mTLS in 15 Minutes

Ok - if you're in devops you probably know this title is a lie. But, recently I had the opportunity to debug / help implement several mTLS connections and it all became much clearer to me. And as you might already realize, the hard part is actually the TLS part not the "mutual" part.

Anyway, I decided to take this opportunity to attempt to write down my illuminated understanding on the topic as clearly as possible - if not quite ELI5. :)

Anyway, I hope my fellow devops enthusiasts might find some valuable information in this post:

https://stevenpstaley.medium.com/mtls-in-5-10-okay-20-minutes-6602eddae6fe

cheers!


Edit: Also would love feedback if you find anything incorrect

https://redd.it/1466qki
@r_devops

What suggestions would you give to a fresher?

I am a fresher and I have been working as DevOps engineer for past few months already, it will be one year in July. I have already mastered (at the fresher's level and still trying to improve) scripting in Python, Bash and Groovy. I am good at creating pipelines in jenkins and azure pipelines. I also have good hold on docker, jQuery, yQuery, terraform and azure cli commands. Well aware with the cloud services, especially GCP and Azure (and will be preparing for certifications soon). I didn't work much with Ansible much and since my organisation's product is yet not scalable on demand, I don't have working experience in Kubernetes, but I am well aware of both Ansible and Kubernetes. I'm also learning Go and networking.
Now, from here what will be your suggestions for me? I want to switch so that I could work from my hometown. What should I do?

https://redd.it/14675o2
@r_devops

How to do automated rollbacks if issues arise?

My experience is in microservice architecture with deployments on kubernetes on a smaller scale with fast forward merging and only one version of a service running. if another version is required, then we will create another service that's versioned so it's two separate service

​

But on a high volume cluster that's now how things would work. So if you're rolling out a SaaS product and later detect issues, what tools/techniques/strategies can be used to stabilize multiple deployments and versions? What if issues are only in a small section of deployments? Any readings would be great. How would you go about detecting these issues? Liveness/readiness probes are not sufficient
interested in what kind of architecture and setup is require to build a "robust" / self healing system

https://redd.it/146cmb5
@r_devops

For those of you who are really good at problem solving, do you recommend any problem-solving books/videos?

I'd say I'm good at my job but I find that I sometimes spend too much time on a problem whereas certain people at my company at just very good at knowing what to do, look for, etc.

Beyond increasing your technical aptitude about something, are there any good problem-solving techniques or videos you recommend? Similar to what programmers do in terms of data structures and algorithms and finding the best way to code something.

https://redd.it/146i9s4
@r_devops

How to Prepare for HashiCorp Certified Terraform Associate Certification (002)

The Hashicorp Terraform Associate certification is for Cloud Engineers specialising in operations, IT, or development who know the basic concepts and skills associated with open source HashiCorp Terraform.

People willing to get certified will be best prepared for this exam if they have professional experience using Terraform in production, but performing the exam objectives in a personal demo environment may also be sufficient.

The certified individual understands which enterprise features exist and what can and cannot be done using the open source offering. This is the only and official Terraform certificate so this creates a difference between certified and non certified individuals. So, let’s get started!

https://itcertificate.org/guide/devops/how-to-prepare-for-hashicorp-certified-terraform-associate-certification-002/

https://redd.it/146kofr
@r_devops

Validating product - a tool for database changes

Hey folks, we are two guys who just built an MVP of a CI tool for database schema changes. We really need your honest feedback.

Why: We always found it painful to make changes in database schemas. You always need to test schema changes manually across multiple stages. And if you run unit tests for your application code, it doesn’t cover the database changes properly.

What: The tool supports branching and unit testing that we were always missing elsewhere. The current version is a UI-based playground, a mini CI tool for you to play around with and test the basics. This is just to see if we're on the right track.

The goal is to create a full CI/CD tool to make all database changes super easy. The next step for us is releasing a CLI tool.

Link: https://hub.whizzer.io

Here's the stuff you can do right now:

create repositories and projects with schemas
branch your schemas
run unit tests
invite teammates and collaborate on the projects

Please share your feedback, and test the playground. Thank you! :)

https://redd.it/146n0p6
@r_devops

Specialization for SRE, DevOps pursuing a Major and maybe a PhD

Hi,

Maybe I will get some advice from someone experienced in interesting fields. I'm experienced SRE, DevOps and earning good money in a big corporation. Besides that, sometimes I work as a consultant with Linux, AWS. I'm primarily working with AWS, databases, automation, and architecture, but I want to go into one specialization. Some people are good at firewalls, some at security, and some at one language. Sometimes I think I'm a Jack of all trades, a master of none. I'm finishing my major studies and want to achieve something more. Be an expert who can make a presentation and research for many years (not learning a new tool, a new AWS service every 1-2 years). Something that I'm good at is architecture and planning. That's what I'm currently doing. In the general cloud, it is distributed system, so I thought that maybe I should go into distributed file systems. It is something that can be interesting for me. I can combine security and privacy of data, architecture and cloud. According to Andrew S. Tanenbaum in the book "Operating Systems" it is a rapidly developing field .What do you think about it? Can it be something for someone with my role?Should I focus on something else? I don't know anyone with PhD in CS, so I don't know what I should think. How can I choose specialization? Is there a need for people that can plan some systems like that?

https://redd.it/146no21
@r_devops

Tester to devops? Q

Is it possible for a manual tester to switch role to a developer? . Is there anybody in this sub who was a tester before becoming a devops engineer. If so.. How did you pull it

https://redd.it/146t8ch
@r_devops

8+ years and at a loss of what I could do -- seeking help to improve

I've seen another post that offered their resume and asked for help. I would like to request the same 🙏

Some notes

1. I have been made aware before that my resume lacks the quantitative numbers managers like to see.(ie: saved the company xx% of revenue.. etc) Sadly, it never occurred to me that I should ask my hire-ups how my work has impacted the company. I was quite happy solving problems and finding interesting ways to improve what was already built. I do not know what I can do at this point as getting that information now may prove difficult if not impossible.
2. Previous iterations of my resume from a few years ago I would list every possible tech, codebase, or tool I have ever used on the job but that lead offers out of the scope of what I want and was able to do. (I've worked on Windows servers as an admin years ago, does not mean I remember how to now or want to) -- I've shortened the list of skills to those that are either most recent or I'm most familiar with
3. I've been told to apply to senior roles due to the years I have in this field, yet I do not feel I know enough to call myself senior.
4. The last 3 jobs I was laid off from the company with the most recent (SADA) handing me a letter from the CEO to provide to my next opportunity to explain that I was let go due to lack of work not for performance. (Very supportive and kind of them to do so!)

Please feel free to be brutally honest, I want to learn what I could do to improve.

Also, beyond referrals from friends, what sites/methods do folks use these days to get their resume seen? I've tried LinkedIn and the amount of spam/fake jobs or interviews is exhausting! Hired.com (not sponsored I swear) has done me well before but now it comes up empty and remote work proves difficult to find these days.

Any and all help appreciated! 😭

https://imgur.com/a/qIkuMsz


Edit: Providing clarity over why the frequent job changes

https://redd.it/146z5rk
@r_devops

Winglang: Cloud Development Programming for the AI Era

We sat down with The New Stack to share our thoughts on why we're building a new open-source, cloud-oriented programming language (for humans!) in the age of AI 🤖.

This is the article: https://thenewstack.io/winglang-cloud-development-programming-for-the-ai-era/

https://redd.it/1470fgj
@r_devops

Playing with WASM on Docker

The idea of bytecode that can run anywhere dates back to the JVM inception (as far as I know). WebAssembly is the new implementation of an old idea. While WebAssembly is meant to run in the browser, Docker recently announced its capability to run WASM code without needing containers. In this post, I want to explore how it can work.

Read more

https://redd.it/146ygzw
@r_devops

Why is job hopping so frowned upon yet at the same time, so encouraged in tech.

It’s like a doubled edged sword. When you job hop, you tend to earn more and learn new tech stacks but at the same time, when interviewing for new jobs, you are constantly flamed by your job hopping tendencies…

https://redd.it/147758u
@r_devops

Recommendations needed for a new journey

I’ve recently finished working in a project as a Azure cloud and Azure devops engineer. I need advice about where to find more opportunities for similar roles globally. I have over 13 years of experience in devops, Cloud, infrastructure, security, and project management. I prefer working part time but I’m also open to ft jobs.

https://redd.it/14w3hja
@r_devops

Do you ever have situations at work when no matter what you choose you would be still blamed ?

Situations like those https://m.youtube.com/watch?v=BKorP55Aqvg

Just recently was blamed for not delivering X and Team Y is waiting for it, while Team Y told us to only provision X and they will take it from there. Still Team Y complained we did not “take it from there” and do their job.

My face after reading that brain gymnastics was like this https://knowyourmeme.com/memes/are-you-serious-face-seriously

Why ppl are like this as if our work was not hard enough without it.

https://redd.it/14w78yd
@r_devops

I keep hitting timeouts and wrong gateway in Grafana / Loki and not sure what's wrong

We are migrating from Elasticsearch / Kibana to Grafana / Loki so I wrote a script to migrate all the logs from elastic to loki set the proper labels for fields with not too high cardinality, and it's been running fine for a while.

We had some dashboards in Kibana that I translated to Grafana but I keep getting timeouts whenever I set the dashboard time range to over a couple of days, this is not very convenient because in kibana we have dasboards with a time range of the last 18 months, this seems almost impossible with my current configuration and it gets even worst when I try to parse the logs to json, which I need in order to extract some values.

We currently have around 20k logs per hour, and set it up so it saves the data in s3.

I've checked the documentation and raised the limits but it just makes a small difference. Here is my current relevant loki config:

querier:
maxconcurrent: 25
engine:
timeout: 5m
querytimeout: 5m
frontendworker:
parallelism: 25
frontend:
compressresponses: true
limitsconfig:
maxstreamsperuser: 0
maxglobalstreamsperuser: 0
rejectoldsamples: false
rejectoldsamplesmaxage: 100000h
maxquerylength: 0h
maxqueryseries: 10000
maxentrieslimitperquery: 500000

I also increased the grafana timeout to 600 but I just keep getting 502's or 504's and it pretty much makes it unusable.

I just want to know if I have way too much data for loki/grafana to work properly, or if I'm not using it correctly, or maybe there's something wrong with my setup and this amount of data is acceptable. Or maybe the problem is with having all this data in s3.

The S3 bucket size is currently 16GB and it has around 3 million objects.

Any help or guidance is really really appreciated

​

https://redd.it/14w90ud
@r_devops

Deploying Angular App to S3 and CloudFront with GitHub Actions

I have written a two-part blog series titled "Deploying Angular App to S3 and CloudFront with GitHub Actions." You can find the articles on the following platforms:
Hashnode:
Part 1: https://blog.prateekjain.dev/deploying-angular-app-to-s3-and-cloudfront-with-github-actions-part-1
Part 2: https://blog.prateekjain.dev/deploying-angular-app-to-s3-and-cloudfront-with-github-actions-part-2
Medium:
Part 1: https://medium.com/@prateekjain.dev/deploying-angular-app-to-s3-and-cloudfront-with-github-actions-3fc088d6cc79
Part 2: https://medium.com/@prateekjain.dev/deploying-angular-app-to-s3-and-cloudfront-with-github-actions-part-2-b1d716f5b8fd

https://redd.it/14wdz0e
@r_devops

Come join us in lemmy

There's a few DevOps communities already there - but here's the biggest one (with 9 subscribers).

https://lemmy.ca/c/[email protected]

https://redd.it/14wegsx
@r_devops

Laptop suggestions

Hello my fellow DevOps, im in the process of moving jobs and the now company does not work with MacBooks (especially m1 and m2) so i need to buy a Windows laptop. Im looking for a few suggestions for a maximum of 1500€.

https://redd.it/14wj521
@r_devops

Can any one share torrent or pirated version Techworld with Nana's DevOps updated bootcamp?

Boot camp is too expensive, especially for people living in those countries which have weak currency.

So, if any of you kind-hearted pirates happen to have access to a pirated version of Nana's DevOps Bootcamp from Techworld, I would be eternally grateful if you could share it with me.

https://redd.it/14wiv7t
@r_devops

Drone CI help needed

Hello all, could use some advice, I'm currently working on a pipeline for a mobile app made in react native, we are using a mac mini with m1 chip for a node in drone and then build the app using exec pipeline on that mac, the problem is a month ago, MacMini was updated (force update by apple booo!) to Venture OS after that i cant seem tu use bundle install, as it is dropping an error. The main issue is that for the platform in the pipeline:

platform:
os: darwin
arch: amd64

While the MacMini is on arm64 and because of that there are errors:

ld: symbol(s) not found for architecture x86_64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [unf_ext.bundle] Error 1

I realize (in my own little crude words) taht the main issue is that the mac mini is using the arm64 arch and that is what is messing with my pipeline, on drone documentation i found that there are other arch's but none for macmini purpose, im currently the only devops in the company and dont have anyone to turn to for advice also drone comunity on slack has been quiet for the last week. Any advice or road to take other than changing CI tools?

https://redd.it/14wo6c8
@r_devops

Data-driven CI/CD monitoring with pytest

https://www.tinybird.co/blog-posts/data-driven-ci-pipeline-monitoring-with-pytest


One of my colleagues recently wrote this post about a pytest plugin we use to visualize and analyze CI metrics. Thought it might be interesting to those here.

https://redd.it/14wsetr
@r_devops