What should I brush up on when it comes to Infrastructure provisioning and automation?

I have an interview coming up for a SWE internship with a team that works on provisioning, and I thought it would be best to ask you all what you think I should touch up on before the interview.

My previous internship involved working with Docker, k8, and micro-services in general. So I am assuming those are things Ill need to refresh.

https://redd.it/1bqv2eq
@r_devops

Build agent (runner) with option to execute as regular user

I searched for such option but surprisingly I wasn’t able to find one. Gitlab has an open issue for allowing their windows runners be installed without elevated access but that’s the only one I found. Has anyone used windows build agent that has an option to run as regular user? Thanks.

https://redd.it/1bqv14l
@r_devops

Senior advice

I'm in a weird spot. I manage a Jenkins instance and automation that oversees hundreds of millions of dollars in Revenue thousands of builds and mobile application deployments. I do ad hoc projects lots of scripting, lots of code, and application consultation for Developers. I have very rudimentary Cloud skills and the closest I got to infrastructure as code was Windows desired state. I feel like I could pick all of these skills up very quickly but I feel like if I ever got laid off I would not be able to get into another devops role without them. I mostly just like to learn theory and how to do things, I don't really care about tools as they are just an abstraction of the process.

I have managed doctor I've never managed kubernetes. Am I fucked if I get fired?

https://redd.it/1bqzt02
@r_devops

Certification Exam Nightmare w PSI

Recently I attempted to take a Consul Associate Exam with PSI Services from Hashicorp. I clicked on the Launch button, and it immediately opens up a psiexam:// URL, which the browser cannot understand (Firefox on both macOS or Windows 10). Apparently, there's supposed to be this PSI Secure browser installed, but there's no documented requirement for this. It seems like it should be installed through the Launch process, but that is not happening.

When I attempted to get support (calling to reach an actual human agent), the text exam window expired, and I was marked as absent. So the agent said they could not help me. Apparently, I would have to buy multiple exams, get human tech support during one of these exam windows, and hopefully, they would be able to find a solution by remoting into my system.


I am not sure what to do. I am concerned as I think Linux Foundation uses PSI services as well. :'(

https://redd.it/1br21dv
@r_devops

PSI Nightmares and How to handle it

I have used Firefox browser did compatibility checks also this is my third exam with PSI first two exams were smooth.

More than exam PSI will teach you patience and more than exam how to think and react when unexpected issues from exam software crops up....

Do compatibility checks also give all permission and allow all pop ups from PSI before exam otherwise use chrome which is mentioned to be best experience for PSI.

Even I had faced PSI browser issue in between exam last 26 min was left and the session closed by itself in between file edit for launching yaml object.

I followed one simple thing don't panic!

Restart the session it wasn't opening again.

Don't call tech support Linux foundation has limited technical personnel especially PSI procters raise ticket instead, which is going to be resolved in 2-4 days at least things will be in record according to timing of the ticket matching your exam...

I didn't get the session back but check-in process was followed again, I had to restart the pc and uninstalled the PSI browser and reinstall from downloads again to get this session.

I had to do end-procter session otherwise I would be not marked against the attempted questions...which the procter didn't end before the exam timer ends which is great also I mentioned to new procter i didnt get my older session he/she assured that recording is there so PSI will check where the fault is and better raise technical support which I already raised.

My exam was in grading for 3-4 days for which I had raised extra Linux foundation ticket after result timing exceeded 24hrs ...

Both tickets were closed for unexpected psi browser close and Grading still after 24hrs as I passed the exam if it was not given I think if would mentioned for free retake i wouldnt have a case as issue happened in between exam and exam session record shows I am doing needful file edits also ticket was raised....


People facing issue at start of exam which my friend also faced, In their case as longs as exam didn't start 2hrs in your hand + half hour before required check-in time utilise for raising first support ticket otherwise if marked absent due to no-show we should have raised support to justify issue faced then doing troubleshooting by checking psi browser compatibility with different browser......allow all pop-ups don't use VPN and multiple monitor PSI checks this as well also don't have multiple programs opened also mute notifications from external discord reddit or Outlook etc so in between exam it doesn't create hassle don't use virtualistion of any kind or VM to launch exam have good bandwidth wifi UPS if affordable so even if generator kicks in there shouldn't be flap in networks in between exam....


Don't give up also not to be disheartened due to these issues be prepared for next exam do all needful checks read through their documentation initially regarding exams and scenarios you think might affect you to be prepared search any community posting similar issues faced by you...


https://redd.it/1br6skw
@r_devops

Forced from slack to teams

My company pulled the plug on slack after 8 years. We were given a two weeks notice to migrate over 100 integrations and all our alerts.

MS Teams freaked out a couple times and we've had to delete teams channels and recreate them to get our integrations to work. Channels feel like Twitter or social media posts. I can't limit notifications as well or set groups to mention.



Is it wrong to quit just because they took away slack? Anyone else go through this?

https://redd.it/1br7ig1
@r_devops

DevOps Intern Interview

I have an Interview with a relatively small company as a DevOps Intern and they use Terraform. Do you guys know what I would need to know prior to the interview?

https://redd.it/1br9t1e
@r_devops

The Critical Role of Continuous Integration in Agile Software Development

The guide explores how agile transforms software development, making it easier and faster if developers practice test-driven development (TDD) and continuous integration (CI) simultaneously as well as how to take CI to the next level with CodiumAI as well as how it involves deeper integration with practices like Continuous Delivery (CD) and DevOps, enhanced automation, and improved collaboration and efficiency in software teams.

https://redd.it/1branno
@r_devops

(HELP) Currently I am only logging all the requests in my access.log that comes to my squid proxy server. I need to enable response logging that comes from the destination server. Can anyone help?

How can I enable response body in the squid logformat?

https://redd.it/1brb6za
@r_devops

One piece of advice you wish you'd heard sooner?

Mine is pretty basic: it's not worth it to learn a new framework before getting pretty good at one. I wasted a solid year (doing tech support and trying to break into a product team) because I kept changing languages/frameworks/tools. I guess the general advice is 'for the first year, pick a context and stick with it.'

It's a lot easier to learn AWS after you've stuck with Azure for a year solid. It's a lot easier to learn Playwright tests if you have a good grasp of Selenium, rather than switching back and forth as you're first learning.

https://redd.it/1brd69a
@r_devops

How would you devops a minecraft server?

Hi All, Im a software dev trying to get better at devops. Google cloud has a bunch of free credits for 90 days so why not setup a modded minecraft server from scratch

My current setup is a pretty basic terraform where

1. 2 buckets get provisioned (server_files and world_backups)
2. A script checks if the buckets are empty and if they are then local directories are zipped and uploaded to the buckets
3. Compute instance is provisioned and the startup script grabs the latest files from the buckets and runs the server

This works OK but there is probably a better way to do it, I also want to add some more functionality like automatic rolling world dir backups that can be invoked manually if needed.

My first thought would be to add scripts to the server that are invoked with cron and add a lightweight api to allow manual execution or just ssh in when i want to. But atm, updating the server requires completely destroying and recreating it which takes ages and destroys the active world dir. So maybe put that stuff in a docker container so i can rebuild it easily on the server, or maybe do everything with cloud functions that ssh in and run commands

Essentially, it seems like there are a million ways to do this and each has downsides. Looking for some input

cheers

​

https://redd.it/1brdynb
@r_devops

Shell prompt ideas

I’m working on customizing my shell prompt. It should contain the following:

- current work directory
- git branch/status (if in a git repository)
- current time (hour:minutes)
- terraform version (if in terraform directory)
- terraform workspace (if in terraform directory)
- python version (if in python directory)
- python venv (if in python directory)
- golang version (if in go directory)
- AWS_PROFILE (if exported)
- Last command exit status

Any other suggestions for useful information to display in the prompt?

Many thanks

https://redd.it/1brgjor
@r_devops

Should i take the offer fellas?

Hey, I've had a thread few weeks ago "DevOps is hard". Since I know how to work with Helm, Kubernetes is not that hard anymore :)

Few weeks later I have a offer for lvl 2 Tech support. Requirments are basic UNIX/Linux understanding, troubleshooting skills, basic knowledge of shell scripting languages, experience with some SQL-like, JIRA. Its an entry-level position with 24/7 support schedule.

My question is should I take the offer and keep grinding or stay in my current job(it's in different industry) get paid more and keep learning until I'm ready for Junior DevOps position. Do you think such an experience is helpful for someone who is pursuing career in the field?

https://redd.it/1brjvtx
@r_devops

DevOps eng with 6 YOE, planning to learn JS and Node

Hi Everyone,

I'm a Devops Engineer with 6 YOE, I transitioned from the
Ops side of things being a sysad for 2 years.

I'm very proficient in most of the things related to ops but I would like to learn JS and node to be able to understand the development side of things more efficiently. I use python and bash regularly for scripting so I have good scripting skills but lack the knowledge of data structures and algorithms or the core dev skills.

I personally believe a DevOps engineer with good development and operations skills is like a unicorn, I haven't come across anyone with such skills. Mostly people either have operations skills or development skills.

Does learning JS and node makes sense ?

https://redd.it/1brjmgz
@r_devops

Is our approach good or do we need to adjust?

Need your thoughts on our CICD approach which I found to be already there in our project when I joined. My domain is test automation so I am focusing on driving the automation of different test levels. Please forgive me when I can not explain everything in detail regarding DevOps tools. I am just interested in having a good CICD approach to best as possible implement my vision of automation.

What are we doing? We have about 10-15+ micro services each with its own repository and pipeline. Two teams are working in feature branches. On feature branches unit and component tests are executed as well as additional code scans (fortify, dependency scans, …). How? Every feature branch automatically gets his own (temporary) environment where the service is deployed and ZAP (DAST) scanned.
Then the code is merged via pull requests into „develop“ branch of each service. Now this happens: The pipeline is executed again with all the tests but this time a deployment of the service happens on a permanent environment where services can talk to each other. In addition now integration tests are executed checking the services end to end and between specific services. Again sorry for not being able to explain technically how in details this is implemented.

In addition we have a „uat“ environment and - you guess it - the code is coming from the „uat“ branches. This environment is expected to be more stable - only code which shall go to production later is merged to uat branch and the integration tests validate that the code in uat branch (of each service!!) is working fine with the other code in uat branches of other services.

In general we are talking here about an environment per branch similar to GitLab flow. There is no overhead in environment configuration. The code is „just“ merged from environment to environment. Each service has this set of branches and services of all develop and uat branches (and prod as well naturally) can communicate to each other.

We never did a production rollout yet because the project just started a couple of months ago. What I already can say is that we would need to merge the code to „master“ branch via PR which again calls the pipeline and rolls the software out to production.
Due to the early project stage and because it is hard to find any external references to this approach I am not sure if this approach will work fine for us when it comes to additional features being added later with new services or services which need to be updated, hotfixes needed, etc.

So far so good but will we later end in a merge hell when it comes to merging the code to higher environments (uat and prod)?

Please let me know what you think! Thanks :)

​

​

https://redd.it/1brn6vz
@r_devops

Tekton CI/CD Reusability

Can someone provide a simple example? How to reuse Tekton components?

https://redd.it/1brj8oi
@r_devops

Subscribing to vendors' status pages

I recently found out that you can subscribe to vendors' status pages and be notified whenever something bad happens on their end. This is really useful! I wrote a short blog post about it that explains how to do that:
https://www.merlinn.co/post/get-popular-tool-incident-updates-in-slack

https://redd.it/1brpxeh
@r_devops

Anyone needs a Coursera Plus?

I will be inviting you to use Plus for a year (worth $399) on your email (corporate invites) at $39 and obviously you won't be paying me without any proof that you require from and before you are satisfied. If anyone is needy and actually needs it, can dm me. I'll help them!

https://redd.it/1brqoc3
@r_devops

Cloud Native AI - The buzzword

I write monthly newsletter on DevOps and Cloud Native things! Explore Cloud Native AI in recent issue https://open.substack.com/pub/thatdevopsguy/p/cloud-native-ai-is-the-new-buzzword?r=2lyl0&utmcampaign=post&utmmedium=email

https://redd.it/1bru0v1
@r_devops

Protect prod, cut costs with concurrency in GitHub Actions

Hey everyone, I wrote a post on how to use the concurrency feature in GitHub actions since a lot of folks were unaware of it.


https://blacksmith.sh/blog/protect-prod-cut-costs-concurrency-in-github-actions

https://redd.it/1brvdn9
@r_devops

Project Roadmap for Learning DevOps practices and tooling - Looking for feedback

Background: Network Security Engineer with good knowledge in Python, JS, Bash, Linux, Azure, and AWS. Interested in DevOps. I am not looking into getting a new job. I am just very fascinated by the field and want to learn and fill in the blanks and understand the assets/processes I am protecting on the network.

Challenges: After googling around, and searching Reddit, Pluralsight, and Github, I noticed that most project ideas are very small in scale which is understandable because most are focused on beginners who are looking to get into the field so they need quick wins. In my case, I need something bigger with more functionality and integrations to understand the whole picture.

So based on what I have been reading and watching I came up with a project roadmap. However, before I start, I would appreciate some feedback to know if I am heading in the right direction since I have no immediate contacts with DevOps engineers in my life this subreddit is the best next thing. Please feel free to leave a comment with any tips on making this roadmap better in terms of tooling, services, or overall design. I want this to be as close to a production ENV as possible. My goal is to learn as much as possible about DevOps before the AI gods take over...

# Project Roadmap:

Phase 1: Simple Static Web Application Deployment
Objective: I will deploy a simple, containerized web application to Azure.
Key Focus Areas: Learning Docker for containerization, getting familiar with Azure services, and beginning to use Terraform for Infrastructure as Code.
Azure Services: Azure Container Instances (ACI) for hosting the containerized application, Azure Container Registry (ACR) for storing Docker images.
Outcome: My web application is accessible over the internet, and deployed using a basic CI/CD pipeline.
Phase 2: Expand to a 3-tier Application with Auto-Scaling and High Availability

Objective: I will evolve the application into a full-stack solution with a frontend, backend, and database. I'll implement auto-scaling and ensure high availability.
Key Focus Areas: Architecting a full-stack application, utilizing Azure database services, implementing auto-scaling, and achieving high availability across multiple regions.
Azure Services: Azure App Service for hosting web applications with auto-scaling capabilities, Azure SQL Database or Cosmos DB for data persistence, Azure Traffic Manager or Azure Front Door for high availability and traffic management.
Outcome: My application is resilient and scalable, capable of handling variable loads and maintaining availability during infrastructural changes.
Phase 3: Implement Infrastructure Monitoring and Logging
Objective: I will integrate monitoring and logging solutions to maintain visibility into the application's performance and infrastructure health.
Key Focus Areas: Setting up and configuring monitoring and logging tools, integrating these with the existing Azure infrastructure.
Azure Services: Azure Monitor and Azure Log Analytics for monitoring and logging, Application Insights for application performance monitoring.
Outcome: I have comprehensive monitoring and logging, supporting proactive issue detection and efficient troubleshooting.
Phase 4: Implement Security and Compliance Automation
Objective: I will enhance the project with automated security scans, compliance checks, and vulnerability assessments.
Key Focus Areas: Integrating security tools in the CI/CD pipeline, adopting compliance as code practices, and conducting regular vulnerability scans.
Azure Services: Azure Security Center for security management and threat protection, Azure Policy for enforcing compliance policies.
Outcome: My infrastructure and applications are secure, minimizing the risk of security breaches and data