http domain redirection vs https


We've setup a static website on S3 and hosting it through aws cloudfront

The domain is on godaddy so all the DNS records are on it too.


now the redirection is setup like below,

Domain Forwarding: mydomain.com -> https://www.mydomain.com

CNAME: www -> sf76adsf.cloudfront.net


on cloudfront side, the distribution is configured to have alternate domain names with mydomain.com and www.mydomain.com with ACM

now when i'm accessing the website, i can access it from:

https://mydomain.com

https://www.mydomain.com

https://www.mydomain.com

but when i'm trying to access the https://mydomain.com, it's not opening.


can you guys please help me figure out what could be the potential issue??

Thanks

https://redd.it/1dtttrv
@r_devops

Questions about flux as a platform team

I was wondering if there is anyone here using Flux (probably applies to Argo as well) at scale as a platform team.

For example, my team provides the platform (k8s + several other domain specific components) and aims to make it as easy as possible for 100+ app teams to deploy to the platform.

This means we manage a central, shared repo with a very robust Helm chart. Then, each app has its own repo that contains app code and values files for the chart.

My question is, anyone here using flux in a similar model? If not, can you point me to some useful reading material for running this model at scale? I understand how it all works, I just can't wrap my head around making the model more distributed.

We are not tied to Helm and have explored moving to a Kustomize only approach, but that only seemed to add complexity for the app teams (verbose overlays vs a simple values yaml).

Any info or feedback would be appreciated.

https://redd.it/1dttmgd
@r_devops

Reldex – mobile devops and metrics

Inspired from Apdex and DORA metrics, a grading & criteria system tuned for mobile teams. Helps measure how good a release process is – https://www.tramline.app/blog/introducing-reldex

https://redd.it/1dttnrt
@r_devops

Google Cloud Deploy Across GCP Projects?

How (if at all?) are folks using Google Cloud Deploy across GCP projects. My team has separate GCP projects per environment and am looking into Cloud Deploy. I'm envisioning something like this architecture. But I have a few questions before I dive in:

1. Is there anyone out there using Cloud Deploy to release across GCP projects? I can't find any examples or references but it seems possible to have Cloud Deploy in a separate CI/CD project and then have each deploy target point to a different GCP project (dev, staging, prod).
2. If it's common to use Cloud Deploy with multiple GCP projects, how are terraform plan/apply handled as part of the release? It would be ideal if I could conditionally request manual approval for a release if there's a terraform diff. Perhaps hooks could come in handy, but it's unclear to me exactly how.

This feels like a reasonable setup to me, but given the lack of information out there, I'm worried that this is bad practice and that I'm missing the reason why. Any thoughts would be appreciated!

https://redd.it/1dtsbc6
@r_devops

Senior DevOps => DevOps

I've worked at my current placement for 4 years over which time I've been promoted from DevOps Engineer to Senior DevOps Engineer and started to mentor our other guys and perform interviews for new candidates etc.

I am in the market for a new opportunity and I'm wondering if it's "bad" for my resume if I was to accept a role at a company that is hiring a DevOps Engineer vs. a Senior DevOps Engineer.

Like once you're a senior, should you always try to keep this title/role going forward or is it normal to see someone go from Senior to normal just because a company already had Senior engineers (or maybe you just don't want to be a senior)

I would prefer to keep it and I like being a Senior engineer and mentoring folks who are newer to the role but curious what the impact to the optics of my resume would be if a company is only hiring for DevOps vs. Senior DevOps

Any thoughts?

https://redd.it/1du0egd
@r_devops

I’m a self taught game dev solo-developing a fantasy roguelike

Here’s a link for anyone interested in checking it out! https://store.steampowered.com/app/2266780/Ascendant/

https://redd.it/1du54k4
@r_devops

An experimental, refreshing webserver.

Just drop the stuff here for anyone who desperatly needs a simple web server.

S/O to #nginxunit who built a solid ground for this
light webserver with critical modern features:

- Split configuration in multiple short toml files 😱

- Automatic Ssl certificate (no need to think about it) 😏

https://github.com/pipelight/jucenit

https://redd.it/1du639v
@r_devops

Networking to NetDevOps

Are there any network/infrastructure engineers here that have transitioned from regular Network Engineering to NetDevOps/Network Automation?

How easy was the transition, and what did you have to do to adapt?

https://redd.it/1dubfij
@r_devops

How to use udeploy properties in angular

How can one use udeploy properties in angular? In springboot it's simply ${propertyname}

https://redd.it/1dub646
@r_devops

Openssh vulnerability, can't find a RHEL 9 rpm. Do i need to just make one?

I'm new to dealing with situations like this. I have a bunch of RHEL 9 VMs that need the patched 9.8 version of openssh. I am used to just running dnf check-upgrade to see when new versions of packages are available. But there are no updates showing as available and I can't even find an openssh 9.8 rpm for RHEL 9 just searching out on the internet. How do urgent patches like this normally go? Do I wait for an rpm to be made available via official sources or do I need to figure out how to compile one myself?

https://redd.it/1dueq92
@r_devops

Docker course recommendation- 2024

Hi

I'm a python developer with aws cloud knowledge.

I got an opportunity to work as cloud engineer with more devops and less development.

This is an internal switch and my lead asked to get a grip on docker first and gradually move to k8s ( aws eks ) and others

Need your help in suggesting a udemy course for docker in 2024.

I have kodekloud subscription also. Kindly share a course link that covers everything related to docker.

TIA

https://redd.it/1dufdpq
@r_devops

Looking for advice of coaching staff

I’m a team leader of small group containing no more than 10 people. We had a new member joining team 3 months ago , who was just graduated.

I assigned multiple tasks for him, and none of them worked very well, he worked pretty slowly and seems to be very hard to understand my intention. I’m kind of frustrated coaching him, so I want you guys suggestion. I’ll introduce the tasks I assigned and what I saw.

Task 1: Upgrade grafana from 9.3 to 11.0

So I was imagining just backup data, edit image tag and done.

But actually he went to looking at the database difference between the two versions, trying to upgrade grafana and import the old database, hoping this would work.

Task 2: develop cloud controller manager, sync k8s tag to cloud provider

Cloud controller is an event handler for k8s resources, it listens changes of k8s manifest and do some change on cloud provider, so the simplest solution is on every change, sync the tags.

The problem is that the code he gives has no code reuse, say the resource would be created or updated, both would trigger a tag sync, the basic logic is identical but he did not reuse. He claims that the error handling is different so cannot be reused, but it’s written in Go and certainly we can create a function named sync_tag and return error if anything goes wrong wrong, call it in handlers , check the error and then handle the error gracefully.

Even after I told him the way to do that, it still took him half a day to implement it.


Task 3: replace ntp server and client from ntpd to chronyd

This task is quite straightforward, and he did it ok, writing puppet module, test.

But he cannot troubleshoot network issue, we had a few vm that has limited network access, on those machine time sync would fail, he did not find any way to troubleshoot network issue, at last I told him it might be iptables issue and finally he found it and fixed the issue.

So this is the experience of me coaching other staff, do you think there’s anything I can do to be a better coach?

https://redd.it/1duhlmb
@r_devops

Kubernetes cronjob for periodical Cloudflare backups

I've organized a Kubernetes cronjob to make periodical Cloudflare backups in Terraform format and saving them into your repo for easy and fast business continuity plan.

https://github.com/nullniverse/cloudcron

https://redd.it/1dugi7k
@r_devops

How do you manage Datadog integrations at scale?

We are rolling out Datadog but creating an ansible task to roll out each integration seems like a lot of toil. does anyone have any suggestions on how to manage this?

https://redd.it/1dulacy
@r_devops

Github Actions fails to find UnitTest.csproj

I'm currently trying to set up a GitHub actions such that when a PR is made to the developing branch, a series unit test runs on the PR. This is a dotnet application, and here is the dot.yml:

name: .NET


on:
push:
branches: [ "developing" ]
pull_request:
branches: [ "developing" ]


jobs:
build:


runs-on: windows-latest


steps:
- uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.0.x
- name: Restore dependencies
run: dotnet restore
- name: Build
run: dotnet build --no-restore
- name: Test
run: dotnet test --no-build --verbosity normal

Here is how the project is structured: [https://imgur.com/a/EW7YnoG](https://imgur.com/a/EW7YnoG)


When I test out the actions it fails, and I get the following message:

Run dotnet restore

C:\Program Files\dotnet\sdk\8.0.302\NuGet.targets(414,5): error MSB3202: The project file "D:\a\project\UnitTest\UnitTest.csproj" was not found. [D:\a\project\project\project.sln]

Error: Process completed with exit code 1.

I'm not sure how to resolve this, the UnitTest folder is in the project, and it is only in the developing branch, it is not in the Main branch. I have tried adding `run: dotnet restore CBAS/` but that didn't help. Searching online for solution told me that the file name could be too long, but I don't think that's the case with my project. When I run `dotnet restore` locally everything works. Any idea what I should do?

https://redd.it/1duie79
@r_devops

What can you do as a devops to help implement SOC2?

Have you ever been asked to make all the changes necessary to implement SOC2? I read about it and it doesn't seem like something developers or devops can do much about. The only thing I can think of is detecting vulnerabilities, creating unit and integration tests and that's it.

https://redd.it/1duovo9
@r_devops

How to store the value of a secret?

How are one off secrets actual values securely stored in IaC or how is everyone handling secrets and their values?

Normally for generated secrets you can use this example

resource "randompassword" "dbpassword" {
length = 16
special = true
}

resource "vaultgenericsecret" "dbpassword" {
path = "secret/dbpassword"

data = {
password = randompassword.dbpassword.result
}
}


But lets say there is a backup admin password that isn't automatically generated via IaC, maybe for a local app the team created.

Tried searching for this answer, no luck

https://redd.it/1duq1un
@r_devops

Does devops do front end and backend codes?

3 months into this job. Realize I'm being push to do code debug with the same pay scale.

We are talking about ui with react, nodejs with backend. I was doing infra setup


https://redd.it/1dush44
@r_devops

Q about TTS application

Hi everyone I'm curious how easy it is to make an tts app for mobile's with new voices models that can read articles from the web and epubs_pdf files? And how can i find a developer to work with on this project
i know nothing about this field and I'm not even a developer
Thanks

https://redd.it/1duvyoe
@r_devops

Advanced GitHub Actions Techniques

Quick and straight to the point overview of advanced techniques in GitHub Actions with examples that you can try right away.

https://medium.com/@denispalnitsky/github-actions-advanced-techniques-78f0905f2668

https://redd.it/1dv0o97
@r_devops

Just surpassed 1,000 applications. Results: 2 interviews, 0 follow-ups. Where do I go from here?

I've been applying to relevant jobs in my country (non-US) and to any possible remote jobs abroad. And by relevant jobs, I mean I filter LinkedIn using keywords and boolean expressions so the jobs are catered to my skillset. Here are my results.

I really don't know what to do anymore. Am I lacking something as an entry-level applicant in this job market? Is there a particular set of skills that may boost my profile? I'm currently learning Kubernetes, but I don't know if that will change anything job-wise. I don't want to list it on my resume yet until I feel I could pass the CKA exam, so that may take a while. Is there something else worth learning that is easy to pick up on and may help garner the interest of a recruiter or get past the ATS system? (and speaking of ATS, in case you're wondering, I made sure my resume is parseable)

I would have done a master's abroad by now just to get access to another country's job market, but because of inflation, my local currency savings basically cut in half in the last year or so, meaning I only have $5k to my name, just about enough to feed myself and get by for the time being.

https://redd.it/1dv242i
@r_devops