How to prepare for certifications?

Hi guys!
I'm planning to appear for AWS certifications: Cloud Practitioner and SysOps Administrator.
Last year, I tried to pass Azure:104 but I failed by short margin(670), and because of that I lost some confidence. I, although, have a good experience with cloud fundamentals, but whenever I see the questions I very nervous, and get caught off guarded, despite prep.

So, I want your help and advices.....

Thanks!!

https://redd.it/1cc2vv2
@r_devops

HashiCorp joins IBM to accelerate multi-cloud automation

Today we announced that HashiCorp has signed an agreement to be acquired by IBM to accelerate the multi-cloud automation journey we started almost 12 years ago. I’m hugely excited by this announcement and believe this is an opportunity to further the HashiCorp mission and to expand to a much broader audience with the support of IBM.


https://www.hashicorp.com/blog/hashicorp-joins-ibm

https://redd.it/1cc99j9
@r_devops

“DevOps isn’t an entry level role” from an entry level DevOps

As one of the few people who actually did start out as an entry level DevOps Engineer for their first full time IT role out of college, I wanted to give my input on this.

I mostly agree that DevOps is not an entry level role. I wouldn’t recommend what I went through to anyone who could avoid it. Getting to even a minimum level of competence to be productive was filled with horrible growing pains that I didn’t see the entry level Devs come anywhere close to experiencing. Particularly the networking, infrastructure, and some of the containerization concepts were extremely hard to understand with no background. And I have a hard time believing that anyone “entry level” would know Linux to the level required, besides Linux just being boring to study. There was also tons of proprietary knowledge and business process stuff that I just didn’t know how to navigate the way someone with professional experience would have. Everything I mentioned so far is hard to practice or learn on your own compared to other roles, unlike making a simple portfolio website for example.

The other main problem with starting as a DevOps Engineer is that there’s not really a natural progression of tasks you can do as your knowledge increases, unlike developer and other IT roles, and the consequences for mistakes is typically an outage or some other critical.
Another Redditor u/MammothCache pointed out that there’s a very logical progression for how you grow as a SWE. You first start with bug fixes, then features of increasing scope, then to an entire application, API, or data model, ending at a more architect role. A developer can kind’ve just know a programming language decently and how to use google or ChatGPT to be given small tasks.

This doesn’t exist in DevOps. You can’t really just know a tool without understanding other IT concepts & tools with it. Even if you did know just Terraform or just Kubernetes or any DevOps tool really well in a vacuum somehow, you wouldn’t be able to do anything with it by just knowing the syntax and documentation. To make a CI/CD pipeline or troubleshoot an outage is basically already architect level knowledge. You need to know the software, admin/ops, and your DevOps tools to a decent level to be helpful. I would sometimes get jealous of the developers for having such an organic, painless progression compared to me.

I used to hear people say it takes about a year for most entry level/new grad developers to become useful to the business and feel somewhat confident in their skills. I think this is the case for most IT roles. Maybe it’s shorter now with ChatGPT and others massively increasing what Juniors can do, but it would still be completely unfair to give the same timeline to a truly entry level DevOps Engineer that you would an entry level data engineer, web dev, sysadmin, etc.

But it’s an over exaggeration to say that a smart person couldn’t provide more value than their salary after a slightly longer ramp up in the right scenario. I think this may be an ego thing of people trying to make their job sound harder than it is.

The SRE aspects are much easier to progress on from an entry level, so that’s how I started. A lot of monitoring, alerts, & logging. I was also allowed to do some cool Python coding for internal uses. That, plus writing tons of documentation and good ol’ trial by fire until eventually the dots started to connect around 9 or 10 months in. I didn’t study outside of work at all but I did put in long hours often. Through a path like this, entry level DevOps is possible.

Furthermore, a huge reason my ramp up was so rough is that I was at a toxic startup that didn’t train me, had no mentorship, had no documentation, no enforced standards or best practices, you name it. I was told that the Jr. DevOps I was brought on to replace was nearly useless in that same time frame. I pretty much only survived because I have more grit and talent than average.

Where I’m at now takes training juniors and documentation much more seriously,

and I’m really feeling the benefits. I could an entry level engineer having a much smoother time somewhere like here. But, even though it counters my own point, gone are the days when companies will truly train employees and people entering the workforce need to adapt. That’s perhaps the greatest lesson I’ve learned. In my new role, I was basically autonomous from the beginning and that didn’t seem unexpected. I’m effectively treated like a mid-level. That’s just the nature of DevOps in my opinion. You’re either able to do stuff without much hand holding or you’re not able to do anything at all.

I’ll end with a comment. There are some small advantages to starting out as DevOps. I agree that the DevOps ”philosophy” seems to be much rarer and less ingrained in people who switch later. Also, it was very humbling and made me emphasize working well with others, persistence, and doing good research. And we will see more of the business inefficiencies/bottlenecks with our fresher eyes, since new DevOps Engineers at your company will suffer the most from these. There’s more but nothing major. A good employee is a good employee.

Since people may ask, I graduated in 2022 as an Electrical Engineering major with two IT internships then worked as a DevOps engineer for a little under 1.5 years before being laid off in November 2023. The job hunt wasn’t bad for me. I put in ~125 job apps. I had 8 phone screenings, 4 interviews, and got 2 Jr. DevOps Engineer job offers (one remote, one hybrid, both contract-to-hire) at the end of February, plus a third offer for an Electrical Engineering position surprisingly. 5 of the phone screenings came from recruiters, so yeah my numbers from cold applying are a lot worse. I’m not a unicorn in any way(no prestigious university or big tech on my resume) but I do interview pretty well.

TL;DR: I agree that there’s no such thing as entry level DevOps, but it’s 100% possible to start out in DevOps and become useful in a similar timeframe to other IT roles if a company is willing to invest even a moderate amount into training you and by being smart about the task progression they’re given.

https://redd.it/1cc9qi6
@r_devops

Oncall rotation

My work decided today that our principle engineer isn’t going to be apart of our rotation anymore. We are going from being oncall once every 5 weeks to once every 4.

How has your work handled things similar situations?

https://redd.it/1cca5qe
@r_devops

Terraform & Kubernetes

I am new to Terraform, and am currently in the process of re-writing my architecture.

With Kubernetes and terraform, you guys no longer write deployment or service YAMLs? Just double checking before I start using this Terraform Kubernetes provider!

https://redd.it/1ccfi9a
@r_devops

Calyptia and FluentBit

Seeking engineers with either #FluentBit or #Calyptia experience to participate in a virtual fireside chat 🔥 👋 Comment below if interested 🎉 #CloudNative #OSS #Otel #Datadog

https://redd.it/1ccgno7
@r_devops

Why GitLab pipeline stays in "Checking pipeline status"?

Hi Folks! I create a GitLab Pipeline in order to check the **Lighthouse** between two branches.

*This should be the rules:*

* *Doesn't run if you push something into* ***main*** *branch*
* ***Only works*** *when you perform a* ***merge request***
* ***Only should work IF*** *you are doing a* ***merge request to main branch,*** so, *it should't work if you try to merge dev-2 into dev*

**The problems happends when** i try to do a merge request from *dev-2 into dev...*
If you go to this merge request: [https://gitlab.com/RicardoRien/lighthouse\_pipeline/-/merge\_requests/9](https://gitlab.com/RicardoRien/lighthouse_pipeline/-/merge_requests/9)

you can see, that **stays in a infinite load spinner with this message "Checking pipeline status."**

Do you know why? Thanks in advance!

**.gitlab-ci.yml**:

image: cypress/browsers:node14.15.0-chrome86-ff82

stages:
- compare

compare:
stage: compare
script:
- |
# install required dependencies
npm install -g http-server puppeteer [email protected]

# check the current branch scores
http-server . &
sleep 5
lighthouse https://localhost:8080 --output=json --output-path=./current-branch-mobile-score.json --chrome-flags="--headless --no-sandbox" || exit 1
lighthouse https://localhost:8080 --output=json --output-path=./current-branch-desktop-score.json --emulated-form-factor=desktop --throttling-method=provided --chrome-flags="--headless --no-sandbox" || exit 1
CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE=$(node -e "const data = require('./current-branch-mobile-score.json'); console.log(Math.round(data.categories.accessibility.score * 100));") || exit 1
CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE=$(node -e "const data = require('./current-branch-desktop-score.json'); console.log(Math.round(data.categories.accessibility.score * 100));") || exit 1

# Check the main branch scores
# Be aware it's pointing to "main"
git remote set-branches --add origin main
git fetch
git checkout main
http-server . &
sleep 5
lighthouse https://localhost:8080 --output=json --output-path=./main-branch-mobile-score.json --chrome-flags="--headless --no-sandbox" || exit 1
lighthouse https://localhost:8080 --output=json --output-path=./main-branch-desktop-score.json --emulated-form-factor=desktop --throttling-method=provided --chrome-flags="--headless --no-sandbox" || exit 1
MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE=$(node -e "const data = require('./main-branch-mobile-score.json'); console.log(Math.round(data.categories.accessibility.score * 100));") || exit 1
MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE=$(node -e "const data = require('./main-branch-desktop-score.json'); console.log(Math.round(data.categories.accessibility.score * 100));") || exit 1

# logging out the scores and compare them
# exit 1 Pipeline fails
echo "Main branch mobile accessibility score: $MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE"
echo "Current branch mobile accessibility score: $CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE"
echo "Main branch desktop accessibility score: $MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE"
echo "Current branch desktop accessibility score: $CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE"

if [ "$CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE" -lt "$MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE" ] || [ "$CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE" -lt "$MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE" ]; then
echo "Current branch scores (mobile accessibility: $CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE, desktop accessibility: $CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE) are lower than main branch scores (mobile accessibility: $MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE, desktop accessibility:

$MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE)"
exit 1
else
echo "Current branch scores (mobile accessibility: $CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE, desktop accessibility: $CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE) are higher than or equal to main branch scores (mobile accessibility: $MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE, desktop accessibility: $MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE)"
fi

# Add a comment to the merge request
curl --location --request POST "https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/merge_requests/$CI_MERGE_REQUEST_IID/notes" --header "PRIVATE-TOKEN: $PAT" --header "Content-Type: application/json" --data-raw "{ \"body\": \"🎉Lighthouse scores comparison:\n\nMain branch mobile accessibility score: ${MAIN_BRANCH_MOBILE_ACCESSIBILITY_SCORE}\nCurrent branch mobile accessibility score: ${CURRENT_BRANCH_MOBILE_ACCESSIBILITY_SCORE}\n\nMain branch desktop accessibility score: ${MAIN_BRANCH_DESKTOP_ACCESSIBILITY_SCORE}\nCurrent branch desktop accessibility score: ${CURRENT_BRANCH_DESKTOP_ACCESSIBILITY_SCORE}\" }"

only:
refs:
- merge_requests
variables:
- $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main"
except:
- main

https://redd.it/1cch4fd
@r_devops

Using the open-source version of Prometheus to monitor a service on Google Cloud Run?

Hello, I'm wanting to learn how to use monitoring tools. Prometheus sounds like a good OSS to use for monitoring my cloud environment. However, I can't seem to find anything regarding monitoring a Cloud Run service.

I looked through the docs and only found a configuration for Compute Engine?
https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce\_sd\_config

I've also seen that there is a managed service for Prometheus offered by Google Cloud, but I'd rather use a local version on my computer than use a managed service for this. Is this possible?

Also, is Prometheus mainly meant for virtual machines? That seems to be the case in that configuration doc from Prometheus.

I'd appreciate any help.

https://redd.it/1cc98pj
@r_devops

Any platforms using AI for Hiring?

In today's digital landscape, innovation and efficiency are the order of the day, with many companies looking for ways to streamline important necessities like hiring. With the global talent pool and the barriers that come with using traditional hiring methods, companies are unable to tap into the pool of talent and identify the right talents amidst a sea of applicants. Although some companies have built models to help improve hiring practices and identify special talents, I can't help but think that the infusion of AI in hiring practices can help revolutionize the recruitment process.
The use of AI can help companies cut across a vast number of applicants across a promising and talent-filled global pool, especially in tech hiring such as front-end, back-end, and full-stack, to mention a few. Infusing AI with machine learning can refine algorithms that help analyze this vast application process of sifting through resumes and candidate profiles, which will in turn help shortlist the most suitable matches for the required position.
Unlike the traditional hiring process plagued with human bias, nepotism, and favouritism, AI plays an advantage in curbing such vices during hiring. The use of AI can help eliminate conscious and unconscious human biases from hiring processes. This ensures that shortlisted candidates are evaluated based on their qualifications and how they fit the hiring needs, thus improving diversity and inclusivity, one important direction that companies across the world have recently embraced.
In recent times, with the rise of so many startups and businesses needing tech hiring on short notice, the use of AI in hiring processes can help expedite such needs. Infusing AI would help fast-track the screening and shortlisting processes, thus saving time and resources for businesses that need urgent hiring. As mentioned above, AI can help cut through a vast number of applications and select only the top candidates, ultimately speeding up the hiring process.
On a personal note and from personal experience, I would like to believe that the use of AI in hiring processes can aid individuals with non-tech skills in hiring developers. Having suffered from hiring wrongly due to my inability to test the skills of applicants vying for a developer role, I believe infusing AI in hiring processes can solve this problem by offering advanced assessment tools to test a candidate's skill sets, which could help people like me make informed decisions, and in general reduce the risk of mismatch and poor hiring, all of which would harm a business.

https://redd.it/1ccnjqv
@r_devops

Wordpress 0 downtime deployment from Dev to Prod

I have a dev environment for Wordpress (a landing page for a company) running on 2 docker containers (apache2 and mysql). The apache2 sits behind a reverse proxy (currently using NPM). On production environment I only run the apache2 container that connects to the DB which runs as a separate cloud service. When the developer makes all the changes on the dev environment asks me to deploy it to production environment. I have some scripts running to dump the DB, push it and the wp-data file to git repo. On production I pull the repo, parse the sql db file to rename the domain name. Then I create the db with the naming containing the commit ID from git. I bring up the new container and make test curl request to make sure the container can access the db. The final step is to change the upstream name in NPM pointing it to the new container.
This way I achieve deployment with 0 downtime.
This is not ideal but I feel like there are more things to improve. I need some side advices about this.☺️


https://redd.it/1ccny46
@r_devops

Harbor registry upgrade 2.4 to 2.8

TL;DR: migrating images of proxy-cache project in harbor without re-pulling them all due to low bandwidth
I've helm-deployed harbor registry with a proxy-cache project which includes hundreds of images on my k8s cluster. At harbor upgrade docs note of step 6: "The schema upgrade and data migration of the database is performed by core when Harbor starts", so I tried little k8s magic to use the same 2.4.0 pv's for the 2.8.0 pods to use and everything worked as expected, I could pull already-pulled images in the proxy cache project, without running any migration script or something. Worth to note that at "Upgrading Harbor Deployed with Helm" they basically only do a simple helm-upgrade, but I'm not sure it keeps the data from the previous version.
At the core pod of new-harbor I saw that an automatic migrate.go code ran and upgraded the schemas! Which is nice 🙂
That sounds wrong and not best-practice, but at the end of the day - it worked. Plus, it was not a major upgrade. What do you think? Do you have other ideas to do it? Are there any immediate/long-term issues I should take into consideration?
Which PV's should I migrate - only registry or database and redis too? because at their logs I didn't see any automatic migration script.
THANKS A LOT IN ADVANCE!

https://redd.it/1ccpiru
@r_devops

Join us for a FREE course on Automation with Ansible & AWX by TechLatest! Discover the power of Ansible AWX, the upstream project behind Red Hat Ansible Tower, in our new course.

Join us for a FREE course on Automation with Ansible & AWX by TechLatest! Discover the power of Ansible AWX, the upstream project behind Red Hat Ansible Tower, in our new course.

Plus, get access to our Ansible Tower VM for a seamless web-based CI/CD experience. Centralize IT deployment & configuration, manage inventory, schedule jobs, and more—all with a user-friendly graphical dashboard.

Features of our Ansible Tower VM:
🔧 Web-based Ansible Tower environment
🎛️ Role-based access control
📅 Job scheduling
📩 Integrated notifications
🖥️ Remote GUI Desktop
🐟 Fish Shell for enhanced command-line experience

Don't miss out on this opportunity to level up your automation skills! Enroll now and take control of your IT infrastructure with Ansible AWX.

For more information and enrollment, visit https://www.udemy.com/course/automation-with-ansible-awx-free-course-by-techlatest/.

VM Page Link:https://azuremarketplace.microsoft.com/en-us/marketplace/apps/techlatest.blackarch-linux?utm_campaign=blackarch-linux&utm_source=techlatest-website&utm_medium=support-page

https://redd.it/1ccrx2c
@r_devops

Building a Document-Q&A Bot on AWS with Llama3

Hey there! I've crafted a nifty tool called Pluto, which can assist you in creating a document-oriented Q&A bot on AWS. This guide is your roadmap, detailing every step of the way as you develop and launch your own Q&A bot using Pluto, all while harnessing the might of Llama3 and LangChain. The best part? There's no need for you to log into the AWS console at all! All that's required are tokens from GitHub, HuggingFace, OpenAI, and some coding on your end. With this bot, you have the power to designate a specific GitHub repository and then employ the Llama3 model to carry out Q&A sessions based on document content.

https://pluto-lang.vercel.app/cookbook/rag-qa-bot-llama3

https://redd.it/1ccqogm
@r_devops

Choosing a linux for a java developer switching to devops profile?

Hi guys, I´ve been reading around and this seems like a newbies question to ask here but anyway. I´m starting as a Java junior developer and on the side I want to learn about DevOps technologies to switch my profile. Reading other posts the most common linux distros recommendations are Fedora, CentOS, Ubuntu and OpenSuse. The thing is that I read that at some point it´s needed to work with isolated areas, but it can collider with some of the Java work that I do importin libraries and so on (as far as I know).

Should I just pick one that feels good to me and virtualize other so for isolated things or Im lost in a cloud of concepts I dont fully understand?

Edit: I had a couple of years of experience in Ubuntu and Manjaro,

Thank you all

https://redd.it/1ccumm0
@r_devops

What recommendations would you give for the right developer roles to push start-up growth?

Startup growth can be altered by several factors and wrongful hiring can be one of them.

Often, wrongful hiring doesn't mean hiring developers who can't meet the project needs or whose qualifications are falsified. It can often mean hiring the wrong roles as a priority. Most non-tech business owners fall victim to this.

From experience(s), what developer role(s) do you fill first in an app building or MVP stage?

Why is the role the priority? How does it support startup growth? Where do you hire from?

https://redd.it/1ccw779
@r_devops

A DevOps team’s approach to scaling a leading open-source project to over 100k+ Docker and 44k+ Kubernetes deploys

https://plane.so/blog/streamlining-self-hosting-managing-100k-docker-44000-kubernetes-deploys-ease

https://redd.it/1ccwiis
@r_devops

Paycut to move to Devops

I just got an offer from a gov contractor to basically be a DevOps consultant. It would be about a 10k pay cut give or take most would be reduced benefits but it things go well I would get TS clearances sponsored by them. I'm really interested in the offer and think that if I was to take a pay cut for a year or two I would be able to come out on the other side in a much better place. I'm currently at 115 for total comp but have another offer on the table for 150k for a more traditional implementation engineer at an MSP. The problem I have with that offer is it's entirely on-prem focused with no room for growth internally or for the tech (would be boomer boss who during the interview process told me "you can't automate VMware") and it would be 3 or 4x the work I'm doing now.

The other part is I'm interested in DevOps and have been teaching myself python and automating my current position away for some time now. This new offer looks like I wrote it in a wet dream in terms of what tech I would get to play with.

So the question is do you think 2 years as a DevOps engineer would get me back to the 115+ range or even the 150 ish range? Should I focus on just jumping right to a higher paying DevOps job after more study and a few basic certs?



https://redd.it/1cczlja
@r_devops

Troubleshooting AWS IoT Custom Authorizer: Resolving 403 Forbidden Error for MQTT and HTTPS Requests

Hello, I have a AWS IOT custom authorizer that i have configured using this guide: https://docs.aws.amazon.com/iot/latest/developerguide/custom-auth-tutorial.html
I am able to test invoke the authorizer and it works as expected. However when a device through mqtt, or if i use Postman and send a https request, I am getting a 403, Forbidden Message. Can someone help me set this up. The use case is to connect a third party device on to my IOT mqtt network.

Thanks


https://redd.it/1cd15ks
@r_devops

Already Drained

Started a new position as Platform Security Manager where I will be working hands on in DevSecOps, AppSec, and Cloud Security. You can read my other post.

I proposed we use GitLab for CI/CD and have all the reason FOR doing it instead of going through CodePipline which is what the Developers proposed.

We just got a new TPM who has halted the discussion of going with GitLab as our solution, and instead is questioning why I am going with GitLab instead of CodePipline.

Going to make a pros and cons list, but why is he taking it upon himself to insert himself into the discussion on how we choose to architect our infrastructure?
Am I missing something?

On top of this, this is the second time I have been told that they want to switch my title kind of jokingly, but it’s getting old.
First they wanted me as a Security Architect, now they joked about putting me as DevOps.

It’s tiring.

Please all you knowledgeable legends, can you help me come up with a way to own this meeting tomorrow that I feel like I have to prove myself and what I bring to the table, and leave them flabbergasted!

Thank you!

https://redd.it/1cd373v
@r_devops