How did you learn networking from level 0?

Projects? Books? For someone who wants to learn networking at a fundamental level, does anyone have any resources to get the practical knowledge down?

https://redd.it/fsh3r4
@r_devops

Help with Apache and Tomcat memory config!

Hello guys, here's the deal. I inherited a system that uses mostly webservers with Apache and Tomcat, on Java8, and they run on 4CPU, 7.5G RAM machines (specifically the c5.xlarge instances of AWS).

We are experiencing heavy traffic and adding more clones of those to the mix work, but its way inefficient. The fact is that I know squat about how to fine tune Apache and Tomcat, and while I'm adjusting daily, I'm sure there might be someone looking at these values that can tell me if they look OK, even OKish, or maybe super wrong. These values came from an old hardware infrastructure and, while I changed certain things, some stuck on these old values that I don't dare touch too much.

Here are the values:

<IfModule mpm_worker_module>
ServerLimit 22
StartServers 10
MinSpareThreads 75
MaxSpareThreads 250
ThreadLimit 64
ThreadsPerChild 25
MaxClients 550
MaxRequestsPerChild 1000
</IfModule>

and Tomcat config

-Djava.awt.headless=true -Djava.net.preferIPv4Stack=true -Dsun.java2d.fontpath=/usr/share/fonts/truetype -Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true -Dlog4j.configuration=file:///etc/tomcat7/log4j.properties -Xms2560M -Xmx2560M -XX:MaxPermSize=512m -XX:NewSize=20M -XX:MaxNewSize=40M

I am finding at the moment that of those 550 MaxClients, when it get above 450 or so it's tomcat that is failing to respond on port 8009. Do I need more heap?

Anyway thanks for your time if you read all this! Thoughts?

https://redd.it/fseaok
@r_devops

Python devops showcase without the cloud

Hi guys, I am trying to think of an idea of a personal project, not a huge one, but enough to show people at interview about my skills in Python, but relating to Devops. I know most people probably will think the Boto3 library in automating stuff on AWS, but I'd love to hear about ideas that doesn't involve the cloud but still would need python to automate stuff on Windows or Linux, or networks, anything relating to the CI/CD pipeline. Maybe Saltstack python codes would be helpful?

https://redd.it/fs7os9
@r_devops

nested terraform outputs

I have an output

output "route_tables" {
value = module.oci_network.route_tables
}

That results in outputs in the following following format

route_tables = {
"cool_systems" = [
{
"compartment_id" = {}
"defined_tags" = {}
"display_name" = "cool_systems"
"freeform_tags" = {}
"id" = "id-123"
"route_rules" = [
{
"cidr_block" = "0.0.0.0/0"
"description" = "sauce"
"destination" = "car"
"destination_type" = "CIDR_BLOCK"
"network_entity_id" = "foo"
},
]
"state" = "AVAILABLE"
"time_created" = ""
"vcn_id" = "vcn-123"
},
]
"tool_systems" = [
{
"compartment_id" = ""
"defined_tags" = {}
"display_name" = "tool_systems"
"freeform_tags" = {}
"id" = ""
"route_rules" = [
{
"cidr_block" = ""
"description" = ""
"destination" = "0.0.0.0/0"
"destination_type" = "CIDR_BLOCK"
"network_entity_id" = "foo"
},
]
"state" = "AVAILABLE"
"time_created" = ""
"vcn_id" = "vcn-123"
},
]
}


The remote state is read in via a data sources called vcn.

I want to read the "id" attribute but this is nested within the cool\_systems, from this data source how do I access this nested element?

If this was flat, it would simply be

route_table_id = data.terraform_remote_state.vcn.outputs.route_tables.cool_systems.id

but that results in the following error.

| data.terraform_remote_state.vcn.outputs.route_tables.cool_systems is tuple with 1 element

https://redd.it/fsa69t
@r_devops

Showcasing my latest project: a Hacker News Who is Hiring aggregator

Hey r/devops,

I checked, and I don't think showcasing is against the subs' rules–apologies if it is.

During the Christmas break, I launched this Who is Hiring aggregator at [https://www.whoishiring.work](https://www.whoishiring.work/) ([source code](https://github.com/jerroydmoore/whoishiring.work)). Check it out and tell me what you think. I'm also [accepting feature requests, bug reports, and PRs](https://github.com/jerroydmoore/whoishiring.work/issues/new). Now, there are a few Who is Hiring aggregators out there already, but I didn't very much like their look and feel, and it was a great opportunity to practice my full stack + devops skills outside of work on a brand new project!

Now let's talk about the infrastructure. The frontend is a gatsbyJS project that is hosted on an S3 bucket. HTTPs was enabled via CloudFront. CloudFront + S3 hosting has a weird quirk about requiring the trailing slash in the URL, which was solved via a Lambda@Edge function. The data storage is an RDS instance; I had considered Aurora serverless, but they didn't support the version of postgres I wanted, and they weren't offered in the us-west-1. The backend is a nodejs expressjs application hosted in Lambda hooked up to API gateway. Another nodejs application loads the Who is Hiring data into the database every 15 minutes. Finally, last week, I've started adding everything is terraform. It's currently about half way complete.

Some of the design decisions I made about the infrastructure focuses on the backend and database choices. I do want to go serverless with the database, since the database is currently my largest expense ($209/yr for a db.t2.micro). For the backend services, I decided to write them in nodejs using expressjs, which is 100% compatible with lambda out of the box and requires a shim. However, this will allow me to transition from lambdas to ECS with very little ease if I ever need to. I didn't start with ECS, since you're paying for compute time even when there is zero traffic. Finally, I wanted to launch everything in a VPC, but I didn't want to pay for an NAT (minimum $420/yr).

Let me know what your thoughts are and feedback is always welcome!

https://redd.it/fs3k4w
@r_devops

I've been bored, jotted my thoughts down on cloud vendor lock-in

This article is more for the guys running SaaS products, not for people running corporate offices or cots products with small "development" teams.

Here's the article, but if you don't want to read it, I put the main take away below.

https://blog.kwnetapps.com/vendor-lock-in-on-the-cloud/

The main gist is this: Don't worry about vendor lock-in.

The main thing you can take away from the article is this:

> You are a race car team owner and manager. AWS cars and Microsoft cars run the same as normal cars, but they also support a few extra features not in normal cars. These features can make them faster, more convenient, and more reliable.

> You have some drivers, mechanics, pit crew, etc. and they are all experts with normal cars. So everything on AWS cars or Microsoft cars that makes the car work and function like a normal car is the same, and these guys can work on them and drive them. The extras they’ll learn as they continue to work on them, they’ll gain more expertise as time goes on.

> Now you need to decide.

> You can get AWS or Microsoft cars and stick with one brand. Then make sure your drivers and crew understand how to drive them and get the extra features out of them. Keeping up with the metaphor, let’s say those extra features are like automatic tire changes while driving, unlimited fuel, etc. Starting out you’ll do fine, driving the cars like normal cars, but as you learn the features you’ll start to blow your competition away.

> OR

> You can worry about AWS or Microsoft raising prices on your cars and parts. You decide to go with both to balance this risk and miss out on all those early wins in the series because your drivers and crew weren’t specialized. Hell, some of them were still putting the cars together when the races were starting, unless you decide to hire more crew.

https://redd.it/fsobh6
@r_devops

Terraform enterprise tutorial

Does anybody know of a good terraform enterprise tutorial?

I learn best by doing. I would love to see a step by step that I can follow along.

Even if it’s not enterprise, I’d still like to read about it..

https://redd.it/fsqjw8
@r_devops

Automatic docker mdns publishing for home networks

I've been looking for something to make the DNS setup easier for the containers at home. Since nothing obvious came up, I wrote a tool which can be used together with traefik to publish every name from the "Host" rules. No need to redirect a wildcard domain or setup static rules anymore.

Docker_mdns will monitor the containers starting/stopping and for each one with a configured traefik router, it will publish a corresponding hostname (most likely service_name.local) pointing at the current host on a chosen interface.

I've seen similar questions before, so hope other people will find it useful in home networks.
https://gitlab.com/viraptor/docker_mdns

(Requires avahi and NetworkManager)

https://redd.it/fspt07
@r_devops

I am looking for someone to teach me (med student) OpenCV using Python.

Hello!

&#x200B;

So as you can see from the title, it's quite an odd combination to be in med school and want to learn OpenCV. I know it's a bit too much to ask, but I haven't been able to find passionate + nice teachers in this image recognition stuff which I eventually aim to build a software with for a local hospital (I'm not getting paid for it- I volunteered to do it for a doctor because the medical problems being fixed are very close and mean a lot to me on a personal level), and it will save a lot of children from medical errors during surgery. If you love teaching, please teach me lol!! In turn, I'll teach you everything I can about my medical lectures if you'd like. I generally love teaching and have volunteered to teach people my medical lectures online before, which I found super satisfying, so I thought I might hit the jackpot with this post? Maybe? Hmmm maybe not?? I already know some Python btw, and have used it to build stuff before! It's just OpenCV I'm struggling with!

https://redd.it/fsjv1t
@r_devops

Top three?

If you were in a position where everything worked great and you could take a month to focus only on learning something knew or getting better at something, what would be your top three list? Devops focused, of course.

https://redd.it/fst02w
@r_devops

[question] cancelling oreilly subscription

Hey,

Apologise if this is the wrong place to ask this. Does anyone know if I cancel my oreilly subscription that I will still be able to login and view my saved playlists? My company provides free subscription so makes little sense to keep paying for my personal one - but I do have playlists/book favourites that I want to still be able to go back to for reference purposes. Thanks

https://redd.it/fsmbvb
@r_devops

Any good idea of a small project in Node or Django that are perfect for testing your ability to build devops infrastructure on top of them?

Any good idea of a small project in Node or Django that are perfect for testing your ability to build devops infrastructure on top of them? I am thinking a small RESTFUL API would do it, but I thought it would be too boring and maybe not the best thing you can build to test out your ability to build devops infrastructure and challenge yourself.

https://redd.it/fsoaf8
@r_devops

Spinnaker login page

Hi,

We are using Spinnaker on the company but we have some security issues when it comes to use it with SAML.

We can add permissions to applications so that each user on the group can see/modify or just see the applications

Question here is, is there any way to return an error when login using SAML? Right now everyone on the company can access Spinnaker. We would like to restrict access only to those authorized.

https://redd.it/fskpig
@r_devops

3 Problems With GitOps

I believe that GitOps is great relative to previous generations of approaches (specifically, CIOps).

However, GitOps doesn't solve all the problems. Particularly,


1. Git as a base is not fully auditable.
2. Business Approvals are tough since business people are not necessarily familiar with Git (unlike Developers / DevOps / InfoSec).
3. Versioning and Configuration Management - unless you are allowed to use latest and greatest version at all times, it is hard to keep track of all versions and configuration that go into Git source.


Wrote in more detail here: [https://worklifenotes.com/2020/03/31/3-problems-with-gitops/](https://worklifenotes.com/2020/03/31/3-problems-with-gitops/)

Would be interested in community prospective on this.

https://redd.it/fski89
@r_devops

Will the likes of Github actions and Gitlab replace certain DevOps jobs?

I have a feeling everything will become that user friendly in the future that developers will be able to setup their CI/CD process with ease.. Now I still think there will be DevOps roles that look at topics such as high availability but I feel cloud providers will make this process easier as well.

https://redd.it/fs2lsa
@r_devops

docker-compose command not found

[cross post]
Hi all,
I have two instances on AWS say I-1 and I-2. I-2 is running Jenkins server, I-1 an intended web server running docker container of my python Api. And I want to run docker-compose on I-1 from my Jenkins server.

Now when I execute docker-compose command from Jenkins server after SSH to I-1. I get docker-compose command not found error. I know I am missing small detail here. But help anyone?

BTW. I can execute docker command completely find. It's just the problem with docker-compose.

Troubleshooting.

1. Tried setting docker-compose path as environment variable in Jenkins script. Did not work.

#Resolved

https://redd.it/fs29y7
@r_devops

Monthly 'Getting into DevOps' thread - 2020/04

**What is DevOps?**

* [AWS has a great article](https://aws.amazon.com/devops/what-is-devops/) that outlines DevOps as a work environment where development and operations teams are no longer "siloed", but instead work together across the entire application lifecycle -- from development and test to deployment to operations -- and automate processes that historically have been manual and slow.

**Books to Read**

* [The Phoenix Project](https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/1942788290) - one of the original books to delve into DevOps culture, explained through the story of a fictional company on the brink of failure.
* [The DevOps Handbook](https://www.amazon.com/dp/1942788002) - a practical "sequel" to The Phoenix Project.
* [Google's Site Reliability Engineering](https://landing.google.com/sre/books/) - Google engineers explain how they build, deploy, monitor, and maintain their systems.
* [The Site Reliability Workbook](https://landing.google.com/sre/workbook/toc/) - The practical companion to the Google's Site Reliability Engineering Book
* [The Unicorn Project](https://www.amazon.com/Unicorn-Project-Developers-Disruption-Thriving-ebook/dp/B07QT9QR41) - the "sequel" to The Phoenix Project.
* [DevOps for Dummies](https://www.amazon.com/DevOps-Dummies-Computer-Tech-ebook/dp/B07VXMLK3J/) - don't let the name fool you.

**What Should I Learn?**

* [Emily Wood's essay](https://crate.io/a/infrastructure-as-code-part-one/) - why infrastructure as code is so important into today's world.
* [2019 DevOps Roadmap](https://github.com/kamranahmedse/developer-roadmap#devops-roadmap) - one developer's ideas for which skills are needed in the DevOps world. This roadmap is controversial, as it may be too use-case specific, but serves as a good starting point for what tools are currently in use by companies.
* [This comment by /u/mdaffin](https://www.reddit.com/r/devops/comments/abcyl2/sorry_having_a_midlife_tech_crisis/eczhsu1/) - just remember, DevOps is a mindset to solving problems. It's less about the specific tools you know or the certificates you have, as it is the way you approach problem solving.
* [This comment by /u/jpswade](https://gist.github.com/jpswade/4135841363e72ece8086146bd7bb5d91) - what is DevOps and associated terminology.
* [Roadmap.sh](https://roadmap.sh/devops) - Step by step guide for DevOps or any other Operations Role

Remember: DevOps as a term and as a practice is still in flux, and is more about culture change than it is specific tooling. As such, specific skills and tool-sets are not universal, and recommendations for them should be taken only as suggestions.

**Previous Threads**
https://www.reddit.com/r/devops/comments/fc6ezw/monthly_getting_into_devops_thread_202003/

https://www.reddit.com/r/devops/comments/exfyhk/monthly_getting_into_devops_thread_2020012/

https://www.reddit.com/r/devops/comments/ei8x06/monthly_getting_into_devops_thread_202001/

https://www.reddit.com/r/devops/comments/e4pt90/monthly_getting_into_devops_thread_201912/

https://www.reddit.com/r/devops/comments/dq6nrc/monthly_getting_into_devops_thread_201911/

https://www.reddit.com/r/devops/comments/dbusbr/monthly_getting_into_devops_thread_201910/

https://www.reddit.com/r/devops/comments/cydrpv/monthly_getting_into_devops_thread_201909/

https://www.reddit.com/r/devops/comments/ckqdpv/monthly_getting_into_devops_thread_201908/

https://www.reddit.com/r/devops/comments/c7ti5p/monthly_getting_into_devops_thread_201907/

https://www.reddit.com/r/devops/comments/bvqyrw/monthly_getting_into_devops_thread_201906/

https://www.reddit.com/r/devops/comments/blu4oh/monthly_getting_into_devops_thread_201905/

https://www.reddit.com/r/devops/comments/b7yj4m/monthly_getting_into_devops_thread_201904/

https://www.reddit.com/r/devops/comments/axcebk/monthly_getting_into_devops_thread/

**Please keep this on topic (as a reference for those new to devops).**

https://redd.it/ft2fqb
@r_devops

PacktPub is offering all programming workshops for free, redeemable through May 31st in light of current events

[Official Tweet Here](https://twitter.com/PacktPub/status/1245056013381726208)

For the record, ***I am not affiliated with PacktPub in any way***. A colleague shared this tweet with me today, and these workshops are a normally paid resource that is free for the next two months. I am not advertising this as a product, and I gain nothing from it. I just want to share a useful, currently free learning resource for programming with those who would benefit.

https://redd.it/ft0di1
@r_devops

Advice on deployment

Dev here, I don't know much about devops, wanted to ask the advice of this community:

How should I automate application deployment?

Right now my a personal project where I have to keep a certain application running 24/7 I do all deployment manually. I build on my local machine, scp the binary into the target machine, ssh into that machine, try to run the binary, if some libs are missing, trying to re-trace my steps when I originally installed them on my local machine. (For context, this is C++)

This is horrible. How do I automate this? At work I've seen people use Octopus (but that's mostly for windows, I'm developing for linux) and I really like the functionality and visual interface. Is there an analogous tool for linux that compiles, packages, and deploys into a target machine?

Thanks for the help

https://redd.it/ft0uh5
@r_devops

What should be logged on production API servers?

I'm currently only logging the most basic stuff on my API servers via stdout and stderr - anomalies and server errors.

Should I also be logging the metadata for each individual API requests (IP, request headers)?

What about about API responses? Should I also be logging those as well (probably not to stdout but something more secure)?

What are other things that I'm missing that I should be logging on production servers?

https://redd.it/fsyov9
@r_devops

Ansible 101 video streaming series

Hi everyone, I wanted to mention the YouTube streaming video series I started last week (and finished off Episode 2 this morning!), [Ansible 101 with Jeff Geerling](https://www.jeffgeerling.com/blog/2020/ansible-101-jeff-geerling-youtube-streaming-series) — in case you need something to fill a few hours, and help you learn a bit of Ansible, starting from the basics.

And, this was mentioned earlier in r/devops, but my two Ansible books [Ansible for Kubernetes](https://www.ansibleforkubernetes.com) and [Ansible for DevOps](https://www.ansiblefordevops.com) are currently free on LeanPub. If you get them free today, you'll get updates to both books as I publish them, free forever!

I especially hope this can help some people who may have been laid off or furloughed recently, to learn some new automation skills and maybe take a new path in their careers!

https://redd.it/ft7iw8
@r_devops