Need DevOps Freelance Job

Hii Guys

I am a DevOps Engineer with 4+ years of experience and I have worked in Azure and AWS cloud , and almost worked on all the tools. I am in need of any freelance opportunity . Please let me know if anyone wants any support/help or is hiring anyone. i am ready to work in your time zone. Message me i will share my brief resume with major accomplishments.

https://redd.it/1ee6lur
@r_devops

Runbook automation(execute script) vs lambda

So I am triggering an event bridge such that it executes a script in response of an event
I have 3 choices
1)I can use a lambda and create my own bash script for it
2)lambda with Python scripting
3)execute script action of runbook automation(Python script)

What is the better way to go with and why would you choose that?!Also does it really make a difference since all are serverless?!

https://redd.it/1ee8l41
@r_devops

How to deploy Azure ML batch endpoint from docker image?

Hi, I have my own deep learning task that requires 2-3 different ml models, I built the code and containerized it, i.e. the python env and code is in the docker image.

I am running fastapi servers inside docker to run code.

Deployed it in aws sagemaker async endpoint and it is working fine.

Now, I need to deploy it to azure ml batch endpoint, but there's no documentation as such to deploy it using custom docker container.

Can someone help me?

https://redd.it/1eeab4t
@r_devops

[Helm, Traefik, Nginx]: Application Routing results in 404 :(

Hello, my fellow humans,
I'm currently facing a small issue where I'm kind of stuck.

I'm working on a react application with vite and using React router dom for software routing.

For the deployment Kubernetes, Helm & Traefik are used.

The application originally had only the '/' & '/base'.

Currently, the application now requires more routes to cover the desired features. Thus, I have implemented the following routes in my react application:
- Route Root: '/' // <- This redirect to /base
- Route Base: '/base' // <- This shows a landing page.
- Route Sub1: '/base/A' // <- This shows page 1.
- Route Sub2: '/base/B // <- This shows page 2.

Locally everything works out of the box.


## The Problem:

Upon deployment:
- Navigation through the routes using the application buttons works as expected.
- A manual navigation to the Base or Root result in the application landing page being shown correctly.
- The problem arise upon a manual navigation to either subroutes results in 404 from the nginx.

Here are only the relevant code sections form the relevant files:


## The Code:

### `values.yaml`

```
frontend:
replicaCount: 3
images:
repository: //internal repo name
tag: latest
pullPolicy: Always
port: 8080
targetPort: 8080
healthPort: 8080
urlPrefix:
- /{base:(base(/.*|/\.+.*)?$)}
trimPrefix:
- /base
errorUrls:
- /401.html
- /404.html
- /50x.html
```

### `frontendingress.yaml`

```
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name:application-frontend
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
traefik.ingress.kubernetes.io/router.priority: "10"
traefik.ingress.kubernetes.io/router.middlewares: {{ if .Values.tls.enabled }}redirect-to-https@file,{{- end }} auth@file, {{.Release.Namespace}}-strip-frontend@kubernetescrd
{{ if .Values.tls.enabled -}}
traefik.ingress.kubernetes.io/router.tls: "true"
{{- end }}
spec:
ingressClassName: {{.Values.ingress.class}}
rules:
- host: {{.Values.ingress.host}}
http:
paths:
- path: {{ index .Values.frontend.urlPrefix 0 }}
pathType: Exact
backend:
service:
name: application-frontend-svc
port:
number: {{.Values.frontend.jwtProxy.port}}
{{ if .Values.tls.enabled -}}
tls:
- hosts:
- {{.Values.ingress.host}}
secretName: {{.Values.tls.secretName}}
{{- end }}

```


### `frontendmiddleware.yaml`

```
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: strip-frontend
spec:
stripPrefix:
prefixes:
- {{ index .Values.frontend.trimPrefix 0 }}
```


### `nginx.conf` in the project folder nginx/:

Along with `404.html, 401.hmtl, 50x.html`

```
map $http_user_agent $loggable {
~^kube-probe 0;
default 1;
}

server {
server_tokens off;

listen 8080;

absolute_redirect off;

location "/" {
autoindex off;
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ =404;
add_header Cache-Control "no-store, no-cache, must-revalidate";
}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;

location = /50x.html {
root /usr/share/nginx/html;
}
location = /404.html {
root /usr/share/nginx/html;
}

access_log /var/log/nginx/access.log main if=$loggable;
}

```

In my frontend ive implemented the route as following:

### `Routes.ts`

```
export const AppRoutes = () => {
const hasImageEntitlement = useStore((state) => state.hasImageGenEntitlement);

return [
{ path: Constants.AppRoutes.ROOT_PATH, element: <Navigate to={Constants.AppRoutes.BASE_PATH} /> },
{
path: Constants.AppRoutes.BASE_PATH,
element: <AppLayout />,
children: [
{ path: Constants.AppRoutes.GPT4TURBO_PATH, element: <AppLayout /> },
{
path: Constants.AppRoutes.DALLE3_PATH,

element: hasImageEntitlement ? <AppLayout /> : <Navigate to={Constants.AppRoutes.BASE_PATH} />,
},
],
},
{ path: '*', element: <h1>The route doesnt exist show 404 after resolving the 404 subroute problem</h1> },
];
};

```


### `App.tsx`:

```
const appRouter = createBrowserRouter(
createRoutesFromElements(
<>
{appRoutes.map((route) => (
<Route key={route.path} path={route.path} element={route.element}>
{route.children?.map((child) => (
<Route key={child.path} path={child.path} element={child.element} />
))}
</Route>
))}
</>,
),
{
basename: `${import.iss.oneta.env.VITE_BASE_PATH}`,
future: {
v7_normalizeFormMethod: true,
v7_relativeSplatPath: true,
v7_fetcherPersist: true,
},
},
);
return (
<RouterProvider
router={appRouter}
future={{
v7_startTransition: true,
}}
/>
);
```




I'm devops noob and the guy who set the whole thing up is not around anymore! so im on my own in this matter. Im trying to learn as much as I could. So sorry if i am a bit stupid to see the solution :/

I very much appreciate your help and hope you all have a greate day at least better than mine. :)

Thanks in advance.

https://redd.it/1eee4br
@r_devops

Tomcat server

Im having so much difficulty understanding the deployment part in the tomcat server. Im a newbie to devops and tomcat was part of my course and dont have a lot If technical computer knowledge. I dont understand what context path here means also my Teacher is so lazy they never answer and when they do they take weeks and i want my concern solved asap so My teacher just randomly entered /abc and it worked for him now my question is can context path be anything in the world? And then he put his .war in tmp directory whilst sitting in root on his linux system and went to the war path and put /tmp/warfilename.war and it worked for him. It didnt work for me. What is happening? Why is this happening? I coildnt find any tutorials on this too if anyone can find me some nice tutorial on youtube that would be very helpful.
And reddit is not letting me post a picture here idk why if somebody want to help me pls dm me or comment down below and i will dm 😭

https://redd.it/1eeet14
@r_devops

deploying artifacts with msdeploy.exe

Hi all, we used to have pipelines that would build and deploy at the same time. Now we build and store the artifacts in Azure blob, we used msbuild and deploy on build which would build and deploy to IIS. See example command below:

msbuild.exe project.proj -t:Restore /m /t:Build /t:Clean /p:Configuration=Release /p:EnvironmentName=Prod /p:RunAnalyzers=false /p:DeployOnBuild=True /p:WebPublishMethod=MSDeploy /p:MSDeployPublishMethod=WMSVC /p:AllowUntrustedCertificate=True /p:CreatePackageOnPublish=true /p:MSDeployServiceUrl=$serverDest /p:SkipInvalidConfigurations=true /p:DeployIisAppPath="mainsite/web" /p:UserName=$uname /p:Password=$pass /p:SkipExtraFilesOnServer=True /p:AssemblyVersion=$gitTag /p:nodeReuse=false /p:FileVersion=$gitTag


Now that we have the zipped artifact I am trying to use msdeploy.exe (Web Deploy 3.6) to deploy to the remote server but the msdeploy documentation is not great and I want to be able to use the same options as msbuild but they do not translate to msdeploy. This is what I have

 msdeploy.exe -verb:sync -source:package=azFileName.zip -allowUntrusted -dest:auto,ComputerName=$serverDest,UserName=$uname,Password=$pass,AuthType=Basic -enableRule:DoNotDeleteRule -skip:Directory="/App_Data" -setParam:name="IIS Web Application Name",value="mainsite/web"


is there a way to use msbuild.exe to deploy an artifact with a --no-build option or something?







https://redd.it/1een66c
@r_devops

How CrowdStrike is improving their DevOps to prevent widespread outages

On July 19th, you may have been affected by the computer outage caused by CrowdStrike's update. What you may not know is what DevOps practices they weren't following when deploying their update.

# Some background

Yesterday CrowdStrike posted an update giving a rundown of why exactly the outage happened and how they will improve their development and deployment processes to prevent such a catastrophic release again.

What happened in their update is they deployed a configuration file that erroneously passed an automated validation step. When computers loaded this update, it caused an out-of-bounds memory error that caused a semi-permanent BSOD, until someone with IT experience could fix the problem.

# Steps they are taking to deploy more effectively

Beyond their efforts to implement a [robust QA process](https://medium.com/@qacomet/what-we-can-learn-from-the-crowdstrike-outage-bc98c16b5426), they are also planning on following modern best DevOps practices for future deployments. Let's see how they are improving updates to production.

* **Staggered deployments**: Apparently when they updated their configuration files across customers systems, they weren't deploying them in multi-staged manner. Because of the outage, they will now deploy all updates by first having a canary deployment, then a deployment across a small subset of users, and finally staging deployments across partitions of users. This way if there's a broken update again, it will be contained to only a small subset of users.
* **Enhanced monitoring and logging**: Another way they are improving their deployment process is increasing the amount of logging and notifications. From what they said this will include notifications during the various deployment stages, and each stage will be timed so they can expect when a part of the process has failed.
* **Adding update controls**: Before this update end-users did not have many if any controls for CrowdStrike updates. This lets users on mission critical systems, like airlines or hospitals, control when updates are applied. This gives these users a blanket of protection from being part of early updates.



https://redd.it/1eeo8ps
@r_devops

Is there a CI service people actually like using?

Maybe one that isn't just a yaml configured script runner?

Or is there room here for something better that just hasn't been made yet?

https://redd.it/1eepsfw
@r_devops

monorepo for github actions

Hey, so I need to compile my github actions in place for ease of development and versioning. I was wondering if there is a way to create monorepo for such usecase case. What I am aiming at is to create gh action for multiple environment and version them, and release them on gh market place.

gh-actions-monorepo/
├── .github/
│ ├── workflows/some-way-to-release-on-marketplace
├── python/
│ ├── python-action-1
├── node/
│ ├── node-action-1
├── rust/
│ ├── rust-action-1
│ ├── rust-action-2
├── common/
│ ├── common-action-1
| ├── common-action-1


Is there any tooling and monorepo setup for such thing surrounfing this, eg we have [turborepo](https://turbo.build/) for node monorepos, which environment would be best for this??
Is there any existing example anyone know and can link it, that will be really helpful.

https://redd.it/1eeq2vj
@r_devops

Centralized logging of containers on different VMs

Hi devops!

I'm searching for a proper solution how to centralize logging across multiple VMs. My current approach is to copy a docker compose file via Ansible onto the VMs with a promtail which fetches the container logs and sends them into one Loki, which can be queried by Grafana.


This is how my docker-compose.yml looks like:

services:
caddy:
image: caddy
restart: always
ports:
- "9080:9080"
- "9081:9081"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./certs:/certs
- caddy_data:/data
- caddy_config:/config

cadvisor:
image: gcr.io/cadvisor/cadvisor
restart: always
devices:
- /dev/kmsg
privileged: true
volumes:
- "/dev/disk/:/dev/disk:ro"
- "/var/lib/docker/:/var/lib/docker:ro"
- "/sys:/sys:ro"
- "/var/run:/var/run:ro"
- "/:/rootfs:ro"

node_exporter:
image: quay.io/prometheus/node-exporter:latest
restart: always
command:
- "--path.rootfs=/host"
pid: host
volumes:
- "/:/host:ro,rslave"

promtail:
image: grafana/promtail
restart: always
volumes:
- /var/lib/docker/containers:/var/lib/docker/containers
- /var/run/docker.sock:/var/run/docker.sock
- ./promtail.yml:/etc/promtail/promtail.yml
command: -config.file=/etc/promtail/promtail.yml
labels:
- "is-monitoring=true"

volumes:
caddy_data:
caddy_config:


`cadvisor` and `node_exporter` are secured by basic\_auth and self-signed https.

Is there a better solution? How you guys do this? All the VMs serve different applications with docker compose, also deployed with Ansible.

https://redd.it/1eestp0
@r_devops

Branch per environment viability?

Feels almost like posting a roast me to be asking this, we've been looking at different branching strategies and have landed on this, however every time I try to look up cicd processes and ways of working it feels like there's just a bombardment of trunk based being the only way.

There's a requirement from management to control releases to environments tightly (dev, qa, prod) and they don't want to utilise feature flags, so it came down to either deploying via tags or with a branch per env and it seemed easier to deploy hot fixes this way.

I was wondering whether anyone has success with this method, I'm not looking to implement trunk based so thank you but please don't suggest it as a fix, I'm more looking for anyone who's successfully working this way - or if you aren't, why not and why I shouldn't be, glaring issues that I'm perhaps missing.

I know it's a slower process however even a release per 2 weeks into production would be faster than the current and fast enough for ourselves, we'll be utilising a monorepo (backend, frontend, infra) but with a separate manifests repo for k8s config (this won't be a branch per env, just PR to main with kustomize overlays), thanks.

https://redd.it/1eewf86
@r_devops

OpenTofu 1.8.0 is out with many long anticipated improvements!

https://opentofu.org/blog/opentofu-1-8-0/

OpenTofu Technical Lead here! We'll be around if you have any questions on this release, or OpenTofu in general!

https://redd.it/1eeze7u
@r_devops

Should I learn AWS or Azure in my current position?

Hi, I have been working in a mid-size software company based on Europe as a DevOps engineer for 2.5 years as my first job after graduation. My team is responsible for platform, hosting, monitoring and deployment. Our dev, test and pre-prod env are in robust on-prem PROXMOX clusters. Prod env are in Citrix. We have a small portion resources are in AWS. One guy of our team looks after the AWS infra. My boss rely on him cause he is the only one in my team who have some experiences in aws. He and our team-lead attends all the meetings and workshops regarding AWS. They always discuss regarding different client and issues in AWS and he got a lot of privileges'. I want to be a part of it. I never worked professionally in aws. I did AWS solution Architect and AZ-104 course during my study. Didn't sat for the exam. I think they are not getting me involved thinking I might not competent enough or some other reason. So, I am planning to uplift my skills in aws. I planned to take couple of advance courses on aws or get some certifications to showcase my interest. Recently a new client is proposing to have their infra in Azure but my boss and colleague trying to convince the client to move to aws because, we don't have any Azure guy in our team or my company might not want to move into multi-cloud formation.

Now I am confused, what should I do! Should I l gather skills on what we are currently using (though not sure if I'll get a chance to work with it)? or skills that is lacking my team (not sure either, if I'll get a chance ever to work with it)?

https://redd.it/1eez77u
@r_devops

What specific elements or strategies should a junior DevOps candidate include in their portfolio to effectively capture the attention of recruiters/AI and hiring managers?

I've 2Years of Experience as a support engineer. And soon, I'll be wanting to move to a new role as a devops engineer. What kind of portfolio does capture AI's attention/Recruiter's attention/Hiring manager's attention. I'll list some (that I learnt from my hiring managers if I get positive feedback).

https://redd.it/1ef0f6g
@r_devops

Interview Question

“How do you handle 20 tasks at once?”

I got this in an interview recently and it stumped me , mostly because I’m not sure anyone can effectively do that .

How would you respond ?

https://redd.it/1ef130v
@r_devops

Devops Interview Prep

Hi Folks,

I'm trying to prepare for Devops Interview and I have a question, how do guys prepare for Terraform? I mean obviously you don't create Infra on a daily basis in your organization? How do you keep up with the new content and get yourself ready for the interview for Terraform related questions? Any particular resource/topics you refer before the interview?

https://redd.it/1ef4mhs
@r_devops

How do you conduct an interview for a Devops role?

I have to conduct an interview for a DevOps role that heavily involves AWS. I want to know from the community how you judge if someone is really good at doing DevOps stuff. What questions do you generally ask?

https://redd.it/1eezql1
@r_devops

Senior Engineer, but don't know how to code

I have 9 years of professional linux admin experience, I'm not junior.

I have a legitimately high ranking title and respect of my peers that I've earned through regular promotions at my company that I've worked at for 5 years. I'm the senior-most member of my team of 11, of that group, only 2 has a 'real' software engineering background. It's just not what we do for the most part.


My responsibilities for my entire career have been entirely oriented around infrastructure, devops and SRE. I've gotten quite good in my domain, and with light scripting. I'll do Ansible, Chef, and 'easy' bash and python. I know enough about Golang and have contributed useful fixes to Go projects. I can tell you basically everything about python and Go syntax after years of immersion and reading of code. I can discuss software engineering with real devs all day and convince you I know what I'm doing. I've just never meaningfully built anything myself and have no muscle memory for it.


With all of that said, I don't know how to code at all beyond \~300 line python scripts to do simple tasks. Frankly, I don't want to become a 'real' software engineer, but I consistently feel bad about not being able to contribute more. ChatGPT has actually helped me a ton with this and getting better, but It's not enough.

==

A specific problem I'm facing right now is developing short-term tooling to manage bare-metal datacenter hardware. I have \~2000 of servers running a stack that I own across many sites that exhibit near constant failures for one reason or another and I want to fix it. I've taken several stabs now at developing a controller that watches hardware and attempts to remediate through our PXE boot server and eventually filing Jira tickets for the DC team to inspect issues that cannot be fixed by just re-installing the server. This involves a fair bit of state management involving human input by DC techs, ensuring the servers are truly offline. What about partial failures. Many types of hardware failures. What about transient failures because the DC as a whole is having issues: I can't just nuke everything in this case. It really is a hard problem with high stakes.


What I have is an unreliable hodgepodge of scripts that are disparate and frankly don't work well. It's a surprisingly difficult problem since failure modes are myriad, humans are in the loop of remediation, the PXE booter is extremely unreliable and risk is high of making the situation worse.
I just don't really know how to write code enough in such a way to solve this problem. The problem is far beyond anything else I've made myself.

==

A lot of this is mental, I just have had zero formal education in computer science or software engineering and have gotten pretty far just figuring things out as I need to, which just often hasn't involved writing more complex pieces of software myself.

Compromising me here is knowing any tool I make is going to be solely supported by myself, will only be short-term as there is a separate project to completely overhaul the way infrastructure is managed that will obsolete whatever I build. That overhaul will not be complete for another 1-2 years.

It's also just a lot of effort. I've been extremely stressed lately for work, personal and immigration reasons. While 9 years might not sound like a lot in the grand scheme of things, I'm close to early retirement and could do it in 3-4 years if nothing stupid happens at current rates. Frankly I'm tired of my career and just want to retire already. I have zero passion for software engineering.
I don't really know where I'm going with this, but I wanted to write it out. It sounds a lot like whining reading it back, but I burned the candle from both ends for 9 years to get where I am today.

Maybe I just move into management if my current boss leaves and never worry about it again.
tldr I'm facing new problems I don't know how to deal with, and am conflicted
\- I'm not a full time SWE and

wasn't hired to be one
\- It's a lot of time and effort I just don't have anymore
\- Is it even worth the effort if I had it
\- Chance of failure is high
\- Chance of wasted effort is high
\- Sense of embarrassment about asking for help on something your average swe intern could do better than me. Don't want to waste the time of others.

&#x200B;

I don't know how to learn to code something that's meaningfully complex involving state machines. This isn't just a crud api with a tutorial to follow.

https://redd.it/1ef82hq
@r_devops

How i switched to devops after 9 years working as Linux support engineer

2.5 year back I was 31 years old and had successfully wasted nine years of my career stuck at IBM doing mediocre work with a significantly lower salary.

I had come from an NIT and was stuck in this level of work while my college mates climbed the success ladders. Some worked in the USA/UK, some went onsite, and others enjoyed senior-level positions at big companies and all the shiny glamour of a successful career.

I was working on a Platform support role, which people looked at with pity.

I was working the night shift and providing on-call support on weekends. I had no work-life balance, and my health was getting worse due to lack of sleep.

I was stuck in a horrible comfort zone, scared of the change. Imposter syndrome and a severe lack of self-worth were constant companions, and I had zero confidence in myself.

To make matters worse, I got married. I was under a lot of presure financially and started getting panic attacks due to the fear of getting laid off, as I lacked the skills to do anything other than support work.

After many sleepless nights, I realized something.

If you will change nothing, nothing will change.
I decided to make a career switch to Devops as it was something related to work I have been doing for years as Linux and Aix support engineer.

I started researching online about the devops roadmap, and it was no help as all the posts talked about learning a plethora of tools, and learning all of them felt impossible.

So I turned to YouTube to find better guidance for devops and stumbled upon a channel, Techworld with Nana. It was good and gave me some confidence.

I decided to focus on essential tools for devops and mastering them.

One cloud platform — I choose AWS
One infrastructue as code tool — Terraform
Linux and docker
Version control tools — Git and GitHub
One CICD tool — Github actions
Scripting — Python
I started deep-diving into the above topics by watching YouTube videos and reading medium blogs on all these topics.

I followed the resources and did a lot of hands-on with these tools. I also went through AWS and Terraform documentation.

After one month of hard work, I started getting some confidence.

I realized that if I needed to get some real-world working experience. I spoke to a few of my friends who worked as devops engineers. I asked them about their day-to-day work and the kinds of work they do.

As per their suggestions, I created multiple projects to practice.

Deploy a 3-tier architecture on AWS with Terraform.
Deploy a sample flask project into ec2 instances using docker and GitHub Actions.
Deploy Lambda function to send weekly reports.
Managing s3 buckets with CLI commands.
Deploying a Flask API in AWS ECS with Terraform.
They also suggested I learn Kubernetes.

I spent another 1-month doing hands-on lab and learning Kubernetes along with that.

By the end of 2 months, I was confident to start giving interviews. I did some research and updated my resume.

I wanted to make my resume stand out, so I used Canva for predesigned resume templates and built a professional-looking resume.

I also understood that I cannot switch to devops without showing any relevant experience.

I added 2.5 years of devops experience and curated the devops experience using my friend's resumes.

I updated my LinkedIn and Naukri profiles. After one week, I started getting a lot of calls for various roles around devops.

I crapped my pants in the first few interviews as they asked the question that only an experienced devops engineer would answer.

I did not let it discourage me, as I knew it would happen. I used the questions the interviewers asked and prepared for the topics around them in depth.

After three/four interviews, I started getting better.

Shortly, I received two offer letters from relatively small companies.

I continued giving more interviews and got three more offer letters from reputed companies. I used these offer letters and negotiated a good package(2.5x of my current CTC).

I resigned from IBM and joined