Transition from It Support to DevOps

As title says I’m really wanting to learn devops but after carefully researching and seeing the certs is there a “good ground” to get started on somewhere or be exposed to? I’ve been doing supper for over 10 years now and I’m ready for a new challenge.

I’ve taken several IT career questionnaires and it all landed on DevOps/Architect jobs

https://redd.it/1c5msx5
@r_devops

KCL NewsLetter | Node.js SDK, Template Module and Crossplane KCL Function Updates

https://www.kcl-lang.io/blog/2024-04-17-newsletter

Hi fellas!

The KCL programming language latest newsletter is out! (Node.js SDK, Template Module and Crossplane KCL Function Updates). Welcome to read and provide feedback! :心:

​

​

https://redd.it/1c62lkq
@r_devops

HTTP response from upstream proxy?

So I've been handed a task where we have a scenario like this:

Client => Load balancer => Upstream HTTP proxy => example.com

I this scenario, if example.com returns for example 404, I want to log it in my load balancer. I've tried haproxy and envoy and found no solution. Do you guys have any experiences? What can I use? Am I using envoy the wrong way?

https://redd.it/1c63owa
@r_devops

Costs to establish DevSecOps tooling/orchestration

Hi all. If it's not breaking any community guidelines .. what costs are my company looking at to establish *just the tooling* elements of a DevSecOps practice? More than an MVP, and the exec doesn't like free software (they like to know all apps have support). I am mainly looking at a DevSecOps pipeline to package [containerise where possible\] and publish applications onto a few different networks. I know training and other elements will incur separate costs .. thanks for whatever help you are able to provide

https://redd.it/1c646r3
@r_devops

DevOps Engineers reputation is sinking..

Ain't gatekeeping but,

It used to be that if you were really talented and experienced Sys Admin with SWE knowledge or vise versa you'd be a good fit for DevOps. As a matter of fact Google first SRE team was composed of their top 1% SWE's.

Nowadays if you can't code and did some udemy courses on AWS you are marketed a DevOps engineer and all this BS is actively promoted by DevOps engineering channels.

I'm in no shape or form a fu##ing genius - just your typical Devops, but even I was like WOW when just few days ago my colleague confessed that the reason he chose DevOps is because its easy and he can't learn any coding for SWE, or deep linux for System Engineer... sigh

​

https://redd.it/1c65g1d
@r_devops

KodeKloud as a platform for learning and practice?

Has anyone used KodeKloud for DevOps learning? I can see they have a number of topics, from linux to Kubernetes and cloud provider specific resources. What intrigued me mostly are the playgrounds where you can experience without needing to install anything locally. But I don't know how up to date are they with their labs/playground.

https://redd.it/1c659kv
@r_devops

Manual deploy from feature branches to develop stand

If I understand correctly, according to GitOps, git branches must strictly correspond to the stands. That is, if I have Git Flow, the develop branch corresponds to the develop stand, the release corresponds to the release stand, etc. We set up Gitlab CI with deployment to Kubernetes. On the feature/ branches we only have build and tests, on the develop branch we do deployment to the develop namespace. Developers from our company ask us to add a manual deployment from feature/ branches to the develop stand. This is important for them, since one feature may be ahead of another, and management tools cannot solve this. From an implementation point of view, this looks easy, but it seems to us that it will violate GitOps determenism. We thought about making dynamic feature stands, but this is a huge task, because the stand requires integration (database, third-party services). I would like to know your thoughts on this matter. Would it be bad if we allowed deployment from feature branches to the develop stand? How do you organize the branch-stand ratio in your companies?

https://redd.it/1c65w0q
@r_devops

What are some more advanced knowledge channels/courses/sources?

When I am searching for devops related courses or channels, all I see are some quick and easy tutorials which barely scrape topics, usually when I see for example "kubernetes tutorial masterclass" it really means that someone is using official documentation to turn on microk8s or k3s and then deploys on them example app and calls it a day.

It seems impossible to find sources with really deep or advanced topics, even if payed they are usually targeted for total begginers who are wiling to pay 5k to get nice devops jobs.

Do you know any source of more advanced topics or examples for learning about network/security/containarization/etc for someone who isn't total begginer but isn't expert either (3 years of experience in job)

https://redd.it/1c68iwd
@r_devops

After 2 years break, what are the trends/hot stuff now ?

Hi,

I use to be a product architect with hands on everything : lead tech, devops, infra, testing etc...


Since two years, i have a job as a solution architect which is more about theory, diagrams and documentation and making decisions. I did not see a lign of code since then.

I want to go back to the technical stuff and wondering what did i miss for the past 2 years ?

What's the top ranked techno you are using, prod ready so i can start playing with it again and shine in interviews ?

Thx !


https://redd.it/1c68uot
@r_devops

Please explain Devops to me like Iam 5 years old

Hi guys
Iam interested in learning Devops but I don’t know where to start lol.

https://redd.it/1c6b9g7
@r_devops

Switchblade is a viable alternative to Terraform?

As many of you know Terraform no longer being open source is having a huge effect on companies using their platform like SpaceLift. Ive been seeing things on LinkedIn about Boundless Software and their cloud management tool Switchblade solving the problems of code based infrastructure and copyrighted code, has anyone here tried it?

https://redd.it/1c6bbhp
@r_devops

Greenmask release v0.1.10. Database anonymization tool

A [new release](https://github.com/GreenmaskIO/greenmask/releases/tag/v0.1.10) introduces improvements and bug fixes.

[https://github.com/GreenmaskIO/greenmask](https://github.com/GreenmaskIO/greenmask)

Changes:

* Fixed panic caused in `RandomString` transformer
* Fixed wrong table size calculation. Now the table size includes TOAST table size
* Added custom transformer interaction API defaults if not set
* Changed docker workdir to greenmask home
* Removed bucket name from object path prefix

If you are not familiar yet with Greenmask - it is a Database anonymization tool that brings wide anonymization functionalities and techniques. Check out the [Playground page](https://greenmask.io/playground/) to get started

https://redd.it/1c6e37j
@r_devops

Question about Ansible strategies

Hi all!

We've hired an outsourcing company to help us with the automation of a part of our infrastructure. They've been using Ansible and have made a 2000+ lines long playbook (not counting the vars files and the roles that are used in the playbook), that creates 12 different VMs, hardens them, adds roles, DBs, does some configs, etc.

Problem is that, as I said, it's all one huge playbook that does it all. If you want to just do a part of the job (e.g. create one of the VMs) you have to run the playbook with 10+ parameters that are implemented into the playbook and on the backend, the parameters tell Ansible to ignore blocks of the playbook.

Personally, I think that's dumb and we've discussed it, but the company claims that this is the way it has to be done and that we may be loosing flexibility, but we are gaining speed.

Can you advise me on some best practices on the matter? I know it's all a bit vague without the actual playbook, but I just can't believe that it's better to have a huge lump of an unreadable yaml file, as opposed to decoupling it all and having it easier to maintain.

https://redd.it/1c6eloz
@r_devops

Tiron - A new open source automation tool as an alternative to Ansible/Chef/Puppet/Salt

https://github.com/lapce/tiron

A few highlights are: Tiron uses HCL instead of YAML. It has a built in TUI for displaying outputs.

​

https://redd.it/1c6auk8
@r_devops

Kafka UI - For AWS MSK

Hi, I have setup an MSK cluster. But from development perspective MSK does not have any UI to see producers/consumers/topics etc , test pushing messages etc. I can see these from cli but I am looking for a user friendly UI for dev/QA teams.

Is anyone using any UI with kafka (paid or opensource) . I saw kafka-ui (OSS) but had issues connecting it with Okta (+ AD). Has anyone got this setup working? Conduktor seems to provide UI but the setup includes postgres RDS etc, while the solution I am looking for is only for lower environments to be able to test/verify create topics etc.

Any suggestions/pointers would be helpful.

Thanks

https://redd.it/1c6fsaz
@r_devops

What are the recent projects you discovered that you Think will gain a lot of traction now ?

The landscape of devops is biggus hue mungus. Im asking the same question every few months to at least check whats new in areas like:

- cicd

- observability & monitorinh

- application orchestration

- security / compliance

And many other we have to supervise. What are the new OSS and not only projects that you recently had a plasure to work with that greatly improved your work ?

Mostly interested in whats new in the landscape.

https://redd.it/1c6ltf1
@r_devops

How do I mock a Google or AWS EC2 instance?

I want to test some Github action I wrote for deploying a php app, how do I test it without creating a Google or AWS account on my local machine?

https://redd.it/1c6osz7
@r_devops

Ingress Controller Suggestion

I'm looking for a suggestion for an Ingress controller. Currently experimenting native ingress controller in GKE with NEGs and it is very confusing. There are many configurations that are in parallel to K8s way of doing. "BackendConfigs" along with "K8s Services". It comes with its own health checks, etc.. very confusing. I wanted to go with a more "cloud-native" ingress controller. Would really appreciate some recommendations. Few capabilities that are important:

JWT token validation
Sticky sessions, preferably using URL param
CORS
Ability to create multiple Ingresses (or IngressRoute equivalents) behind a single LB

Of course needs to be free & open-source. Thanks!

https://redd.it/1c6qecw
@r_devops

What would the ideal interview process look like?

I don't even know if there is such a thing based on the variability in DevOps roles, responsibilities, expectations, engineering culture, etc.

Nevertheless, it seems clear to me based off my own experiences (on both sides of the table) and from reading the many posts on this sub that most hiring processes aren't efficient at finding talented engineers.

The emphasis on efficiency is critical here. I've been part of some ridiculously lengthy interview processes. Statistically speaking, an 8-hour interview process should be more effective at evaluating a candidate than a 3-hour one, but is it scalable or ethical?

The goal of any interview process should be to evaluate candidates in the least amount of time so that other priorities don't grind to a halt. If you could have an interview process that took 3 days instead of 3 weeks, you would have a much larger pool of candidates. Happily employed candidates don't want to go through a lengthy interview process, but they might if it were very short. Or other candidates who have offers in hand and can't start a fresh 2-3 week process.

In the following section, I'll outline the common practices I've seen used for evaluating the technical chops of an engineer during an interview process. Please note, the focus here is on evaluating the technical skills/knowledge of a candidate (in the most efficient way), there are other factors (culture fit, leadership, etc.) that would inevitably be involved but those are outside the scope of this discussion.

1. Technical screen - Q&A style

This usually happens early in the process with a Principle Engineer.

Pros:

Answers are honest since there isn't time to Google or ask ChatGPT
Showcases candidate's ability to think on their feet
Typically effective at determining specific knowledge

Cons:

Highly dependent on the interviewer
Favors candidates who are confident speakers or good interviewers
Great tech screens don't always mean they're great engineers "on the job"

2. Take-home/offline assignment

I've had large projects where I was paid 8-hours at market rate, but most take-home assignments are designed to be done within 2 hours. Writing Terraform/Ansible to stand up a 3-tier application, writing AWS Config custom rule in Python, diagramming an architecture to support the given requirements, etc.

Pros:

Showcases candidates "on the job" skills (logic, organization, attention to detail, code comments, etc.)
Candidates should be prepared for deep-dive discussions related to the assignment which can alleviate nerves being a factor

Cons:

Have to assume ChatGPT did 95%, puts the burden on the interviewer to find the fakers
Could favor the unemployed candidate who has more time to invest; hard to know if they spent 2 hours like instructed or 8 hours

3. Live exercise

Paired with another engineer they present a problem and you are required to solve it while talking through your solution. Sometimes this is leetcode style, other times this is in a Google doc.

Pros:

Impossible to fake your way through
Candidates that do well should perform well on the job (coding in the given language)

Cons:

Many will do poorly due to the pressure; good engineers could be missed
Depending on the time spent coding day-to-day for typical DevOps roles, might not be the best metric

4. Work trial

This has become more popular in the last few years, but it's still few and far between. Typically 1-2 weeks on-the-job work trial working with the team on some short project.

Pros:

Most effective at determining competency, soft-skills, culture-fit, etc.
Probably the best way to avoid regrettable hires

Cons:

Big time investment, not scalable
Security/IP concerns; malicious candidate could cause harm
Logistical nightmare
Favors unemployed candidate; difficult for an employed candidate to take off 1-2 weeks short notice, and if they don't get hired they've just used a good chunk of their PTO and pissed off their team

Please feel free to add to this list

and I'll make edits.

So, what does the ideal process look like? Is there such a thing as an ideal process that would be widely applicable? If there were an ideal process, would it eventually be reverse-engineered and made obsolete?

Please share your ideas or positive experiences with a focus on efficiency, ethical expectations, and equality.

For the sake of discussion, assume this is for a senior-level position. Feel free to offer suggestions for other levels but I wanted to avoid this derailing about leveling.

https://redd.it/1c6tsas
@r_devops

How do you guys ensure database in production and uat are identical?

My company is facing this issue.

We have many databases in production, using SQL Server and Stored Procedures.

Our operations team may change the database stored procedure in production during maintenance or an issue.

But usually these dont get implemented in UAT due to human error.

How do u guys handle this?

https://redd.it/1c6vtky
@r_devops