Automating deployments to multiple industrial factories (VPN, no cloud, no continuous connection)?

Hi, my team develops a service that is deployed to servers hosted in industrial factories: 1 instance of our app per factory. While we have good practices on the development phase (CI on Azure DevOps with a lot of automation), we're only dipping out toes into automatic deployments to production.

For those with similar experience, would you recommend any of the tools specialized in the task (Chef, Pupper, Ansible, SaltStack), or should we stick to custom scripts orchestrated by Azure DevOps pipelines?

Here's where we're at, at the moment:

* **keeping track of what's been deployed**, where and when: we have a poorly maintained spreadsheet. Knowing what's in production would greatly help us making the decisions that could impact our clients
* **heterogeneous infrastructure**: we do not own the infrastructure. All factories have a VPN, but with different sets of rules, bandwidth throttling, connection schedules restrictions, user accounts, server OS, etc. Today, we connect to the remote machines and manually deploy our .msi installers. Automating this process would mean turning the constraints of each factory into code.
* **configuration management**: the service we develop has a lot of configuration. Each factory needs a different config. Today, there's no track record of the configurations applied. We have to connect to the servers and read the configuration files. Migrating this config during a version update is a pain in the ass. It is 100% manual at the moment.
* **monitoring**: this is too soon to even think about it. That would require constant connection or very frequent connections. Most of our clients are too security frisky to allow that. We need to build a better trust relationship with them before we can consider monitoring.

Thanks for your help!

https://redd.it/fuq9nn
@r_devops

What tools can be used to enforce code styles in Terraform?

For example, we're trying to standardize on using snake_case for resource names. What tool would be good for this? I looked at [tflint](https://github.com/terraform-linters/tflint) but it doesn't seem to provide that functionality.

https://redd.it/fwrmd0
@r_devops

NEW AWS Certified Developer Associate course launch

Hi Redditors,

We're super excited to announce our brand new [video training course on Udemy](https://www.udemy.com/course/aws-certified-developer-associate-exam-training/?couponCode=LAUNCHSPECIAL) for the **AWS Certified Developer Associate certification**. This is the result of over 3 months of hard work and is the most comprehensive and up-to-date course for the AWS Developer Associate certification available today.

Even if you don't have any development experience, this course will prepare you to ace your exam. **Everything you need is included** to make passing this difficult exam easy for you.

The course includes:

• **25+ hrs of in-depth theory and hands-on labs**

**• 3+ hrs of exam-cram lectures**

**• 110+ quiz questions**

**• 65 exam-difficulty practice exam questions that are timed and scored**

**• 600+ slides (available for download)**

**• Exam-specific Cheat Sheets for every topic (online)**

**• Code snippets for hands-on labs are all provided**

Throughout the course, you'll learn through multiple methodologies including theory, visual and guided practical exercises. This will help you to develop deep knowledge and a strong experience-based skillset.

These are uncertain and challenging times at the moment. Now more than ever, it's essential to make sure you're preparing for your future and making sure you're ready for new opportunities.

The AWS Certified Developer Associate certification is a great addition to your resume and definitely a differentiator that can set you apart from the competition. Take action now and sign up to become an AWS Cloud Developer!

Secure your special launch offer and get this course for $9.99 only with [coupon code LAUNCHSPECIAL](https://www.udemy.com/course/aws-certified-developer-associate-exam-training/?couponCode=LAUNCHSPECIAL) (offer valid until April 12 2020). After April 12 you can use [coupon code UPSKILLNOW](https://www.udemy.com/course/aws-certified-developer-associate-exam-training/?couponCode=UPSKILLNOW)

HAPPY LEARNING,
Neal

https://redd.it/fwvusn
@r_devops

Using CICD to checkout a file from a repo, modify it and commit it back to that repo?

I have never worked with CI/CD; I am wondering if I can use it to automate my screen scraping and static site generating process. Here's my proposed process flow in Gitlabs:

1. Job runs @ 22:00 daily which triggers a screen scraping script in in *ScreenScrapingRepo*
2. Screen scraping script reads small amount of data and temporarily stores it
3. On completion, the job checks out a JSON file in another repository (*WebsiteRepo*)
4. That JSON file is modified to include the new data for today
5. File is committed back to repo
6. *ScreenScrapingRepo*'s job is now finished
7 *WebsiteRepo* has a build and publish job which triggers on commit
8. Because its data.json file has been modified, this build now includes today's data

The reason I need to write to a JSON file in *WebsiteRepo* is because I am using a static site generator which takes a JSON file as its data source.

I am unsure about is task #2 - where to store the data for that day before writing it to the other repo.

Is this a bad idea? Is there a better way to do this?

https://redd.it/fwufcv
@r_devops

I started a Medium tutorial series on how to write a Concourse Resource

I'm not a super great writer, so if it reads weird anywhere you can highlight a section and leave private notes. I'll fix things!

https://medium.com/@alexander.jansing/writing-a-custom-concourse-resource-overview-1ed6d2983e39

https://redd.it/fwwytz
@r_devops

Is there any way to launch some commands on each created node automatically when autoscaling in AWS EKS cluster ?

I have set an AWS EKS cluster and i could launch some commands on each node manually, but when it comes to autoscaling it would be irrelevant to run yourself those commands on each created node, so is there any way to execute automatically some initialization commands on each newly created node and just before scheduling any pod on it ?

https://redd.it/fwrlwo
@r_devops

Please give me some advice!

Hey guys I'm really trying to learn a lot about DevOps and I wanted to see if there were suggestions on books I should read? Topics I want to focus on are below. It is a crazy list but it is a goal of mine and I wanted to get some advice even if it isn't for everything on this list.

**DevOps**

* Docker
* Kubernetes
* Service Mesh
* Envoy
* Istio
* AWS
* S3
* SQS
* SNS
* SES
* KMS
* RDS
* DynamoDB
* CloudFront
* CloudWatch
* CodeBuild

**CI/CD**

* AWS CodeBuild
* Jenkins
* CircleCI
* Continuous Integration
* Continuous Deployment
* GitHub

**Testing**

* Unit Testing
* Test Mocks
* Integration Testing
* Stress Testing
* Javascript Test Tools
* Jest
* Mocha
* Cucumber
* Gherkin

**Logging**

* Kibana
* Elastic Search
* Log Stash
* AWS ELK

**Monitoring & Alerting**

* NewRelic
* RunScope
* PagerDuty

**Distributed Systems**

* Queues (AWS SQS)
* Event Bus & Pub Sub (AWS SNS)

**Architecture**

* Microservice Architecture
* Event Driven Architecture

**Security**

* JWT
* X509 Certificates 

https://redd.it/fwvzh7
@r_devops

[Blog] Securing remote dev teams - Feedback

There has been a huge surge in teams now working from home as well as an increase in bad actors trying to exploit vulnerabilities because of this.

I created a blog with some steps organizations can implement to keep their remote workforces secure. Be interested in getting your feedback

[8 Steps to keeping remote development teams secure.](https://blog.gitguardian.com/8-steps-to-keep-remote-work-secure/)

https://redd.it/fwjj6j
@r_devops

[Career advise] Potential job opportunity as first DevOps person on the team

Hi all,

So In all of this pandemic madness I find myself searching for a job and I have received a promising opportunity. I wanted to get some input/advise, without going into too much detail I have about 4 years experience in the DevOps space 6 years total. In my last role I was an SRE (until last week) and I really did love my last job but that ship has sailed. That brings me to where I am right now. The opportunity that I am looking into is is in the Healthcare industry (Toronto). I don't have all the details yet but from the job description and what I know from the recruiter all of the requirements are not far from what I was doing in my last role with the one big exception being I would be the first "DevOps" person on the team.

This puts me in an very interesting spot because at my previous company I found myself really taking a lot more ownership over tasks/projects and was leading a fairly large project (over 6 months) that evolved a lot of collaboration and close work with developers. It was one of my first big attempts at leading and based on feedback etc I was told that I nailed it. Most importantly, as stressful as it was I really did enjoy it.

When I heard about this opportunity I was really excited immediately followed by being nervous at the thought that I would be running the show in terms of owning Production, monitoring, DevOps practices etc. I anticipate getting an interview this week or next based on the feedback from the recruiter (I know its not a sure thing). It puts me in an interesting spot because I know if I were to get the role it would be a sink or swim kind of environment, but I feel like the potential experience and opportunity that could come out of this would be monumental for career growth and possible the next big step for me. I already have a big list of questions that I would have for the interview should I get it but this is where I would really appreciate input/advice/experiences that would give me some perspective on if this is really what I want as well as if I am ready for it.

I know that I don't even have an interview setup but even just the thought of this possible opportunity has got me really thinking about what direction I want to go in my career and even if I do not get the role or even an interview I think any advise would greatly help me in searching for what I am looking for next.

TL;DR

Got laid off due to COVID, Potential job opp as the first DevOps person at a new company, some experience in leading and looking for next big career move. What do?

Thanks!!

https://redd.it/fwm1pg
@r_devops

AWS Developer Associate - My Exam Experience

Want to learn more about the AWS Developer Associate exam? Then let me provide some feedback from my personal exam experience, and share some tips on how best to prepare for this exam. I'll also break down the AWS exam guide for you and provide some tips for what you need to study if you’re planning to take the AWS Certified Developer Associate (DVA-C01) exam.

Read the full article here:

[https://medium.com/@neal\_davis/aws-developer-associate-exam-my-experience-feedback-and-tips-437a8dcd46ff?sk=82bd0395db041757d9be915cb5b0692d](https://medium.com/@neal_davis/aws-developer-associate-exam-my-experience-feedback-and-tips-437a8dcd46ff?sk=82bd0395db041757d9be915cb5b0692d)

https://redd.it/fx1vad
@r_devops

Announcing the Compose Specification

Docker is pleased to announce that we have created a new open community to develop the Compose Specification. This new community will be run with open governance with input from all interested parties allowing us together to create a new standard for defining multi-container apps that can be run from the desktop to the cloud.

https://www.docker.com/blog/announcing-the-compose-specification/

https://redd.it/fwom8c
@r_devops

Building Software Engineering Skills

Hey everyone,

I come from a Sysadmin/Network Admin and have noticed that a lot of the SRE roles require Software Engineering experience and was curious what some of you that came from Sysadmin background did to get your feet wet in Software Engineering. It seems like the popular languages are Golang and Python. I also looked at Treehouse courses and Codeacademy courses but feel like those may not be enough? I want to level up in my career.

Any tips or advice? Thank you!

https://redd.it/fwk7ys
@r_devops

ArgoCD: Vulnerabilities and Mitigations

During a security review of Argo, I identified five vulnerabilities in ArgoCD’s web interface. Details for each issue are available in the link below:

https://www.soluble.ai/blog/argo-cves-2020

Two of the five issues have been fixed in yesterday’s v1.5.1 release. The three remaining issues have not yet been fixed and require manual mitigations if you are not using SSO for authentication.

https://argoproj.github.io/argo-cd/security_considerations/

https://redd.it/fwnxa1
@r_devops

xOps Terraform Accelerator Webinar

Hi! xOps is having a webinar for their new Terraform Accelerator this Friday. With everything locked down, it’s nice to have a way to meet new people and ask questions! If that’s something anyone would be interested in attending, let me know!

https://redd.it/fwlsog
@r_devops

Octopus deploy cant connect to nexus raw repository ?

All is in the title

I have a raw repository but impossible to connect with octopus deploy

https://redd.it/fwit0s
@r_devops

Any good project/script to port CircleCI config to Gitlab CI configs?

Hey folks, we are using CircleCI and it's serving us pretty well. However, we are planning to migrate to Gitlab (Don't want to maintain 2 different tools for CI and Version control).

I came across a few projects for porting CircleCi configs, but they are mostly outdated.

Thanks for any recommendation!

https://redd.it/fwhu9k
@r_devops

Stop Firing Developers

*Developers make mistakes.
*Engineering managers are there to try to catch those mistakes.
*CTOs are there to make sure that “enough” testing is done.
(Forwarded Quora Mark Harrison)
#developers #managers #hr #ctos #mistakes #machinelearning

https://redd.it/fwmjvm
@r_devops

Need help with BamBoo(CI/CD)

Can I use BamBoo REST APIs in a script(bash/python) to automate build for all the projects/plans/stages. So that I shouldn't use BamBoo UI for those plans/jobs individually.

If I can can someone share an example or guide me how to do that and if I am not in a right place to ask this, please let me know where to ask.

Thanks in advance

https://redd.it/fwfp02
@r_devops

NXRM3 (Sonatype Nexus Repository) REST API not working

I have a Java/maven project and using the nxrm3 to release the project (jar) into self-hosted NXRM3.

Sonatype Nexus Repository ManagerOSS 3.21.1-01

The maven settings to the repository is correct (I can upload jar manually and then use it as dependency on another project connecting to the private repository)

So now, I am trying to push an artifact to it with:

mvn -X -Preleases install nxrm3:staging-deploy -Dtag=test-123

It can't seem to connect to the repository REST API:

Failed to execute goal org.sonatype.plugins:nxrm3-maven-plugin:1.0.3:staging-deploy (default-cli) on project mycompany-nxrm3-test: Create tag was unsuccessful (404 response from server)

When I login to NXRM3 UI and see the logging, it reaches the server but it cant seem to find the REST API, the log shows:

20-04-08 23:12:08,780+0000 ERROR [qtp1174629612-161] *UNKNOWN com.sonatype.analytics.internal.filter.AnalyticsMeteringFilter - Error metering request RESTEASY003210: Could not find resource for full path: https://nxrm3.mycompany.com/service/rest/v1/tags/build-123
2020-04-08 23:12:08,787+0000 WARN [qtp1174629612-161] developeruser org.sonatype.nexus.siesta.internal.WebappExceptionMapper - (ID 7afbd1db-93c3-487c-a843-61fddcdd720c) Response: [404] (no entity/body); mapped from: javax.ws.rs.NotFoundException: RESTEASY003210: Could not find resource for full path: https://nxrm3.mycompany.com/service/rest/v1/tags/build-123
2020-04-08 23:12:08,846+0000 ERROR [qtp1174629612-148] *UNKNOWN com.sonatype.analytics.internal.filter.AnalyticsMeteringFilter - Error metering request RESTEASY003210: Could not find resource for full path: https://nxrm3.mycompany.com/service/rest/v1/tags
2020-04-08 23:12:08,848+0000 WARN [qtp1174629612-148] developeruser org.sonatype.nexus.siesta.internal.WebappExceptionMapper - (ID 4c9d157b-fe87-4964-827f-377355eb7512) Response: [404] (no entity/body); mapped from: javax.ws.rs.NotFoundException: RESTEASY003210: Could not find resource for full path: https://nxrm3.mycompany.com/service/rest/v1/tags

what am I missing?

https://redd.it/fxhrml
@r_devops

Elasticsearch and kerberos

Hey guys, has anyone implemented elasticsearch with kerberos? Any guide that I can follow or things to know before jumping into it? I'm a newbie in elasticsearch, I know kerberos though...

Thanks! be safe...

https://redd.it/fxcjbc
@r_devops

Anyone know of a Jenkins plugin to store credentials for AWS ?



https://redd.it/fxgulj
@r_devops