what are the must open source devops tools in CI/CD to learn?

What are the must open source devops tools in CI/CD to learn? I've been looking through tools that are required or needed to build proper CI/CD pipeline and there are just so many I can't learn everything. What are the must tools that one should understand throughly in the process? Another word, what are the most used tools in CI/CD pipeline from end to end? Sorry if this is not the right question to ask here. if that is the case, can someone point me to the right place?



https://redd.it/1i37t3n
@r_devops

Drift Detection Tools

Anyone in here using and happy with IaC drift detection tools? Here are a few I've found searching:

* [https://controlmonkey.io/](https://controlmonkey.io/)
* [https://spacelift.io/](https://spacelift.io/)
* [https://www.firefly.ai/](https://www.firefly.ai/)

I'd love to hear if anyone has experience with these or others they could recommend. Thanks!

https://redd.it/1i3a66u
@r_devops

Open Source Projects where I can contribute

Hi there!

For quite some time, I’ve been feeling a bit stuck at work. It feels like I’m not growing or developing my skills anymore. Unfortunately, the current job market in the EU isn’t looking great, so I’d rather keep my current job for now.

That said, I’d love to contribute to some open source or voluntary projects in my free time, especially ones that could use DevOps expertise. I have experience with automating processes, and while my current job doesn’t involve cloud technologies, I’d be excited to work with them as well (though it’s not a must).

Could you recommend any platforms, communities, or specific projects where I could find opportunities like this? I’d really appreciate any advice

https://redd.it/1i3d3yd
@r_devops

Multiple projects in one repository

This is my first time using Git ,so I have a backend dotnet api project and frontend Flutter project and want to store them in a single repository in Azure devops by creating a parent folder in the repository and inside it the backend and frontend folder respectively. Is this possible? And will it be a feasible approach

https://redd.it/1i3e7jl
@r_devops

I knew the market was getting worse but I didn't know we work for free noew

https://www.indeed.com/viewjob?jk=472f23f415565cc7&from=shareddesktop



https://redd.it/1i3f4ox
@r_devops

Anyone using NEL reporting in production?

Hey :)

Is anyone here using Chrome's Network Event Logging in production? What is your experience with this, has it helped you / your org?

https://redd.it/1i3eef4
@r_devops

Just Created a Beginner-Friendly Docker Tutorial and Hands-on samples

Hi, everyone!

I'm a cloud, container, devops enthusiast and recently wrote a Docker tutorial on DEV. I wanted to make Docker easier to understand for beginners and share some practical examples.

If you’re new to Docker or want to refresh your skills, I’d love for you to check it out!

Link in the comment.

Feedback, questions, or suggestions are more than welcome. Let me know if there are topics you'd like me to cover in future posts. 😊

https://redd.it/1i3h6s6
@r_devops

People pleasing behavior

Maybe not totally DevOps related, but since I'm working in DevOps and crisis happens a lot in this area, then I think some of you may be able to help. I have a tendency to be afraid to be honest if something requires more time due to some issue, or if I have made a mistake, especially to my higher ups/customers. I'm afraid somehow of them being disappointed or angry/throw disappointment messages at me.

For a concrete example, due to lack of experience, I did not configure clustering to a MongoDB instance I deployed in k8s, causing it to be only 1 replica and thus if it goes down for some reason, then any other services can't access data in it. It did went down one day, and I tried my best to debug and hot-fix it on the fly without telling anyone, since I'm afraid they will be mad at me why I couldn't implement it the first time correctly. There are many other examples like this.

Sometimes I could solve things but have to sacrifice my sleep, weekends etc. so that it is fixed before anyone notices and I have to give excuses/apologize. And if I couldn't and they express their disappointment/anger, it demotivates me and stresses me out, causing me to hate my job even more.

Does anyone else suffer from this? How can I change this soft-skill? This people pleasing and afraid of other people's disappointment/opinion behavior causes me a lot of stress at work. Perhaps I had a childhood trauma or/and afraid of getting my contract/employment terminated. Perhaps there are resources/books I can use to get better?

https://redd.it/1i3jobr
@r_devops

Our image retention policy

For compliance reasons, our internal customers have to keep essentially everything that has ever been deployed to production. But code used for dev or test or the like can be culled after a while. We're trying to set a container image retention policy to suit. Our thinking at the moment is we could allow customers to tag production images with SemVer or CalVer style tags, and then set the container registry to keep those forever.

Setting a regex to match SemVer seems easy enough. I believe a sufficient pattern would be:

'^(.)?[0-9]+\.[0-9]+\.[0-9]+(.)?'

But CalVer? Oh boy. Looking at the site for it, it looks to me like pretty much anything can be called "CalVer" as long as somebody says it matches a calendar cycle. I have one customer using "Q" (for quarter) in their tags. I feel like if we allow "CalVer" we're going to be configuring a custom retention policy for each and every customer who says they're using it.

https://redd.it/1i3ld4u
@r_devops

EC2 k8s with NLB for control plane HA endpoint issue

Hi everyone,



Currently I have no choice but to create ec2 instances to run on aws for the simple k8s set up. It is a dev environment. So I have 3 control plane nodes.

They have joined the cluster as a control plane and I have a Network Load balancer setup with a target group for both. Everything is running smoothly. I am using the TCP 6443 for the NLB health check.

this is how I do the init at the beginning



kubeadm init \
--control-plane-endpoint 10.50.230.100 \
--apiserver-cert-extra-sans elbendpointurl \
--upload-certs \
--pod-network-cidr 172.16.0.0/16 \
--service-cidr 192.168.0.0/20



I have 3 control plane nodes with cluster joined. And then I update each /etc/kubernetes/kubelet.conf and use the nlb endpoint for that.

But what I noticed is that when I shutdown my master1 for the HA testing, I could not run kubectl get node command on my laptop, master2 and master3. I am not sure what I did wrong. As on prem, I could easily use kube-vip for doing that and achieve the HA. However, we are running out of IP in the subnet in dev environment and I decided to use the NLB as the control plane HA endpoint entry.

Do you encountered this issue before? Do you have any suggestion/recommendations for me? Thanks!



https://redd.it/1i3n523
@r_devops

Is there any alternative to Jenkins as a code for platform engineering solutions?

In my company we use OKD (kubernetes), ArgoCD, Vault, Artifactory, Gitlab, Windows AD and Jenkins (with JasC obvoiusly) for our platform engineering solutions. Basically with few clicks (running few pipelines in "MASTER jenkins") we can set new project with new namespace in OKD, new namespace in Vault, new project in argocd, new jenkins with all necessary plugins and settings (basic pipelines for building the projects images), separate space in artifactory, AD entries etc. Gitlab is only for git repository, maybe we could replace it with something simpler (Gitea?) but it would be a lot of work and not sure if it would work well with AD.

All this works quite well. Until there is some update. Usually its the jenkins plugins are ones who cause most of the issues. So are there any alternatives to it? Or maybe whole platform without spending hundreds of thousands dollars for subscriptions?

https://redd.it/1i3nysl
@r_devops

Why do you need GitOps tools like ArgoCD and Flux if already deploying with CICD pipelines ?

Hello,

In our DevOps team we have everything deployed to development and production envs via CICD pipelines on Github Actions that basically run helm commands in each job to lint/test/deploy each new application into our K8s cluster.

We also have the same with Terraform, where all out infrastructure is stored as TF code on Github and deployed/updated/destroyed via pipelines/GH Actions. Therefore a large part, if not most of our infrastructure is stored in git as the source of truth.

In this case, does it make sens to add a GitOps solution like FluxCD or Argo, since most of the state is already handled by git via CI/CD, what could these tools add to the table according to your experience ?

https://redd.it/1i3rzr5
@r_devops

Can someone who uses GitHub Actions chime in for a multi-region cloud deployment?

How are you running GitHub Actions for your cloud multi-region app deployments? Are you doing your builds in one region, pushing the image to another region, and then deploying to your compute across multiple regions? I want to understand how everyone is deploying to different regions and how I should structure my GitHub workflows. I want to know what works best and what are some things I need to be on the lookout for. Thanks for the help!

https://redd.it/1i3seze
@r_devops

k8s on ec2 with EKS as storage backend issue

Hi everyone,

it's me again, a newbie with k8s on ec2. I am planning to use the [**aws-efs-csi-driver**](https://github.com/kubernetes-sigs/aws-efs-csi-driver) to connect with efs as my storage backend.

But I am not sure how it actually works. For on-prem VM based k8s cluster, I could have a standard/cluster nfs server and provide a connection to it, so I could easily set up PVC and to be used by the pod.

for ec2 way, currently I have 3 master and 1 worker node (again, currently my subnet is too small and restricted that I have no chance to use EKS....) control plane HA endpoint seem to work properly now with NLB setup even one of the node is down.

The github page mention that you need the IAM role/instance profile to acquire the user permission to access efs. But I don't really understand this part. is it used in eks mode?

I tested with my efs on my worker node, I can mount the efs root to my /mnt/test directory, I have not tried with the access point yet. What would be the best practise to do it?

I installed the efs driver with helm but keep CrashLoopBackOff 1/3. I think it made my pvc in the pending state even my storageclass with efs is kinda completed.

May I know if anyone work with efs as the backend before? How was it? is it performance wise?

Hi everyone,

It's me again, a Kubernetes newbie working on EC2. I’m planning to use the **aws-efs-csi-driver** to connect **EFS** as my storage backend, but I’m having a hard time fully understanding how it works in this setup.

For on-prem Kubernetes clusters running on VMs, I could easily set up a standard NFS server or a cluster NFS and provide access to it, making it simple to create a Persistent Volume Claim (PVC) for use by pods. However, with EC2-based clusters, I'm not sure if the process is the same, especially in terms of integrating with EFS.

# Current Setup:

* I have a cluster with 3 master node**s** and 1 worker node.
* My subnet is small and currently restricted, so I don't have the option of using **EKS** (Amazon Elastic Kubernetes Service) at this point.
* The control plane HA endpoint seems to work fine, with the **NLB (Network Load Balancer)** set up, so even if one node goes down, things continue to function properly.

# Questions on EFS and IAM:

I understand from the GitHub page that the IAM role/instance profile is required to grant permissions for accessing EFS, but I'm unsure about how this works in an EC2-based setup. Is this specifically for EKS mode, or do I need to configure this IAM role even in my EC2-based Kubernetes cluster?

# EFS Testing and Helm Issue:

I have successfully mounted the EFS root to the `/mnt/test` directory on my worker node and verified that it works. However, I haven’t yet tried using an EFS Access Point—would that be the recommended approach for Kubernetes?

I also installed the EFS driver using Helm, but it keeps going into a `CrashLoopBackOff` state (1/3). I suspect this is why my PVC remains in the `Pending` state, even though the StorageClass for EFS seems to be set up correctly.

# Best Practices and Performance:

Has anyone here worked with EFS as a backend storage in a similar setup? How was your experience, particularly in terms of performance? Any tips or best practices you could share would be greatly appreciated!

Thanks in advance for your help!

https://redd.it/1i3ukvi
@r_devops

vueframe V3 is here !!!

Hey guys I officially have released V3 of vueframe, adding a bunch of quality of life improvements along with a cleaner and more consistent codebase.

What is vueframe

vueframe is a Vue 3 component library, allowing you to easily import media embed components from platforms such as YouTube and Vimeo into your projects.

heres a github link to project if you wish to check it out + a star would be amazing :)

https://redd.it/1i3tlcf
@r_devops

Had an interview today where I was asked 7mins prior via text if could reschedule for a Saturday afternoon lol

Need to preface that this was for a tech lead position for an SRE team.

I didnt end up replying and joined the Zoom call anyways. Only one guy was on the interview. Other guy clearly couldn't make it - ok, but Saturday? lol

Things got off to an awkward start. "Tell me about yourself"

"Uhh ok... but who the hell are you?" (I thought you myself) Guy clearly did not want to be there.

Gave my usual 5min high level intro.. figured theyd go deeper into some or my resume items, but nope!

This guy proceeded to ask me random linux terminal commands on how to use sed, netstat etc... not really related to the position I applied for. Stumbled my way through it while bewildered the entire time. I haven't been "in the weeds" in a while since my team usually does these things.

Interview continues with random questions I feel an entry level candidate would be asked - "What port is HTTP / HTTPS?" ummm urrr ok..?

I wanted to express my experience in system design and architecture/replatforming (which is clearly on my resume) but nothing in that regard.

One hour was up, and he left zero time for questions and said they'd get back to me.. ok thanks for your time!

I feel like they wasted my time to be honest. Almost like they were forced to give me an interview for some metrics of some sort. Im tempted to reach out to recruiter to provide feedback on this whole ordeal.

https://redd.it/1i3x00f
@r_devops

Looking for Experts in DevOps and CI/CD Implementation (in Auckland preferably)

I recently invested in a small SaaS startup, and we’re looking to speed up our delivery process while maintaining high-quality standards. Need DevOps talent that work on new features I have planned. Please recommend agencies and talent for this. In Auckland peferably. No big enterprises pls.

https://redd.it/1i3yen8
@r_devops

Should I go for it?

Am gonna do a second interview with brooksource this weekend, the role is "jr platform engineer." Recruiter says it involves stuff like aws, cloud, migrating the older system, etc. Pay is $32 an hour. Only thing bugging me is its "contract 12m" to hire if yhe company (53 bank) likes my work. I'm a bit torn, I currently work as systems analyst for another financial company but it involves working on the mainframe and analyzing stuff in tso. I of course want to move away from this and into cloud, and this is a potential chance for me. Idk what to do, should I go for it (I'm a dec 2023 cs grad btw)

https://redd.it/1i3y6j5
@r_devops

Pypi package security

We are a very small team (in a large organisation that had no development team) that’s relied on pip installs from the Internet. To meet cybersecurity requirements around Python packages, we now need to be able to “only use packages from scanned and safe sources” without direct connection to pypi. Is anaconda the only choice? It is 50$/month/seat. I’ve seen jfrog mentioned, but I’m not sure if it is as easy to implement as anaconda. Or any other options? Thanks for your advice!

https://redd.it/1i3ywvf
@r_devops

How to gain in-depth intelligence in Kubernetes

I'm working in industry since last 8 years and have started working on Kubernetes when it was evolving as a Container orchestration platform. I had opportunity to setup kubernetes cluster using KOPS and KubeADM. Have done end-to-end setup from scratch.

Through out this journey I learnt both Docker and kubernetes through implementations and execution and as and when required reading their docs.

But sometimes it feels I still know only 50% of k8s. There are lot of things like writing your own CRDs, Rigorous implementation of security, Autoscaling and Uptime management which I haven't got and opportunity to work with. And to answer real-time questions we must have real-time experience.

So I want to know from you all DevOps experts how you gain expertise in these dark areas of K8S.

https://redd.it/1i41le7
@r_devops

Rant: Got tasked with setting up WebRTC infrastructure within 4 hours

😂
They used SaaS but one customer required to run WebRTC components on their own cloud infrastructure. So I got tasked with setting this up and expected completion time is 4 hours to set up everything from the scratch (including non existing k8s cluster which is meant to host that).

At least vendor provides some k8s deployment manifests but for me 4 hours would be the time needed to do research about what is required to do and not time to finish this assignment and have working WebRTC stack on our infrastructure 😆

I am waiting for exciting monday

https://redd.it/1i42omh
@r_devops