Building Private Clouds

A friend of mine did a really great [podcast](https://packetpushers.net/podcast/day-two-cloud-040-building-and-operating-a-private-cloud/) interview (click the link) that I thought all y'all would enjoy. I think the self-service features of "cloud" are one of the core principals that DevOps is all about, so I hope this lands on this crowd right.

https://redd.it/flgkxz
@r_devops

Looking for HA storage solution for Minio

Hi there!

​

Sorry if this is not the best place to post this, but it kinda seemed fitting. We're running Minio and do a lot of read/writes on it. It is currently not HA, and distributed minio works very slow once a node goes down, so I started looking for HA solutions for the file system. I tried using GlusterFS but it couldn't handle the load, and caused a 200 CPU ready. NFS is my next bet, but I saw that the only good way to make NFS highly available is with Pacemaker and only with 2 servers, which is kinda wired and not where I want to go.

Has anyone faced this issue before? It runs on Kubernetes but is currently bound to a single node with local storage. We don't currently have a supported NFS or anything like that in the environment so I cant bound the persistent volume to anything aside the local storage.

https://redd.it/flhomd
@r_devops

values.yaml: unable to parse YAML: error converting YAML to JSON

Quick question. Trying to map multiple ports to a container in a helm chart but getting

>\[ERROR\] values.yaml: unable to parse YAML: error converting YAML to JSON: yaml: line 37: mapping values are not allowed in this context
\[ERROR\] templates/: cannot load values.yaml: error converting YAML to JSON: yaml: line 37: mapping values are not allowed in this context


values.yaml

`service:`
`ports:`
`name: udp-graphite`
`port: 2003`
`target_port: 2003`
`protocol: udp`

`name: tcp-graphite`
`port: 2003`
`target_port: 2003`
`protocol: tcp`

`name: pickle-graphite`
`port: 2004`
`target_port: 2004`
`protocol: tcp`

`service.yaml`

`{{- if .Values.service.ports }}`
`apiVersion: v1`
`kind: Service`
`metadata:`
`name: {{ include "carbon-relay-ng.fullname" . }}`
`labels:`
`{{- include "carbon-relay-ng.labels" . | nindent 4 }}`
`spec:`
`type: {{ .Values.port_type }}`
`ports:`
`{{ toYaml .Values.service.ports | indent 4}}`
`selector:`
`{{- include "carbon-relay-ng.selectorLabels" . | nindent 4 }}`
`{{- end }}`

​

Not sure what the deal is there. From all the other examples i've seen on the web says that should be possible. using helm version

`version.BuildInfo{Version:"v3.1.2", GitCommit:"d878d4d45863e42fd5cff6743294a11d28a9abce", GitTreeState:"clean", GoVersion:"go1.13.8"}`

https://redd.it/flfeh2
@r_devops

Can i get an AWS job with a certification and no experience?

I'm going to take the AWS Cloud Practitioner exam soon. A week from now or so. Will I be able to get a job?

https://redd.it/fl9br2
@r_devops

Octopus Deploy - Darkmode & Better Linux Support

We're proud to ship Octopus 2020.1, our first release of the year, with some great updates and benefits.


* [Dark Mode ](https://octopus.com/blog/octopus-release-2020-1#dark-mode)📷 is cool and it's easier on your eyes.
* [Octopus and Octopus CLI are more at home on Linux and macOS](https://octopus.com/blog/octopus-release-2020-1#octopus-and-octopus-cli-are-now-more-at-home-on-linux-and-macos): AWS and Azure built-in steps are cross-platform, and you can now install and use the Octopus CLI via Homebrew, Yum, and APT.
* [Environment and tenant specific worker pools](https://octopus.com/blog/octopus-release-2020-1#environment-and-tenant-specific-worker-pools): New worker pool variables unlock the ability to have dedicated worker pools for different environments or tenant tags.
* [AWS and Azure deployment steps on Linux](https://octopus.com/blog/octopus-release-2020-1#aws-and-azure-deployments-work-on-windows-and-linux-machines): Deployment steps for AWS and Azure can now be executed seamlessly on Windows and Linux targets/workers

https://redd.it/flkoth
@r_devops

Elastic IP with NLB for k8s Service

Hey all,

I've got a service I'm trying to expose in my k8s cluster via NLB with an Elastic IP. Since (as far as I know) K8s still doesn't support EIP natively on NLB, what solutions have you all come up with? My initial thought is to stand up an NLB with EIP that just aims at an ASG of traefik machines that then proxy the traffic to an internal NLB defined as usual in a k8s service. That seems really crude to get to the goal but I really don't see a lot of better options. Any good reference designs I can borrow from?

https://redd.it/flf07a
@r_devops

Incident Response in a Remote World of Social Distancing

At RigD we have always believed that working collaboratively is crucial to business success and that driving this work through collaboration platforms, like Slack, would be transformative. While many companies have embraced this philosophy already, the current world events have forced most others to adapt their processes to account for remote work.

Here are a few pieces of advice that we’ve picked up from our existing users that might help when responding to incidents and using Slack.

* **Is it really an incident that needs swarming?** Establishing criteria to decide if something really qualifies as an incident is important to ensure your on-call team doesn't get overloaded and miss the big ones. It's easy to lose this disciple when the person who can help is only a quick message away.
* **Mitigate first!** Getting things back up and running should always be the top and most urgent priority during an outage incident. Understanding root cause and prevention measure comes later. When it's easy for others to engage on an incident, innocent discussion can distract from the mission.
* **Sharing is caring.** Making good regular updates is crucial to keeping things calm and establishing confidence in your team's ability to resolve the issue. This is easy to overlook as you are chatting away in Slack.

Care to share your own advice for incident response in Slack?

If you are thinking about adjusting to a Slack driven incident response process, we are here to [help.](https://rigd.io)

https://redd.it/flb5ba
@r_devops

Seperate devlopment and production containers?

Should I separate the development environment container from the production container (ei. into a Dockerfile and Dockerfile.dev)?

Otherwise I think I would have to either:

\- Parameterize the Dockerfile

\- Make a multistage file, and use targets when building containers

I think separating these would make the gap between between development and production greater, but make the setup simpler.

I'm quite new to deploying larger applications, so the pros and cons of the various approaches aren't quite obvious to me.

https://redd.it/fl7vdp
@r_devops

GCP Fundamentals Series: Three online half-day programs and take your skills to new heights

Cloud OnBoard is a free online instructor-led training program that enables developers and IT professionals to expand their skill set into the cloud. **Google Cloud Platform (GCP) Fundamentals Series** brings the Google Cloud Community together for three consecutive days of interactive learning and hands-on labs.


Choose one, two, or all three online half-day programs and take your skills to new heights:

* Core Infrastructure
* Big Data & Machine Learning
* Application Development with GCP

**March 24** **-** **26, 2020**

[https://cloudonair.withgoogle.com/events/apac-gcp-fundamentals-series](https://cloudonair.withgoogle.com/events/apac-gcp-fundamentals-series)

[https://imgur.com/a/0F4Yh6F](https://imgur.com/a/0F4Yh6F)

https://redd.it/flnzmh
@r_devops

I just took a job in DevOps (software sales) What Book would you recommend for me to get a basic understanding of DevOps etc?

Thanks in advance

https://redd.it/fl9xou
@r_devops

Career Advice: how to restart

How to restart the career and learn things.

Myself:

Worked as a Devops engineer from starting of my career.

Tech Stack: Aws, Docker, Kubernetes, Linux, Python(very little).

I am not perfect in any stack right now as the requirement and stack changed at very fast pace. I want to learn the technologies in depth of docker kubernetes and cloud computing. But right now not getting exposer in the company.

Working on nginx lua openrestry. Not getting it to work. Plus there are not source/ tutorial available on the same.

If someone has faced the similar issue in the career and they could changed the path and drift the career to where they want to work. Please pour some guidance in comments.

Regards

https://redd.it/fl8z40
@r_devops

How has your work flow changed with extended remote work?

I am sure folks here have worked from home for few days in between - but with an extended period of remote/ work from home, has your workflow changed? Do you communicate more across functions now? are all communications shifted to slack/email now?

Just curious, what folks are experiencing - or any new flows which are making them more productive?

https://redd.it/fl49fj
@r_devops

gaming on containers?

Hey everyone!
Is it possible to run games on Windows container?

I have this question because running VMs use tons of resources. I would have no problems with VMs but it has to run its own kernel besides containers which uses the hosts kernel so it uses more RAM and CPU resources to do so (poor mans life). Is it possible to run games inside Windows containers and also be able to interact with it like you would do on your host OS screen (Windows)? Running the game on host uses about only 5-8% of CPU, but when I try to run it on VM together it adds to be about 30% (Game inside VM) of CPU usage for one game instance... I want to run as many game instances as possible, only 1 game instance is allowed on one OS. I know that there is such a thing as Windows sandbox which doesn't really fit me because only 1 sandbox allowed to run per OS.

i7-6700HQ
GTX 950M
16GB of DDR4

Is there any lightweight solutions to VM?
If Windows container is able to support video output how to setup everything?

P.S. I don't care about security and isolation. Stability and workload is my problem.

https://redd.it/fkzfax
@r_devops

Enabling HTTPS via letsencrypt on AWS EC2 with nginx/docker

It's my first experience, so bear with me :)

We don't have devops in a team so I as a developer gotta do this. I'm working on enabling https for my domain via nginx & certbot on docker & AWS EC2. I follow this instruction [https://stackoverflow.com/questions/57239213/how-to-enable-https-on-aws-ec2-running-an-nginx-docker-container](https://stackoverflow.com/questions/57239213/how-to-enable-https-on-aws-ec2-running-an-nginx-docker-container) & I stuck on generating dummy certificate via letsencrypt. Http-01 challenge fails every time. I've got A, SOA, NS & CAA records set in Route53. Below I changed my real domain name, not sure if i should do this. My nginx.conf is :

"worker\_processes 1;
user nobody nogroup;
\# 'user nobody nobody;' for systems with 'nobody' as a group instead
error\_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker\_connections 1024; # increase if you have lots of clients
accept\_mutex off; # set to 'on' if nginx worker\_processes > 1
}


http {

include mime.types;
\# fallback in case we can't determine a type
default\_type application/octet-stream;
access\_log /var/log/nginx/access.log combined;
sendfile on;
server {
listen 80;
server\_name mydomain.pl www.mydomain.pl;
server\_tokens off;
location / {
return 301 https://$server\_name$request\_uri;
}


location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}


server {
listen 443 ssl;
server\_name mydomain.pl www.mydomain.pl;
server\_tokens off;
ssl\_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl\_certificate\_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl\_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /static/ {
alias /nginx/static/;
autoindex off;
}


\# location for files downloads.
location /media/ {
add\_header Content-disposition "attachment; filename=$1";
alias /nginx/media/;
try\_files $uri $uri/ =404;
}


location /static\_django/ {
alias /nginx/static\_django/;
autoindex off;
}


location \~ \^/(crm|api) {
proxy\_set\_header Host $host;
proxy\_set\_header X-Forwarded-For $proxy\_add\_x\_forwarded\_for;
proxy\_set\_header X-Real-IP $remote\_addr;
proxy\_set\_header X-Forwarded-Proto $scheme;
proxy\_pass https://api:8000;
proxy\_set\_header X-Server-Ver $nginx\_version;
}


location / {
root /usr/share/nginx/html;
index index.html index.htm;
alias /nginx/build/frontend/;
try\_files $uri$args $uri$args/ $uri /index.html;
proxy\_set\_header Host $http\_host;
proxy\_set\_header X-Real-IP $remote\_addr;
proxy\_set\_header X-Forwarded-For $proxy\_add\_x\_forwarded\_for;
}
}
}
"

Error from letsencrypt tells:

"Domain: mydomain.pl

Type: connection

Detail: Fetching

[https://mydomain.pl/.well-known/acme-challenge/F8S1jFeD64QKWsDWu9lN1Dcv1-FatLHjEcchR53-ago:](https://ehom.pl/.well-known/acme-challenge/F8S1jFeD64QKWsDWu9lN1Dcv1-FatLHjEcchR53-ago:)

Timeout during connect (likely firewall problem)
Domain: [www.mydomain.pl](https://www.ehom.pl)

Type: unauthorized

Detail: Invalid response from

[https://www.mydoman.pl/.well-known/acme-challenge/2iDeX95XKRo6m-MgPtI25K0j-IiG79xR07O8DwLSTCk](https://www.ehom.pl/.well-known/acme-challenge/2iDeX95XKRo6m-MgPtI25K0j-IiG79xR07O8DwLSTCk)

"

What else should I check to overcome this issue?

https://redd.it/fkz6cq
@r_devops

Our CTO talks about the trials and tribulations of implementing AI and ML in DevOps

[https://medium.com/@CrossingMinds/how-can-i-implement-ai-in-devops-c192754cf87d](https://medium.com/@CrossingMinds/how-can-i-implement-ai-in-devops-c192754cf87d)

https://redd.it/fkyjj5
@r_devops

DevOps Industry knowledge



Hi,

I wanted to get a little knowledge of the DevOps industry. What sort of companies generally use DevOps as a service and what are some best companies that provide DevOps as a service?

***PS- I am trying to write a paper on the DevOps industry and answers to these questions would be of great help to me.***

https://redd.it/fkt4pm
@r_devops

Highly available, external load balancer for Kubernetes in Hetzner Cloud using haproxy and keepalived

Hi, I needed a load balancer for my Kubernetes cluster in Hetzner Cloud and since HC doesn't offer LBs as a service yet, I set up a highly available load balancer with haproxy and keepalived. Check it out if you need something similar - what's described in the post can be adapted to other providers as well.

https://vitobotta.com/2020/03/20/haproxy-kubernetes-hetzner-cloud/

https://redd.it/flvv6n
@r_devops

Help with gitlabCI pipeline triggers

Hey guys,

I mostly work with Jenkins but am currently doing some stuff on gitlabCI, and I'm having an issue trying to achieve something which seems pretty simple to me. I want to be able to trigger one pipeline if another one succeeds, but I haven't been able to find any reference to that in the official docs and I'm pretty stuck.

Basically, if pipeline A succeeds, I want pipeline B to run. I guess it can be configured in the ```when``` section, something like ```when: pipeA.success``` or something like that, but I haven't been able to achieve it.

I'm pretty lost so if anyone could point me towards some better docs or even a stackoverflow thread that would be great.

Thanks in advance!

https://redd.it/flxfus
@r_devops

Newbie

Three years ago, I used to use bitbucket and it used to build whenever we push code. That's it.

What has changed now ? Nowadays, different setup, am told we should go to Azure pipeline and there are environments, we can just click on them DEPLOY, it's done.

To code, we need to log into AWS workspace, all in our teams use the same.

So what has changed actually ? Why we hearing the word "Devops" more than ever ? It's confusing.

What is Kubernetes ? Am I using ? Again someone please tell in layman how it helps ?

Now, Docker, please ? Enlighten me.

I have kept on going through lot of blogs, lot, but ended up getting confused.

This will help everyone whose jumping into this for the first time, okay you can consider me dumb if that helps.

Imagine am starting a media company, so how can I be employing Devops, Kubernetes, Docker etc ? Say am gonna have huge following

PS: hey thanks in advance

https://redd.it/flylzx
@r_devops

the case against jenkins in 2020

[https://medium.com/@shrayk/the-case-against-jenkins-in-2020-310276e39280?sk=da35dec5f82ff3db9d724cbd5fb4f6f9](https://www.google.com/url?q=https://medium.com/@shrayk/the-case-against-jenkins-in-2020-310276e39280?sk%3Dda35dec5f82ff3db9d724cbd5fb4f6f9&sa=D&source=hangouts&ust=1584806310069000&usg=AFQjCNFxkrML3W-Wosu1ELCr_Gb9TVrKMw)

​

some food for thought around choosing a different CI system, and some of the reasons surrounding that

https://redd.it/flz7su
@r_devops

which technologies to pick? docker vs config management

hello, I'm starting to learn DevOps tools and I've faced too many tools to choose in between.

so I want to know if I should learn docker and Kubernetes or ansible/chef, etc.

what benefits it might have to learn both? because as I've googled there are many articles which say docker is the new mainstream and has many more benefits compared to config management.

but in this popular [RoadMap](https://roadmap.sh/devops), as I understand it's suggested to learn both!

https://redd.it/fm178q
@r_devops