how did shopify, wix and any other companies that offer services handle their client sites / the server

Hi guys
just wondering, how did shopify, wix and any other companies that offer services handle their client sites / the server,

limiting each client maximum traffic,

and also how they handle increasing client

i need to see advice from you guys, thanks

https://redd.it/k0ufba
@r_devops

Junior DevOps Engineer, recommended learning to advance my career?

I've been an infrastructure engineer for the past 6 months, I manage Jenkins pipelines for our developers and many linux servers. Its been quite rough since I was new to pretty much everything, just had some basic linux skills so had to get lots of help with every issue from other engineers.Because of the holidays I have time to take some courses and can really ramp up my skills.

I'm lucky to have access to [linuxacademy.com](https://linuxacademy.com), a few Linux Foundation courses, and O'reilly courses.I need to get good at Bash Scripting, Linux in general, and writing Groovy scripts for Jenkins pipelines.Example course: [system admin guide to bash scripting](https://linuxacademy.com/cp/modules/view/id/72?redirect_uri=https://app.linuxacademy.com/search?query=scripting), [Oreilly Jenkins course](https://learning.oreilly.com/videos/practical-jenkins/9781788398749/)

I have about 2 weeks to deep dive into any topic, so I want to make sure I'm taking the best courses. We also use a lot of Redhat products so RHCE could be something of interest. I'd also like us to move to an automated setup with Terraform, Ansible and Jenkins all working together so all these skills could be useful. Thanks for any suggestions.

https://redd.it/k0w2if
@r_devops

Terraform config

Hello I’m quite new to terraform and devops as well. I would like to know the buildspec file for terraform. You can even provide resources or links or some documentation on terraform related buildspec.

Thanks in advance 🙌🏻

https://redd.it/k0zm0p
@r_devops

Does scaling depends only on load/ traffic in cloud?

Does scaling only depend on increase of traffic or load of a resource or can scaling depends on other needs?

Are there any other reasons to scale an application on cloud?

I’m new to the entire cloud computing autoscaling paradigm.

https://redd.it/k0v00c
@r_devops

USING DOCKER CONTAINERS TO RUN ANSIBLE AND TERRAFORM CODE

Hello everyone, I think this is my first post on here so go easy as I'm relatively new. I'm part IT, part programmer at my company

I notice we are using a specific ansible server with an ansible user to run playbooks against our environment, and we are just starting to adopt Terraform for creating infrastructure in our cloud environment (mostly Azure with a bit of AWS). We are thinking of how we want to deploy these Terraform Modules we are building.

I had the idea to completely scrap using a VM to run off of and also not rely on something like Azure Automation runbooks (which is platform specific), but instead to create a quick Ubuntu docker container, configure the OS how we want it with scripts, do my ansible/terraform installs, authenticate myself as admin, and run my playbook/module against whatever environment (be it QA or Prod). After running the change against the environment we are going to delete the container and poof everything is gone and we dont need to manage servers. This would also allow us to pivot between cloud providers and switch to something more "microservice" related.

Is this a standard approach? I'm trying to stay away from spinning up machines to tend to and I just want to use our Git, and our local machines if possible relying on IAM and MFA for authentication.

Is there a better practice for what I'm trying to do? are there some common pitfalls I'm going to encounter when I try to explore this path? I'm trying to see if someone has thought to use this approach for my purposes before and
has some advice. Sorry in advance if the question is formulated poorly or isnt clear enough!


Edit: sorry for the caps lock title, I'm not sure how I can edit that as it would not let me enter normal caps when I created the post.

https://redd.it/k16beo
@r_devops

CircleCI

Hi

​

We're considering moving from Jenkins to either GitLab or Circle CI - looking at Circle CI a bit more - it feels like it is a straight replacement for Jenkins (e.g. no static code analysis, no artifactory/maven repository, no container registry etc.). Is that a fair comment?

Also, anything you'd say makes CircleCI shine above all else for Jenkins 2.0?

Seems like GitLab is heading more to be the the one-stop shop for everything.

https://redd.it/k0qi6t
@r_devops

Can't remember website for pre-screening DevOps candidates

I came across a site and have since lost it in which you could send job candidates randomized tests based on specific subject matters including DevOps. We have a huge pool of candidates with very impressive resumes and are keen to narrow the field with a basic DevOps competency test.

Does anyone know of any sites that accomplish this, or even better, does anyone actually use one themselves?

https://redd.it/k1f446
@r_devops

Which of these types of monitoring do you most frequently use?

I'm assuming that "most frequently use" closely matches "find most valuable".

If you find some other types of monitoring tools more valuable, please share in comments. Thank you!

​

[View Poll](https://www.reddit.com/poll/jzod1i)

https://redd.it/jzod1i
@r_devops

Any of you guys recording gaps and drift in their infrastructure?

You are not alone ;)
Sharing [a link to this article about infrastructure drift](https://driftctl.com/?utm_source=reddit&utm_medium=reddit&utm_campaign=reddit) for those interested
Happy to discuss the topic

https://redd.it/k1gxrx
@r_devops

On Average, Do Devops guys get paid better than developers for the work they do?

It seems like the devops job is relentless compared to a normal developer. Do they get paid enough for the work they do?

https://redd.it/k1gsx2
@r_devops

DevOps Professional looking for next move

Happy Thanksgiving y'all.
I have 2+ years under my belt FullTime + Internship and I am looking to make a change. What salary should I be targeting?

**Skills**
* Python
* AWS
* CI/CD

Anyone here got an offer recently? Could you please share details? Thanks

https://redd.it/k1jgar
@r_devops

Serverless Vs Serverless on kubernetes

At this point in time how easy is Serverless on kubernetes (kubeless, keda, openfass) when compering to "traditional Serverless " (i.e lambda and the like).

I want my local development environment to be as close to production as possible,It seems like Its easier to do it with K8s (just install the production helm chart and play with it locally).

however solutions such as lambci also exists (what about step functions?).

Which option will enable the quickest deployment and the least amount of maintenance?

https://redd.it/k1i9vf
@r_devops

Multi-channel notifications

I need something that can send notifications and alerts to a series of devices based on escalation rules. For example, first message is a push notification (to Pushover or similar) and if that doesn't get a response of some sort then it would escalate to another channel, perhaps including Slack or Google Chat, SMS, telephone calls, etc.

I know that PagerDuty does exactly this and it's what I'm currently using. However, it's quite expensive for my use case, but worse it's overly complex. I don't need incident management, ultimately I just want a simple means of delivering a short message to one or more people with an escalation until it gets a confirmation. Surely this isn't an uncommon requirement? What do others do?

https://redd.it/k1hkd5
@r_devops

Trying to understand a new position

I have an interview with a Fortune 500 and I'm trying to understand what they're actually looking for. They're asking for a cloud engineer on paper, but are actually looking for a a solid network engineer who has automation experience. This is a big box retailer, they're using Google Cloud and AWS as far as I can tell. However, their main focus in my prelim interview was on BGP, EIGRP, and Ansible.

They did specify they wanted someone with BGP peering experience, specifically in GPC. Based on what limited info I have, does this position sound similar to what anyone else is doing? Is anyone working with similar technologies who can speak to the day to day work?

Thanks!

https://redd.it/k1h7o3
@r_devops

is: njrat, nuclear-rat and xtremerat a industry wide program?

I dont know any thing about the programs in the title, but when i was looking on shodan for sites i noticed quite a lot of sites had these programs.

https://redd.it/k1h387
@r_devops

Need some help understanding Terraform lifecycle rules

I'll try to give some background, we're deploying a Grafana instance via Terraform and GitLab CI/CD Pipelines.


The first time the pipeline runs the instance loads perfectly and we can access the grafana UI in a web browser. HOWEVER, if we then re-run the pipeline with changes, we will get a HTTP 500 error when trying to hit the grafana UI in a web browser again, every 'even' number run (2, 4, 6, 8, etc.) will cause this issue but the 'odd' number runs work fine.

​

I've found the fix to be to add 'ignore\_changes' block to the ASG, ignore changes to the loab\_balancers and target\_group\_arns - as is recommended by Terraform ([https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling\_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/autoscaling_group))


However I'm struggling to understand what the implications of this change actually are, why does this fix the issue? I've had a Google to try and find some explanation but I can't say I understand any that I've read.


Could anyone help explain what adding these lifecycle rules to the ASG actually do?

https://redd.it/k1ctjg
@r_devops

Automate NGINX Unit with Ansible

Almost half a year ago, we found ourselves migrating from uWSGI to the NGINX Unit application server. And because there was no Ansible content available at the time to help us automate deployment, we had to write our own.

Our initial plan was to create a minimalistic Ansible Collection that only contained an installation role. But we had to change our course of action when we realized there is no such thing as a NGINX Unit configuration file. Therefore, we created a new Ansible Collection that contains a few modules for managing different parts of the NGINX Unit configuration. Luckily, we are experts in developing Ansible Collections, so this was a no-brainer for us ;)

And the best part? You can use it too since we decided to release it as an Open Source project. You can find it on [Ansible Galaxy](https://galaxy.ansible.com/steampunk/unit/). Or go read our [quickstart documentation](https://docs.steampunk.si/unit/quickstart.html) that contains everything you need to know to get up and running in just a few minutes.

We wrote a [blog post](https://steampunk.si/blog/why-and-how-of-the-nginx-unit-ansible-collection/?utm_source=Reddit&utm_medium=organic) that contains even more information about our development process. So if you are interested in how the Ansible Collection development process looks like, this might be just the thing for you.

https://redd.it/k1fpk7
@r_devops

ConnecTech - A podcast on infrastructure and technologies being used at various companies and startups

Hi Guys,

We started a podcast called **ConnecTech** where we invite brilliant developers to come and share how they solved specific problems or built infrastructure at their companies.

Spotify([https://open.spotify.com/show/0QkZAtQgg5yU0hKYGDYh8L](https://open.spotify.com/show/0QkZAtQgg5yU0hKYGDYh8L))

Pocket Cast([https://pca.st/g4qk0m1t](https://pca.st/g4qk0m1t))

Google Podcast([https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8zZDY1M2ZhMC9wb2RjYXN0L3Jzcw==](https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy8zZDY1M2ZhMC9wb2RjYXN0L3Jzcw==))

We are a couple of episodes in now and we are looking for feedback from fellow Redditors.

Hopefully, the quality of audio and content will keep on increasing in the upcoming episodes.

https://redd.it/k1bfgp
@r_devops

Configure Windows registry and services during image creation using Packer and Ansible?

Hi guys,

Just trying to get some feedback on this request from a client who are starting to move Windows workloads to AWS.

We're in the process of creating a custom Windows AMI to be used as a base for all Windows builds in AWS, using Packer and Ansible. Has anyone come across configuring the Windows registry and services during image creation, with Ansible as the provisioner? They want the same configuration to match that of the on-prem golden image?

I would have thought that best handled by GPO, but really not sure?

Any help would be appreciated.

Thanks

https://redd.it/k1civ1
@r_devops

What's GitOps?

Hi all,

I tried breaking down what's GitOps, so here's how it turned out:

**GitOps** offers a way to automate and manage infrastructure. It does this by using the same DevOps best practices that many teams already use, such as version control, code review, and CI/CD pipelines.

Companies have been adopting DevOps because of its great potential to improve productivity and software quality. Along the way, we’ve found ways to automate the software development lifecycle. But when it comes to infrastructure setup and deployments, it’s still mostly a manual process.

With GitOps teams can **automate the infrastructure provisioning process**. This is due to the ability to write your infrastructure as code (IaC) with the use of declaration files. We can store them in a Git repository, exactly as we store application development code.

# How does GitOps work?

The GitOps concept was initially introduced by [Weaveworks](https://www.weave.works/), a Kubernetes management company. So discussions around GitOps are mainly in the context of Kubernetes. The transformation to microservices running in containers brought a need for orchestration platforms. Container-based applications can be complex and difficult for provisioning and management. GitOps helps in simplifying this by applying techniques proven in the DevOps world.

Nowadays the idea has become popular among DevOps enthusiasts, representing an upgraded model of the IaC concept. It revolves around 3 major components:

1. Infrastructure as code
2. Pull requests
3. CI/CD

*Let’s look at them separately.*

**Infrastructure as Code**

IaC is a practice of provisioning and managing infrastructure as **declaration files**, stored as code. By leveraging IaC and version control teams can optimize all operational procedures.

GitOps centers around the **declarative model of IaC**. This is why Kubernetes is a great example of implementation. Declarative means that configuration is more a declaration of an expected state, instead of a set of commands. For example, in Kubernetes, you can define the number of pods desired for a service in the manifest. The system will then take care of itself. No need for an engineer to write an imperative script that should get to the desired pod number.

Any cloud-native software that conforms to the declarative model can be treated as code. We use AWS CloudFormation, which is a declarative tool, to write AWS infrastructure. This means that **we can treat infrastructure itself as code**. Declare the desired state as code. The system applies the changes to achieve that state with automation.

With that said, declarative models are not a must to benefit in GitOps. You can do as well with imperatively defined environments.

**Pull requests**

The main idea behind the GitOps concept is that the version control system is a single source of truth. We use Git as a change management system for our application code. We can also use it for our infrastructure code. So the entire set of declaration files is in a single place where you can collaborate. This enables us to use the key concept of Git – the **pull request** for operational changes.

In an app development workflow, we use one main branch as a release branch. Developers create feature branches from the main branch. Develop a particular feature or story and when done create a pull request to merge it back into the main branch. This same approach is convenient for infrastructure code.

Creating a pull request enables the code to go through a process of code review before we integrate it into another branch of the codebase. Code reviews stop bad code from getting into test or production environments. This is even more important for infrastructure code. Having formal approvals in place via code reviews helps a lot with the auditing and troubleshooting.

**Git organization**

The deployment process in GitOps requires at least two repos: **the application repo and the environment configuration repo.** The first one contains the source code of the app together with its deployment manifests. The

second one contains the desired state of the whole system described using a declarative specification for each environment. You can describe your environments as dev, test, production in a code repository, containing the applications and infrastructure services that can run with a particular version of that environment.

In the case of infrastructure, the main branch can represent an environment. We can implement the changes in the feature branch. Then create a pull request to merge the changes in the main branch. With this, we enable collaboration, while being transparent of who performed which changes. This is also beneficial for issue tracking to the root cause since all changes are commits in Git.

GitOps works with any Git-based system, like GitHub, BitBucket, or GitLab. It is not dependent on any tool or technology.

**CI/CD**

To achieve a full GitOps implementation, you need a CI/CD pipeline. With automated delivery pipelines you can deliver infrastructure changes to designated environments, each time there is a change in the Git repository.

Pipelines are here to connect your Git pull requests to the orchestration system. When you trigger the pipeline with a pull request, the orchestration system executes the task.

There are two possibilities for a GitOps deployment strategy: **Push and Pull Pipelines**. The difference between them is in the way you ensure the deployment environment resembles the desired infrastructure.

**- Push Pipelines**

Many popular CI/CD tools are using this strategy. We store the source code of the application and its deployment manifests in one repository. The build pipeline triggers when a new update happens in the application code. The pipeline builds the container images and pushes the changes to the environment. This strategy brings more flexibility, as it can support any type of infrastructure. The disadvantage is that it gives the CI/CD tool access to write to your environment.

**- Pull Pipelines**

The community considers the pull pipeline approach a more secure practice for GitOps. With this approach, the operator is introduced. The operator is a component between the pipeline and the orchestration tool. It constantly compares the target state in the environment repository with the actual state in the deployed infrastructure. The operator changes the infrastructure to fit the environment repository if it detects any changes. Also, it’s possible to monitor the image registry to identify new versions of images to deploy. This is what makes GitOps so special.

In GitOps the environment updates happen only when there are changes in the environment repository. The system reverts any modifications made if the implemented infrastructure changes in any manner not defined in the environment repository.

For most applications, you’ll probably need more than one environment. GitOps allows you to create **multiple pipelines** that can change the environment repository. You can use separate branches in the environment repository to manage more environments. The operator can react to the change of one branch by deploying to production and react to another branch by deploying to test.

# What are the benefits of GitOps?

**Using DevOps best practices**

Since GitOps is a model focused on the pre-existing best practices of Git workflow, IaC, CI/CD pipelines, immutable servers, tracking, and observability, it represents a more advanced state of Kubernetes’ cloud-native application management. Therefore, the current stack and experience within the company can serve a lot.

**Continuous deployment—simplified**

Continuous deployment means deploying faster and more often. Due to different considerations such as statefulness of systems, downtime resistance, upstream/downstream dependencies, and many other organizational relevant processes and dependencies, proper continuous deployment has been very challenging.

GitOps allows you to do this without having to manage a bunch of tools as everything occurs in the version control system. It provides structure and automation, thanks to the deployment