Linux vs Windows DevOps, technically speaking

I have been researching the technical differences between Linux and Windows devops since I am recruiting for a Sr. DevOps Engineer in Cerritos, CA. I have a couple of candidates with Linux devops experience and need to know what they need to know on a technical level to be able to quickly ramp up to do Windows devops instead.

Thanks!

https://redd.it/fczjpl
@r_devops

Do you think chef is dead?

I've seen a lot of people acting like chef is a dead product lately because they essentially killed off everything that was open source.

Are there people here who are using the cinc? or are you paying for it? Or did you move on to something else?

I need a solution to manage laptops all over the world and have zero budget. Chef seems like a better option than Puppet for this. I don't think anything else is really viable.

https://redd.it/fd2vhe
@r_devops

Best cloud solution for a small forum + email?

Hi all,

I began working on a car forum a couple months ago and I’m trying to figure out the best cloud solution to host all of my services - what I’m looking for is Ubuntu VPS/VM, email (send transactional emails and send/receive normal), and perhaps some image hosting. I anticipate maybe a couple thousand members and around 10K emails sent every month once it’s 100% ready which will not be for a while.

I am new to using cloud services such as AWS and Azure. I’ve poked around for a bit and I think I like AWS a bit more but I also hear that it may be pretty overkill for my situation. I also began looking into Google Cloud and Digital Ocean, but I’m not sure which of the 4 would be the best fit for my needs, or if there’s another that I am missing. Perhaps cloud in itself is overkill for my situation? However I wouldn’t mind learning all about AWS or Azure since that could help my portfolio. Just looking for some options, as I said I’m new to this whole thing.

What do you guys think? I’d be happy to provide more info. Thank you!

https://redd.it/fcza7m
@r_devops

Openshift configmap in Azure?

Hey guys,

I'm not sure if this sub is also for technical questions, so please feel free to delete this post if that's the case.

I am trying to deploy a Docker Image in my Azure cloud. I have no trouble getting my Image into my registry and starting a container from it. But when trying to put my application.yml with configurations into my deployed container (It is a spring application) I just can't seem to find this option anywhere. In Openshift the option is called configmap, where i can add a configuration file, like my application.yml and then add it to my deployed containers.

Does anyone know what this option is called in azure?

Greetings TRXI

https://redd.it/fdek7z
@r_devops

DroneCI and dynamic dns

Has one implemented or configured DroneCI where a job can create an fqdn entry that an external service can create(such as Bind or Amazon Route53)? What I'd like to build is allow the creation of dynamic dns names based on git branch names that are currently being built. This way, I can easily test (for example a web app) the application based on branch names and not via consistent dns names. For example, curl [https://fix-css.example.com](https://fix-css.example.com) or curl https://feature1.example.com

https://redd.it/fdedij
@r_devops

Opinionated tools/platforms

With DevOps tooling and automation, is there a prevailing view on this topic (highly opinionated vs. non-opinionated)? I'm guessing the answer likely depends on the degree of organizational expertise with DevOps, developer autonomy, etc., but I'm curious about views on the tradeoffs (i.e., workflow flexibility via non-opinionated) and preferences.

https://redd.it/fd19ou
@r_devops

MySQL active/active replication across multiple AWS regions.

My company is having a chat-based application hosted in the US. Now, as our Asian clients are increasing, we cloned that infra in India as well. We are using MySQL master-master replication for that with auto\_increment\_increment and auto\_increment\_offset. In a few cases, I was able to notice that some of the changes are not replicated in the India region until a minute passed. After a minute, everything started replicating again with unnoticeable lag. What approach do people follow in such cases with MySQL? Does anybody face that issue in MySQL replication across multiple geolocations?

https://redd.it/fdgj10
@r_devops

How to integrate project's SonarQube metrics in a Datadog Dashboard

Hi DevOps community !

I want to have a Dashboard that sums up all metrics about the health of a project such as build passed/failed over time, total AWS cost (through AWS tags) and also a bunch of useful metrics of SonarQube such as the code quality.

About SonarQube, I wonder about the technical solution that I can implement. There is no official SonarQube integration inside Datadog so it will be custom metrics. But how can I push those custom metrics ?

I was thinking of a Lambda function that periodically get all useful metrics from SonarQube and push them to Datadog API.

What do you think about it ? I need some advice, thank you very much in advance for your answers :)

​

EDIT : Typos

https://redd.it/fddxpi
@r_devops

Help me improve my infrastructure.

Hello, folks!
I am a systems administrator at a small company, and I would like your opinions on how our infrastructure could be improved.

Our current setup is:

Digital ocean as a cloud
2-10 droplets that serve php (laravel) using apache+php fpm
Few redis droplets
Mysql databases
Cloudflare for load balancer and CDN
our code is divided to packages(using composer a.k.a. dependency hell)
The problems we want to solve are:
1. Ci/Cd (manually deploying each week atm)
2. Serving some files(pdf, images) from digital ocean spaces (we hit rate limit 750 requests per second per ip (5000+ total per sec))
3. Auto scale the web nodes

So I've been thinking about:
1. Migrating to AWS or GCP (it's cheaper and they offer some auto scaling solutions)
2. Using network storage mounted on the web nodes.
3. Using containers maybe? What are the pros and cons?



SORRY for my bad English.

https://redd.it/fdht2m
@r_devops

Managing multiple Multi-Cloud Accounts with Commandeer.

[Medium Article](https://medium.com/@sergeantServerless/managing-multiple-multi-cloud-accounts-with-commandeer-a053716c49da)

https://redd.it/fdixxj
@r_devops

Let’s Encrypt Invalidating Millions of TSL Certificates Due to Faulty Delivery Bug

>**Let’s Encrypt,** the most popular free certificate signing authority is going to invalidate **more than 3 million TLS certificates** **within the next few hours.** The reason why that happens is because they were wrongfully issued due to a Certificate Authority software bug.
>
>The bug was [confirmed](https://community.letsencrypt.org/t/2020-02-29-caa-rechecking-bug/114591) on February 29 and was fixed two hours after discovery. This changed how the domain name ownership was checked before issuing new TLS certificates.
>
>Affected website owners **have until 8PM UTC (3PM EST) March 4** to [manually renew and replace their certificates](https://certbot.eff.org/docs/using.html?highlight=renew#renewing-certificates), failing which visitors to the websites will be greeted with **TLS security warnings** — as the certificates are revoked — until the renewal process is complete.

If you'd like to read in-depth about this announcement and how to fix it, we've made this blog post about it: [https://www.bunnyshell.com/letsencrypt-bug/](https://www.bunnyshell.com/letsencrypt-bug/?utm_source=reddit.com&utm_medium=social&utm_campaign=lets-encrypt)

https://redd.it/fddtzs
@r_devops

Elasticsearch: how to create a HA, scalable, secure cluster?

Hi everyone, I have a task to set up an Elasticsearch DB with HA, scalability and security (e.g. encryption) requirements.

Questions: which "distro" to use? Open distro or AWS ES service or pure (and free) ELK stack or Elastic cloud? Any other options? How did you build your ES cluster? Any useful article about the topic? Thanks!

https://redd.it/fddint
@r_devops

Automation vs CICD tools

Hi guys,

Had this discussion the other day and would like to have other opinions for the sake of having a rich discussion. A colleague said he didn't agree on running a script for creating users on platform X via a CICD tool as we aren't really doing any CI or CD, we're just running a script to provision users.

I do agree with him but I understand it's just easier to do so nowadays and don't really know where I'd run them. Do any of you have a specific tool/platform you'd suggest for these kind of tasks, separated from your usual development CICD pipelines? Or do just believe it should be done in whatever CICD tool that is being used, for the sake of simplicity?

https://redd.it/fdd3dr
@r_devops

Sonarqube quality gate result checker for ci/cd pipelines

Hello

I made a simple sonarqube quality gate result checker for ci/cd pipelines. You can use it in almost every ci tool.

https://github.com/gungorugur/ciqube

https://redd.it/fdf10w
@r_devops

Mysql Multi-master replication setup on EC2

A few days ago, I have been looking for a solution where I can use a single EC2 instance to replicate multiple RDS mysql masters.
I did my research and realize that there is not a single blog that defines it completely step by step.

Generally, this topic has been on the boom for the purpose of cost optimization, for the techies who do not want to use aws-managed RDS replicas and for them who want to explore the insides.

>***What is the requirement:***

You can read this to differentiate RDS vs Mysql on EC2.
[Mysql on RDS vs mysql on EC2](https://serverguy.com/comparison/pros-cons-rds-vs-ec2-mysql-aws/)

We are using EC2 just for the replicas. Basically, we need to manage replicas of multiple MySQL masters on a single instance.

The first thing that will come in your mind is, how we are gonna do this in a single instance?

>***The answer is “Channels”, Mysql Channels are used to perform parallel replica operations.***
*one channel for each replica, that’s how you manage the multi-master replication.*

# Let’s do this

1. Launch an EC2 instance, Install MySQL on that.

**2.** Login to master DB and run the command “show master status” and note down the binlog file and position.
Note: Check the binlog retention and make it to 24 hours by using the below command: (Only for RDS Master)
\[call mysql.rds\_set\_configuration(‘binlog retention hours’, 24);\]

**3.** Take the dump of master using below command:
mysqldump -u \[user\] -p \[Password\] -h\[host\] — lock-tables=false — single-transaction — routines — triggers — all-databases | gzip -9 > \[backupname\].sql.gz

**4.** Restore dump using this command:
gunzip < \[backup name\] | mysql -u \[uname\] -p\[pass\]

**5.** After restoring the DBs you will need a backup of users from master:: In most cases, it will start replicating users after starting the replication, but it’s good to be safer side.
If you get some “ALTER” error while restoring the users after starting the replication it means your users are already replicated.

>***Take dump of users from master***

i) pt-show-grants — host \[host\] — user \[uname\] — password \[password\] — ignore root@localhost,’mysql.session’@’localhost’,rdsadmin@localhost,’rdsrepladmin’@’%’ > grants.sql

>***Restore Users to EC2 replica***

ii) mysql -h \[host\] -u \[unane\] -p \[password\] < grants.sql

**6.** Now, go to /etc/mysql/mysql.cnf and add below lines under \[mysqld\] section::


***This is to enable GroupBy in SQL queries.***
“sql\_mode = STRICT\_TRANS\_TABLES,NO\_ZERO\_IN\_DATE,NO\_ZERO\_DATE,ERROR\_FOR\_DIVISION\_BY\_ZERO,NO\_AUTO\_CREATE\_USER,NO\_ENGINE\_SUBSTITUTION”

***Change bind-address to 0.0.0.0 to bind to all interfaces.***
bind-address = 0.0.0.0

***Set your replica as read-only so nobody can make write operations***
read\_only = 1

***This is needed to start the replication***
master-info-repository=table
relay-log-info-repository=table

**7.** Finally, configure the replication

“ *change master to master\_host=\[host\],master\_user=\[replicauser\], master\_password=\[replicauserpassword\], master\_log\_file=\[filename you have noted down of master\], master\_log\_pos=\[position you have noted down of master\] FOR CHANNEL \[Any channel name\];*”

**8.** Start the Replication:
*START SLAVE FOR CHANNEL “Channel Name”*

**9.** Check the replication Status:

*SHOW SLAVE STATUS FOR CHANNEL “ChannelName”*

**10.** If you are getting any error while starting the replication, and an output of command “show slave status”,
then note down the error number, and add that in mysql.cnf with the below parameter and restart MySQL.


slave-skip-errors = ErrorNumber (You can add multiple error numbers separated with comma)

If you want to use Multiple Master RDSs and single ec2 Replica then follow the same steps with changing the channel names.

M**onitoring**
for the monitoring purpose, you can use mysqld\_exporter with Prometheus and Grafana.

https://redd.it/fd9rn8
@r_devops

How to automate spawning new domains for new branches?

Hi,

I'm using GitLab CI for our CICD. I currently have CI setup for our dev branch, but I would like to have a way of spawning a random-name domain for other branches.

Let's say this is a regular html/css page for the purpose of this example. I'm using nginx so I was thinking of including certain locations in the nginx.conf so that when developers create a new branch (e.g. feature/something) and push it would deploy to something like abc153421cba.mydomain.com
Any ideas how to achieve this, preferably best practice how these kind of deployments could be done?

https://redd.it/fd9m73
@r_devops

What questions should I ask on an interview?

I am a sysops with about 2.5 years of experience. My primary experience is in public cloud (mainly aws but also azure).

My main issue with is the amount of work versus the value of work. There is allot of bureaucracy and my role is more like a traditional sysadmin than a devops (even though the environment is all on the public cloud). The learning I do is on my free time.

Where I live, devops jobs are low demand low supply. But I have gotten an offer through an acquaintance for a devops job, and I have an interview.

My question is what questions should I ask to make sure that the job would not have the same conditions as the job I am currently in? My primary interest at this point is to gain experience in devops.

Any advice would be greatly appreciated.

https://redd.it/fd08vs
@r_devops

Operational stability from a data perspective.

At my company, we have a DevOps team that's applying the 3 ways of DevOps to our monolithic architecture. They've successfully achieved daily deploys, sensible change management, and implemented several processes to quickly recover from disastrous situations.

Unfortunately, the same care hasn't been given to other parts of our ecosystem. Specifically, our data architecture is kind of a mess right now. Our current architecture has already started fires that were tough and mind-numbing to put out. But in the midst of the chaos, emerged a data pipeline that was golden from a DevOps perspective.

I wrote an article which talks about how to build such pipelines: [https://medium.com/@talham7391/structuring-a-robust-data-pipeline-24ff67783782](https://medium.com/@talham7391/structuring-a-robust-data-pipeline-24ff67783782)

Here are some of the main points:

\- In order to build good data pipelines, data can't be an afterthought when designing systems that will inevitably generate data. Such practices will result in ad hoc, hard to test, and brittle data pipelines that will break.

\- If your company is shifting from monolithic to service-oriented architecture, you might be heading towards Data Armaggedon - a place where everyone is freaking out because data is disorganized and hard to access. Make sure you think about your data needs when making the shift.

\- Data pipelines, if they are critical to the business, should be treated the same as other critical services. Namely, you need to make sure you think about testing, automated deployments, observability, quick recovery mechanisms, etc.. etc...

If you're liking what you've read so far, I think you'll like the article! I go into more detail and I also talk about certain properties data pipelines should have that will make them a joy to work with.

https://redd.it/fczq6o
@r_devops

K8s terms for any newbies looking to learn

Came across this list. Solid overall. Good for anyone new to DevOps or K8s looking for a quick understanding of some industry terms. Missing a few things like Kube-proxy, DeamonSet, toleration & PSP tho.

&#x200B;

[https://www.portshift.io/blog/ultimate-devops-devsecops-kubernetes/](https://www.portshift.io/blog/ultimate-devops-devsecops-kubernetes/)

https://redd.it/fdu62z
@r_devops

An argument for building event driven microservices and avoiding distributed monoliths!!

Based on my relatively short experience of working with [Space Cloud](https://github.com/spaceuptech/space-cloud) and microservices, i quickly realized what Kelsey Hightower meant by _distributed monoliths_.

Here's my two cents on how you can overcome that problem by going event driven. https://medium.com/spaceuptech/the-right-way-of-making-microservices-communicate-b6cd517ae702

Would love to hear your thoughts and experience! All feedback is welcomed!

https://redd.it/fdvz6u
@r_devops

Kubernetes clicked when I learned about Deployments and Services

https://ljvmiranda921.github.io/notebook/2020/01/18/kubernetes-deployments/

https://redd.it/fdykn8
@r_devops