EdgeMesh: Bringing the Service Mesh from DataCenter to Edge
Now more and more people are using Kubernetes to orchestrate containerized workloads and using Service Mesh to manage service communication. And Kubernetes and Service Mesh mostly rely on the data center network, in order to achieve efficient service discovery and communication.
But in scenarios of edge computing such as Manufacturing and AutonomousDriving, the work nodes often distributed in various decentralized areas. In this case, the services can't communicate directly, the connection of node to node and node to control plane is also very unstable. This indeed caused troubles: services cannot communicate with each othe and cannot achieve stable DNS resolution.
how EdgeMesh designed for edge scenarios:
1. DNS resolution achieve at the edge even if the connection to the control plane is lost.
2. Services Across Subnets can communicate with each other.
3. Edge gateway is introduced to serve external requests.
How Does it works?
[https://github.com/kubeedge/kubeedge/blob/master/docs/proposals/edgemesh-design.md](https://github.com/kubeedge/kubeedge/blob/master/docs/proposals/edgemesh-design.md)
https://redd.it/ffu7u3
@r_devops
Now more and more people are using Kubernetes to orchestrate containerized workloads and using Service Mesh to manage service communication. And Kubernetes and Service Mesh mostly rely on the data center network, in order to achieve efficient service discovery and communication.
But in scenarios of edge computing such as Manufacturing and AutonomousDriving, the work nodes often distributed in various decentralized areas. In this case, the services can't communicate directly, the connection of node to node and node to control plane is also very unstable. This indeed caused troubles: services cannot communicate with each othe and cannot achieve stable DNS resolution.
how EdgeMesh designed for edge scenarios:
1. DNS resolution achieve at the edge even if the connection to the control plane is lost.
2. Services Across Subnets can communicate with each other.
3. Edge gateway is introduced to serve external requests.
How Does it works?
[https://github.com/kubeedge/kubeedge/blob/master/docs/proposals/edgemesh-design.md](https://github.com/kubeedge/kubeedge/blob/master/docs/proposals/edgemesh-design.md)
https://redd.it/ffu7u3
@r_devops
GitHub
kubeedge/kubeedge
Kubernetes Native Edge Computing Framework (project under CNCF) - kubeedge/kubeedge
Centralized configuration ?
What do you think about centralized configuration management in microservices
and tools like Lygeum configuration server ?
https://redd.it/ffvtdg
@r_devops
What do you think about centralized configuration management in microservices
and tools like Lygeum configuration server ?
https://redd.it/ffvtdg
@r_devops
reddit
Centralized configuration ?
What do you think about centralized configuration management in microservices and tools like Lygeum configuration server ?
how to migrate all tmux sessions from one remote machine to another remote machine
how to migrate all tmux sessions from one remote machine to another remote machine
https://redd.it/ffuf25
@r_devops
how to migrate all tmux sessions from one remote machine to another remote machine
https://redd.it/ffuf25
@r_devops
reddit
how to migrate all tmux sessions from one remote machine to...
how to migrate all tmux sessions from one remote machine to another remote machine
zero to devops
hi community!
i am looking to switch/make jump to devops role and currently was a quality management professional with good understanding of programming in a completely non-technical position for 2years
kindly suggest what and how do i go about it!! would be tremendous help!
https://redd.it/ffx9f1
@r_devops
hi community!
i am looking to switch/make jump to devops role and currently was a quality management professional with good understanding of programming in a completely non-technical position for 2years
kindly suggest what and how do i go about it!! would be tremendous help!
https://redd.it/ffx9f1
@r_devops
reddit
zero to devops
hi community! i am looking to switch/make jump to devops role and currently was a quality management professional with good understanding of...
How to Deploy to Storage account in Azure for CDN
Hey guys! We are trying to use Azure CDN. In our current infrastructure,we use teamcity and Octopus Deployer.
We would like to deploy the content to Azure Storage so that from this storage,we can make use of the CDN. Octopus doesn't have a supported template for it.Although there's a community template but it isn't of much use for us.
Can anybody help on how we can achieve this?
https://redd.it/ffq79d
@r_devops
Hey guys! We are trying to use Azure CDN. In our current infrastructure,we use teamcity and Octopus Deployer.
We would like to deploy the content to Azure Storage so that from this storage,we can make use of the CDN. Octopus doesn't have a supported template for it.Although there's a community template but it isn't of much use for us.
Can anybody help on how we can achieve this?
https://redd.it/ffq79d
@r_devops
reddit
How to Deploy to Storage account in Azure for CDN
Hey guys! We are trying to use Azure CDN. In our current infrastructure,we use teamcity and Octopus Deployer. We would like to deploy the content...
Electron react boilerplate - Electron Release Actions
I am looking for a Github workflow that will build the electron application for MacOS, Linux and windows and store artifacts in a Github release.
This seems like a common use case, especially since Electron apps support auto updating. Has anybody made this work for the this template rpeository ([Electron React Boilerplate](https://github.com/electron-react-boilerplate/electron-react-boilerplate)?
https://redd.it/fgbyw0
@r_devops
I am looking for a Github workflow that will build the electron application for MacOS, Linux and windows and store artifacts in a Github release.
This seems like a common use case, especially since Electron apps support auto updating. Has anybody made this work for the this template rpeository ([Electron React Boilerplate](https://github.com/electron-react-boilerplate/electron-react-boilerplate)?
https://redd.it/fgbyw0
@r_devops
GitHub
GitHub - electron-react-boilerplate/electron-react-boilerplate: A Foundation for Scalable Cross-Platform Apps
A Foundation for Scalable Cross-Platform Apps. Contribute to electron-react-boilerplate/electron-react-boilerplate development by creating an account on GitHub.
Treat servers like cattle, not pets
Can someone help me explain what exactly this means in DevOps?
https://redd.it/ffp9lx
@r_devops
Can someone help me explain what exactly this means in DevOps?
https://redd.it/ffp9lx
@r_devops
reddit
Treat servers like cattle, not pets
Can someone help me explain what exactly this means in DevOps?
Which OS for Kubernetes in 2020?
We are evaluating at the moment which Operating System we should use for new Kubernetes Clusters. After the changes in the CoreOS environment we are not sure if we should move on with this OS..
For us it would be important that the Distro is maintained for long time or has the ability like CoreOS to be updated seamless. Also should the Distro be complete Open Source..
As alternatives we have so far allocated the following:
\- [Clear Linux](https://clearlinux.org/)
\- [Talos](https://www.talos-systems.com/)
\- Debian
What's your opinion? Which OS for Kubernetes are you using and what do you think where the journey will go in the next years?
https://redd.it/fgghrj
@r_devops
We are evaluating at the moment which Operating System we should use for new Kubernetes Clusters. After the changes in the CoreOS environment we are not sure if we should move on with this OS..
For us it would be important that the Distro is maintained for long time or has the ability like CoreOS to be updated seamless. Also should the Distro be complete Open Source..
As alternatives we have so far allocated the following:
\- [Clear Linux](https://clearlinux.org/)
\- [Talos](https://www.talos-systems.com/)
\- Debian
What's your opinion? Which OS for Kubernetes are you using and what do you think where the journey will go in the next years?
https://redd.it/fgghrj
@r_devops
Two Important AWS Security Rules to Remember
So there are a ton of rules, gotchas, principles, and catch-22's when it comes to cloud security on AWS. At times it's like trying to keep bugs out of a 100 room building where doors and windows HAVE to be open for people to move about. Well, here's a post about two important AWS security rules to remember. No, these aren't the only two to know, but yes, they'll clarify your role in cloud security and help you to understand how to think about it.
[Two Important AWS Security Rules to Remember](https://start.jcolemorrison.com/two-important-aws-security-rules-to-remember/)
https://redd.it/fghcz3
@r_devops
So there are a ton of rules, gotchas, principles, and catch-22's when it comes to cloud security on AWS. At times it's like trying to keep bugs out of a 100 room building where doors and windows HAVE to be open for people to move about. Well, here's a post about two important AWS security rules to remember. No, these aren't the only two to know, but yes, they'll clarify your role in cloud security and help you to understand how to think about it.
[Two Important AWS Security Rules to Remember](https://start.jcolemorrison.com/two-important-aws-security-rules-to-remember/)
https://redd.it/fghcz3
@r_devops
J Cole Morrison
Two Important AWS Security Rules to Remember
Two important security rules to remember when securing cloud infrastructure on AWS. When is it your responsibility? Why do companies get breached?
Software chain of custody and compliance
What tools, systems, or practices do your teams use to automate the software chain of custody that can satisfy HIPAA and CJIS compliance? What kind of constraints exist in your build and release processes to ensure segregation of responsibilities?
https://redd.it/fgl976
@r_devops
What tools, systems, or practices do your teams use to automate the software chain of custody that can satisfy HIPAA and CJIS compliance? What kind of constraints exist in your build and release processes to ensure segregation of responsibilities?
https://redd.it/fgl976
@r_devops
reddit
Software chain of custody and compliance
What tools, systems, or practices do your teams use to automate the software chain of custody that can satisfy HIPAA and CJIS compliance? What...
Does anyone know the difference between these two AWS roles?
AWSCodeDeployRole
AmazonEC2RoleforAWSCodeDeploy
The former is in the AWS guide to creating a service role for EC2 CodeDeploy. The description of the latter says, "This role is needed by the CodeDeploy agent on EC2 instances." Does this have to do with resource-based vs identity-based?
Thanks for any help
https://redd.it/fgkkmz
@r_devops
AWSCodeDeployRole
AmazonEC2RoleforAWSCodeDeploy
The former is in the AWS guide to creating a service role for EC2 CodeDeploy. The description of the latter says, "This role is needed by the CodeDeploy agent on EC2 instances." Does this have to do with resource-based vs identity-based?
Thanks for any help
https://redd.it/fgkkmz
@r_devops
reddit
Does anyone know the difference between these two AWS roles?
AWSCodeDeployRole AmazonEC2RoleforAWSCodeDeploy The former is in the AWS guide to creating a service role for EC2 CodeDeploy. The description...
Cheapest GPU hosting server
I'm looking for the cheapest gpu server
with gtx graphic card like gtx 750
and windows server 2019
​
Appreciate any help !
https://redd.it/fgmjg6
@r_devops
I'm looking for the cheapest gpu server
with gtx graphic card like gtx 750
and windows server 2019
​
Appreciate any help !
https://redd.it/fgmjg6
@r_devops
reddit
Cheapest GPU hosting server
I'm looking for the cheapest gpu server with gtx graphic card like gtx 750 and windows server 2019 Appreciate any help !
AWS Cloud practiced essentials
Has anyone used the free course on amazon? Is that enough to pass it?
https://redd.it/fgkgjx
@r_devops
Has anyone used the free course on amazon? Is that enough to pass it?
https://redd.it/fgkgjx
@r_devops
reddit
AWS Cloud practiced essentials
Has anyone used the free course on amazon? Is that enough to pass it?
Security & Policy Configurations for Infrastructure as Code
Set your YouTube reminder for Sunday, March 15th, 2020 at 1 PM EST!
[https://youtu.be/KOTXCIN0yE0](https://youtu.be/KOTXCIN0yE0)
Join us as Hashicorp's Rosemary Wang deep dives into some techniques for proactively checking the security and policy of our infrastructure as code, using examples featuring Open Policy Agent and Terraform.
Meetup RSVP: [https://www.meetup.com/OWASP-DevSlop-Project/events/268639871/](https://www.meetup.com/OWASP-DevSlop-Project/events/268639871/)
https://redd.it/fgojfc
@r_devops
Set your YouTube reminder for Sunday, March 15th, 2020 at 1 PM EST!
[https://youtu.be/KOTXCIN0yE0](https://youtu.be/KOTXCIN0yE0)
Join us as Hashicorp's Rosemary Wang deep dives into some techniques for proactively checking the security and policy of our infrastructure as code, using examples featuring Open Policy Agent and Terraform.
Meetup RSVP: [https://www.meetup.com/OWASP-DevSlop-Project/events/268639871/](https://www.meetup.com/OWASP-DevSlop-Project/events/268639871/)
https://redd.it/fgojfc
@r_devops
YouTube
Security & Policy Configurations for Infrastructure as Code with Rosemary Wang - OWASP DevSlop
FOLLOW DEVSLOP LinkedIn: https://www.linkedin.com/company/owasp-devslop/ Twitter: https://twitter.com/Owasp_DevSlop YouTube: https://www.youtube.com/c/OWASPD...
Opensource InfluxDB for production
For an upcoming project, I will need a time-series database, and for now, I'm considering either InfluxDB or Prometheus (any other recommendation is welcome).
Reading through Influx's docs, I don't understand one thing: is there anyone really using InfluxDB Opensource in production? What's your use case? Because the lack of clustering, and therefore, lack of high availability and performance looks to me a big deal not to choose Influx.
https://redd.it/fgcgjd
@r_devops
For an upcoming project, I will need a time-series database, and for now, I'm considering either InfluxDB or Prometheus (any other recommendation is welcome).
Reading through Influx's docs, I don't understand one thing: is there anyone really using InfluxDB Opensource in production? What's your use case? Because the lack of clustering, and therefore, lack of high availability and performance looks to me a big deal not to choose Influx.
https://redd.it/fgcgjd
@r_devops
reddit
Opensource InfluxDB for production
For an upcoming project, I will need a time-series database, and for now, I'm considering either InfluxDB or Prometheus (any other recommendation...
What are some of the DevOps related subreddits you follow?
Hi all. New to DevOps. Was wondering what are some DevOps related subreddits that we can follow to be aware of the trends and also learn it.
https://redd.it/fga6or
@r_devops
Hi all. New to DevOps. Was wondering what are some DevOps related subreddits that we can follow to be aware of the trends and also learn it.
https://redd.it/fga6or
@r_devops
reddit
What are some of the DevOps related subreddits you follow?
Hi all. New to DevOps. Was wondering what are some DevOps related subreddits that we can follow to be aware of the trends and also learn it.
Terraform best practices
Sooo we have this terraform repo that includes a bunch of things
- network configurations
- cloud rdbms setup
- ec2 instance stuff
- monitoring alerts (datadog)
So I think this has become a monolith of kinds, because everytime we need to do a provider upgrade or TF upgrade, it takes ages.
Could someone share articles around terraform best practices? At what point do we start decomposing things down to separate repos ?
https://redd.it/fg8h1a
@r_devops
Sooo we have this terraform repo that includes a bunch of things
- network configurations
- cloud rdbms setup
- ec2 instance stuff
- monitoring alerts (datadog)
So I think this has become a monolith of kinds, because everytime we need to do a provider upgrade or TF upgrade, it takes ages.
Could someone share articles around terraform best practices? At what point do we start decomposing things down to separate repos ?
https://redd.it/fg8h1a
@r_devops
reddit
Terraform best practices
Sooo we have this terraform repo that includes a bunch of things - network configurations - cloud rdbms setup - ec2 instance stuff - monitoring...
Build stage in Gitlab Runner
I have a project that I am building and then deploying:
image: docker:latest
before_script:
- echo "(!) Starting process"
after_script:
- echo "(!) Successfully ran process"
build_stage:
stage: build
script:
- rm -rf ~/.m2/repository/me/pabloestrada/
- sh lib/credentials/prod_build-persian.sh
- sh lib/guice-quartz/prod_build-persian.sh
- sh lib/persian-jobs/prod_build-persian.sh
- sh persian-services/exercise-tracker/prod_build-persian.sh
- mvn clean package -f service
- mvn clean package -f scheduler
- sudo npm install --prefix ui/
- sudo npm run build --prefix ui/
deploy_stage:
stage: deploy
script:
- rm -rf ~/.m2/repository/me/pabloestrada/
- sh lib/credentials/prod_build-persian.sh
- sh lib/guice-quartz/prod_build-persian.sh
- sh lib/persian-jobs/prod_build-persian.sh
- sh persian-services/exercise-tracker/prod_build-persian.sh
- mvn clean package -f service
- mvn clean package -f scheduler
- sudo npm install --prefix ui/
- sudo npm run build --prefix ui/
- docker-compose up
So, for deployment, I need to build and then spin up a container. I am essentially doing the same thing in the build stage, but without deployment. Is there a better way to do this? Am I using the build stage correctly?
https://redd.it/fgro12
@r_devops
I have a project that I am building and then deploying:
image: docker:latest
before_script:
- echo "(!) Starting process"
after_script:
- echo "(!) Successfully ran process"
build_stage:
stage: build
script:
- rm -rf ~/.m2/repository/me/pabloestrada/
- sh lib/credentials/prod_build-persian.sh
- sh lib/guice-quartz/prod_build-persian.sh
- sh lib/persian-jobs/prod_build-persian.sh
- sh persian-services/exercise-tracker/prod_build-persian.sh
- mvn clean package -f service
- mvn clean package -f scheduler
- sudo npm install --prefix ui/
- sudo npm run build --prefix ui/
deploy_stage:
stage: deploy
script:
- rm -rf ~/.m2/repository/me/pabloestrada/
- sh lib/credentials/prod_build-persian.sh
- sh lib/guice-quartz/prod_build-persian.sh
- sh lib/persian-jobs/prod_build-persian.sh
- sh persian-services/exercise-tracker/prod_build-persian.sh
- mvn clean package -f service
- mvn clean package -f scheduler
- sudo npm install --prefix ui/
- sudo npm run build --prefix ui/
- docker-compose up
So, for deployment, I need to build and then spin up a container. I am essentially doing the same thing in the build stage, but without deployment. Is there a better way to do this? Am I using the build stage correctly?
https://redd.it/fgro12
@r_devops
reddit
Build stage in Gitlab Runner
I have a project that I am building and then deploying: image: docker:latest before_script: - echo "(!) Starting process" ...
How do apps get their secret ids using Vault approle?
With an devops (admin) role, I can generate the secret id for a role. I am able to embed the role id in the app's executable, but how can I pass it the secret id?
https://redd.it/fgqhvj
@r_devops
With an devops (admin) role, I can generate the secret id for a role. I am able to embed the role id in the app's executable, but how can I pass it the secret id?
https://redd.it/fgqhvj
@r_devops
reddit
How do apps get their secret ids using Vault approle?
With an devops (admin) role, I can generate the secret id for a role. I am able to embed the role id in the app's executable, but how can I pass...
Prometheus vs. CloudWatch for Cloud Native Applications
Many companies are moving to Kubernetes as the platform of choice for running software workloads. When an organization earlier using VMs in AWS decides to move to Kubernetes (Either EKS or self-managed in AWS), one of the questions that come up is should one continue to use CloudWatch or switch to some other tool like Prometheus? While it is not an exactly apple to apple comparison, there are reasons to explore this and choose tooling that is built for the future. This post will try to explore various aspects and pros and cons of both options individually and as a combination.
## Why?
Prometheus and CloudWatch are very different in the problem they solve and a 1-1 comparison seems unfair but as you start moving to cloud-native stack, Prometheus starts popping up in conversations and for many right reasons. For example, currently, CloudWatch does not support Kubernetes metrics ([Issue link here](https://github.com/aws/containers-roadmap/issues/38)). As one of the workarounds, you can use [CloudWatch exporter](https://github.com/prometheus/cloudwatch_exporter) and export metrics from CloudWatch to a Prometheus instance. You can also host a Prometheus instance in the cluster and then metrics are exported to CloudWatch using the CloudWatch [adapter](https://github.com/cloudposse/prometheus-to-cloudwatch). Before we start comparing the two technologies, let’s do a quick high-level overview of both.
[Read the full post here..](https://www.infracloud.io/prometheus-vs-cloudwatch/)
https://redd.it/fgt2i8
@r_devops
Many companies are moving to Kubernetes as the platform of choice for running software workloads. When an organization earlier using VMs in AWS decides to move to Kubernetes (Either EKS or self-managed in AWS), one of the questions that come up is should one continue to use CloudWatch or switch to some other tool like Prometheus? While it is not an exactly apple to apple comparison, there are reasons to explore this and choose tooling that is built for the future. This post will try to explore various aspects and pros and cons of both options individually and as a combination.
## Why?
Prometheus and CloudWatch are very different in the problem they solve and a 1-1 comparison seems unfair but as you start moving to cloud-native stack, Prometheus starts popping up in conversations and for many right reasons. For example, currently, CloudWatch does not support Kubernetes metrics ([Issue link here](https://github.com/aws/containers-roadmap/issues/38)). As one of the workarounds, you can use [CloudWatch exporter](https://github.com/prometheus/cloudwatch_exporter) and export metrics from CloudWatch to a Prometheus instance. You can also host a Prometheus instance in the cluster and then metrics are exported to CloudWatch using the CloudWatch [adapter](https://github.com/cloudposse/prometheus-to-cloudwatch). Before we start comparing the two technologies, let’s do a quick high-level overview of both.
[Read the full post here..](https://www.infracloud.io/prometheus-vs-cloudwatch/)
https://redd.it/fgt2i8
@r_devops
GitHub
Kubernetes metrics to CloudWatch · Issue #38 · aws/containers-roadmap
Some metrics from eg: Kubernetes, Kubelet, kube-state-metrics to Cloudwatch. As of today, many are using Prometheus to collect the metrics. But if you already utilize Cloudwatch you now have two mo...