Guide to setting up self service with gitops backed by Terraform

Hi can anyone recommend a guide for setting up a git based self service platform, backed by a tacos system?

I've worked with a few of these systems but they've always been built over several years, and I have a chance to start with a clean slate. I have a notion of what I'm looking for, but would like to read a bit more

Is there a set of articles anywhere on this? Ideally I'd like one that covers having a registry/manifests repo as the entry point for developers

https://redd.it/1e0ms08
@r_devops

Send email notification on git pull

Folks, I want to send email notification if there is git pull happen on server for specific repo in specific path. Can anyone suggest how to do that?
I already have the send email python script.

https://redd.it/1e0oq3n
@r_devops

GitHub ARC (Actions Runner Controller)

Edit: title should’ve been “Using GitHub ARC (Actions Runner Controller)”, to clarify it is not a clickbait/seeking attention post.

Does anyone else use ARC in DinD/Kubernetes mode and getting such shitty performances?
If so, how did you encounter the problem, and if you’re getting good performances, PLEASE, what’s your secret man?
Sometimes I wonder if GitHub can handle large scale IPs.. It has so many problems!!

Thanks for the (future) replies.

https://redd.it/1e0pee6
@r_devops

Need guidance for automation

I manage sonarqube self-hosted instance and there's usual admin tasks like user/group management, monitoring quality gate, setting up pipeline integration etc... Since the user/group management aspect of my work is recurring and follows a set pattern, i want to automate this. I know i can make use of api's. I haven't looked into them yet. Just a preliminary opinion.

What would be the best approach for this task? Python? Bash? Ansible?
If you'll are aware of something that already exists for this, please point me to the resource/work.

Expectation:
* Should be able to do sonarqube user/group management remotely

https://redd.it/1e0qadi
@r_devops

Recorded shared ssh and powershell sessions

I've joined a slightly wild west feeling DevOps team, which is doing (and needing) lots off ssh, rdp and winrm sessions.

Culturally I don't think I can get everyone to move to running everything though cac pipelines just yet, but I would like it if there is a transparent way to have recorded ssh/terminal sessions. I don't mind if people can soft-redact parts either, I spend a lot of time making silly typos that would be embarrassing to share l. Are there such tools?



I once saw a talk from someone from GitHub about their "SlackOps", where they could start ssh sessions from inside slack. We have Teams here so I don't want to go down that route...

https://redd.it/1e0ocom
@r_devops

Kintana Package PPM Automation

Hello everyone I hope all is well.

I've joined a new company lately and one of the requirements that we have is that we need to use Kintana PPM software to create packages in order to apply fixes and SQL scripts using the UI/Destop app that they have. Is there a possibility to automate this process through script that would created the packages? I was searching but i could't find a lot of info since kintana is pretty old and legacy software. Does anyone have a solution for this? Maybe kintana has APIs that could use?

https://redd.it/1e0v8uj
@r_devops

Love working in GitHub codespace.

I only recently started coding in GitHub codespace and absolutely love to work there and to know I can access it from anywhere, even coding on my phone. Is there any other cool cloud based coding spaces you guys are using or is GitHub the way to go?

https://redd.it/1e0wv9i
@r_devops

Build a node and python dev container image.

I have a repo where I need node and python. I need to create an image to use as a dev container. I have been tinkering with it on and off for a couple weeks. Here is what I have tried so far.

First, I built an image using an official node image as the base then built python from source.

Second, I built an image using an official debian image as the base, installed node from the nodesource apt repo, and built python from source.

Third, I copied the Dockerfile instructions from the official node and python images.

So far I prefer the third option because it's the most like the official images merged together. How would you approach this task?

https://redd.it/1e0zdq1
@r_devops

Any L&D recommendations?

Hi,

We’re being pushed to spend money on training/development, otherwise they’re going to reduce our teams L&D budget 🙃

On that note, does anyone highly recommend any books/courses/conferences, etc?

Note: budget is £500 per annum.

Thanks in advance!

https://redd.it/1e12o6b
@r_devops

Is Our DevOps Approach Too Extreme? Need Insights

I'm currently working at a startup company. As a Junior Software Engineer with 15+ years of programming (I have been coding since I was a teen) and 4 years of professional experience, I've been leading the development of an API on an AWS EC2 server using Portainer to manage our microservices and containers. Recently, our DevOps colleague proposed that we switch to using AWS CloudFormation to configure our infrastructure so that the server can be destroyed and rebuilt automatically, with all services starting up perfectly every time. This would include our API Gateway and a few other microservices. While I’m currently using Terraform to set up the system, our DevOps colleague prefers CloudFormation to stick to AWS services, and some colleagues are hesitant to use Terraform due to their lack of knowledge on using Terraform.



I argued that this approach is uncommon and perhaps overkill for our needs, as it requires extensive coding to ensure everything runs without errors each time the server is rebuilt. I understand that setting up such automation for disaster recovery is ideal, but what happens if there's a bug in our current setup that we don't notice right away? If the system goes down, we might trigger CloudFormation to rebuild everything, but it could fail during the process, leading to wasted time on configuring and coding the whole thing in the first place. While I see the benefits of automation and reliability in disaster recovery scenarios, I believe it's rare for companies to destroy and rebuild servers frequently, making this setup potentially wasteful of our time and resources. I'd love to hear from others in the industry: is this approach as uncommon as I think, or is it a best practice that we're wise to adopt despite the initial overhead?

https://redd.it/1e139dp
@r_devops

Ansible Vs Chef

Hello,

I am trying to help a prospect evaluate Ansible.

The environment is a mix of Linux & Windows VM’s. They have used chef for several years and have not run into any technical challenges with the tool but recently started using Terraform and would like to use it with AAP.

Any advice on how to effectively navigate the evaluation process is welcome. What I am trying to understand is the pros/ cons of Chef compared to AAP.

https://redd.it/1e1653m
@r_devops

We just launched a no-code CLI platform | Bashnode.dev

We are still very much in the learning stage and trying to find out our user market and who might benefit from this apart from a niche subset of power users.

Our aim is to help developers and enterprises save time and increase efficiency by eliminating the need for complex and single-use Bash scripts.

Bashnode is an online CLI (Command line interface) builder. Using our web-based CLI builder tool, you can easily create your own custom CLI without writing any code.

Try it for free today at bashnode.dev please stick around and give us some feedback on if you would consider integration into your workflow why or why not? We will answer as many questions as we can our aim is to support the community and grow in the field with our first launch!

https://redd.it/1e17rrz
@r_devops

Confused!! What should I do next in devops??

Hey everyone,

I wanted to learn devops in general. There are plenty of roadmaps available in the market that makes a life of a person harder who want to explore. As a student, I want to explore devops and want to get to a level so that i can build and contribute in the real world.

So, can anyone suggest me the ideal roadmap that will help to know what i should do next.

I have learn basic linux stuff and some basic shell scripting from the LFS101. What should i do next? I should jump into cloud or i should learn about docker.. it's so confusing..

And I more doubt which cloud should i choose AWS, GCP or Azure!!

You can share your experience how you did it. And if any free resources which i can follow you can share that too..

Thank you in advance!!

https://redd.it/1e1a8rk
@r_devops

Need help for configuring Apache solr using argocd

Hi, good day. I am working in a project that uses Apache solr. We are using Google Kubernetes Engine for deployment of our applications. Each environment is hosted on different cluster, like DEV, QA, PREPROD, PROD.

In dev environment I have installed the Apache solr in the same cluser using helm. We have argocd installed in all clusters except PROD.

Now I have to install Apache solr in QA and preprod environments. Should I use the argocd to deploy the Apache solr? If yes, how to deploy it using argocd. and how will be patching of the Apache solr done in future.

Any help is much appreciated. Thanks in advance.



https://redd.it/1e1bl86
@r_devops

StD: First KubeOps Webinar on Container Security, 25 July 2024 (German language)

We cordially invite you to the first KubeOps webinar on "Best Practices Container Security - A Guide to Hardening and Quality Classification".   

In this webinar you will learn how to effectively secure your container environments.   



We will share with you our experience in hardening packages and containers and present our proven hardening concept that combines methods for closing security gaps and protecting your containers from threats.   

Learn how to make your container environments robust and resilient with our concepts and approaches.   

Ideal for anyone interested in the security of their container environments and looking for modern and effective approaches to securing their infrastructure.   



⚠This webinar will be held in German. If you are interested in this topic but require an English language version, please let us know.⚠   

The webinar will take place online via Teams and is free of charge.   



Use the event link to register directly: https://events.teams.microsoft.com/event/a96c24ed-69cc-414e-8fbd-b15a14031983@aa3c5ffd-c9a6-4f45-a7db-116f9331f97c

We look forward to your feedback and participation!   

https://redd.it/1e1cv2b
@r_devops

Workflow to Backup Managed Docker Volumes

Hello DevOps Community,

I am currently finding a suitable workflow to back up Docker volumes so that I can roll back in the event of a disaster during the deployment of a new image without the data being damaged by a migration of an application. So I would like to backup the data in a docker volume (or the volume itself) and, for example, temporarily copy it locally somewhere else, then deploy the new version, and then delete the backup sometime later if everything works. Are there people in the community with a suitable workflow for this or even know a tool that makes this procedure easier? Many thanks in advance!

https://redd.it/1e1dfft
@r_devops

SBOM fith syft for all packages installed on a server (not inside a container)

I'm looking for a way to create an SBOM for a red hat host that I would later import into Dependancy Track.

I used syft for creating an SBOM for containers and that works quite well but i would like to know what is the best way to do the same for the OK and packages running on a server (so not inside a container)?

I tried something like: syft scan dir:/ --file /tmp/sbom-server-cyclonedx-json.txt -o cyclonedx-json but not sure if that is the way it is supposed to be done.

https://redd.it/1e1gf1j
@r_devops

HSTR - Easily view, navigate and search your command history with shell history suggest box for bash and zsh.

Never seen this tool posted so thought I'd share.

https://github.com/dvorka/hstr

Easily view, navigate and search your command history with shell history suggest box for bash and zsh. Enjoy

https://redd.it/1e1ho1m
@r_devops

Encryption in AWS: AWS Managed KMS Keys and Service Coverage (with repository of all the key policies)

AWS Managed KMS Keys have key policies (and thus access) managed by AWS compared to Customer Managed Keys (Customer managed) and AWS Owned Keys.  These are all encryption options for resources in AWS. AWS Managed KMS Keys cannot be modified by the customer and often have access implications.  Additionally, visibility and documentation of Managed KMS Keys is limited. We created a GitHub repo that programmatically scans and pulls all the available AWS Managed KMS Keys (39 services out of 117 with integration with AWS KMS) and their key (access) policies.

https://www.fogsecurity.io/blog/encryption-aws-managed-kms-keys

https://github.com/FogSecurity/aws-managed-kms-keys

https://redd.it/1e1iwpm
@r_devops

How to send a message on Teams that a BitBucket PR was created?

Hi all,

My team recently started using the Atlassian stack and with that, migrated our repos from Azure DevOps to BitBucket. We had a connection setup between ADO and Teams to alert us anytime a PR was created, but trying to set up the same flow with BitBucket doesn't seem as straightforward.

I've been googling and researching this and it looks like there used to be a BitBucket integration in Teams but it has been deprecated. What's the best way to handle this in 2024? Thanks in advance for any help!

https://redd.it/1e1iw6m
@r_devops

Leave 130k+10k bonus for 155k Contract to Hire?

I'm a tenured employee now (3 years at a startup-y place) on W2 making 130k USD base and a 10% target bonus.

I have an offer for a more senior role (but not a senior role) at another company for a very similar role of Devops for 155k W2 Contract to hire in 6 months.

Would you leave a comfortable job for a less comfortable job for 25k more?

There was also a time where my new boss was being a jerk but has since calmed down a lot. I'm still a little weary but there is a new manager between me and that boss.

Side note, I didnt get my full 10% bonus because my boss was being a jerk and instead gave me a 8% bonus to fuck with me.

Curious to know what others think? I don't want to be stupid and leave a comfortable job for a less comfortable job just because im salty at my old boss. I'm not sure if its stupid to pass up a 25k base raise or a 12k TC raise. I was aiming for more of a 20k TC raise to move.

https://redd.it/1e1n1vn
@r_devops