Free intro to Linux commandline/server course starts Monday 7 December

This course has been running successfully now every month since February 2020 - more detail at: https://LinuxUpskillChallenge.org - daily lessons appear in the sub-reddit /r/linuxupskillchallenge - which is also used for support/discussion.

Suitable whatever your background, and aims to provide that "base layer" of traditional Linux skills in a fun interactive way.

https://redd.it/k0hw1v
@r_devops

What is the NAT device for virtual machines?



>The NAT device acts as a DNS server for the virtual machines on the NAT network. Actually, the NAT device is a DNS proxy and merely forwards DNS requests from the virtual machines to a DNS server that is known by the host. Responses come back to the NAT device, which then forwards them to the virtual machines.
>
>If they get their configuration information from DHCP, the virtual machines on the NAT network automatically use the NAT device as the DNS server. However, the virtual machines can be statically configured to use another DNS server.
>
>The virtual machines in the private NAT network are not, themselves, accessible via DNS. If you want the virtual machines running on the NAT network to access each other by DNS names, you must set up a private DNS server connected to the NAT network.


The NAT device is the router in my home network, right? Then is the NAT device for my virtual machines always the router? The DHCP is a server from my Internet Provider, right? Then it means that the router is used as the DNS server? If I have a docker swarm running, and I use my router as the DNS server, then my router uses the name of the containers to attribute an IP address to the docker containers dynamically through DHCP, then it means that my router uses a NAT server from Google or other providers to set the IP addresses of my docker containers? If I don't use DHCP and uses static IPs, it means my docker containers don't use a DNS server (router in this case) to resolve their IP addresses? Do all docker containers using a DNS are connected to the Internet then? Did I understand everything correctly?

https://redd.it/k0k4x7
@r_devops

What's the REAL reason to add country_name, organization_name, etc to a CSR?

Since I can create a CSR and get a Lets Encrypt SSL without adding location, email, and company info to a CSR, then what is the real benefit of adding these values?

If it is just so that the info is in the SSL for users to look at, who really goes through SSL's and looks up that info?

https://redd.it/k0ga8p
@r_devops

Automating AWS and Google Cloud

We've been working on a product that automates cloud infrastructure from provisioning to deploying, scaling, and securing APIs and UIs in minutes.

As a software engineer, I've always been frustrated with the current solutions for deploying products in the cloud whether that is AWS's web console, CloudFormation, Terraform, etc. It's manual, tedious, time consuming and requires expert knowledge.

We started with automating AWS and Google Cloud Platform and making it a lot simpler to deploy, scale and secure a cloud infrastructure.

I would be interested in some feedback and see what others have in mind that we could make the cloud even simpler.

Oatfin: [https://oatfin.com](https://oatfin.com/)

Demo: [https://vimeo.com/470214984](https://vimeo.com/470214984)

https://redd.it/k07fyp
@r_devops

Tired of the AWS Console? Check out Vantage

Are you tired of the AWS web console? So was I....which is how I stumbled upon this and thought I'd share it here. The website is https://vantage.sh/ and they seem to be low key with it right now but are building an alternative to the AWS web console.

I've been using it for a few weeks and they're making good progress despite functionality being light. I hadn't seen any mentions of this on /r/devops and would be curious to see what others thought.

https://redd.it/k0meuu
@r_devops

DevOps engineer that has fully invested into Apple ecosystem: stick to MacOS or switch to Linux?

Hi,

as implied by the title, what would you recommend to a DevOps engineer that has heavily invested in Apple ecosystem (iPhone, iPad, Airpods Pro), and that is in search of a new "top in class" laptop (i.e. 32gb ram, powerful cpu, etc. etc.)?

Principal activities are: managing containers, VMs, working in cloud envitonments, and trying new things in the CI/CD space

Linux is clearly a better platform, and the new Dell XPS 13 9310 seems like a perfect choice...and i say this while typing on a 2019 Dell XPS 13, that has served me very well.On the other hand, a shiny new Macbook is on the other hand a very powerful machine, and one could gain the benefits of the Apple ecosystem.

https://redd.it/k08lti
@r_devops

Deploy Docker Compose from different repositories

I have 3 separate repositories, which contains API, web app, and Admin projects. All 3 runs on a Digital Ocean docker machine, and I deploy the 3 using docker-compose (I want to keep things simple).


Every time a push to master with a tag happen, GithubActions build each separate project and publish a docker image (with the corresponding tag), and then I manually launch \`docker compose up -d\`. The docker compose file point to the latest version of each image, so it get automatically reloaded and launched.


Is there a better way to automatically reload the docker compose from GitHub Actions? I ideally want that each time a repository build an image and push it to the registry, the docker compose automatically reload.

https://redd.it/k0nrpm
@r_devops

What do you think of Flux CD v2?

Initially, I was confused with the changes (rewrite) of Flux v2. I even claimed that it does not support multi-environment in the same cluster setup (unlike multi-app support). Nevertheless, after digging more through not-so-good docs, I realized that it does everything I need it to do, and more. So, I created a video about the experience.

​

\>> Video: [https://youtu.be/R6OeIgb7lUI](https://youtu.be/R6OeIgb7lUI)

​

What do you think? Do you prefer Flux v2 or Argo CD? Are you applying GitOps principles?

https://redd.it/k076ct
@r_devops

How I setup my Kubernetes CI/CD pipeline for deploying my spring boot application

Being fairly new to Devops and going through the basics of Kubernetes, I wanted to setup the pipeline which automate the deployment of my Spring Boot application inside kubernetes cluster

And this how it achieved it

1. **Setup Kubernetes cluster** \- When it comes to learning new stuff I like to setup everything from scratch and prefer to have everything running on my laptop. Here are the list of thinks which you need if you want to run Kubernetes cluster on local development machine
1. **Virtual Box** \- This is the first tool you need to install if you are trying to setup your kubernetes cluster
2. **Vagrant** \- I love vagrant and its simplicity, you just need to define

​

Vagrant.configure("2") do |config|
config.vm.define "jenkinsserver" do |jenkinsserver|
jenkinsserver.vm.box_download_insecure = true
jenkinsserver.vm.box = "hashicorp/bionic64"
jenkinsserver.vm.network "forwarded_port", guest: 8080, host: 8080
jenkinsserver.vm.network "forwarded_port", guest: 8081, host: 8081
jenkinsserver.vm.network "forwarded_port", guest: 9090, host: 9090
jenkinsserver.vm.network "private_network", ip: "100.0.0.1"
jenkinsserver.vm.hostname = "jenkinsserver"
jenkinsserver.vm.provider "virtualbox" do |v|
v.name = "jenkinsserver"
v.memory = 2048
v.cpus = 2
end
end

config.vm.define "k8smaster" do |k8smaster|
k8smaster.vm.box_download_insecure = true
k8smaster.vm.box = "hashicorp/bionic64"
k8smaster.vm.network "private_network", ip: "100.0.0.2"
k8smaster.vm.hostname = "k8smaster"
k8smaster.vm.provider "virtualbox" do |v|
v.name = "k8smaster"
v.memory = 2048
v.cpus = 2
end
end


config.vm.define "k8sworker" do |k8sworker|
k8sworker.vm.box_download_insecure = true
k8sworker.vm.box = "hashicorp/bionic64"
k8sworker.vm.network "private_network", ip: "100.0.0.3"
k8sworker.vm.hostname = "k8sworker"
k8sworker.vm.provider "virtualbox" do |v|
v.name = "k8sworker"
v.memory = 2048
v.cpus = 2
end
end
end

3. **Kubespray -** They have done really good job at automating the kubernetes cluster setup using ansible. I would recommend to use kubespray, if you are a newbie like me to setup kubernetes cluster. Here is the lab session where i setup my own kubernetes cluster - [Lab session Demo](https://youtu.be/7dG3vZFjQsE)

4. **Docker** - Since you are working with Kubernetes then you must need Docker because kubernetes is Container orchestration tool. So go ahead and install docker on your local development laptop not in virtual machine

5. **Spring Boot Application** - Now after setting up kubernetes cluster now you need to have an application which you want to deploy inside kubernetes cluster. So I am using **Spring Boot Application**. You can do [Git Clone](https://github.com/rahulwagh/springboot-with-docker) .
In the Git Repository you will find the **Dockerfile** along with **docker-compose.yaml**, which you can user to build your Docker image of spring boot application.

6. **Push Spring Boot to Docker Hub** - Now you got your Spring Boot Application and its time to push your application into Docker Hub. Follow this [Lab Session](https://youtu.be/DFuxCSI4ktY)

7. **Install Jenkins** - Now you need to install Jenkins on the VMs. I prefer to install it on **amaster**(ansible node). Refer to this article [Install jenkins](https://jhooq.com/ci-cd-jenkins-kubernetes/#3-install-jenkins-on-your-jenkinsserve)

8. **Pipeline setup** - This is last step and it is going to be the long one but I prepared a [lab session](https://youtu.be/TPMUxsRI1OA) so that it is easy to understand.

Its

been an daunting task to make everything work smoothly but it was so fun to work with all the nitty gritty of the DevOps CI/CD ecosystem.

https://redd.it/k00vtc
@r_devops

Envoy 426 HTTP Issue

Hi Chaps,

I've created Frontent App and Backend app using envoy as sidecar for service mesh.

When I request frontend for backed I get the following directly from envoy:

**http/1.1 426 upgrade required**

Both frontend and backend are Nginx based.

Any ideas ?

https://redd.it/k0ooaw
@r_devops

Good Open-Source APM tool for php application

Hi Guys

From a long time I'm unable to find a good and easy to setup APM tool for our php application.

I tried using paid tools (new relic, dynatrace, elastic APM), but they'll all end up high cost at the end.

So i'm looking to implement a solution which should be an open-source and should be having good documentation to study with php support. Our application runs on cake php 5.6 (i know it's outdated, but no option to upgrade for now)

So please suggest me something to start. I'm confused by googling this as it shows every tool out their. Not sure where to go now.

https://redd.it/k0mm6n
@r_devops

Technical books that you actually like (all books WILL be read)

Does anyone have any?

I've read a whole bunch, but the only ones I can think of that I've actually liked are:

* K&R's The C Programming Language
* Learning From Data
* The DevOps Handbook

https://redd.it/k0jzpi
@r_devops

How should I keep my DevOps Telegram channels interesting yet less noisy?

I started a Telegram channel sometime back to post interesting SRE, DevOps and DevSecOps updates. I mostly share about new new tools and technologies in the market that could be used in your DevOps work. I initially started it as a platform to make notes for myself and soon learned that others also needed it as much. I have about 500 subscribers now. I was not aware of Telegram's channel analytics feature and recently got to know about it. As I checked the graphs, I realized that only 55% on the subscribers were actually viewing the posts actively. All others mostly muted. Also if I posted more than 4 updates in a day, the number of "mutes" would go high on that day.

How do I keep the channel interesting, yet engaging? The question is more about, As a DevOps engineer, what kind of post would keep you more interested and engaged if you were subscribed to one such channel?

I thought of creating a poll and asking in the channel itself, but again those who actually muted the notification would never vote.

https://redd.it/k0io8k
@r_devops

10k Emails

Alright, I need to register 10k emails. Any script for that or I need to do it manually?

https://redd.it/k0elv6
@r_devops

What happens when we deploy multi stage dockerfile,will it be running a single container or multiple containers??

Multistage dockerfile

https://redd.it/jzy1zw
@r_devops

How to handle regular spikes in requests?

I have an app which could probably run on Heroku for $50/mo with normal traffic, but I have a few endpoints listening to webhooks and those will get absolutely slammed with tens of thousands of requests when a customer does a batch update. I have basically just been throwing money at the problem but I’m searching for a better solution. I’m not much of a devops person. Could anyone suggest some typical solutions for something like this? I’m willing to move off Heroku.

https://redd.it/jzwd48
@r_devops

Test-move traffic from one domain to another a short while, SSL-question

We need to test-run a domain at another hosting company for 30 minutes. The site is ofc https/ssl, and I wonder if I can order a Let'sEncrypt from the new hosting control panel, or will it somehow interfere or disable the original servers SSL certificate for the same domain? I need to point the traffic back after 30 minutes, and don't want anything to break.

They use DNSSEC. Is there anything more to it than just changing A-records?

We will change DNS service to Cloudflare, is there anything I need to think about because of DNSSEC, or just change NS-records with the registrar like usual?

https://redd.it/jztm3k
@r_devops

DevOps being a blocker?

I just got some complaints that DevOps and my pipelines are blocking developers code... I’m not sure how to feel, we are the only team in the company that deploys 4000+ a sprint, and a recent issue with a production roll out was caused by multiple code errors by the development team (which they still blamed us...).

How do you deal with this? Are my code coverage checks and quality gates stopping development from being good developers?

Anyone else have similar experiences?? I’m fuming right now because of the amount of time I’ve spent writing and designing systems for all of this is being called a “rusted engine”.... Maybe I am at fault, I should sharpen up.

https://redd.it/jzlhmu
@r_devops

Free Project Tracking Software

Hi everyone. I hope you are doing well given current Covid-19 epidemic.

Recently I came with idea to search and find possible free alternative to Jira for my company project tracking. Jira is very good software but cost a fortune and it is slow at times.

My company have close to 50 employees and we are growing relatively fast.

What is the best free alternative to Jira? What your company is using for project tracking ?

https://redd.it/k0zi6q
@r_devops

Is DevOps another business management method?

I recently came across FinOps as a cloud financial management approach and am now somewhat confused by DevOps seemingly plural meanings.

Are there additional cloud business management methods like DevOps and FinOps?

https://redd.it/jzpe17
@r_devops