How do you guys use PowerShell remoting ?

I have been working with PowerShell for more than 10 years. When it became open sourced and cross platform, I started to manage linux (and at home my macOs ) with PowerShell.

I was wondering how the devops community is using PowerShell remoting for remote management of machines.

If so, I think it can be interesting to discuss how and for what type of machines (and how many?) this is done. To keep things clear and short, maybe each can include the following data:

\- How many servers
\- Which type of machine (Windows / Linux / MacOs?)
\- Which protocol is used (OpenSSH / WinRM over HTTPS etc..)


\-----------

I'll go first:

\- Servers: 3000
\- Mostly Windows
\- WinRM over HTTP at first, then over HTTPS.

Details:

I have been managing mostly Windows machines (around 3000) with raw Powershell remoting. We went and got a licence of Ansible Tower, and this migrated on that platform for our configuration management system.

We use WinRM over HTTPS, as our machines are not always in our main active directory. Ansible is quite cool, but for Windows Management it still uses classical WinRM, and actually works great.

Since I was evaluating OpenSSH as an alternative (since Powershell supports that now) I actually took A LOT of notes. regarding POwerShell in general. I kept having the quesiton: Is PowerShell remoting actually secure ? (And a LOT of people would say it is not - for some obscure reason...)

I have summarized my notes and answer most of the general questions (how to configure, how does it work, is it secure etc....) in the following video -> https://www.youtube.com/watch?v=sg\_9r0PHnnM








https://redd.it/1ga5oxa
@r_devops

Image Extraction Issue with WMF Format on Linux - Need Help Converting to PNG for OCR

Hi, everyone. I’ve built an app that processes PPT uploads by extracting text and images from the slides. The app also performs OCR on the images and saves them. It works perfectly on my development environment (Windows), but I hit a snag when I try to run it on an AWS Ubuntu instance. The issue is that when images are extracted from the PPT on Linux, they are in WMF format, and the system can't seem to work with these for further preprocessing (like OCR). This doesn't happen on Windows. I need to convert the extracted WMF images into PNG format before preprocessing, but I haven’t found a solid solution to handle WMF files on Linux. Has anyone dealt with this issue before? Any libraries or tools that could help with WMF to PNG conversion on Linux would be greatly appreciated! I appreciate any help you can provide.

https://redd.it/1ga5wq0
@r_devops

Long or short on git submodules?

I have an opinion but a lot of folks seem to disagree. What do you think?

https://redd.it/1ga7akf
@r_devops

General question regarding AWS

I am new to devops world, I have an existing project in my organisation, I want to draw network architecture of the project. I want to visualise everything it contains in my VPC. Example, I want to know how rds are connected, nacls, security group rules including inbound out bound rules everything in an architectural diagram, is there a way?

https://redd.it/1ga91hv
@r_devops

?? what takes too much of your time at work that could be automated and for some reason isn't

follow up question: why haven't you automated it yet?

https://redd.it/1gaa7gj
@r_devops

Provision serverless service with Terraform or not? (Planning to use GCP Cloud Run)

Hi, I would like to deploy several services on GCP Cloud Run and a bit unsure about the recommended way to provision the services.

Should I create it through Terraform or just use the "gcloud run deploy" command?

https://redd.it/1ga8ohi
@r_devops

Asking for advice

I'm computer science student, the job market in my country is hiring DevOps interns all the time for end of year internships, and I'm trying to get this opportunity since I'm really interested in a DevOps carrer. Can any of the Tech leads here, member of recruitment who is actively hiring DevOps engineers give me some advices on what makes someone a good candidate when it comes to DevOps.

I studied really hard for the last two years and I have good knowledge of DevOps practices and concepts. I've had so much hands on experience on different conepts (GitOps IaC Cloud) and technologies like Jenkins GitLab ArgoCD Ansible Terraform, also some CLI tools using Go and Python, projects on AWS GCP, and had some software engineering internships where I got the picture of how softwares are built and delivered.

I am really interested on what are the key skills that makes difference also the project you'd like to see in the resume.

I am ready to hear you feedback, also if possible I can share my resume with you so you can roast it.

Thank you 🙏🏻

https://redd.it/1gabhh3
@r_devops

Need help with Google Oauth 2 for Argo Workflows DEX authentication using Argo CD Dex

I went through the documentation that argo provides for adding dex authentication using the dex server that argo cd has, it was a bit weird with many fields in the current values yaml file in the helm chart not matching position or even name. I got google's oauth2 working on argo cd with dex using the default config provided in the values file for the helm chart. The problem is when adding the same dex auth method to argo workflows isn't as simple as argo workflows requires a service account so I followed the documentation to map a service account to a group, this requires reinstalling argo workflows so I did that then instead asking me to choose an account I get

# Access blocked: authorisation errorAccess blocked: authorisation error

Some requested scopes were invalid. {valid=[openid\], invalid=[groups\]} Learn more about this errorIf you are a developer of invite automation, see error details.Error 400: invalid_scope

does anyone here know how to implement argo cd dex authentication on the argo server used by argo workflows?

https://redd.it/1gaanw3
@r_devops

Request for Features OneUptime: Open source observability platform.

We're building an open source observability platform - OneUptime (https://oneuptime.com). Think of it as your open-source alternative to Datadog, NewRelic, PagerDuty, and Incident.io—100% FOSS and Apache Licensed.

Already using OneUptime? Huge thanks! We’d love to hear your feedback.

Not on board yet? We’re curious why and eager to know how we can better serve your needs. What features would you like to see implemented? We listen to this community very closely and will ship updates for you all.

Looking forward to hearing your thoughts and feedback!

https://redd.it/1gag4vx
@r_devops

Avoiding unexpcted overae

For those managing multiple APIs, how do you keep track of usage and avoid unexpected overages?

https://redd.it/1gagvwv
@r_devops

I wrote a piece on the evolution in the field of automation we're witnessing nowadays. I will be humbled to get the feedback on it and discuss the topic with the devops community.

hey!

some time ago a thought struck me: what if I started writing about my experiences from a day-to-day work as a data engineer? I have a knack for automating stuff so I genuinely wanted to focus on this topic.

I enjoy discussing with fellow thinkers about the topics of automation, technology, and artificial intelligence. I hope that showcasing my thought process and point of view via a longer text will allow people that find this interesting to reach out to me and/or provide some feedback, ideally to discuss the subjects I stir.

I've been recently thinking a lot about the progress we're witnessing in the field of generative AI, especially in a broader context of evolving automation—it's not just gears and gadgets anymore. I'm persuaded we're stepping into the third era of automation: intelligence, after automating physical labor and calculation. It's an exciting, inevitable, and challenging journey.

the link below will take you to the piece I've prepared to organize how I think about the automation evolution and how to find my way in the changing world (no LLM participated in the writing process :) )

🔗 https://toolongautomated.substack.com/p/automation-unbound

I dive into the following topics:

👉 the three eras of automation: physical labor, calculation, and intelligence.

👉 automation in our daily lives: whether we like it or not, automation is everywhere.

👉 lessons from history: what the past teaches us about adapting to a world increasingly shaped by machines.

I'd be humbled to hear your feedback on the piece, and hope to have some discussion about the subjects:

1. are you afraid and/or skeptical about progressing automation and AI?
2. do you enjoy discussing this subject or are you rather reluctant to do that?
3. if an artifact (a.k.a. indirect intelligence) is created by what I call direct intelligence (human) and that artifact appears to be a synthetic being, then should we call this artifact direct intelligence?

https://redd.it/1gahf5n
@r_devops

Detect and fix bugs early with AI

Just read an article about Early - an AI tool designed to catch bugs before they become a problem. I'm curious about how this could impact our daily coding practices and overall project timelines.

Do you think integrating AI like this can enhance our productivity and code quality? Have any of you had experiences with similar tools that you found beneficial or challenging?



https://redd.it/1gajuke
@r_devops

database devops schema changes

how do you guys do database schema changes in your team
your devops owns it or devs

are your schema changes tracked using flyway/other tool first in dev db and then same moved to prod

in ours prod db is separate and sql file changes are applied manually and no schema change due to db team review process,approvals in prod.



https://redd.it/1gakqi1
@r_devops

Doing certifications makes me feel like an idiot, does everyone experience this ?

So I have been working in the industry for maybe 8 years total and 5 years in my current full stack developer role (dev / testing / deployment all in one role). However I have been told I need to complete a industry certified exam If I want to go for promotion.

At work we have a 4 day training event on for ISTQB syllabus 4 so thought that would be a good one to go to as i do lots of the testing for the team and id say im fairly good at it. Its only 2 days in an I feel like an idiot having done about 5 mock exams im averaging 40-50% which is terrible when you need 70% for a pass.

Im just having real issues in two places

The I have no idea to this question it has never come up / will never come up in my Job how would I know
Terminology being used in exam and in company meaning different things.

For example we were talking about testing and executing lines, this is referring to the "lines" in a logic flow diagram not executing lines of code or what our team calls Units tests are referred to as component tests in the exam, what our team calls smoke tests are referred to as system integration tests and our acceptance tests would actually be called regression tests based on the syllabus.

It just really annoying and has sort of angered me that I have been able to do full penetration testing plans, setup tests environments with test data, been involved with full end to end tests across multiple services and even made our teams first ever AWS S3 conmectivity tests for connecting to cloud services but can not pass a Foundation level Certification Exam on testing.

https://redd.it/1gaiit4
@r_devops

How much should I get paid

Some friend is asking me to do some terraform IaC for its company. However, I’m not sure how much it costs. Could you give an advice about the price of the following work or what I have to consider to give a reasonable price:
- create a terraform module for a product they made on azure cloud
- implement an azure DevOps pipeline to deploy infrastructure changes on azure (CD/CI)

Thanks for your help

https://redd.it/1gaqpli
@r_devops

Pivoting into cloud engineering may be tough...

Hey DevOps folks,
After running my first workshop, *A Day in the Life of a Cloud Engineer*, it hit me just how frustrating this career path has become for many of you. The **outsourcing of entry-level cloud roles** has made it feel like no matter how many certifications you earn or skills you build, companies will still look past you. It’s disheartening, and worse, it leaves a lot of smart and capable professionals wondering if they’ll ever get a real chance to enter this space.

That’s why I’ve put together a **free workshop series** to help you overcome these challenges. We’ll focus on:

* **Key skills that employers actually care about** so you can focus your energy
* **Building your first cloud project** to prove you can solve real problems
* **Navigating interview techniques** to stand out, even in this competitive market

If this resonates with you, check the link in my profile to join. And if you’re navigating these struggles too, connect with me on LinkedIn—I’d love to chat and help however I can!

https://redd.it/1garq3g
@r_devops

Record your terminal history to create executable runbooks

I am building Savvy as a new kind of terminal recording tool that lets you edit, run and share the recordings in a way that Asciinema does not support.

It also has local redaction to avoid sharing sensitive data, such as API tokens, PII, customer names, etc. Example runbook: https://app.getsavvy.so/runbook/rb\_b5dd5fb97a12b144/How-To-Retrieve-and-Decode-a-Kubernetes-Secret

What are some tools y'all are using to create/store runbooks ?

https://redd.it/1gasf1s
@r_devops

How much time do you spend fixing issues?

I'm considering going for devops, I have a background as a backend developer. My question is how much(maybe in %) of your time do you spend fixing issues and how much do you spend actually deploying new infrastructure, configuring and other typical devops tasks. Thanks

https://redd.it/1gavxyk
@r_devops

GitOps vs dynamic updates to K8s objects

I am a bit new to GitOps and wondering what everyone thinks about programmatic creation and updates to Kubernetes objects when the application is otherwise managed by FluxCD, for instance. Is it really an antipattern?

In detail:

We have a central team managed Kubernetes cluster, where we can deploy our applications through GitOps. Now, we are building a platform (i.e., common stuff for many similar applications) that would programmatically interact with the kube-apiserver to update ConfigMaps, fire up Jobs, for starters. This is to decouple the business applications from the target environment.

Do you think we should not do it? I know that we technically can do it, it has worked in a PoC environment, but the central team says we should not do it, because it is against the GitOps principles. What do you all think?

(We could use HPA, KEDA, sidecars so that we can avoid live kube-apiserver interactions, but should we? Especially if we can implement the functionality with basic k8s objects.)

https://redd.it/1gawqbt
@r_devops

Video | What is Crossplane + Demo 🍭 (Day 5 in 30 Days Of CNCF Projects)

Watch here: https://youtu.be/C8yUfpmnosw

https://redd.it/1gayhco
@r_devops

The biggest compliment i've ever received.

Earlier this year, I was working on a proof of concept involving the installation of an LDAP server and authentication via SSH. For that, I needed to enable SSH password authentication [I can already hear you typing. I KNOW!!\] to make it work. I ran into a lot of issues with the latest Ubuntu and felt like I was banging my head against the wall until I finally found the solution. I decided to share my findings on superuser.com to help anyone else who might encounter the same problem.

Fast forward to today, [I check my email once every 3-4 days; currently, I have over 2,000 unread emails\], but one in particular caught my attention. I received this particular email 2 days ago, It reads:

Hi!
I'm not a `superuser.com` wbsite user and I can't write a DM to you, but I found your mail and I've just want to say thank you for your answer! I spend 2 hours on troubleshooting why I can't log into server ssh vias password... Again thanks and have a nice day (or night) whenever you'll read that xD

I'm deeply touched. I've never received an upvote via email before. Thank you, "Denis K"—you've made my day!

Email exchange.


Unread mail counter.

https://redd.it/1gaysnm
@r_devops