Dev Container Advice - Standards in legacy projects

I was pointed to this community by a member of r/vscode

My team are exploring devcontainers across multiple repositories that are interdependent (legacy projects we're trying to enhance for better local development).

Devcontainers seem like an excellent solution, and we've managed to get a few working. However, I'm looking on advice on best practices with legacy projects, as the available documentation doesn't seem to cover standards or shared experiences of these - they're very much about setting up new projects.

Here are a few questions we have:

1. Cloning vs. Mounting Code: Is it better to clone the repository into the container or mount the local code into the container? Mounting seems preferable despite the performance hit.
2. Using Existing Dockerfiles: All our repositories have existing Dockerfiles. Should we use these Dockerfiles as the base for the devcontainer, or should we create new Dockerfiles in the .devcontainer folder, which feels redundant? However if we were to create new repositories, creating a new Dockerfile in the .devcontainer folder seems logical.
3. Pulling Production Images: We considered using tagged builds of our 'production' images from as the base for our devcontainers. However, we believe this would result in many pulls due to updated base images. Instead, we plan to set up a watch on specific files that impact the base container and create devcontainer-specific images to minimize pulls. Our root Dockerfiles include ARM-specific dependencies that we can't build locally, and this approach addresses that issue. Is this a good practice? Is this a good practice?

Apologies for the basic questions – we've only been exploring this for a week. Any advice would be greatly appreciated.

https://redd.it/1d773cf
@r_devops

Devops Professional Certificate Course under 10 days.

I was interviewing for a company and they have asked me to do a professional devops certification course before I join them.
Problem with that is that the one suggestion they've given in excessively boring and weird.
I want something that is hands on interesting and a Lil fast paced with actual work and not 2 guys chatting about devops topics where I need to nibble on parts of their conversation to make sense about devops

About me :
1. I'm a fresher so don't know jack shit about the field but somehow managed to clear all the interviews.
2. Previous experience of working as a Data analyst ( internship only )
3. The role I'm going to be working in is for data engineering.

Key Requirements :

1. Professional Certificate ( so udemy , Coursera etc won't do cuz would only get completion certificates and AWS and Azure ones are 3 to 6 months long )
2. Should be able to do it under 10 days ( that's the time I have before joining )



https://redd.it/1d73y2d
@r_devops

Stuck in DevOps role

I’ve posted on here before about my current position. I’m an associate DevOps engineer. Have been for a little over a year and a half. I make $61k and everyone says I’m way underpaid. (DMV btw)

But I only have an associates degree in cybersecurity and a year of digital forensics grunt work before I got into this DevOps role.

Everyone tells me on here I’m way underpaid and I’m being taken advantage of and my company is getting cheap labor.

But the thing is I’ve applied and applied and have been getting nothing back.

I know the job market generally sucks rn. But for DevOps some of these requirements are insane. The active secret clearance is what gets me. How are you supposed to have an active TS clearance if the company won’t sponsor you? Also clearances are EXPENSIVE, if you have one, why would you be jumping ship to another job??

8+ years of exp required
Must have bachelors with 4 years exp.

I’m only at an associates with a year and a half of DevOps experience.

My tech stack is Azure, K8s, PostgreSQL DB, Terraform, Azure Bicep, Debian, Ubuntu, Python, Docker, YAML, some node.js.

Kinda stuck here. What do I do?

I’ve got an AZ-900, studying up for the AZ-104. But even if I had AZ-104 I don’t think I’d have much better luck.



https://redd.it/1d7bjdt
@r_devops

DevPod vs VSCode devcontainer extension

What value does DevPod brings compared to the VSCode's devcontainer extension?

https://redd.it/1d7csns
@r_devops

TBD: Where do you draw the line between a long lived branch and a shorts lived branch?

So I am reading about Trunk Based Development and they talk about not having long lived branches.

I find the term subjective. For you, where do you draw the line between "long lived" and "short lived"?

https://redd.it/1d7cpz8
@r_devops

I put together slides for a presentation our teams presenting, and our tech lead only made one edit lol

I ordered our names in alphabetical order just because (not really much thought behind it)..

My name happened to be first, and he swapped my name out for his..

so now its

Lead
Me
Dev
Dev

instead of

Me
Lead
Dev
Dev

Is he insecure? lol

https://redd.it/1d7g0me
@r_devops

Learn Helmfile and Helm

I'm looking for the best way to learn Helmfile , besides the documentation. At least some place where I can find examples on how to use certain features of the tool. For example how to implement post rendering with bash scripts and kustomize. I want to do this declaratively, instead of adding arguments upon execution of the installation command.

https://redd.it/1d7e7cq
@r_devops

What metrics to use for Dynatrace alerts?

What is a good candidate for metrics for Dynatrace alerts?
They have alerts based on service failures or response time but I believe it's also possible to use custom metrics based on the log analysis, e.g. number of purchase per day, etc.
Dynatrace has so called anomaly detection for those alerts. Which means it should be based on AI analysis of the metrics. Does anyone use it?




https://redd.it/1d7hlbj
@r_devops

Resumes (I know…)

Today I got handed a stack of resumes to peruse through, and it got me wondering - how do you keep yours updated/hiring manager friendly?

Out of all the resumes I looked through today for our Jr position that’s available, some were fantastic (explained their experience with particular tooling, environment etc) and some were absolutely terrible (“I have two years K8’s experience, I use AWS”). It appeared that there wasn’t a happy medium, they were either great or absolutely terrible.

So it got me wondering… AI? Hiring Resume Writers? Using a basic template from MS Word? How do you keep yours up to date or unique to grab attention?

https://redd.it/1d7jeen
@r_devops

Stay in current role or Jump for Kubernetes Experience? Advice needed

Hi everyone,

I’m a DevOps engineer with 5 years of experience at a growing company that I enjoy for the most part. I work from home, pay is good (153k salary, NYC), 9-5. My current role exposes me to a wide range of tech (AWS, CI/CD, Terraform, GitHub/GitLab, ECS/Docker, Datadog, scripting, etc.) and even some Python work with Data and Analytics teams. However, the one thing missing is that feels substantial (to me?) is Kubernetes (k8s) experience – at a previous role I used it for just over 1 year. Our tech stack is composed mostly of EC2/ASG (bootstrapped with poorly written chef from a company we bought, bleh), Lambda, CDNs, some ECS and API GW.

I’m 29, and while my current company offers room for advancement to senior roles and beyond, I’m worried that not having more k8s experience, right now, could impact my career for the worse. There’s a possibility we might use Kubernetes in the future as we are in the early stages of migrating most of our applications to containers and ECS, and if the use case for orchestration arises, but it’s not certain.

Would you recommend jumping to a new job where k8s exposure is guaranteed, or should I stay put and hope for future opportunities with k8s at my current company?

Looking forward to your advice!

# TL;DR:

Enjoy my current DevOps job with good pay and growth potential, but lacking Kubernetes exposure. Should I stay and hope for future k8s opportunities or jump to a new role where it’s guaranteed?

https://redd.it/1d7l2lu
@r_devops

Best app for transcription?

Is there an equivalent of a "Google Recorder" app on iOS? I got a lot of search results when I searched for a transcription apps, but a lot of them seemed a bit fishy. I'm transcribing business meetings, so I'm hoping to find a safer app, e.g. something from Apple, Google, Amzn, MS, etc. Some of the meetings will be in foreign languages, so unfortunately Otter.AI wont work

https://redd.it/1d7ko6d
@r_devops

Switching in devops

Hello,
I am an AWS cloud engineer with an experience of 1 year. I have been very underpaid in my current companny comparing to industry stamdards and I really want to switch to similar role either in AWS cloud engineer or Devops role

I wanted to ask the community if you were a recruiter recruiting for similar role, what would you like the candidate to have for the said role?

My tech stack: AWS , Terraform, python, nodejs, github actions, docker
Certification: AWS SAA

Thank you in advance


https://redd.it/1d7knak
@r_devops

Advice on stopping a persistent attack on one of our api endpoints.

Over the past couple of months we've had a persistent attack on us trying to flood one of our API endpoints. This specific endpoint is for our identity provider path. Our site is within Cloudflare and we have a variety of WAF rules such as rate limiting, blocking by country, blocking by bot score, blocking by JA3 fingerprint. We additionally have F5 finger printing JS on the frontend.

The specifics of the attack are: All IP's are US based. Thousands of unique IPs, all coming from various big datacenters(Comcast, Verzion, etc). All using valid user agents. I'm really having trouble finding anything that can make these attacks unique. Our team is heavily on the infra side but at this point I think at this point we may need to make a functional change in our application and suggest that path to our backend devs...but I'm not sure what that solution looks like. Right now it's just a cat and mouse game that will continue to go. Also as this is our identity endpoint the partner controls a portion of it so we are a bit limited in some aspects.

https://redd.it/1d7k13b
@r_devops

How to Transition from Backend Development to DevOps Engineering 🔄?

I’ve been a software developer for the past 10 years, focusing primarily on backend development. Recently, I've been thinking about switching gears and moving into the DevOps domain.

I’m planning to kick things off with a DevOps course from KodeKloud and aim to complete the CKAD certification afterward.

For those who have made a similar transition or are already in the DevOps field, I have a few questions:

1. Will completing this course and certification be enough to land senior roles in DevOps?
2. What additional skills or experiences should I focus on to make myself a strong candidate for these roles?
3. Any tips or resources that you found particularly helpful during your own transition?

Also, given my 10 years of experience, I’m not looking to start in a junior role. Any advice on making this transition without having to start over at a junior level would be greatly appreciated!

Thanks in advance for any advice or insights! :)

https://redd.it/1d7phm0
@r_devops

Can I add a project which didn't go live?

So basically, I wrote an ansible playbook to orchestrate container deployment in the servers. But my lead refrains from using ansible somehow and thus, it didn't go live. Can I still show it in my resume?
I actually liked the fact that I can trigger the playbook against multiple environments at the same time, bringing up the new containers up in a single command.

https://redd.it/1d7qty2
@r_devops

Software Architecture Diagrams with C4 Model

https://packagemain.tech/p/software-architecture-diagrams-c4

https://redd.it/1d7sz0u
@r_devops

How do you learn advanced techniques like docker performance optimization and parallel testing?

I have troubles grasping these topics are work

https://redd.it/1d7sxpn
@r_devops

Using nginx to forward UI applications

Hi guys,

Right now I have several different UI apps which are on different domains.
I want to move them all to a single domain and separate them by an url path, for example:

www.foo.bar/grafana
www.foo.bar/rabbitmq


The way I've envisioned this is that I'd be using nginx proxy_pass to forward requests to local services with a config like that:

location /grafana/ {
proxypass https://grafana.local/;
proxysetheader X-Forwarded-Host $host;
proxysetheader Accept-Encoding;
subfiltertypes *;
subfilteronce off;
subfilter "src=\"" "src=\"grafana/"
}


, but I've encountered 2 problems:


1. Html is trying to download resources from base domain, not from domain + path. So for example if there is some element in html having src="path/style.css" browser will try to download from www.foo.bar/path/style.css and not www.foo.bar/grafana/path/style.css. This will obviously fail as nginx won't know what to do with this request.
This can be dealt with using "sub_filter" directive (with some pain) so it's not that bad. However, the next problem is much worse.

2. Redirects
The problem is very similar to the previous one. When I go to the grafana index page it redirects me to /login path. The issue is that it will take me to www.foo.bar/login and not www.foo.bar/grafana/login. I haven't found any way of dealing with this and it's preventing me from proceeding. Grafana is kind enough to give you root_url config which is made for situations like these, but rabbitmq or kafka-ui and other services simply don't.

Anyone has any experience with stuff like this?

https://redd.it/1d7tw8w
@r_devops

Help with Hashicorp Vault Audit Logging to Datadog in Kubernetes

Hi all,

I'm running Hashicorp Vault in Kubernetes and need help with audit logging. Here are the issues I'm facing:



1- Local File Limitation: Vault's audit logs only support local files. If the file gets full, Vault stops servicing requests.

2- Data Export: I need to send these logs to Datadog.

Has anyone managed to:

- Mitigate the local file limitation risk?

- Export Vault logs to Datadog or other platform?

Any advice or solutions ideas would be great!

Thanks!

https://redd.it/1d7wmre
@r_devops

Gov consulting?

Does anyone here do any government consulting? Specifically part time or as a side hustle? If so, how did you get into it? Did you bid on a contract?

https://redd.it/1d7xp46
@r_devops

I'm the only white guy in my 20 person team. Everyone else is an H1B from India lol

Our company touts diversity, and this feel like it aint it!

Ive interviewed multiple folks who are not of indian descent and my manager never moves them forward in the process.

It kind of sucks because I definitely do feel left out.

https://redd.it/1d7yuwd
@r_devops