Computing Foundation’s graduated, incubation, and sandbox projects (as well as many other open source projects), and you’re willing to share feedback on your experience (particularly around the multi-player visual Kubernetes designer), submit the form on the page and we’ll see to getting you access (this playground runs on a live cluster in which you can deploy your infrastructure designs, hence the need to sign up).

https://redd.it/13fzrod
@r_devops

Testing terraform code

My organization is starting to come up with more complicated terraform code that includes lots of conditional logic and dynamic blocks and stuff. What's the best way to perform automated testing to make sure it will render the resources that I want? I was looking at terratest, but it actually creates resources in the account and I think that's a little more burdensome than I want. Ideally it would be just something that runs terraform plan with a couple different sets of inputs and compares the output to a set of rules.

https://redd.it/13g3vug
@r_devops

Fluent-bit request repeated too quickly

I'm experimenting with Fluent-Bit as a logging alternative to Splunk UF. The initial goal is to load this onto a Docker container, and ship the logs generating by the app to Splunk.

It's not a perfect method, and we're slowly migrating towards containers for some of our applications. So... you know. Baby steps.

I'm testing Fluent-Bit out on an AWS V2 OS / Server. However every time I start the application I get the following error:

start request repeated too quickly.
unit fluent-bit.service entered failed state.
Failed to start Fluent Bit.

I'm not sure why starting up the app fails. Hoping someone can point me in the right direction to solve this issue.

https://redd.it/13fz7ds
@r_devops

Filtering metrics by labels in OpenTelemetry Collector

https://last9.io/blog/filtering-metrics-by-labels-in-opentelemetry-collector/

https://redd.it/13ftjz7
@r_devops

Orangescrum not installling in Centos 7?

The official tutorial for automated installation of centos 7 doesn't work. So, I had to refer to online tutorials.

I installed apache 2.4,php 7.2, mysql 5.7.
Then I downloaded .zip source code from here

https://github.com/Orangescrum/orangescrum.
Then, I setup some permissions and ownership as per documentation.

$ sudo mv ~/orangescrum-main /var/www/html && sudo chown root:root -R /var/www/html
$ sudo chmod -R 0777 /var/www/html/orangescrum-main/{app/Config,app/tmp,app/webroot}

Then I setup a virtual host orangescrum.conf in /etc/httpd/conf.d.

<VirtualHost :80>
ServerName orangescrum.example.com
DocumentRoot /var/www/html/orangescrum-main
<Directory /var/www/html/orangescrum-main>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>


Then I created mysql database

CREATE DATABASE orangescrum;
CREATE USER 'orangescrumuser'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON orangescrum. TO 'orangescrumuser'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

Then I imported the database.

$ mysql -u root -p orangescrum < /var/www/html/orangescrum-main/database.sql

Then I updated orangescrum credentials inside /var/www/html/orangescrum-1.6.1/app/Config/database.php

'login' => 'orangescrumuser',
'password' => 'yourpassword',
'database' => 'orangescrum',

But it's not working and I'm getting the below output when I enter my ip address in browser.

![image1]1


How do I fix this issue? Is there a way?

1: https://i.stack.imgur.com/7FQg1.png

https://redd.it/13g8z3n
@r_devops

What are industry practices for how to trigger Cloud Stack tools?

We are starting to get into more complicated use cases for Ansible, terraform, and Cloud Formation with AWS. We started out by using terraform and triggering it from within the AWS Console.

However, that began to become very tedious. Other teams we have noticed are using answerable playbooks from within their get hub CI CD actions. That seems like a pretty nifty way to always pair your cloud setup and configuration with the underlying code.

Are there other industry practices that people use to make cloud resource set up and configuring more manageable?

https://redd.it/13ftdvz
@r_devops

mssql: Error 10054: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

mssql: Error 10054: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

docker run -d --name sql-container --network mydockernetwork --restart always -e 'ACCEPT_EULA=Y' -e 'SA_PASSWORD=pass' -e 'MYSSQL_PID=Express' -p 1433:1433 mcr.microsoft.com/mssql/server:2017-latest-ubuntu

Cannot connect to mssql in localhost using VSCode mssql plugin. I use sa as username and pass as password, and localhost as name and <blank> as db name, but it gives me the above error message. Not sure if something is wrong with the image.

https://redd.it/13g11cr
@r_devops

Do you have a personal portfolio website?

I wonder if it's the same for Devops as it is for software developers. Do you have a personal website? Did it help you advertise yourself and find a job? Do you have suggestions on how to achieve it easily and for free?

https://redd.it/13gdwfr
@r_devops

Any AWS networking visualization tool?

Basically something that shows me if something in VPC X can reach something in VPC Y, in a specific port if necessary. It needs to be aware of:

- Subnets
- Security Groups
- Route Tables
- Transit Gateways
- Peering

Etc.

Everytime I'm architecting an app networking-wise on AWS I have to draw by hand what I'm trying to do and how to achieve it. It just seems absurd to me that something like this doesn't exist.

https://redd.it/13gducr
@r_devops