Devops newbie: How Can I Get Started in DevOps Without Professional Experience?

Hi,
I'm new to DevOps and a bit stuck on how to demonstrate my skills. I don't currently work in a role that involves managing large infrastructures or deploying major applications. Most DevOps job ads I see require experience in these areas.
I'm familiar with GitHub Actions, Docker, Docker-compose and CI/CD tools like Jenkins, and I'm currently learning Kubernetes. I've a background in back-end development. I aim to contribute to developing DevOps tools in the future. How would one showcase their work when they're starting out? How can someone like me break into the field?
in golang
Thanks for any advice you can give!

https://redd.it/1c3fbmy
@r_devops

Hello experts I need your help in solving this situation while I am learning.

I am trying to learn and do hands on from freecodecamp. I stumbled into the merge conflict where I tried to resolve using rebase remotely where main and feature branch points to same head. Even after doing it when I try to check the pipeline being run in GitLab I see it has merge blocked and unable to rebase in the UI. What could be the issue there?

https://redd.it/1c3fi0o
@r_devops

Unit testing prometheus alerts

Unit testing alerts is lesser known practice. Here's a quick guide to get you started:

https://www.aviator.co/blog/a-guide-to-unit-testing-prometheus-alerts/

https://redd.it/1c3iqey
@r_devops

nicolaka/netshoot: a Docker + Kubernetes network trouble-shooting swiss-army container

Docker and Kubernetes network troubleshooting can be complex, but the 'netshoot' container provides a set of powerful networking troubleshooting tools that can help resolve these issues. It can be used to troubleshoot container, host, and network namespaces. The container can also be easily deployed using Docker Compose or used as a sidecar container in Kubernetes.

https://redd.it/1c3o630
@r_devops

Does anyone work part-time?

Was recently offered an option to work 3 or 4 days a week (and get paid pro rata). I've been pretty career-focused always wanting to over-deliver and climb the ladder so I'd never really considered it. My previous plan was to save and retire early but having the time now when I'm in my prime and have a young family seems like a much better option. We'd still be ok for money.


My only concern is that i'd struggle to find another job after this one. Has anyone else done this? Were there any downsides I'm missing?

https://redd.it/1c3qkot
@r_devops

Impulsive CTO

I spent 6 months discussing and the last 3 months planning/preparing a major refactor of one of our services - it’s the engine of our entire setup. It’s so badly made a refactor is absolutely paramount.

My objective along with my team was to rebuild it using the same guiding principles and intentions it was supposed to be built on. I asked, along with the head of engineering, the CTO all throughout if he was onboard. He said he was, but did voice he’d eventually like to have a whole different way of processing transactions - which I explained is not possible until we take back control over what we currently have.

At some point we felt like he started to use different terminology. Instead of calling the refactor V1.5, he started using V2. We felt he just kept pushing a whole, radically different setup. We then asked him outright to be exactly clear on our expectations. When we did that he got annoyed and told us to just ‘use your brains and spending hours moaning and we won’t be okay’. He also said we should incrementally get to V2 but let’s just call it that. At that point we felt unsettled but we all did eventually want to arrive at V2, once we took control and had code safety in the v1.5 iteration.

On a Friday, he calls a meeting. This is just before we were supposed to kickoff on Tuesday, and invites the CPO and HOA. He says he doesn’t want us to make the intermediary step and to go straight for V2.

I was furious. I told him and those in the meeting that this was totally unfair and that they had many opportunities to address this. He then said his way or the highway pretty much and even called me ‘too expensive to not draw up plans for his idea’ as I refused to do that as I didn’t believe in it.

What really triggers me is that his new way, completely overlooks all of our microservices, misses out that other teams have built huge product pieces that use the original build processes. The new style would be so different that the entire ‘solar system’ would have to be carefully considered. I couldn’t believe that other members in the meeting entertained it and even began discussing a new way of doing things. I stopped them mid sentence and told them that this is not how we determine solutions just before kickoff and with no regard for SDLC, impact analysis, etc. HOFE was on my side throughout

We clashed pretty hard and I hit pretty hard too. He’s extremely impulsive and unpredictable. He also doesn’t care so much about safety and deprioritises major issues and tells me I overreact on things like losing money, breaches etc.

Has anyone had this kind of issue?

Also for context I made the horrible mistake of caring too much and have worked out of hours regularly - about 20hrs more per week. I’ll never make that mistake again.

https://redd.it/1c3s2j2
@r_devops

How to access private infrastructure from GitHub Actions?

I need to deploy Terraform code which can only be deployed from a specific virtual machine, since only this virtual machine has access to all the required infrastructure. The virtual machine is a private EC2 instance, which can be connected to via EC2-Instance-Connect. Otherwise access is not possible.


What is the recommended way to deploy my resources through GitHub Actions? I don't think private runners would work in that case?


One option would be to use the awscli inside GitHub Actions and use SSH via EC2-Instance-Connect. But I think there might be better solutions, since this seems like an issue which others probably also encountered?

https://redd.it/1c3udrt
@r_devops

How to get helm hook to not continue the upgrade if pre-hook failed

I'm using a helm hook with the "pre-upgrade" annotation to perform upgrades.

According to this, if a pre-hook job fails, it wouldn't perform the upgrade. But in my case, for some reason, if the pre-upgrade job fails, it still performs the upgrade.

Is there a way to prevent that? Thanks ahead!

https://redd.it/1c3u57f
@r_devops

Advice Needed: Upskill or Apply Now? (DevOps Engineer)

Hey!!

Here a DevOps Engineer with 5+ years of experience looking for some guidance on my next career move. I've been feeling a bit stagnant in my current role and am eager for a new challenge and a competitive salary increase.

Here's my current skillset:
Strong foundation in containerization technologies (Kubernetes, Docker, Helm)
Experienced with CI/CD pipelines, including DevSecOps implementation
Solid understanding of cloud platforms (AWS and GCP)
While I haven't dived into programming languages yet, I'm actively learning Go.

Now, the real question:

1. Given my background, what would be the best approach for my next step?
2. Should I continue working and apply to new companies concurrently?
Or would it be more beneficial to spend the next few months upskilling before applying?
3. Additionally, I'd love some insights from the community on which tech stacks are currently in high demand for high-paying DevOps roles.

Thanks in advance for your advice!

https://redd.it/1c3wypy
@r_devops

How do you call a team, that focuses on DevEx, DevRel, and PE?

I often see DevOps, Developer Experience, Platform Engineering, and Developer Relations used interchangeably. They overlap a lot and the implementation is always company-specific.

What kind of setups you have seen, know, and where? What are these teams called?


To open up my thinking, here’s a bit longer rant.

So, it’s said that DevOps originated from Agile practices and applies those principles beyond software teams. It’s not a team, since ”agile” is not a team. It extends it with e2e responsibility.

We often talk about Developer Experience, which is the satisfaction and usability of tools, technologies, and processes that developers use in their work. DevOps improves Developer Experience.

The modern ecosystem and the number of tools and resources are overwhelming. As a natural continuum for this cause, Platform Engineering is the enabler of value delivery and limits the scope and complexity of underlying tooling. Product teams do not need to invest time on that and can focus on product development.

I think that Platform Engineering is a logical extension of DevOps. You need DevOps skills to do Platform Engineering.

Developer Relations is an old concept. To summarize: Awareness building, Creating content, Education, Tech demos, Community building, Advocating and sharing knowledge, Empathizing with developers, and Acquiring feedback. It’s meant to prevent information loss between teams.

https://redd.it/1c45jkl
@r_devops

Promtail Metrics and Logs Dashboard

Hello Community,

I’ve just created another Grafana dashboard, this time for Promtail, utilizing Prometheus and Loki datasources. To be honest, I couldn’t find anything maintained and actually looking good/useful. If you notice any important elements missing, please let me know.

In the blog post I explained labels and variables requirements in Prometheus and Promtail

- Github repo
- Grafana Dashboards 20881 ID

https://redd.it/1c45ctl
@r_devops

Resources For Terraform Associate, LP1 Certification, and AWS Developer Associate

Hey guys,

I have worked in the DevOps domain for the past three years and have had extensive hands-on experience, which convinces me to bag up these certifications within the next two months.

I plan on referring to these resources for my preparation. Your fruitful input would be highly appreciated:
1. Terraform Associate - KodeKloud
2. LP1 - TBD
3. AWS Developers Associate - Stephen on Udemy

Can somebody suggest resources if they have cleared the abovementioned certifications or any advice I could benefit from?


https://redd.it/1c45xug
@r_devops

Best Grafana combo to keep tract of aws/azure resource cost

I want to monitor cost of aws and I would like to use Grafana to display cost of all resources with proper tags. What is best combination of grafana maybe telegram to get all the cost dospalyed.

https://redd.it/1c49qvc
@r_devops

Spin-up a Kubernetes cluster on personal computer/laptop

Spin-up a Kubernetes cluster on personal computer/laptop

https://medium.com/linux-shots/spin-up-a-kubernetes-cluster-on-personal-laptop-97a511e28564

https://redd.it/1c4bnyb
@r_devops

Help me understand the DevOps process

Noob here. Just wanted to understand the interaction between dev and DevOps while deploying an application.

1. A developer writes some code
2. The code is deployed through a CI/CD pipeline to the dev env
3. The developer contacts DevOps for the API or how to access the application for testing

Is this how the workflow looks?

How does this process change with the adoption of K8s Gateway API? I’m guessing devs can create and deploy route resources to access the APIs without disturbing DevOps?

TIA 🙏


https://redd.it/1c4eaxq
@r_devops

How can I learn to be more independent at my role?

I was hired as a Junior DevOps and have been learning a lot in the 6 months I've been in this role. My manager is doing great work on finding tasks and projects that span across multiple subjects, so I got to learn a lot of new things really quickly.

It might be my lack of experience, but I'm reliant on my manager handing out tasks for me to do. Some days if he's not available for a while, I find myself without much to work on so I just kind browse this sub, spin up stuff on my KinD cluster, etc.

I was wondering how can I become more independent. A more seasoned DevOps person would probably know how to recognize things that can be improved like missing automations, fixing pain points for our devs, etc. I feel like I'm not even close to a point where I can come to my manager and tell him "look what I've been working on without you holding my hand for a change".

Any tips to improve?

Thanks

https://redd.it/1c4f1tn
@r_devops

Infrastructure from Code (IfC) and winglang

Has anyone tried both or any of these paradigms?

From a first look they seem to me quite similar to the ideas of CDK and CDKTF, but with different branding like "cloud-oriented programming language" for Wingland and IfC for providers mentioned at https://infrastructurefromcode.com/ which seem to be more like Heroku / Vercel / DigitalOcean type of abstractions on top of other cloud providers, at an extra cost. Maybe a better question would be: How do IfC platforms differ from "serverless" cloud offering from providers like the ones mentioned?

https://redd.it/1c4g14b
@r_devops

Considering switch to Blue-Green deploy model, how to handle DB sync?

Hi all,

First of all - I'm not a devops, but a QA Lead, and one of my long term quality goals includes switching my company's deployment model to blue/green (now it's essentially roll out and pray for the best). However, my issue is that each production environment includes a orders database (we're an online retailer), and architects are concerned about discrepancies with orders stored in DB in case we rollback or switch productions. So in a nutshell - I'm looking for a solution, that would keep both blue and green DBs synced with actual information and prevent losing orders, duplication, etc.

My thought is - perhaps some sort of a broker between the two DBs, that would only store and cast this essential info?

Would greatly appreciate any advice.

https://redd.it/1c4g71a
@r_devops

What is OpenID Connect Authentication? A Practical Guide

Hello, devops community,
Today, I present to you a topic that is less discussed and often taken for granted in our daily jobs.
OpenID Connect is among our industry's most widely used and least discussed topics.
Yet, it is so crucial when it comes to granting third-party access to a service provider. Have you seen those "sign-in with Google" before!?
In this guide, I will explain the notion of OIDC using a practical, real-world example: granting GitHub Actions access to an AWS account.
Feel free to ask any questions that come up.
https://developer-friendly.blog/2024/04/14/what-is-openid-connect-authentication-a-practical-guide/


\#oauth2 #oidc #github #aws

https://redd.it/1c4fbhh
@r_devops

Deny rules in RBAC

Hi Guys,
Is it possible to deny a rule on all the RBAC roles?
I want to deny or exclude -
Microsoft.Storage/storageAccounts/generateUserDelegationKey.
By default Contributor, Storage Account Contributor and few others have them and I don't want these roles have this permission.
Is it possible in azure to deny? Kindly let me know, I have tried to check on the internet but not able to find much.

https://redd.it/1c4jfvk
@r_devops

Need advice on giving developers more information on their e2e runs

We're running e2e test suites using Argo Workflows. The flow is basically:

1. Setup the environment
2. Run tests
3. Upload results to our TestOps platform (RPortal)
4. Send Slack message to the team with links to Grafana, RPortal, etc.

Our e2e tests are running on spot nodes which are sometimes relcaimed during the run (they take about 2-3 hours). If the node was reclaimed during the test then there is no output from step 2, which means once the workflow reaches the part where it uploads the results to RPortal, the result is empty and the developers are not sure what happened.

I'm looking for advice on how to improve this flow. We do send Slack messages on failed runs, but they show as failed whether the node was reclaimed or the tests simply failed. In my case, the devs kind of rely on the results in Report Portal, which show as empty. I was thinking I might handle "empty" results by uploading a simple text file as the test results that would state that something went wrong during the workflow which is not related to the tests suite.

Any suggestions would be great :)

https://redd.it/1c4kdjj
@r_devops