Filtering metrics by labels in OpenTelemetry Collector

https://last9.io/blog/filtering-metrics-by-labels-in-opentelemetry-collector/

https://redd.it/13ftjz7
@r_devops

Orangescrum not installling in Centos 7?

The official tutorial for automated installation of centos 7 doesn't work. So, I had to refer to online tutorials.

I installed apache 2.4,php 7.2, mysql 5.7.
Then I downloaded .zip source code from here

https://github.com/Orangescrum/orangescrum.
Then, I setup some permissions and ownership as per documentation.

$ sudo mv ~/orangescrum-main /var/www/html && sudo chown root:root -R /var/www/html
$ sudo chmod -R 0777 /var/www/html/orangescrum-main/{app/Config,app/tmp,app/webroot}

Then I setup a virtual host orangescrum.conf in /etc/httpd/conf.d.

<VirtualHost :80>
ServerName orangescrum.example.com
DocumentRoot /var/www/html/orangescrum-main
<Directory /var/www/html/orangescrum-main>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>


Then I created mysql database

CREATE DATABASE orangescrum;
CREATE USER 'orangescrumuser'@'localhost' IDENTIFIED BY 'yourpassword';
GRANT ALL PRIVILEGES ON orangescrum. TO 'orangescrumuser'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

Then I imported the database.

$ mysql -u root -p orangescrum < /var/www/html/orangescrum-main/database.sql

Then I updated orangescrum credentials inside /var/www/html/orangescrum-1.6.1/app/Config/database.php

'login' => 'orangescrumuser',
'password' => 'yourpassword',
'database' => 'orangescrum',

But it's not working and I'm getting the below output when I enter my ip address in browser.

![image1]1


How do I fix this issue? Is there a way?

1: https://i.stack.imgur.com/7FQg1.png

https://redd.it/13g8z3n
@r_devops

What are industry practices for how to trigger Cloud Stack tools?

We are starting to get into more complicated use cases for Ansible, terraform, and Cloud Formation with AWS. We started out by using terraform and triggering it from within the AWS Console.

However, that began to become very tedious. Other teams we have noticed are using answerable playbooks from within their get hub CI CD actions. That seems like a pretty nifty way to always pair your cloud setup and configuration with the underlying code.

Are there other industry practices that people use to make cloud resource set up and configuring more manageable?

https://redd.it/13ftdvz
@r_devops

mssql: Error 10054: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

mssql: Error 10054: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)

docker run -d --name sql-container --network mydockernetwork --restart always -e 'ACCEPT_EULA=Y' -e 'SA_PASSWORD=pass' -e 'MYSSQL_PID=Express' -p 1433:1433 mcr.microsoft.com/mssql/server:2017-latest-ubuntu

Cannot connect to mssql in localhost using VSCode mssql plugin. I use sa as username and pass as password, and localhost as name and <blank> as db name, but it gives me the above error message. Not sure if something is wrong with the image.

https://redd.it/13g11cr
@r_devops

Do you have a personal portfolio website?

I wonder if it's the same for Devops as it is for software developers. Do you have a personal website? Did it help you advertise yourself and find a job? Do you have suggestions on how to achieve it easily and for free?

https://redd.it/13gdwfr
@r_devops

Any AWS networking visualization tool?

Basically something that shows me if something in VPC X can reach something in VPC Y, in a specific port if necessary. It needs to be aware of:

- Subnets
- Security Groups
- Route Tables
- Transit Gateways
- Peering

Etc.

Everytime I'm architecting an app networking-wise on AWS I have to draw by hand what I'm trying to do and how to achieve it. It just seems absurd to me that something like this doesn't exist.

https://redd.it/13gducr
@r_devops

Throw in the key

In Swedish there is a saying that you're fast if "you can lock a drawer but manage have time to throw in the key".

If I create a AWS VPC with private subnets, how do I access them from Ansible if I lock down SSH to only local addresses using a Security Group? Do I have a local Ansible Control Host? Should I keep SSH open an all machines and give them public IP addresses although this is a huge security risk? Is there anyway to throw in the key while locking the drawer?

As a AWS+Terraform+Ansible newbie, I'm a little bit lost here, does anyone have advice or can you point me in the direction to go?

https://redd.it/13gjwn7
@r_devops

Where are the recipes for "Hybrid" Delivery?

Everyone talks about and uses recipes for Continuous Delivery.

Does anyone have any pointers to tooling or recipes for delivering complex systems in releases?

My team manages \~dozens of components that we do CI/CD into a staging environment, but release into production every 2 weeks, and we like it that way; we don't really want to move to continuous delivery to production.

Our current system is a set of scripts with a decade old sqlite database with Jenkins:

Devs trigger a build in Jenkins.
Jenkins deploys to staging via Ansible.
Jenkins then adds the artifacts to sqlite as "latest artifact deployed to staging as part of XXX release".
On release day, once all tickets are resolved, we run a script that pushes the latest artifacts for each project up to the production repo.
At this point devs can begin working on tasks for the next release. Before this point devs need to be working in a branch and not building changes for the following release into staging.
Release night I do database migrations and then run Ansible scripts that release the updated packages.

This is all implemented with custom built scripts.

I'd like to do some enhancements to this (adding docker containers as a deployable, for example. Integrating the database migrations which right now are done largely by hand). But ideally I'd like to follow some existing patterns or use tooling rather than custom building if possible. It seems like something that should be a well worn path, but all I ever see talked about is CI/CD.

Anyone have pointers to what I'm missing?

https://redd.it/13gl6t4
@r_devops

Is this a good CI/CD setup to build and deploy services to Kubernetes?

So at the company I'm working for we have many applications and services that we deploy to k8s clusters on GCP (GKE). We follow this approach:

We dockerize the application
Create a helm chart
Create a Google cloud build pipeline that gets triggered on commits to certain files on some branches, the pipeline steps:

1. Build docker image with a new tag and push it to the registry
2. Upgrade helm chart setting the image.tag variable of the service container with the new tag

The application code and helm chart are all present in the same Git repo. The issues I see with this approach:

You always need to trigger the whole pipeline and build new docker images even if you're just modifying the helm chart
We don't separate the versioning of application and the versioning of helm charts and we don't have a registry for helm charts
It's kinda messy to have helm, Dockerfile, and application code all in one repo

Now I'm still a junior DevOps engineer and I don't like the way things are but they say we don't have the resources now to do better. Anyways, I wanted to ask you guys what better practices could we have done and what other problems could this setup result in?

https://redd.it/13gjsz5
@r_devops

Work like balance as a devops engineer?

I’m a backend dev with 2+ yoe. I’m looking to transition to devops and one of my important criteria is WLB. So I just wanted to ask the experienced devops peeps here about the WLB in this field.

https://redd.it/13gmayq
@r_devops

Would you say that learning how to develop browser extensions is a useful skill in devops?

Just a random question I thought about today, noticed we use a lot of sites that we don't have much control over, figured learning JS may help in this regard (automation, make things easier for our team, etc) and it never hurts to have another programming language under one's belt.

Do any of you do this?

https://redd.it/13gq6gg
@r_devops

Migrating from Nexus to Harbor: A Comparison of Features and Easy Steps

In this article, I would like to share my experience of migrating from Nexus docker registry to Harbor and the steps involved. I will also explain some of the most useful features of Harbor by comparing them to Nexus and why you should consider using it:

https://mallakimahdi.wordpress.com/2023/05/13/migrating-from-nexus-to-harbor-a-comparison-of-features-and-easy-steps/

https://redd.it/13gpzk6
@r_devops

Got the $3000 bill on my AWS account

Hello guys,
I left my services open and I got the bill of $3000 bill on my mail id. so, will they make any legal actions if I don't pay the bills. There is no payment methods added so it can not be deducted automatically.

https://redd.it/13glmng
@r_devops

devops as a new grad

hello guys i wanted to ask if its a good idea to get a first job as a devops or should i try to get a sysadmin / dev job first then switch to devops

https://redd.it/13gwsb3
@r_devops

Help with SNI issue (TLS)

\- At home, I have two ISP providers.

\- Both of them assign a dynamic IP address that changes from time to time.

\- I have a router doing load balancing between both providers

\- To detect the IP changes I want to set up a script running in a headless RPi that I have.

\- My idea is to hit https://api64.ipify.org to obtain my public IP. Taking advantage that they have more than one IP, I set up two static routes: one forcing the traffic through WAN1 and the other through WAN2.

\- That way I can do something like "wget https://xxx.xxx.xxx.xxx" to get my public IP from provider 1 and "wget https://yyy.yyy.yyy.yyy" to get my public IP from provider 2

\- The problem I'm facing is that I'm getting the error "GnuTLS: received alert [112\]: The server name sent was not recognized" (and a similar but from OpenSSL using curl).

\- I tried to find an option (wget/curl) to force a server name other than the one in the URL with no success.

\- Setting a header at http level doesn't work (pretty obvious having into account that SSL negotiation happens before any http stuff is sent)

What could I do?

Thank you for any help

https://redd.it/13gzvrl
@r_devops

secrets management for noobs

Even DevOps friends,
I'm still a little new to the DevOps game, but my coding is getting good enough that I am planning to move it up to github. I am a one man team, so I'm just using github for practive and a DR plan.

My code has some API keys, and I would like to understand how NOT to expose those keys to everyone who can see my code. It seems like general consensus is to use HashiCorp Vault and be done with it. However, I suspect that I need to host my Vault server in the cloud so that anytime my code needs to call an API, it can verify the secret. Is this correct?

If I could simply install vault on my Macbook and close it until its time to add a new feature, that would be ideal. However, I'm not sure I can see this working if the vault is offline.

If someone has the time and patience, I would be very grateful for any secret management advice and education you folks are willing to share.

Thanks

https://redd.it/13h10wp
@r_devops

Azure DevOps - How to do DevOps with Azure

The approaches used by development and IT operations teams under the name "DevOps" are meant to speed up and scale software delivery.

Automation, continuous integration, development, testing, and the use of infrastructure as code are some of these techniques. One of the popular devops platforms is Azure Devops. So, let’s get started!

https://itcertificate.org/blog/azure/how-to-do-devops-with-azure/

https://redd.it/13h3qkk
@r_devops

What Linux knowledge is expected for an interview?

I'm a new grad and I'm studying for the RHCSA but at the same time I want to get started with the cloud. However, studying can only take me so far, and I feel like I'm in a bit of a rush to get started in my career. I went to my university's recent career fair yesterday and I noticed that many recruiters were more interested in cloud knowledge and DevOps tools rather than proficiency in Linux. This has left me wondering what I should focus on.

I've been working my way through a popular book on Linux Administration and have made it about halfway through. I'm now trying to figure out which of the remaining topics I can skim over and come back to later down the line, and which ones I should know for an interview. Here are the remaining topics in the book:

1. Boot Process, Grub2, Linux Kernel
2. System Initialization, Message Logging, and System Tuning
3. Storage Management
4. Local File Systems and Swap
5. Networking, Network Devices, and Network Connections
6. Network File System
7. Hostname Resolution and Time Synchronization
8. The Secure Shell Service
9. The Linux Firewall
10. Security Enhanced Linux
11. Shell Scripting
12. Containers

I would appreciate any advice on which topics I should prioritize and which ones I can come back to later.

https://redd.it/13h4zrv
@r_devops

If you want to exceel in your career, you MUST be able to write code

Hello /r/devops,

Let me preface, I expect getting downvoted to hell, but that's perfectly fine, we ain't after internet points :)

I have been following this sub for some time now and I have noticed a trend that seems to be a misconception to me.

In a lot of posts, people ask whether or not they should code and I thought I would share my opinion on the matter, hopefully to spark a discussion.

9 years ago, I started as a sysadmin performing the following tasks:

Network configuration and management (mainly Cisco)
Linux/Windows server management
Jenkins configuration and automation
AD Domain management
Virtual Machines management (Containers were not such a hot topic back then)
Monitoring (mainly with Nagios)

That said, things have evolved lately, containers kicked in, Clouds are the new girl in town and all other hot topics you can think of. We all have managed/manage these and are rather familiar with them. You might see where I am going, you might not, but the idea behind what I am saying here is that if you just manage *(*don't get me wrong, I am not saying it is easy) what I just mentioned, you have eveloved as a Systems Administrator, this evolution has been observed multiple times, i.e. the norm evolved as follows:

managing physical servers \--> managing virtual machines \--> managing containers

Now, for DevOps, there are a lot of discussions what this thing and so on, so I am not going into detail about that, but I will state the following - Systems Administrator != DevOps engineer.

IMHO (I want to emphaise on the "MY") , a DevOps engineer must be able to not only leverage tools like Ansible, Kubernetes, Terraform, etc., but to also understand them enough to debug their code AND extend them to their needs, whether it is extending an existing functionality (Ansible module, Terraform provider, k8s controller, etc.).

I am not here to brag even if it might sound like this, but rather show you that if you are able to code, you will excel in your career faster than you might think. Here are some stats for myself that I think helped/help me a lot into my career's development:

I am comfortably programming in Golang, Python, Rust, despite having never held a Software Development position
I used to actively contribute to Ansible
I actively contribute to Kubernetes
During my time at VMware, I have successfully extended a few Terraform providers, written two Prometheus exporters for OpenStack and developed numerous Ansible modules for vSphere automation

The few points I mentioned above helped me tremendously in growing my salary in 9 years from 9200$ \-> 142k$ per Year NET. (I live in Eastern Europe and that's why my initial salary was so low, it is still the average salary here)

As I said before, I DO NOT brag, but I want to show you how much being able to code can help you.

The last job I landed required me to do Distributed Systems Deign, Pair programming and required me to provide actual code contributions on GitHub (I am not sharing it here, because it contains personal info)

https://redd.it/13h6nk4
@r_devops

Have things become better since the "Phoenix Project"? I don't see any of these stories in real life anymore

I wonder if things are better now

https://redd.it/13h81e9
@r_devops

Create OIDC/SAML app in an IDP using a tool similar to IAC like Terraform, Ansible

Hi,
I am posting this question to the community as I am looking for some suggestions, helpful guides which can help me implementing the design to achieve the below scenario:


Scenario: We have to automate the application onboarding for OIDC/SAML app. hosted in secure auth to ForgeRock.


Design: Similar to any IAC tool where we declare the desired state using a yaml file, the same conecpt is said to be utilized. We would have a yaml file defining application details. Going through terraform registry, I found that there is no such provider defined for oidc/saml app onboarding by ForgeRock. Also, if we define a plugin for same we are restricted by the programming language (need to use Go for development). So, we need a kind of python script which can function similar to a provider in Terraform, reading through the desired application configuration from the yaml file and then making use of the rest api endpoint exposed by ForgeRock for creating the app.


Can anyone in the community please help me out here with any useful resources like any Github repo's ,opensource project, docs which I can make use of to give me a starting point about how this can be implemented?

https://redd.it/13h7tdi
@r_devops