Shell prompt ideas

I’m working on customizing my shell prompt. It should contain the following:

- current work directory
- git branch/status (if in a git repository)
- current time (hour:minutes)
- terraform version (if in terraform directory)
- terraform workspace (if in terraform directory)
- python version (if in python directory)
- python venv (if in python directory)
- golang version (if in go directory)
- AWS_PROFILE (if exported)
- Last command exit status

Any other suggestions for useful information to display in the prompt?

Many thanks

https://redd.it/1brgjor
@r_devops

Should i take the offer fellas?

Hey, I've had a thread few weeks ago "DevOps is hard". Since I know how to work with Helm, Kubernetes is not that hard anymore :)

Few weeks later I have a offer for lvl 2 Tech support. Requirments are basic UNIX/Linux understanding, troubleshooting skills, basic knowledge of shell scripting languages, experience with some SQL-like, JIRA. Its an entry-level position with 24/7 support schedule.

My question is should I take the offer and keep grinding or stay in my current job(it's in different industry) get paid more and keep learning until I'm ready for Junior DevOps position. Do you think such an experience is helpful for someone who is pursuing career in the field?

https://redd.it/1brjvtx
@r_devops

DevOps eng with 6 YOE, planning to learn JS and Node

Hi Everyone,

I'm a Devops Engineer with 6 YOE, I transitioned from the
Ops side of things being a sysad for 2 years.

I'm very proficient in most of the things related to ops but I would like to learn JS and node to be able to understand the development side of things more efficiently. I use python and bash regularly for scripting so I have good scripting skills but lack the knowledge of data structures and algorithms or the core dev skills.

I personally believe a DevOps engineer with good development and operations skills is like a unicorn, I haven't come across anyone with such skills. Mostly people either have operations skills or development skills.

Does learning JS and node makes sense ?

https://redd.it/1brjmgz
@r_devops

Is our approach good or do we need to adjust?

Need your thoughts on our CICD approach which I found to be already there in our project when I joined. My domain is test automation so I am focusing on driving the automation of different test levels. Please forgive me when I can not explain everything in detail regarding DevOps tools. I am just interested in having a good CICD approach to best as possible implement my vision of automation.

What are we doing? We have about 10-15+ micro services each with its own repository and pipeline. Two teams are working in feature branches. On feature branches unit and component tests are executed as well as additional code scans (fortify, dependency scans, …). How? Every feature branch automatically gets his own (temporary) environment where the service is deployed and ZAP (DAST) scanned.
Then the code is merged via pull requests into „develop“ branch of each service. Now this happens: The pipeline is executed again with all the tests but this time a deployment of the service happens on a permanent environment where services can talk to each other. In addition now integration tests are executed checking the services end to end and between specific services. Again sorry for not being able to explain technically how in details this is implemented.

In addition we have a „uat“ environment and - you guess it - the code is coming from the „uat“ branches. This environment is expected to be more stable - only code which shall go to production later is merged to uat branch and the integration tests validate that the code in uat branch (of each service!!) is working fine with the other code in uat branches of other services.

In general we are talking here about an environment per branch similar to GitLab flow. There is no overhead in environment configuration. The code is „just“ merged from environment to environment. Each service has this set of branches and services of all develop and uat branches (and prod as well naturally) can communicate to each other.

We never did a production rollout yet because the project just started a couple of months ago. What I already can say is that we would need to merge the code to „master“ branch via PR which again calls the pipeline and rolls the software out to production.
Due to the early project stage and because it is hard to find any external references to this approach I am not sure if this approach will work fine for us when it comes to additional features being added later with new services or services which need to be updated, hotfixes needed, etc.

So far so good but will we later end in a merge hell when it comes to merging the code to higher environments (uat and prod)?

Please let me know what you think! Thanks :)

​

​

https://redd.it/1brn6vz
@r_devops

Tekton CI/CD Reusability

Can someone provide a simple example? How to reuse Tekton components?

https://redd.it/1brj8oi
@r_devops

Subscribing to vendors' status pages

I recently found out that you can subscribe to vendors' status pages and be notified whenever something bad happens on their end. This is really useful! I wrote a short blog post about it that explains how to do that:
https://www.merlinn.co/post/get-popular-tool-incident-updates-in-slack

https://redd.it/1brpxeh
@r_devops

Anyone needs a Coursera Plus?

I will be inviting you to use Plus for a year (worth $399) on your email (corporate invites) at $39 and obviously you won't be paying me without any proof that you require from and before you are satisfied. If anyone is needy and actually needs it, can dm me. I'll help them!

https://redd.it/1brqoc3
@r_devops

Cloud Native AI - The buzzword

I write monthly newsletter on DevOps and Cloud Native things! Explore Cloud Native AI in recent issue https://open.substack.com/pub/thatdevopsguy/p/cloud-native-ai-is-the-new-buzzword?r=2lyl0&utmcampaign=post&utmmedium=email

https://redd.it/1bru0v1
@r_devops

Protect prod, cut costs with concurrency in GitHub Actions

Hey everyone, I wrote a post on how to use the concurrency feature in GitHub actions since a lot of folks were unaware of it.


https://blacksmith.sh/blog/protect-prod-cut-costs-concurrency-in-github-actions

https://redd.it/1brvdn9
@r_devops

Project Roadmap for Learning DevOps practices and tooling - Looking for feedback

Background: Network Security Engineer with good knowledge in Python, JS, Bash, Linux, Azure, and AWS. Interested in DevOps. I am not looking into getting a new job. I am just very fascinated by the field and want to learn and fill in the blanks and understand the assets/processes I am protecting on the network.

Challenges: After googling around, and searching Reddit, Pluralsight, and Github, I noticed that most project ideas are very small in scale which is understandable because most are focused on beginners who are looking to get into the field so they need quick wins. In my case, I need something bigger with more functionality and integrations to understand the whole picture.

So based on what I have been reading and watching I came up with a project roadmap. However, before I start, I would appreciate some feedback to know if I am heading in the right direction since I have no immediate contacts with DevOps engineers in my life this subreddit is the best next thing. Please feel free to leave a comment with any tips on making this roadmap better in terms of tooling, services, or overall design. I want this to be as close to a production ENV as possible. My goal is to learn as much as possible about DevOps before the AI gods take over...

# Project Roadmap:

Phase 1: Simple Static Web Application Deployment
Objective: I will deploy a simple, containerized web application to Azure.
Key Focus Areas: Learning Docker for containerization, getting familiar with Azure services, and beginning to use Terraform for Infrastructure as Code.
Azure Services: Azure Container Instances (ACI) for hosting the containerized application, Azure Container Registry (ACR) for storing Docker images.
Outcome: My web application is accessible over the internet, and deployed using a basic CI/CD pipeline.
Phase 2: Expand to a 3-tier Application with Auto-Scaling and High Availability

Objective: I will evolve the application into a full-stack solution with a frontend, backend, and database. I'll implement auto-scaling and ensure high availability.
Key Focus Areas: Architecting a full-stack application, utilizing Azure database services, implementing auto-scaling, and achieving high availability across multiple regions.
Azure Services: Azure App Service for hosting web applications with auto-scaling capabilities, Azure SQL Database or Cosmos DB for data persistence, Azure Traffic Manager or Azure Front Door for high availability and traffic management.
Outcome: My application is resilient and scalable, capable of handling variable loads and maintaining availability during infrastructural changes.
Phase 3: Implement Infrastructure Monitoring and Logging
Objective: I will integrate monitoring and logging solutions to maintain visibility into the application's performance and infrastructure health.
Key Focus Areas: Setting up and configuring monitoring and logging tools, integrating these with the existing Azure infrastructure.
Azure Services: Azure Monitor and Azure Log Analytics for monitoring and logging, Application Insights for application performance monitoring.
Outcome: I have comprehensive monitoring and logging, supporting proactive issue detection and efficient troubleshooting.
Phase 4: Implement Security and Compliance Automation
Objective: I will enhance the project with automated security scans, compliance checks, and vulnerability assessments.
Key Focus Areas: Integrating security tools in the CI/CD pipeline, adopting compliance as code practices, and conducting regular vulnerability scans.
Azure Services: Azure Security Center for security management and threat protection, Azure Policy for enforcing compliance policies.
Outcome: My infrastructure and applications are secure, minimizing the risk of security breaches and data

leaks.

https://redd.it/1brxxut
@r_devops

Reverse proxy options with dynamic lookups

Context: I need a reverse proxy that can dynamically lookup a key in dynamodb and then use a value to interpolate the backend dns entry. For example, I got customer “foo” and he has a “backend” value mapped to “99”, I then send him proxy the request to alb-99.internal. I can’t really have a giant config that is loaded into the proxy because there’s about 100 million accounts. What are my options? It needs to handle about 100k RPS.

I was thinking of using caddy and writing a custom Go module but our company is a node company, so this would be the first non-typescript app. I could also just write in Typescript but I would rather start with a well known reverse proxy with a plugin versus just building another app. Envoy has xDS but I think the config would be too large to pull. Something like nginx with Lua might work too but I’ve haven’t seen Lua work at that scale so I’m not sure. Can traefik do dynamic lookups like this? Any other suggestions out there?

https://redd.it/1bs0n4j
@r_devops

How to get good at MLOps

Hi fellows, I am a chemical engineer turned DevOps Engineer, it's been 1 and half year since I am at DevOps , I am loving it but, I am worried about all the fuss about AI taking over jobs, So I am trying to enhance my skillset and learn MLOps, So has anyone here tried getting into MLOps, Any advice is appreciated.

https://redd.it/1bs3eyu
@r_devops

Need career advice

Hello Guys,
I am from Bangalore, India.
Have around 4 1/2 years of experience in azure. In my first company I only learned about vms, storage account, Linux.
In my current organisation I have exposure to all sorts of services like app gateway,load balancer, az firewall, apim, vms etc...but we don't have docker/containerization and kubernetes. They dont have linux :( That is bit of a background about technical knowledge. I do write small powershell scripts.
Right now I am confused whether I should be pursuing my career further as a devops engineer or should I switch to development. I know the basics of python and java. I have interest in development.
What would be a good path for me take further down road especially in India?
I have heard devops jobs are not very consistent across many companies and it is just another way of calling sysadmin's. Pay-wise/peace of work comparatively which one is better as my career progresses?
Please ignore this post if you feel it is a low quality one. Any advice would be appreciated. I am just confused.

https://redd.it/1bs4961
@r_devops

How to promote aws Terraform from staging to prod?

Hello,

I have a small development fully deployed on AWS...

I manage the infrastructure via terraform and the code deployment via ansible.

I have two folders in my project for terraform:
- one for staging
- one for prod

Once in a blue moon I have some infra changes/updates which i tests in staging g before to go in production...

How do you promote the terraform code from staging to prod? Do I copy and paste?

Sorry, trying to get the best practice here

https://redd.it/1bs7vx8
@r_devops

CypherMate

**🌟✨ Introducing CypherMate: A Leap Towards Secure Corporate Communications**


Today, I am incredibly proud to present CypherMate, an open-source project created by me, designed to revolutionize the way corporations handle secure communications within Slack. In our digital age, the protection of sensitive information is not just a necessity but a cornerstone of successful business operations.


**What is CypherMate?**


CypherMate is a cutting-edge Slack bot designed to make password sharing and sensitive information exchange both secure and effortless. With just a few simple commands, you can encrypt messages, generate one-time secure links, and ensure that your data is accessible only to the intended recipients.
Key Features:

* Encrypt & Decrypt Messages: Securely share encrypted information right within Slack, with easy decryption for the recipient.
* One-Time Secure Links: Share sensitive documents or messages through links that expire after a single use, adding an extra layer of security.
* User-Friendly: CypherMate simplifies complex encryption processes, making secure communication accessible to everyone in your organization.


**Why CypherMate? 🛡**

️
In an era where data breaches can have catastrophic consequences, ensuring the security of your corporate communications is paramount. CypherMate offers:
Enhanced Data Security: By encrypting your messages and using one-time links, CypherMate significantly reduces the risk of data leaks and unauthorized access.


Streamlined Workflow: Securely share information without disrupting your team’s workflow. CypherMate’s seamless integration with Slack means no more switching between apps or complicated encryption tools.


Peace of Mind: Know that your sensitive information is protected with state-of-the-art security measures, giving you the confidence to share what’s important.


**Ideal for Every Corporation**


Whether you’re a startup or a Fortune 500 company, CypherMate is the tool you need to secure your Slack communications. It’s not just about protecting data; it’s about fostering a culture of security and responsibility.





[https://github.com/Pyshios/CypherMate/tree/main](https://github.com/Pyshios/CypherMate/tree/main)





https://redd.it/1bs8u8n
@r_devops

How to start a "DevOps advocacy project"?

Hi, we've decided to try and start a DevOps advocacy project because we've had issues with "organic" learning among developers.

We need to give them a basic understanding of the DevOps principles and the tools and platform we use to run the apps.

I'm not looking for any technical advice but for organizational stuff. How do you go about the "training", how to do it for frontend or backend developers, ideal scope size for the trainings, how often, does pair programming work, etc.?

Thank you all for your insights.

https://redd.it/1bsayfe
@r_devops

AWS hourly spend cost bot

At a former job, we had this AWS cost bot that would post a graph to Slack about our spend on an hourly basis or so and we could see at a glance if there was some weird spike.
Does anyone know what this tool is? I'd like to set one up at my current job. Or do you think it was just something set up using a maybe a lambda and calling some cost explorer api's?

https://redd.it/1bscioc
@r_devops

Failed to connect to your instance after deploying mern app on aws ec2 instance

i dockerized my mern app (Next js, node js , mongodb) and trying to deploy it on aws ec2 instance. when i try to access my backend on port 5000 via aws public ip then it works fine when i try to access frontend then terminal stuck and if i try to reload the terminal then ssh gives error.
i am getting error if i try to reload the terminal
Failed to connect to your instance
Error establishing SSH connection to your instance. Try again later.
. then i have to stop the instance and start the instance. then again backend works fine and when try to access frontend it gives error. this is my folder structure looks like

myecommerce folder then it have two more folders backend frontend nginx (nginx have two files one is dockerfile and second is nginx.conf) docker-compose.yml

this is how my nginx docker file looks like

FROM nginx:latest


RUN rm /etc/nginx/conf.d/*

COPY ./nginx.conf /etc/nginx/conf.d/

CMD [ "nginx", "-g", "daemon off;" \]
this is how my nginx.conf file looks like

events {}

http {
server {
listen 80;
server_name here my aws public ip;

location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
}
}
this is my frontend folder docker file

FROM node:20-alpine

WORKDIR /app

COPY package*.json ./

RUN npm install

COPY . .

EXPOSE 3000

CMD npm run dev
this is my backend folder docker file

FROM node:20-alpine

RUN npm install -g nodemon


WORKDIR /app

COPY package*.json ./
RUN npm install

COPY . .

EXPOSE 5000

CMD ["npm", "run", "dev"\]
this is how my docker-compose.yml looks like

version: '3'
services:
frontend:
image: my frontend image from docker hub
ports:
\- "3000:3000"

backend:
image:my backend image from dockerhub
ports:
\- "5000:5000"

nginx:
image: my nginx image from dockerhub
ports:
\- "80:80"
later i want to setup github ci cd pipelines for it and using custom domain to access the website later. i am not sure if i am using docker-compose i still need to setup pm2. i am also posting my inbound rules i dont know why frontend is not working. guys i am beginner in aws deployment and dockerization. i am improving my skills please help me i am stuck in this from many days i saw alot of videos and watched multiple videos but not a single article or video doing what i am actually trying to do. Thanks in advance


https://redd.it/1bseijj
@r_devops

Failed to connect to your instance after deploying mern app on aws ec2 instance

i dockerized my mern app (Next js, node js , mongodb) and trying to deploy it on aws ec2 instance. when i try to access my backend on port 5000 via aws public ip then it works fine when i try to access frontend then terminal stuck and if i try to reload the terminal then ssh gives error.
i am getting error if i try to reload the terminal
Failed to connect to your instance
Error establishing SSH connection to your instance. Try again later.
. then i have to stop the instance and start the instance. then again backend works fine and when try to access frontend it gives error. this is my folder structure looks like

myecommerce folder then it have two more folders backend frontend nginx (nginx have two files one is dockerfile and second is nginx.conf) docker-compose.yml

this is how my nginx docker file looks like

FROM nginx:latest


RUN rm /etc/nginx/conf.d/*

COPY ./nginx.conf /etc/nginx/conf.d/

CMD [ "nginx", "-g", "daemon off;" \]
this is how my nginx.conf file looks like

events {}

http {
server {
listen 80;
server_name here my aws public ip;

location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
}
}
this is my frontend folder docker file

FROM node:20-alpine

WORKDIR /app

COPY package*.json ./

RUN npm install

COPY . .

EXPOSE 3000

CMD npm run dev
this is my backend folder docker file

FROM node:20-alpine

RUN npm install -g nodemon


WORKDIR /app

COPY package*.json ./
RUN npm install

COPY . .

EXPOSE 5000

CMD ["npm", "run", "dev"\]
this is how my docker-compose.yml looks like

version: '3'
services:
frontend:
image: my frontend image from docker hub
ports:
\- "3000:3000"

backend:
image:my backend image from dockerhub
ports:
\- "5000:5000"

nginx:
image: my nginx image from dockerhub
ports:
\- "80:80"
later i want to setup github ci cd pipelines for it and using custom domain to access the website later. i am not sure if i am using docker-compose i still need to setup pm2. i am also posting my inbound rules i dont know why frontend is not working. guys i am beginner in aws deployment and dockerization. i am improving my skills please help me i am stuck in this from many days i saw alot of videos and watched multiple videos but not a single article or video doing what i am actually trying to do. Thanks in advance


https://redd.it/1bseijj
@r_devops

Container orchestration vs. VM orchestration in the cloud.

I'm trying to understand the specific use cases where we'd prefer to use container orchestration (Kubernetes) as opposed to VM orchestration (Nomad) in a cloud setting.

It seems to me that clearly, if you're focused on batch jobs, you're working with single-purpose VMs that are started then destroyed after doing their specific bit of work, so setting up a VM image to provision them with everything they need would seem to me to introduce less overhead into the cluster, and it wouldn't make much sense to use Kubernetes for a case like this. The distinguishing properties of the cloud that makes it easy to find one or more VMs that match the required scaling seem to me to make it as elastic and malleable as a container-level orchestration.

In what specific cases would you prefer to use Kubernetes?

https://redd.it/1bshdqx
@r_devops