How are you managing your s3 buckets?

Scenario, we have a couple hundred S3 buckets to manage and find using cloudformation a bit of a pain.
I was wondering if anyone has any alternative suggestions, looking into terraform and open tofu at the moment.

https://redd.it/1dcj4y6
@r_devops

ChatGPT/Groq/LLM in your terminal?

I'm working on an open source project called SheLLM, which is still pretty experimental. It adds ChatGPT or Groq (self-hosted LLMs coming soon) to your terminal, enabling them to execute commands (after approval), explain your terminal's context, and more.

The reason I started this project is that I often forget many parameters (especially positional ones) for various tools, so I find it really helpful. It can also write snippets, which I use daily, as my aliases and functions have become quite extensive.

Being in the DevOps world, my questions to you are:

1. As DevOps professionals, what are your biggest pains when using a standard terminal?
2. Do you think having "template"-like workflows in your terminal would make your life easier (not scripts with strictly defined and hard-coded variables, but more flexible automation)?
3. Do you often expose secrets/PII/other sensitive data in your terminal, or do you edit it in a safer way?
4. How do you think an LLM can help you in the terminal?
5. How frequently do you use aliases and functions in your terminal, and do you find them becoming unmanageable?
6. Are there specific commands or tools where you frequently forget the syntax or parameters?
7. How do you currently manage repetitive tasks or commands in your workflow?

Your feedback would be incredibly valuable for the development of SheLLM (maybe drop a star?). Thank you!

https://redd.it/1dcwk1r
@r_devops

Platform engineering on Kubernetes

I’ve been designing and implementing cloud platforms for a few years and put together a blog describing tenants of good design https://piotrzan.medium.com/how-to-build-cloud-native-platforms-with-kubernetes-1f0901a63a04

https://redd.it/1dcukok
@r_devops

from Software engineer to Devops Engineer

Hello folks,

I'm a senior software engineer (8 years experience if we can consider this senior :p ) I work as a fullstack Software engineer mainly on web application ( java ,spring and React/Angular stacks) in my last project with my client I have to manipulate kubernetes to deploy the app in all the environments and I started thinking that I can add the devOps skills to my resume. The problem is now I am not sure what Certifications I need, I'm thinking doing CKA and moving to AWS certifications in order to get a DEVOPS job.
I'd love to hear your thoughts and recommandations about this.

Thanks a lot for your time.

https://redd.it/1dcfz03
@r_devops

Struggling to get a single interview (USA)

I got laid off few months ago and since then been actively applying, soon I'll be out of all my savings. Really worried about things. There is a complete lack of response, normally your disappointment in job search would include some ghosting after interviews and some rejections but it’s radio silence this time around. I'm now even applying to local jobs that are asking for office/hybrid. The only thing I can think of is that maybe some hiring managers are turned off by me having no Linkedin? I have 3 years of experience and two proper engineering jobs under my belt.

I have also started to just look up companies and find their postings on their career websites in addition to indeed / LinkedIn but that didn’t help either.

Can someone please shed some light on the current state of things, is anyone getting hired? I think I'd be glad to hear someone got a job offer at this point because it would mean things aren't as bleak. Located in U.S.




https://redd.it/1dctdbe
@r_devops

Optimizing log management with AWS OpenSearch at Chase UK

Hey everyone!

Eugene Tolbakov from Chase UK gave an interesting talk about effectively implementing and managing AWS OpenSearch clusters at the last London Observability Engineering Meetup.

I thought some of you might find this interesting.

You can find the recording here: https://youtu.be/NWrrqRmDa20?si=-haj0rxpjI838JrP

Btw, if you're interested in Observability, make sure you join our Slack Community!

https://redd.it/1dctd8v
@r_devops

Any Sys Admins Successfully Transitioned to DevOps? Share Your Journey!

Hi everyone,

I'm a systems administrator with a few years of experience under my belt, and I'm considering making the switch to a DevOps role. I'm curious to hear from anyone who has successfully made this transition.

- What motivated you to make the switch?
- What skills or knowledge gaps did you need to address?
- Did you pursue any specific certifications or training?
- How did you approach learning new tools and technologies?
- What challenges did you face during the transition, and how did you overcome them?

Any tips, resources, or personal stories would be greatly appreciated. Looking forward to hearing your experiences!

Thanks in advance!

https://redd.it/1dd2zos
@r_devops

Datadog for product analytics?

Does anyone use Datadog RUM for product analytics?

Curious what people think of it vs more typical tools like Mixpanel?

https://redd.it/1dd2p6q
@r_devops

Differences Between Ansible and Jenkins

Hello everyone! 👋

I recently wrote an article comparing Ansible and Jenkins, two popular tools in DevOps. I've added my insights in an article that delves deep into their functionalities, use cases, and where each shines. Whether you're a seasoned DevOps engineer or just stepping into the realm, this comparison might offer some clarity. Check it out here: https://medium.com/@joyanderson1702/ansible-vs-jenkins-which-is-the-right-tool-for-devops-f984c7f33197

https://redd.it/1dd6a0x
@r_devops

SAST for Nodejs application

I have been on this project for 3 months and I know it's time to make some major contributions I have always wanted to push.

Note, my company is relatively stingy with money but I want to make sure the Nodejs app is kinda secure.

I wish for standalone server where we can test these frequently but I know they won't budge, which of the SAST tools for Nodejs are best to use and also can be incorporated into a GitHub Actions pipeline?

I saw NodeGoat but it seems too "heavy" to run.



https://redd.it/1dd8npe
@r_devops

Any hard of hearing / hearing loss person doing DevOps?

I am hard of hearing myself. And deafness imposes many challenges as you may imagine. I am just curious if there are others here like me that are also hard of hearing or similar? What is your story? How did you get your hearing loss? How do you cope with your deafness in a daily routine?

I was born with hearing loss as far as I know. No explanation. In my case I would say that working remotely works much better for me. You have the silence and the accessibility of live captions. In the office is way more difficult.


https://redd.it/1dd8nla
@r_devops

Devops as a felon

Has anyone in here seen any felons (white collar crime) land a job? Looking to switch from a mid tier management job in construction, my uncle is a devops engineer in govt sector and will basically be my pocket tutor while I lock in the skills necessary to do the job but I’m concerned my past will hold me back.

https://redd.it/1ddag04
@r_devops

Jenkins Build Triggers on PR

Context: I have a Jenkins configuration that only triggers the build (and indexes the branch) when PR is created, but doing so also triggers the Jenkins build on the master branch. I tried looking into the env variable hoping I could find something there but there's no such thing that indicates if it's a PR or anything related to that.

How to only trigger builds on a master branch when PR is merged into it, not when PR is created from it?

https://redd.it/1ddbi9s
@r_devops

Is Every development Saturated?

So Guys, I am thinking to start Development from my first year but I have seen many post and videos about that Web development /full stack development is Saturated, I'll join tier 3 college and trying to get a product base company off campus so which development should I start first
Web development, App development, AI /ML,Data Science, Devops, Cloud computing, Block chain, game development? I'm really confused

https://redd.it/1ddaw04
@r_devops

Run ansible via terraform

Is it a common practice. If yes, is it considered good practice as well. In my case I just create some EC-2 Instances:

resource "aws_instance" "instance" {
    ami=var.ami
    instance_type="t3a.micro"
    key_name = var.ssh_key
    iam_instance_profile = aws_iam_instance_profile.ec2_profile.name

    root_block_device {
        volume_size = 30
        volume_type = "gp3"
    }

    count = var.ec2_instance_num

    vpc_security_group_ids=var.ec2_security_groups

    provisioner "file" {
      source = "${path.module}/provision.sh"
      destination = "/home/ubuntu/provision.sh"
    }

    provisioner "remote-exec" {
      inline = [
        "chmod +x /home/ubuntu/provision.sh",
        local.final_provision_command
      ]
    }

    connection {
      type        = "ssh"
      user        = "ubuntu"
      private_key = "${file(var.private_key_path)}"
      host        = self.public_ip
    }
}

And I made this playbook:

---
- name: Configure MariaDB
  become: yes
  hosts: my_hosts
  vars_files:
     - "{{ lookup('env', 'ANSIBLE_DB_SECRETS') }}"

  pre_tasks:
    - name: Ensure MariaDB is installed
      apt:
        name: "{{ item }}"
        state: present
      loop:
        - mariadb-server
        - mariadb-client
    
    - name: Ensure MariaDB is running
      service:
        name: mariadb
        state: started
        enabled: true

  tasks:

    - name: Secure MariaDB installation
      shell: |
        mysql -e "UPDATE mysql.user SET Password = PASSWORD('{{ db_credentials.db_root_password }}') WHERE User = 'root'"
        mysql -e "DROP USER ''@'localhost'"
        mysql -e "DROP USER ''@'$(hostname)'"
        mysql -e "DROP DATABASE IF EXISTS test"
        mysql -e "FLUSH PRIVILEGES"
      args:
        executable: /bin/bash
      no_log: true

    - name: Create database
      shell: >
        mysql -u root -p'{{ db_credentials.db_root_password }}' -e "CREATE DATABASE IF NOT EXISTS {{ db_credentials.db_name }};"
      no_log: true

    - name: Create database user
      shell: >
        mysql -u root -p'{{ db_credentials.db_root_password }}' -e "CREATE USER IF NOT EXISTS '{{ db_credentials.db_user }}'@'%' IDENTIFIED BY '{{ db_credentials.db_user_password }}'; GRANT ALL PRIVILEGES ON {{ db_credentials.db_name }}.* TO '{{ db_credentials.db_user }}'@'%'; FLUSH PRIVILEGES;"
      no_log: true

And I am in deep thoughts should I use terraform to execute it:

resource "local_file" "ansible_inventory" {
  count = local.has_db_conf?1:0
  content = <<EOF
[aws_instances]
%{ for ip in aws_instance.instance[*].public_ip ~}
${ip} 
%{ endfor ~}
EOF
  filename = "${path.module}/ansible_inventory.ini"

  depends_on = [ aws_instance.instance ]
}

resource "null_resource" "ansible_provision" {
     count = local.has_db_conf?var.ec2_instance_num:0

     provisioner "local-exec" {
         command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i ${path.module}/ansible_inventory.ini, -u ubuntu --private-key ${var.private_key_path} ${path.module}/provision_db.yaml"
     }

     depends_on = [local_file.ansible_inventory]
}

Or it may cause more trouble instead??? The goal it to have a single command where I setup a LEMP stack into a server.

https://redd.it/1ddefe4
@r_devops

5 open source SCPs to use for permissions and access control

https://sonraisecurity.com/wp-content/uploads/5-Free-SCPs.pdf

https://redd.it/1ddgrvh
@r_devops

How to find freelance work?

Hello everyone,

I am an DevOps/Infrastructure Engineer at a startup. I have automated most of our systems to the point where my daily workload has become lighter. This newfound free time has sparked my interest in expanding my horizons into contract, consulting, or freelance work to accompany my full time job.

I have tried networking and applying through job boards, but am finding it challenging to make headway in this area. I'm reaching out for advice or tips that could help me land something.

My motivation for exploring these opportunities is twofold: I aim to diversify my income and to continue learning and growing within this field that I deeply enjoy. I am eager to take on more work and further contribute to the world of DevOps.

I appreciate any insights or guidance you can provide. Thank you in advance for your help!

https://redd.it/1ddhmsi
@r_devops

Public cloud to on-prem: Container solution equivalent to ECS?

I've just started on a new assignment. Nearly all of my experience has been with AWS but this new project is on-prem private cloud. Public cloud isn't an option for compliance reasons.

The team I've just joined is wrangling about the container solution for the new platform. The user traffic they get is not that big. It is certain to increase as they scale up, although I couldn't say how much exactly. It doesn't feel like the stack is complex enough to go to K8s just yet. If it was AWS I would probably be pushing for ECS, because it's a good choice for small-to-medium scale workloads, it can go quite a long way before needing to migrate to K8S, and it's pretty straightforward to get going with.

But this is the on-prem world which is all new to me. I'm not sure what ECS equivalents there are, or whether there even are any and maybe it's normal to just go to K8s. Plus I'm aware that thinking of 'equivalents' is perhaps not the right way to approach things, but it is just new territory that I'm trying navigate. They currently use Docker Swarm. I don't know much about it but some people I've spoken to have been quite derisive of it.

Any input? Also curious to hear of experiences from anyone who switched from AWS/public cloud to on-prem, what challenges you found and what kind of things you had to get used to.

Edit: When I say K8s I'm also including managed K8s services like Rancher and Openshift. If we do go with K8s I highly doubt we'll be doing it from scratch, that would be hellish.

https://redd.it/1ddifwi
@r_devops

Let go due to Organization Restructuring

Hey all, unfortunately my position at work has been impacted by organizational restructuring and I was just let go.

This may be a shot in the dark, but whilst this is disappointing and surprising, I am currently actively looking for roles relating to DevOps / Site Reliability / Cloud / Infrastructure.


In my previous role I was a DevOps Engineer and had a robust tech stack including Azure, Kubernetes, Python, SQL Databases, Debian, etc.


If anyone has any open opportunities they know of, or any advice really, that would be greatly appreciated. Thanks in advance.


Resume is here: https://imgur.com/a/4CGAzUz

https://redd.it/1ddkof2
@r_devops

Feeling lost (career journey)

Looking for insight, people's own personal journeys, etc.

I work for an infrastructure provider and stumbled into "DevOps". Day to day, I'm working on deploying physical/virtual infrastructure through automations and pipelines. In that sense, our Dev relationship is bridging the gap between our product team and our Operations teams.

We've been a VMware shop for a long time, and so I don't have that adjacency to public cloud that I see in every job posting. AAP is the majority of my day, gitlab, building out automations in service now, using terraform in places, most of my automations center around provisioning networking(layer 2-3, BGP, etc), firewalls, hypervisors, storage, VMs.

It's been fun, but with the Broadcom acquisition, the money has been drying up, I've seen so many of my work family fired. I've been losing the war to inflation as my pay hasn't kept up with my increasing costs. I'm starting to think I need to find a new workplace. I'm afraid to even go through application cycles because I don't have AWS/Azure on my resume and you just don't see job postings that are akin to who we would hire.

Do I hammer out a cloud cert? What should my approach be to navigating this issue of finding a new employer? It's been a fun 6 years, but I need a new start at a company with healthy financials that are hiring and not constantly downsizing.

https://redd.it/1ddlqlm
@r_devops

AWS RDS SSL/TLS certificate rotation

As RDS SSL/TLS certificate is expiring in August, we wanted to rotate the CA of our Aurora databases. As a first step, I wanted to confirm that there are no clients using SSL/TLS to connect to the databases. I'm relatively new to join my company and confirmed with the developers that we don't use SSL/TLS to connect to the database, and also confirmed by checking the code. However, when I run a query on the database to check the SSL connections on the database, I see the private IPs of the EC2 instances using SSL to connect to the database. Have anyone run into this issue?
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/ssl-certificate-rotation-aurora-postgresql.html#ssl-certificate-rotation-aurora-postgresql.determining-server

https://redd.it/1ddo8lz
@r_devops