Product - Deployment Strategy for different clients

Hi Folks,

I’m seeking your input on the following scenario regarding our deployment process.

# Product Stack:

Backend: Golang
Frontend: React
CI/CD: GitHub Actions
Infrastructure: Oracle Cloud
Containerization: Docker-Compose
Container Management: Portainer

# Current Workflow:

1. Manual Configuration:
We maintain a backend configuration file (`backend.yml`) that contains client-specific URLs.
For each deployment, we manually update the endpoints in backend.yml for different clients, which is time-consuming and error-prone.
2. Build and Deploy:
Using GitHub Actions, we create a Docker build.
We then update the Portainer stack using a Portainer webhook, which pulls the images from GHCR and updates the stack.

# Objectives:

Automate the configuration management for multiple clients to eliminate manual edits.
Deploy a single branch for all clients while ensuring each client gets its respective backend configuration.


Any idea how efficiently we can achieve this

https://redd.it/1e8hjxh
@r_devops

Running queries on production

Hi,
We are a small company in a heavily regulated space with tons of vendors. We usually face this issue of wrong data in our system and have to manually correct it. We used to raise a PR for migration in an repo and use pipeline to run it on prod but we are not allowed to do this if there's PII data (as Github has servers outside our country, so regulation forbids) involved in the query which is usually the case.

Looking for some solution which can help put approvals on the queries, maintain audit logs and if PII then it needs to reside in the country.

https://redd.it/1e8hch5
@r_devops

Best practices to deploy terraform

What are the best practices deploy infrastructure with terraform through pipeline?

https://redd.it/1e8iebc
@r_devops

👋 Hi dudes! I built my first React JS app all of your feedback means a lot to me and it can help develop my skills

https://goliathreaper.github.io/Procrastination/

https://redd.it/1e8jkda
@r_devops

Do you also create resources in Kubernetes with Terraform?

hello. I'm a beginner.

I'm trying to configure Kubernetes for the first time to deploy my website.

I've created a managed kubernetes from a provider called vultr via terraform and installed the necessary helm charts. So far it's been pretty smooth and easy.

But my question is, do you register all the yaml files of the application after that through terraform?

The existing yaml and tf files are formatted differently, so it's quite a hassle to port them over. I'm thinking it might be easier to just use kubectl apply instead of terraform from here on out.

What do you guys think? What is your general choice when setting up Kubernetes with Terraform?



https://redd.it/1e8jipc
@r_devops

Anyone hire someone right out of school for DevOps?

If so, how did it go? My team is considering hiring for an associate/fresh grad.

https://redd.it/1e8llwd
@r_devops

Jenkins Structure

I am a QA and never used Jenkins, but trying to learn it. Now I have more answers than questions. Please help me with the following: If you use Maven, you have a zipped version of your project on the main repo after you do mvn deploy, so how does Jenkins use that? Secondly, if you already have a JAR, why do you need access to GIT. There is no compiled code there? Thirdly, how can continuous integration happen all the time, if you build if you install and deploy only some times?

https://redd.it/1e8o4kp
@r_devops

Does it make sense to base your entire career about Kubernetes?

Worked as a DevOps engineer for 3 years now. Gained great experience with AWS Infrastructure, Terraform, Docker, bash scripting, CICD via Github Actions. Touched Kubernetes a little bit, but now going for my CKA and want to get a lot more proficient in it.

Just wondering if there are any of you that have a role that is almost entirely based around K8s, or do you just see it as another tool you use, rather than a specialisation of your career/future prospects?

I'm also really interested in improving my Go skills, as I really like Cloud Native products and the whole culture around open source with the Linux Foundation.

https://redd.it/1e8pz2f
@r_devops

What are some good slack communities for dev ops help?

Not just looking to get help and leave. I think I can contribute. I find myself coming to reddit/stack overflow when I'm stuck and a slack community would be great.

https://redd.it/1e8rlzc
@r_devops

Can you help audit my nodejs dockerfile?

This docker image takes forever to build every time, even when the change is minor. I was trying to download dependencies in earlier layers in order to avoid running \`npm i\` every time, but it seems like it doesn't work.

FROM public.ecr.aws/lambda/nodejs:20

RUN dnf update
# this lambda has a python co-dependency for music21. These deps are needed for that.
RUN dnf install -y python3 pkgconfig libX11-devel libXi-devel make gcc g++ mesa-libGL-devel

RUN npm i typescript -g

RUN mkdir -p /tmp/app
COPY . /tmp/app
RUN cp /tmp/app/canela-medium.ttf ${LAMBDA_TASK_ROOT}/canela-medium.ttf
RUN cd /tmp/app && npm ci
RUN cd /tmp/app && rm -rf test
RUN cd /tmp/app && npm run build -- --outDir ${LAMBDA_TASK_ROOT}

# Running npm in task root up front should reduce rebuild-time to only typescript compile (hopefully)
RUN cp /tmp/app/package*.json ${LAMBDA_TASK_ROOT}
RUN cd ${LAMBDA_TASK_ROOT} && npm ci --omit=dev

RUN rm -rf /tmp/app

WORKDIR ${LAMBDA_TASK_ROOT}

# Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile)
CMD [ "index.handler" ]

I don't think it's the packahge-lock. It doesn't change much.

https://redd.it/1e8s6nj
@r_devops

what resumes are getting interviews?

hi friends. I was a devops engineer for 6 years working as a federal contractor doing mostly build automation and working closely with development teams. I have been out of the market for 2 years due to health reasons and my resume hasn't gotten picked up for any interviews the past two months. I'm super passionate about automation and have the programming background to do it. I'm confused on how to showcase my skillset to at least get an interview. please help.

https://redd.it/1e8wyqp
@r_devops

Docker for jenkins

I am trying to study up on Jenkins. i understand that Docker Image is just a container, a sort of an end point of Jenkins pipeline, that contains built project that would eventually go to Tomcat. However, what is the whole point of creating an Image. Why it is not possible to incorporate Jenkins with the Docker itself?

https://redd.it/1e91c8r
@r_devops

Got annoyed at work so created a Cloud Formation to Terraform converter

Hey everyone! I am currently a SWE intern and have been working on turning a bunch of our resources from Cloud Formation to Terraform.

And this was taking hours out of my day.

I tried using CF2TF, but I thought it could be improved, so instead, I threw this together over the weekend (Thanks GPT).

Feel free to use it:

https://github.com/aperswal/CloudFormation\_To\_Terraform/tree/master


The converter can be accessed through a Flask web server. You can then upload your cloud formation files and turn them into terraform scripts.

No more vendor lock-in.

No more giving GPT your work.

No more grunt work.

The ReadMe can explain everything else. Hope you all like it!

https://redd.it/1e92jou
@r_devops

Your thoughts on platform for AI accelerated cloud IAM management

So a group of other devops engineers and myself have developed an cool platform for managing all IAM permissions in the cloud. We solve a few things -
1. One click import of all IAM objects from your cloud platform into a Terraform managed repo and state initiation 2. Visual graph style display for all objects and their relationships
3. Changes are performed on the repo by GenAI with freetext input , which creates a pull request automatically - once it gets approved the change gets applied.
4. Integration with company Slack - change requests are received by the app, processed and the relevant stakeholders are sent messages for approval.

5. For regulatory requirements such as SOC2, one click pdf report generation of current permission status, changes that were made during the last quarter etc.

This really helps out with tons of pain points that we experience in our day to day work.
I'd really like to hear your thoughts on this

https://redd.it/1e96dx6
@r_devops

Is there any lightweight remote development solutions ?

I am working in a bank.

We concern security very much.

So the developers(many outsourcing) can only access our code inside a remote desktops(RDP).

We are hosting those remote desktop by virtual machines, the physic computers of developers can only copy files into virtual machines, not verse visa.

but this is very resource consuming, and the the physic computers become RDP client only.

and developers suffering from lagging and connectivity problems.

I am looking for lightweight solutions.

something like, running develops tools(IDE, database client....) in docker, and let docker mount some volumes that can only be accessed inside docker.

does anyone have some experience on this ?

https://redd.it/1e976qw
@r_devops

Got my first internship in IT. Is this a good area to get into DevOps later?

Hi folks! I just got my first job as an intern in observability. I'll be working with SQL and Grafana. I really like DevOps, and I want to know your opinion on whether this internship will be beneficial for my resume to get into DevOps later.

https://redd.it/1e96rch
@r_devops

Confused a bit

Hello guys! I’ve a question obviously regarding devops engineering. Currently I’m talking a Data science Degree im on my second year and honestly I like so much however, my friend does a devops and he got a great job he used to study for less than a year. Because I already know and don’t have to start from the scratch i think to start learning devops along with my university. What do u think guys?

https://redd.it/1e9bmo8
@r_devops

Need some career advice

Hi all,

I have 3 years of experience in DevOps at the same organization based in India. I have worked with various common DevOps tools but haven’t had the chance to work with Kubernetes. My current organization doesn’t use Kubernetes much. I recently cleared the CKA by studying Kubernetes for about 3-4 months.

Now, the issue is that I don’t have any hands-on experience with Kubernetes, and I am finding it difficult to switch to a new job because every interview includes Kubernetes questions, mostly scenario-based, which I find challenging to answer. Could you suggest how I should approach this situation? How can I gain some hands-on experience, such as by creating my own projects? Any input is appreciated.

Thank you in advance.

https://redd.it/1e9csyz
@r_devops

OWASP Zap SAST on Azure Dev Ops

Hi !
Is there any sample projects with preconfigured pipelines, I want to try running SAST on a sample Azure DevOps project using Owasp Zap tool.
Can you guide me for any good resource ?

https://redd.it/1e9garq
@r_devops

overlay2 docker

Hello everyone,

I have three Docker images (with three running containers for each one). When running df, I get this output. I want to understand why I am seeing "overlay" as a filesystem. Also, I know that the values shown in the last three lines are not the actual consumption, but I want to understand that output. If anyone has good resources or can help me understand this, I would appreciate it.

Thanks!


root@vps-b9722401:\~# df

Filesystem 1K-blocks Used Available Use% Mounted on

udev 7985704 0 7985704 0% /dev

tmpfs 1600636 2088 1598548 1% /run

/dev/sda1 162406320 113882840 48507096 71% /

tmpfs 8003176 1564 8001612 1% /dev/shm

tmpfs 5120 0 5120 0% /run/lock

tmpfs 8003176 0 8003176 0% /sys/fs/cgroup

/dev/sda15 106858 6165 100693 6% /boot/efi

/dev/loop4 94080 94080 0 100% /snap/lxd/23991

/dev/loop5 94080 94080 0 100% /snap/lxd/24061

tmpfs 1600632 0 1600632 0% /run/user/0

/dev/loop9 65536 65536 0 100% /snap/core20/2264

/dev/loop0 39680 39680 0 100% /snap/snapd/21465

/dev/loop1 57088 57088 0 100% /snap/core18/2823

/dev/loop6 65536 65536 0 100% /snap/core20/2318

/dev/loop2 39808 39808 0 100% /snap/snapd/21759

/dev/loop10 57088 57088 0 100% /snap/core18/2829

overlay 162406320 113882840 48507096 71% /var/lib/docker/overlay2/8ebc68cf46b422fe00520449fa3a6f73b3b24f809a876ce593d51d655cee4df3/merged

overlay 162406320 113882840 48507096 71% /var/lib/docker/overlay2/f9e8a5d328c6d634d8d9ef163c426f3f0e8ab765f021f538eaeabaed1580c0ec/merged

overlay 162406320 113882840 48507096 71% /var/lib/docker/overlay2/b7bde037021c93ab7127b83d513288488a118c9cf19b2929df112d75a386cbf0/merged

https://redd.it/1e9hsl7
@r_devops

Optimizing Docker Images for Python Production Services

"Optimizing Docker Images for Python Production Services" article delves into techniques for crafting efficient Docker images for Python-based production services. It examines the impact of these optimization strategies on reducing final image sizes and accelerating build speeds.

https://redd.it/1e9imni
@r_devops