When using helm charts, is there a way to write it down instead of just running the commands?

Running "helm chart ..." several times, doesnt really make sense so is there a way to make sure you don't have to run 10 commands if you use 10 helm charts for a project? Could you show an example?

https://redd.it/142vmi0
@r_devops

Confused with Grafana/Loki logs

I am writing a script to migrate our logs from Elasticsearch to Loki.

It seems to be working fine so far, it gets the logs from ES based on date and type, puts together the labels and json and sends them to Loki. Loki is set as a data source in grafana and if I go to the live stream I can see the incoming logs in real time.

The problem I have and where I need some help is because I can't query those logs in grafana using any of the labels I set up. I was thinking maybe the labels are not sent correctly but they don't show on the live stream.

This is my first time using grafana and loki, so I'm not sure where to go from here, any help would be greatly appreciated.

https://redd.it/142xase
@r_devops

pull request merging and sync runs Pipeline on source branch

On merging from development to staging branch as an example.

After submitting merge request, I have to run sync before approving and merging. Is it the right behaviour that it runs the pipeline as staging to development and then development deployment?

I'm following previous employee routine. Can I skip sync on merge? What is the proper way to do this?

https://redd.it/142ygkx
@r_devops

Where to start?

I just got an Associate SE degree and can get a Bachelor in 1.5y. did a 15 week SE internship at a startup where i built DB models and did backend dev with PHP but its not my thing. I wanna work more with Linux, open source, CLI tools, Automation, monitoring, security, .. I don't like making web applications and i'd like to have an impact on Developers/Org instead of Customers.


I feel like i'm not very good in one thing but rather decent in many things, I learned:

\- building webapp's backend / frontend with java
\-cleaning and reading data in Python (passed a pretty tough Data Science class)
\- linux / command line (learning nvim and going from windows to Fedora soon + did a Kali Linux class)


I have the option of working and not continueing school since i get some job offers like Data Engineering and SE. But i want to get a Bachelor i think and get better at the things i mentioned!



this summer (before i have to make that choice) I have a lot of free time to learn the topics i mentioned in the first paragraph. Any advice on where to start except for switching to Linux? What kind of thing do i start bulding in Go? I don't wanna keep watching videos forever.

https://redd.it/1430thq
@r_devops

What problems do you face while using multi cloud?

Hi all, I was curious to know what problems you face when you want to use services from different cloud providers. Please share your experience.

https://redd.it/1431rux
@r_devops

How would you deploy and update this Next.js app in AWS?

Hello guys. I am once again at your feet humbly asking for your sage advice.

I'm trying to create a deployment and CI/CD pipeline for this Chatbot UI project and I'm having a little bit of option fatigue after seeing all the choices. I'm using Bitbucket pipelines and my plan was to take the output from the build, upload it S3 (after adding the setup to host static websites), and invalidating the Cloudfront distribution to take the new changes.

After looking for similar pipelines I'm seeing everyone doing something completely different. Some people use AWS Amplify, some AWS Elastic Beanstalk, AWS ECS, and others even deploy directly on an EC2 instance.

How woud you guys recommend I do this?

https://redd.it/142wxwj
@r_devops

Versioning advice for a project that consists of multiple projects.

I am working on a small hobby project and we are getting around to do a public release soon, but one thing I was wanting to get around to was solidifying the versioning of the project.

For a background: the project consists of two sub-projects that perform different tasks: a Data Generator and a Data Interpreter. How it works is the Data Generator is hosted on a website and generates a data file, which can be downloaded and read by the Data Interpreter, which is a standalone application.

These projects are in separate Github repos and operate independently of each other. When combined, they make up the Main Project. An example of this in action is that Version 1.2 of the Data Generator and Version 1.5 of the Data Interpreter would combine to make Version 1.7 of the main project (these are just filler version numbers, but you get the point). The user doesn't need to know what version the Interpreter or Generator are on, only that the project is in Version 1.7

My big issue right now is how to establish the versioning in terms of marketing and future-proofing so that it doesn't get too complicated (or is at least maintainable). The issues I currently see coming up are some of the following:

* The Interpreter is a standalone application that has to be downloaded and ran locally to be used, whereas the Generator is hosted on a website, so getting an update pushed out to the user is much easier via the Generator than the Interpreter.
* The Interpreter cannot check for updates as it has no network connectivity, so the only way to get a new version of it is to manually download it from the website.
* If you increase the version of one of the sub-projects, then you have to increase the version of the entire project, which can be difficult to display to the user unless they re-download a new file from both projects.

We can probably merge the projects together into a single project where the Generator bundles the data file it produces with the Interpreter and provides a single download, however, the Interpreter currently is able to read in multiple Generator data files and we would like to retain that functionality if possible. If we bundle them together, then we lose that functionality.

​

I apologize if I missed anything and can clarify things as needed :)

https://redd.it/142svdr
@r_devops

What are some of the common technical debts in the DevOps profile?

Just wondering what are the Day to Day Technical Debts that a DevOps Profile handles or must know ?!

https://redd.it/14354kn
@r_devops

OpenObserve: Open source Elasticsearch/Datadog/Splunk alternative in Rust for logs. 140x lower storage cost

Hey folks,
Today we are launching OpenObserve. An open source Elasticsearch/Splunk/Datadog alternative written in rust and vue that is super easy to get started with and has 140x lower storage cost. It offers logs, metrics, traces, dashboards, alerts, functions (run aws lambda like functions during ingestion and query to enrich, redact, transform, normalize and whatever else you want to do. Think redacting email IDs from logs, adding geolocation based on IP address, etc). You can do all of this from the UI; no messing up with configuration files.
OpenObserve can use local disk for storage in single node mode or s3/gc/minio/azure blob or any s3 compatible store in HA mode.
We found that setting up observability often involved setting up 4 different tools (grafana for dashboarding, elasticsearch/loki/etc for logs, jaeger for tracing, thanos, cortex etc for metics) and its not simple to do these things.
Here is a blog on why we built OpenObserve - https://openobserve.ai/blog/launching-openobserve.


We are in early days and would love to get feedback and suggestions.


Here is the github page. https://github.com/openobserve/openobserve
You can run it in your raspberry pi and in a 300 node cluster ingesting a petabyte of data per day.

https://redd.it/14365yw
@r_devops

Code signing in CI/CD since 1 june

Rules have changed since 1 june regarding certificate distribution and location I think it is mandatory to have a HSM or FIPS stuff, to host the keys.

How do you guys do?

https://redd.it/14371ok
@r_devops

Where to Learn DevOps - Zero to mastery or KodeKloud

I've been working as IT support for 5 years and I need to advance. Where do you recommend to someone starting in DevOps. Any good website, my company will pay since they are also tired of hiring DevOps from outside.

https://redd.it/1436q9j
@r_devops

Farewell to DevOps

Hi everyone,

After 6 years of work experience, i decided to leave my career behind. I don't have much savings though. It will be difficult, i need to cut all expenses but critical. I've already rented out one of my rooms, so if i can find one more person, rent and bills are no longer a problem.

​

Why did i do this and what will i do next.

I was a kid when the first matrix movie released, that green matrix digital rain was the image blew my mind. After many years when i study physics during my twenties, i saw a professor doing things on a black computer screen with text only. That was the way i want to use computer i knew it, i felt it. That was the day I've met with GNU/Linux. After 2 years i got my first job as a DevOps Engineer.

​

I admit i had fun, really. Fun part was over after a year. Maybe this wasn't the right company.

Second one wasn't either. And third one also. None of the tech stacks or cloud providers made any change, I wasn't happy. Beyond that i was feeling like this is a torture. I understand that job may not be fun, that's why i wait so long. But this is not the thing i want to do rest of my life.

What now,

My friend developed a mobile game. Soon it'll be released.

We've talked and decided to join and make games together. Maybe this post will remind us

Where were we once and how it has started.

https://redd.it/1438o2u
@r_devops

The Big IAM Challenge - AWS

https://bigiamchallenge.com

Credits to r/netsec post by u/geekydeveloper:

https://www.reddit.com/r/netsec/comments/142rw5x/the_big_iam_challenge_test_your_cloud_security/

https://redd.it/1437vlg
@r_devops

Do I have Stockholm syndrom?

So I’m currently having a web app built and it’s almost done and will hopefully be ready in August. I’m super excited.

I already got the domain registered with route 53 (I’m going the AWS route).

Now for work; I work in infra (I’m more on the network side of things). We use RHEL, Openshift, Python, ansible, gitlab and VMWare. I guess you can call that our “stack”.

So this new web app I’m having built has nothing to do with work; it’s just a personal side project I wanted to start but didn’t have the C++ Audio engineering skillset to execute.

When I was thinking about how I’m gonna run this circus, my first thought was:

I’ll throw the app in VMWare (AWS has vmware right?), I’ll use gitlab + openshift for containers.
Now my question: are there better services to use? I feel like I’m only using these services because it’s the only thing I know.

I’m in a unique position that I can ask this community before I commit to this infrastructure layout.

Anyone have any suggestions for a service/app/infra I could try? I’m still really new to devops and I don’t really know what’s out there.

Thanks for any suggestions! 🙏🏻

https://redd.it/143az9z
@r_devops

Platform Advocacy / Internal Platform Seller

Hi guys,


I'm a former DevOps engineer turned Sales Professional. I work regularly with clients operating cloud-native platforms aimed at helping reduce the cognitive and operational burden of IT on the developers.


The platform that these teams build seem to be very good at achieving their goals but adoption across the organization is very slow and in many cases it doesn't happen at all. The idea that adoption of platforms like this occur through "pollination" isn't a reality and there's a need for an advocate/internal seller to help create visibility of these platforms and the value that they bring to development teams. Especially considering these types of platform really depend on scale to deliver on their promise of cost efficiency, scalability and resiliency when run at scale.


I'd love to hear your thoughts on this.


Would you hire someone who's aim it is to create visibility for the platform and ultimately source new "customers"?


Does someone in your organization already have this role?

https://redd.it/143cmp1
@r_devops

Difference between CI and DEV environment?

What is the difference between a CI environment and a DEV environment in testing?

Really struggling to understand difference between these two- I understand dev is where you write all the code then push to wait for testing, then what is ci? Are they the same?

I was doing the AZ400 devops course and came across the diagram below which made them seem like two separate environments?:

https://learn.microsoft.com/en-us/training/modules/introduction-to-secure-devops/5-explore-key-validation-points?ns-enrollment-type=learningpath&ns-enrollment-id=learn.wwl.az-400-implement-security-validate-code-basescompliance&pivots=bash

https://redd.it/143ef70
@r_devops

Safely Ship Code with a New Open-Source Feature Flag DevOps Tool

Hi everyone,

I wanted to introduce a new open-source feature flag management tool that we recently discovered and implemented in our production environment. You can find the tool at:
https://github.com/featbit/featbit

We tested several other tools, but what convinced us to choose this particular tool were the following reasons:

1. It offers all the necessary functionalities we require. Additionally, it seems that they continue to open-source additional functions that other tools don't provide, such as Audit Logs, Reusable Segments, Permission Control, and even Single Sign-On (SSO) in the future.
2. I joined their community, and I found the core team to be friendly and responsive (perhaps because they are relatively new).
3. The tool is developed using a programming language that aligns well with our daily work.
4. Although they open-sourced the project only 7 months ago, they have been working on its development for two years.
5. It is licensed under the MIT license.

I thought it would be helpful to share this tool here for anyone who may need it or wants to add it to your wishing list. Enjoy!

https://redd.it/143g36h
@r_devops

A customer wants our platform to use their domain for outgoing email notifications

Currently we are using AWS SES for all of our outgoing notifications to customers using our verified identity with the domain that we own, however a new requirement came through from one of the potential customers and they want us to use their domain (i.e. [email protected]) for all outgoing emails. After some reasearch my understanding is that we need to create a new identity in SES for this domain (but then how do we verify it?) Secondly, I believe the next step is sending Easy DKIM CNAME records that SES console shows to the customer who should then add them to DNS servers on their side. SPF record comes into play as well, in order to allow sending emails on their behalf (this is where it becomes confusing - how do we configure SPF record in such a way that they verify it's us sending emails from AWS and not someone else?) AFAIK, AWS documentation does not discuss this usecase specifically. Any help is greatly appreciated.

https://redd.it/143hrk0
@r_devops

/r/devops will be going dark on the 12th

# What's going on?

A recent Reddit policy change threatens to kill many beloved third-party mobile apps, making a great many quality-of-life features not seen in the official mobile app permanently inaccessible to users.

On May 31, 2023, Reddit announced they were raising the price to make calls to their API from being free to a level that will kill every third party app on Reddit, from Apollo to Reddit is Fun to Narwhal to BaconReader.

Even if you're not a mobile user and don't use any of those apps, this is a step toward killing other ways of customizing Reddit, such as Reddit Enhancement Suite or the use of the old.reddit.com desktop interface .

This isn't only a problem on the user level: many subreddit moderators depend on tools only available outside the official app to keep their communities on-topic and spam-free.

# What's the plan?

On June 12th, many subreddits will be going dark to protest this policy. Some will return after 48 hours: others will go away permanently unless the issue is adequately addressed, since many moderators aren't able to put in the work they do with the poor tools available through the official app. This isn't something any of us do lightly: we do what we do because we love Reddit, and we truly believe this change will make it impossible to keep doing what we love.

The two-day blackout isn't the goal, and it isn't the end. Should things reach the 14th with no sign of Reddit choosing to fix what they've broken, we'll use the community and buzz we've built between then and now as a tool for further action.

What can you do?

1. Complain. Message the mods of r/reddit.com, who are the admins of the site: message /u/reddit: submit a support request: comment in relevant threads on r/reddit, such as this one, leave a negative review on their official iOS or Android app- and sign your username in support to this post.
2. Spread the word. Rabble-rouse on related subreddits. Meme it up, make it spicy. Bitch about it to your cat. Suggest anyone you know who moderates a subreddit join us at our sister sub at r/ModCoord \- but please don't pester mods you don't know by simply spamming their modmail.
3. Boycott and spread the word...to Reddit's competition! Stay off Reddit entirely on June 12th through the 13th- instead, take to your favorite non\-Reddit platform of choice and make some noise in support!
4. Don't be a jerk. As upsetting this may be, threats, profanity and vandalism will be worse than useless in getting people on our side. Please make every effort to be as restrained, polite, reasonable and law-abiding as possible. This includes not harassing moderators of subreddits who have chosen not to take part: no one likes a missionary, a used-car salesman, or a flame warrior.

https://redd.it/143jc6m
@r_devops

Managing a manual release process

We have a slightly manual release process. Pipelines get everything ready, and the last step requires a human to click 'go' on the end, having sought approval.

Approval is generally required from two people, one who is aware of all the releases going on ('air traffic control') and another who is technically aware of what's in the release (technical approval).

Currently, we do this with a slack workflow, which is predictably poor; it's easy for requests to get missed or buried in a slew of change requests. It's also easy for the wrong people to click 'approve'.

It feels like we're not the only company doing this; what are the good tools/processes you're using around a business need to have this sort of approval in the way of a release? I've been having a look around and not found anything, which makes me think I'm using the wrong words or something.

Thanks!

https://redd.it/143hipw
@r_devops

Advice?

I work for this start up, its a senior dev ops guy who manages everything, theres lot of things wrong with the infrastructure and workflow.. im just in it for the money. whats your guys advice?
I cant find new jobs right now because the job market is so tough rn

https://redd.it/143lexd
@r_devops