Stormforge.io AI for automating kubernetes resource requests

Has anyone tried this out? I came across an ad for it on Reddit and it seems like it would solve a lot of the issues I'm dealing with in trying to administer a centralised runner solutions to thousands of end users but not allowed go too hard on limits because that will impact developers too much and so on.
I'd love to here if anyone has experience with this product and what their thoughts are?
It kinda seems a bit too good to be true ATM but I havent investigated the pricing models yet
https://www.stormforge.io/

https://redd.it/1d9i7ei
@r_devops

Orchestration solution advice

A project at work is in discovery and implementation round 1. Essentially it is in the "make it work" phase.

I am in a two-person SA team, and we will be the SA's on this new project.



It is going to be a distributed on-prem live service.

The system consists of a physical on-prem central server and an elastic number of on-prem worker hosts.

An example of the type of system being implemented is a self-checkout system in a supermarket - Imagine a server in the back room, and all the self checkouts running their own set of the same services independently.

Note: It is not possible to suggest cloud, as the industry is highly regulated and all site IT departments shutdown all outside lines.



The system is built using .NET and runs each service as a screen. I have been looking into building a case for migrating from screen to a container orchestration solution.

I want to be able to run the exact same set of services on each worker host (node) and be able to run local replicas of these services on each node to facilitate HA and next to zero downtime during software updates.



We are already familiar with Docker Swarm as one of our legacy products used parts it, however I'm not sure it fits the bill here. I toyed around with mode: Global however this replicates a single service instance on all the nodes, whereas I need each node to have it's own service instance and replicas of it.

The other option with Docker Swarm I have thought about is having each node run it's own Swarm with a service stack and a monitoring stack, and have a Portainer and Prometheus instance on the server scrape the Swarms.



I've been playing with a k3s cluster in spare time, and I think the closest thing I can find that fits the spec is a DaemonSet with nodeSelector labels, but I haven't been able to figure out replicas of each service in the set.

Am I on the right track? Is there a way to have local replicas of a DaemonSet on each node in a cluster?



Is there a different orchestration solution I don't know about that does this?



Thanks!

https://redd.it/1d9hczl
@r_devops

Managing deploys to multiple environments with Azure/GitHub Actions

Im looking for a starting point on what is probably a super easy problem to solve: if we have multiple sets of isolated infrastructure that are all considered a part of our overall "Production" environment, what are some good tools for managing the configurations of all these?

For example, we are storing info for each individual client's application instance as separate Github Environments, each with their own secrets/env variables. So, we have 'customerAproduction', 'customerAstaging', 'customerBproduction', 'customerBstaging', etc, each with their own secrets containing Azure credentials for deploy. When running a new release we manually trigger a build & deploy Action on each environment with Environment = customerXproduction and Branch = <releasebranch>. Repeat X times - this has worked fine until now.

It now would be really nice to just select Environment = Production, have the GitHub Environment 'Production' set up so it can connect to another service that contains the configurations for all our production environments (and any secrets associated with each of those) and just runs the same deploy action across them. Are there recommended tools for this sort of thing that it might be worth us looking into, or am I over complicating this and a JSON file / Azure KeyVault / some other centralized key-value store containing the deployment credentials for all of our apps might do the job just as well? We don't do containerized deploys currently.

I'll obviously weigh the pros/cons of all the options for our specific scale and situation, I'm mostly just looking for a few starting points for our research and to make sure we're in the right thought space. Thanks!

https://redd.it/1d9m1bt
@r_devops

How do you measure team performance?

Just curious so a vague question on purpose😊 pls tell me your opinions and experiences

https://redd.it/1d9lpmc
@r_devops

A Comprehensive Guide to API Endpoints


Hi hi! Thought this would be helpful for this group and those newer to API development. We have an educational deep dive on API endpoints including 10 Best Practices for designing them, an overview of the types of endpoints, how they work, the future of endpoints, and how to keep them secure. Enjoy!

And do let us know if you find it helpful or if we ought to do one with more advanced API endpoint techniques/if we missed anything major as it relates to endpoints! :)

https://www.getambassador.io/blog/guide-api-endpoints

https://redd.it/1d9lbid
@r_devops

Azure container apps price and alternatives

I have a few microservices that I decided to setup with azure container app. I created one container app that has nginx and this one is public so it can redirect the calls to the right container app depending on the path. I have 2 other container apps, these are private and are the actual services. Why did I do this? Because I want to have a single endpoint to call from the outside.

I now look at the prices and they say that I need to pay depending on number of requests. Which made me worried a little bit as you pay also for bad URLs. I can setup rate limiting in nginx but even this will not solve the problem of someone slowly making calls to bad paths which gets counted anyway towards the bill.

My questions are: any suggestion on how to handle bad http requests? Any other options apart from using azure container apps?

https://redd.it/1d9qoek
@r_devops

How does Russia block VPN services?

I am not sure if this is the right sub, but I didn't find other more appropriate.

I visited Russia yesterday and found out that the most paid VPN services I used - NordVPN, Surfshark are now banned. Both WireGuard and OpenVPN, even manual setup. I used to say that they wouldn't do it, because many businesses depend on private VPNs and it would break too much, but they seem to be doing it successfully. I had my job VPN working without issues the whole time. I was able to find some less known services in GooglePlay, but it was tricky.

Are they just banning IPs or there is something else? What if I set up my own VPN service and use it alone, is there a high chance that it may be banned too?

https://redd.it/1d9rrk8
@r_devops

Bicep or Terraform?

Nothing to do at work right now so I’m studying AZ-104 and going over the different tools used by DevOps and Cloud Engineers.

I’m trying to build as I study and it seems Bicep is easier to pick up. I would prefer to learn with this over Terraform. Besides popularity, is there any other reason to use Terraform over Bicep? Besides limiting myself to jobs that only use Terraform, am I missing out on anything else?

I’m speaking on just the Azure environment right now.

https://redd.it/1d9rcxb
@r_devops

Will using a custom keyboard layout affect me negatively?

Background:
Ok, I am finishing college, so I am looking for a job.
A company that I applied to for a developer role contacted me saying that they could offer me an interview for an entry level devops role, kinda like a trainee if I was interested.

The question:
I use a custom made keyboard layout. If I were to get this role, could my keyboard layout be detrimental to the execution of my job?

I have no idea how is the day to day in an enterprise setup.

I assume that the common thing is to connect remotely to the company servers and get the tasks done there right?

Am I allow to use my own machine?

If they were to provide the hardware to do my job, I will be stuck with wherever software comes with it, right?

If there are problems that could arise from using a custom keyboard layout, could these be mitigated by carrying around a programmable keyboard with my custom layout configured in it?









https://redd.it/1d9t6ob
@r_devops

Converting rich yaml file into a configmap

I am working on a rich yaml file (Not all are key:value pairs) and when I try to convert it into a ConfigMap ( kubectl create configmap --dry-run=client iiui ---from-env-file=my-file.yaml --output yaml | tee somename.yaml), its outputting a really weird configMap output.

How can I achieve converting non key-value paired into a configmap?

https://redd.it/1d9l8jm
@r_devops

Dev testing with trunk based development

I work in a newly built team where we use trunk based development for our microservices - Merges to main trigger the deploys to the dev environment. The problem we are having is the devs are wanting to test their changes by deploying to AWS dev environment before merging to main which i think is creeping into feature based branching strategy.

Any best practices here? Should testing (CI) be improved on the Pull Request step to reduce the need to deploy before merging to main? Or has anyone seen workflows where each dev has their own cloud environment to work on? What else should i consider?



https://redd.it/1da01vm
@r_devops

Suggestions for a new learner

I'm a backend developer with several years of experience across different companies and tech stacks. Recently, I was assigned the DevOps role at my workplace after the previous DevOps engineer left. I've always been curious about DevOps and even asked my team lead for a chance to work in this area. However, I got the role suddenly, with only a month to transition from the previous engineer.

While I've always considered myself good at adapting and learning new skills, this role has been challenging. The previous DevOps engineer was very advanced, and despite his efforts to help me get started, there's a lot to take in. Much of it comes down to learning from experience, and I feel like six months of working alongside him would have been more ideal.

Now, I'm working hard to catch up with all these new responsibilities, but I'm struggling with imposter syndrome because my team has high expectations for me. I could really use some advice on how to manage this transition. Additionally, if you could recommend any tutorials, books, or other resources, that would be great.

For context, we are using AWS, GitHub Actions, Docker, Kubernetes, Terraform, and Rancher. I have a basic understanding of these tools from my recent efforts, but I feel like I lack depth in some areas. Thanks in advance!

https://redd.it/1da36gm
@r_devops

Cloudwatch billing alarm estimated charges/divided by day of month

Hello,


New to cloudwatch and finding it difficult to configure such an alarm that would trigger when EstimatedCharges metric divided by day of month hits a certain threshold. My goal here is to have early warning mechanism that would indicate that I crossed a 'forecasted' monthly threshold rather than have a warning when I actually cross the monthly threshold itself

https://redd.it/1da43h0
@r_devops

Tips please

I am new here how to be best in this field any tips ???

https://redd.it/1da4pp6
@r_devops

YouTube playlist with 100 most-watched Kubernetes 2023 conference talks

https://www.youtube.com/playlist?list=PLsaeJ8d49kCmytVToIceU8WEJn4ay6qXv

https://redd.it/1da6d5o
@r_devops

Kubernetes in Action vs Kodekloud

Which is the better resource to really understand Kubernetes well and not just pass the CKA exam? I.e. gaining practical knowledge to use on the job.

I'm not sure how to go about learning Kubernetes, so I'm looking for some advice from those of you who tried either (or both) resources.

https://redd.it/1da96bq
@r_devops

What is the "optimal" means of deploying an application like Wordpress between staging and production?

Wordpress is clearly just one instance of a pretty common application structure (files + DB). But it's widely used so I thought I'd use it as an example.

Let's say that you wanted to provision deployment and production environments - both on cloud-hosted (ie, no local development environment).

Some of the options I've seen:

- Staging plugins. These seem to vary in approach but a lot of them seem to overwrite the database every time (I'm guessing that's not a smart idea). One or two try to do it incrementally.

- Git-based deployment workflows. Seem like a better option to me but I'm not sure how database changes are propagated (and even just doing development in something like Wordpress hard to do a lot without making some DB modifications)

... and I'm sure there are others.

Is there one that's considered categorically the best?





https://redd.it/1da9x2w
@r_devops

Phrase I hate - tiger team

I know the phrase originated with nasa but for gods sake I’m a grown man and I don’t want to be on a team that sounds like a children’s show. Also my devops team seems to be devolving into QA-esque nonesense. Anyone seeing that trend?

https://redd.it/1daatmp
@r_devops

Ansible for configuring VM with GPU

Hey,


Writing my first Ansible script for configuring a GPU VM - Anyone here with experience doing this? What are all the tools you guys configure? So far all I've done is provisioned a VM on Azure with SSH access.


There seems to be lots of 'GPU provisioning playbooks' on GitHub, I'm sure someone here might have a workflow they do for each one of these.

This is for a home project!

https://redd.it/1dacy6v
@r_devops

Question: What tools are you using for cloud visualization?

Overall, what tools are you using to visualize your cloud infrastructure and gain insights into what components are connected to other cloud APIs? For example, do you have a good understanding of which services in Kubernetes are talking to other services? How frequently these are occurring? Do you feel like if you had to onboard a new DevOps engineer/Infra engineer you could show them a mapping of your system easily?

https://redd.it/1dabpj6
@r_devops

Escaping DevOps?

TLDR: I'm pidgeonholed into DevOps because of my recent (last 5 years) of work experience. I really want to get back into actually writing software, has anyone successfully escaped and transitioned back?

---

I am so tired of YAML, managing credentials or begging someone else to do things that I can't access, dealing with code just thrown over a wall, etc... My relationship with on-call feels just shy of PTSD. And since when are developers not expected to check that their shipped code works in staging or prod anymore!?

I have 17 years in the industry so I know I can get another job -- the problem is making sure that I find a great one. I'd love to work directly on a game (even if I did DevOps 50% of the time to be valuable) or another role contributing to open source software. My struggle is that my resume wouldn't reflect great as a recent dev and my dev skills need a bit of brushing up as I spent most of my time working with Python. The other issue is that I've always worked remotely; could not afford to move at this point even if I thought I would not be "feral" in an office environment, haha.

Open to ideas, suggestions, or even just hearing others vent :)

https://redd.it/1daehut
@r_devops