HASHICORP Vault - Entities created with name from ldap attributes with OIDC method

Hey guys,

just wanted to ask if anyone knows if it is possible, to configure Vault in a way, that after an successful SSO login of a new user (we are using OIDC) the entity, which is automatically created, gets the name from an ldap attribute (or attributes .... givenName & sn e.g)

​

Thanks and cheers,

​

Wurzelseppi

https://redd.it/gauwaq
@r_devops

I wrote a tutorial on deploying your Django app using Docker

Hello everyone!
I wrote my very first tutorial that covers almost everything about setting up a Django app using Docker containers, from building the app to setting up the database to configuring Nginx. This is written at a beginner friendly level with each step explained. Do check it out and provide feedback!

[How to Deploy your Django App using Docker](https://blog.bitsacm.in/django-on-docker)

https://redd.it/gaqp0k
@r_devops

HOw do I make sure a variable in helm isn't overridden?

I've deployed Concourse using the concourse/concourse helm chart with Vault integration. Within out overrides we have the approle id and secret id which I've set but not committed to git. How do I make sure that when the rest of the team are doing upgrade releases that value doesn't get overridden without committing it to git?

https://redd.it/garqr8
@r_devops

What do you wish you knew when you started your career in DevOps?

I feel like I have a good handle on this question because I've hired and trained 100s of DevOps engineers over the course of my career. Most of them were pretty junior when I hired them and were later able to be promoted or obtain senior jobs in other companies.

That said, I am not sure my experiences as an engineer, manager and executive covered all the possible spectrums of experience. Most of my time was spent in Silicon valley and I'm sure things are a bit different in other areas.

I created a course to teach aspiring DevOps engineers and I'm supplementing the material and fine tuning it now. If you wouldn't mind sharing, what do you feel like you were missing at the start of your career that would have helped you advance faster?

https://redd.it/gaqq03
@r_devops

I run completely free Engineering Bootcamps onTwitch!

Hey Everyone! I hope all is well. I'm dropping in to again to let you know the next round of bootcamps is starting this upcoming week! I'm starting up 3 new 8 week bootcamps next week and wanted to share in case any of you are looking to dive into any of these disciplines. They're completely free, and no signup is required. Just follow the [Twitch channel](https://twitch.tv/mastermndio), tune in and have fun!


\- Horizons: A Journey into Cloud Computing with AWS - Beginner
\- deCoded: A Journey into Software Engineering and Computer Science - Beginner
\- Pipelines: A Journey into Software Delivery, Automation and Infrastructure(DevOps/SRE) - Intermediate


Info for each can be found  [here](https://academy.mastermnd.io/journeys/)

Let me know if you have any questions and I hope to see you there!


P.S. The Intro to DevOps bootcamp we ran earlier this year can be found here at this playlist!
[https://www.youtube.com/playlist?list=PLleOCN2eBn8IhLAckXL0BWomad5lrhB8j](https://www.youtube.com/playlist?list=PLleOCN2eBn8IhLAckXL0BWomad5lrhB8j)

https://redd.it/gb6o1w
@r_devops

DevOps Days Conferences

Hi There! Have you attended a DevOps Days event? What are some of the outcomes you got from it?

I personally attended 3 editions, last year's in Baltimore and DC, this year in NYC. I supposed to give a talk in Baltimore last week, but due to the pandemic, the event was canceled.

Anyway, I like very much the format of these conferences with talks, ignites, and open spaces. And the food, of course!

As I started writing this year, I took the opportunity and wrote my outcomes and insights into this year's NYC event. You're welcome to read at:

[https://medium.com/devops-cloud-it-career/devops-days-new-york-city-2020-outcomes-and-insights-79d3bdf984e0](https://medium.com/devops-cloud-it-career/devops-days-new-york-city-2020-outcomes-and-insights-79d3bdf984e0)

I hope our new normal after this pandemic allow us to get back together to discuss DevOps in person! Meanwhile, let's do it here!

https://redd.it/gb4e9p
@r_devops

Why do people hate Jenkins? I just love it!

I believe that if you have a small ass app. Don't go for jenkins it's an overkill. But if you have an intense application with many pipeline stages, jenkins is fantastically powerful!

https://redd.it/gb37w6
@r_devops

Redis 6.0.0 stable is out and here the things we liked about it.

Redis 6.0.0 stable is out and here the things we liked about it. #redis #newrelease #technews #devops #sre

[https://www.learnsteps.com/redis-6-0-0-stable-is-out-and-here-are-the-things-we-liked-about-it/](https://www.learnsteps.com/redis-6-0-0-stable-is-out-and-here-are-the-things-we-liked-about-it/)

https://redd.it/gb1e6o
@r_devops

Preparing for the AWS DevOps consultant interview

This is with their Professional Services group. Should I prepare coding questions(Leetcode style) for the phone interview? I am confused about what to prepare. Please help

https://redd.it/gb13g9
@r_devops

Anyway to represent keys in redis in regex form?

I need to interact with redis using Python. The keys are in the form of strings such as "tenant/<tid>/site/<sid>" . Now when I make a get API call passing only the tid as a parameter, I need to get all possible keys related to the tenant which has different sid. I thought of writing a regex for this, is it possible. How do I go about this?

https://redd.it/gb0e29
@r_devops

ECS Task Failed

I am running an AWS ECS Fargate Service Task by AWS CI/CD.

Service Tas shows STOPPED status soon after starting up.

ECS Fargate > Service > Task status shows this message :

>STOPPED (Task failed ELB health checks in (target-group arn:aws:elasticloadbalancing:ap-southeast-1:xxxxxxxxx:targetgroup/test-tg/123456789))

How do you fix this ?

Is it an issue with health check settings in ECS Service ?
Or
Is it an issue with health check settings in ALB ?
Or
Is it an issue with health check settings in Target group ?

I am confused what to look at and where ?

https://redd.it/gb09hk
@r_devops

Octopus Deploy status to GitHub Commit

https://library.octopus.com/step-templates/fb3137e5-f062-4dcd-9a56-b15321072a21/actiontemplate-github-report-deployment

This is a new library step added in the new release of Octopus Deploy. I am wondering how this works, and how to add the $commit.CommitID from:
https://octopus.com/docs/projects/variables/system-variables#release-package-build-information

The Goal:
Octopus Deploy would Hopefully have a status on the commit of GitHub. If it deployed successfully, have the green check mark in GH. If not, the red X.

TeamCity has a very similar solution where it will send the build status of a commit or branch or pull request to that GitHub repo.

Does anyone use this plugin? How does it work?

https://redd.it/gb04k6
@r_devops

DevOps virtual events

My mind is a little numb after attending 12 DevOps related virtual events in the last 4 weeks. Currently on Deserted Island DevOps, the most unique twitch + animal crossing + discord format I have experienced. It's a blast but a bit of over stimulation. What event have you enjoyed the most? Or element from. Are we going to hit virtual event burnout?

https://redd.it/gaz69k
@r_devops

Current stack evolution advices

Hi guys, hope everyone is doing well with the lockdown !

I'm currently working on an app and had some questions about elements of my stack. Basically, I have a monorepo containing all my code separated in modules (back, front, common tools / types / helpers), from which I build some docker images. These images end up in Helm configurations that control my cluster. I have several configs (one for the monitoring, one for the vpn, one for the storage etc ...). I know that by using Helm I will be able to properly deploy changes to the cluster on my CD pipeline after all the possible tests are made on the commit / merge.

My issue right now is simple: Github Actions. The CI tool provided by github seems extremelly inconsistent to me.

The amount of outages that Github had in the last few months combined with all the possible errors in the CI make it my number one pain point in my stack.

What I currently do is simple, my first job installs the dependencies of all the monorepo. Dependencies are cached (so if lockfiles are not edited basically the install step will only call lifecycle methods and will not download anything). This greatly speeds up the pipeline and lets me properly separate steps. My issue now is that this cache is very unstable. Github will fail downloading its own cache way too often, making my whole CI fail everytime as dependencies are not fetched.

I am here today because I want to refactor my CI/CD pipeline. I am looking for the best platform that works in combo with Github (I cannot switch from github as our backlog requires us to use it, and because everything else except Actions works properly). All I need is a platform that is known for its reliability and speed, is able to communicate with github (status updates) and has a smart dependency management solution in the pipeline (caching that actually works or anything else).

Also I am looking for a good CD platform that offers more integration than just the ability to run jobs where I would download my helm / k8s cli and manually connect to my cluster etc (connect to k8s from the platform, interpret my helm / k8s configs etc).

The only solution that seems viable to me is Gitlab but when I try to setup a pipeline from an external repository, my github repo gets imported and it does seem like Gitlab is trying to make me use them as my VCS, which is not possible unfortunately.

What do you guys suggest as the best CI, CD or CI/CD platforms that would suite my need ?

Thank you for your time, and have a nice day :)

https://redd.it/ga76nh
@r_devops

This Week in DevOps - 2 new cloud regions and more

This week in DevOps – Another AWS region was opened in Milan, Private AKS clusters are now generally available on Azure and Digital Ocean announced a VPC offering. Google Cloud also announced a new region in Las Vegas while Hashicorp Consul Service on Azure has moved from private to public beta.

Has anyone tried the new Digital Ocean VPC yet?

You can read more here: [https://thisweekindevops.com/2020/05/01/weekly-roundup-may-1st-2020/](https://thisweekindevops.com/2020/05/01/weekly-roundup-may-1st-2020/)

https://redd.it/gbewhy
@r_devops

kustomize w/ skaffold: how to deploy several versions

Currently, I'm using [kustomize](https://kustomize.io/) + [skaffold](https://skaffold.dev/) in order to generate artifacts, build and deploy them.

My kustomize structure is really straighforward:

```
kustomize
├── base
│   ├── kustomization.yaml
│   ├── kustomizeconfig
│ │ ├── ...
│   ├── dev
│ │ ├── deployment.yaml
└── overlays
├── dev
│ ├── ...
└── prod
│ ├── ...
```

After that, using skaffold, I'm able to build and deploy them:

```
apiVersion: skaffold/v2beta1
kind: Config
metadata:
name: spring-boot-slab
build:
artifacts:
- image: covid-backend
profiles:
- name: docker
build:
artifacts:
- image: covid-backend
docker:
dockerfile: Dockerfile-multistage
- name: dev
deploy:
kustomize:
paths: ["kustomize/overlays/dev"]
- name: prod
deploy:
kustomize:
paths: ["kustomize/overlays/prod"]
```

So,

$ skaffold build --profile=docker --cache-artifacts=false -q | skaffold deploy --profile=dev --build-artifacts -

Would generate:

deployment.apps/dev-covid-backend created

And using

$ skaffold build --profile=docker --cache-artifacts=false -q | skaffold deploy --profile=prod --build-artifacts -

Would generate:

deployment.apps/prod-covid-backend created

I facing with I'm only able to deploy two deployments (one for each overlay), one for `dev-deployment`, and the other for `prod-deployment`.

Currently, each overlay will generate an `DeploymentConfig` with name `dev-deployment`, and `prod-deployment`. Each generated deployment would be linked to an image version, and when it's deployed, pods would be replaced all for the ones.

But what about if I would need to rollout several versions at the same time, say `0.0.1`, `0.0.2`, `0.0.3` into `dev`? What I would to do... create an overlay per version? I think it's not a solution.

I hope I've explained so well.

https://redd.it/ga5tjg
@r_devops

Blog post: Building with Terraform: Azure Windows VMs

Hey guys, I just wrote a shiny new Azure blog post you may enjoy on the ATA blog. I'm starting to really use Terraform a lot and decided to start writing about it. So far, it's soooo much better than ARM templates!

Summary: Learn how to get started with Terraform by creating an Azure VM in this step-by-step tutorial.

https://adamtheautomator.com/terraform-azure/

https://redd.it/gbjnmc
@r_devops

Monthly 'Getting into DevOps' thread - 2020/05

**What is DevOps?**

* [AWS has a great article](https://aws.amazon.com/devops/what-is-devops/) that outlines DevOps as a work environment where development and operations teams are no longer "siloed", but instead work together across the entire application lifecycle -- from development and test to deployment to operations -- and automate processes that historically have been manual and slow.

**Books to Read**

* [The Phoenix Project](https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/1942788290) - one of the original books to delve into DevOps culture, explained through the story of a fictional company on the brink of failure.
* [The DevOps Handbook](https://www.amazon.com/dp/1942788002) - a practical "sequel" to The Phoenix Project.
* [Google's Site Reliability Engineering](https://landing.google.com/sre/books/) - Google engineers explain how they build, deploy, monitor, and maintain their systems.
* [The Site Reliability Workbook](https://landing.google.com/sre/workbook/toc/) - The practical companion to the Google's Site Reliability Engineering Book
* [The Unicorn Project](https://www.amazon.com/Unicorn-Project-Developers-Disruption-Thriving-ebook/dp/B07QT9QR41) - the "sequel" to The Phoenix Project.
* [DevOps for Dummies](https://www.amazon.com/DevOps-Dummies-Computer-Tech-ebook/dp/B07VXMLK3J/) - don't let the name fool you.

**What Should I Learn?**

* [Emily Wood's essay](https://crate.io/a/infrastructure-as-code-part-one/) - why infrastructure as code is so important into today's world.
* [2019 DevOps Roadmap](https://github.com/kamranahmedse/developer-roadmap#devops-roadmap) - one developer's ideas for which skills are needed in the DevOps world. This roadmap is controversial, as it may be too use-case specific, but serves as a good starting point for what tools are currently in use by companies.
* [This comment by /u/mdaffin](https://www.reddit.com/r/devops/comments/abcyl2/sorry_having_a_midlife_tech_crisis/eczhsu1/) - just remember, DevOps is a mindset to solving problems. It's less about the specific tools you know or the certificates you have, as it is the way you approach problem solving.
* [This comment by /u/jpswade](https://gist.github.com/jpswade/4135841363e72ece8086146bd7bb5d91) - what is DevOps and associated terminology.
* [Roadmap.sh](https://roadmap.sh/devops) - Step by step guide for DevOps or any other Operations Role

Remember: DevOps as a term and as a practice is still in flux, and is more about culture change than it is specific tooling. As such, specific skills and tool-sets are not universal, and recommendations for them should be taken only as suggestions.

**Previous Threads**
https://www.reddit.com/r/devops/comments/ft2fqb/monthly_getting_into_devops_thread_202004/

https://www.reddit.com/r/devops/comments/fc6ezw/monthly_getting_into_devops_thread_202003/

https://www.reddit.com/r/devops/comments/exfyhk/monthly_getting_into_devops_thread_2020012/

https://www.reddit.com/r/devops/comments/ei8x06/monthly_getting_into_devops_thread_202001/

https://www.reddit.com/r/devops/comments/e4pt90/monthly_getting_into_devops_thread_201912/

https://www.reddit.com/r/devops/comments/dq6nrc/monthly_getting_into_devops_thread_201911/

https://www.reddit.com/r/devops/comments/dbusbr/monthly_getting_into_devops_thread_201910/

https://www.reddit.com/r/devops/comments/cydrpv/monthly_getting_into_devops_thread_201909/

https://www.reddit.com/r/devops/comments/ckqdpv/monthly_getting_into_devops_thread_201908/

https://www.reddit.com/r/devops/comments/c7ti5p/monthly_getting_into_devops_thread_201907/

https://www.reddit.com/r/devops/comments/bvqyrw/monthly_getting_into_devops_thread_201906/

https://www.reddit.com/r/devops/comments/blu4oh/monthly_getting_into_devops_thread_201905/

https://www.reddit.com/r/devops/comments/axcebk/monthly_getting_into_devops_thread/

**Please keep this on topic (as a reference for those new to devops).**

https://redd.it/gbkqz9
@r_devops

Blog Post: Yes! You do need MicroServices!

There was an article trending on Medium bashing microservices recently and instead advocating for the monolith. As a DevOps Architect, I've only ever had to cut corners when it came to working with monolith applications. [So I wrote a response to it here.](https://medium.com/devops-dudes/yes-you-do-need-microservices-c38be2c7cd4?source=friends_link&sk=c27f5b0fbb115e290a829c9dfa763f78)
What does the DevOps at large community think about microservices?

https://redd.it/gbpicy
@r_devops

GitFlow for multiple environments

I have a pretty typical Gitflow Continuous Deployment setup going.

develop -> dev.company.com
release/* -> release.company.com
master -> us.company.com

My question is, what can I do for multiple production environments. I have a US and EU deployment, and will end up with multiple US environments shortly.

I’m not keen on having dedicated branches for each of my US and EU environments.

Looking to see what other folk have come up with for this.

https://redd.it/gborcs
@r_devops

What are containers used for?

Hi,

currently I am a trainee at a IT company that creates software. However, I am not working with developers but with the sysadmins.

I think I have a basic understanding of what containers are. But I cant get my head around when to use them.
We in the sysadmin team are hosting all our applications on VMs in a vCenter. All of the VMs have a single job to do and nothing else runs on them.

But as said I can't imagen a real live scenario when to use containers. I am not a developer I only write some scripts here and there.

&#x200B;

* What applications are you deploying in a container?
* I've read that containers should not be used permantently. So you should not use a container to run nginx in it for the companies website?
* I often read that VMs are outdated, since they are too slow to deploy and to heavy for some/ most applications. But this somehow clashs with the point of temporarily containers, does it?
* Lets say you DO use containers on a permanent base. How do you keep track of them? In vCenter I have a list of VMs and its all good (+ monitoring).
* When you use multiple containers for productive applications and the VM somehow fails - isn't that a huge risk?
* Are containers purly targeted for developers who are testing something quickly and then destroy the container afterwards?

Sorry for the questions but as mentioned we basicially don't use containers at all. Only a few but thousands of VMs in a vcenter.

&#x200B;

Thank you all - have a nice weekend :)

https://redd.it/gbooj5
@r_devops