How do you interact with the API of internal services from CI systems?

I’m mostly thinking of the use case where you have something like Hashicorp Vault or Kubernetes running on EC2 in a private subnet. Right now, I have a bash script baked into an AMI that I trigger with the Systems Manager Run Command from CI. This bash script uses cli commands to configure internal services. Our infra is still in its infancy and I keep thinking “there has to be a better way!”. My main ideas were:
- switching to a self hosted CI solution, running the CI instance in the same VPC as internal services
- exposing the API of internal services to the internet, protect them with basic auth

https://redd.it/k78xfq
@r_devops

Any interest in sla management?

I used to work for a place that basically managed a bunch of programs between hospitals and hospital vendors. Followed up on contracts, found deals where the hospital could get free drugs for certain patients, etc. You're wondering where I'm going with this...

Before Thanksgiving when AWS went down it got me thinking. I saw a lot of people being very vocal about how it can be a pain to get credits and money back for failure to meet SLAs. I've had to do it myself, but usually I just felt like "that's why they pay me".

Is there any interest in a 3rd party managing your SLAs with your vendors?

I've got no idea exactly what *this* is right now, but I'd love to get some people's feedback on the idea, and if you're interested, [check out my website and sign up](https://slaslayer.com).

https://redd.it/k6co5d
@r_devops

Finding the IP/web host behind Cloudflare

Guys, I am new to Devops and I keep getting spammed by this web design company on my website. Constantly.

I tried to look up their host so I could complaint to them but they are behind cloud flare. Is there anyway I can find their actual IP or host?

https://redd.it/k7fquz
@r_devops

Development Project Overview

We run quite a few projects, and all of them are updating their information pages under confluence which.... well would like to say works but that is only for the ones that are high profile and in production . Im wondering if there is a tool that actually lets you browse the progress of project in DevOps terms (so not traditional Project Management). What I am after is something that lets me have a dashboard with pipeline data, service connections and uptime in sites and environments, resource utilization, and centralized linking to project information. I did see something that I base this kind of information from a DevOps consultancy firm (mockup? - dont know).


Does anything like this exist? Is it something that the ones have it build themselves??

https://redd.it/k783ps
@r_devops

Product preference between datadog, splunk, and sumo? And why?

21 y/o college kid here, and I am looking to spend my winter break learning about devops. Title says it all. Would welcome any sort of perspective from people who are knowledgeable/work directly with these platforms. Thanks!

https://redd.it/k7i2cu
@r_devops

Career Advice! Fullstack Engineer transition to DevOps Engineer

I was wondering if it anyone here has made the transition from a Full Stack Engineers to a DevOps Engineer. And if so, what was the transition like and what did you do to become a DevOps Engineer?

Currently I am a Full Stack Engineer with a solid understanding of Docker, and a pretty solid understanding of AWS from my professional experiences. I found these kinds of things more interesting than application development, and I'm seriously considering on making a pivot in my career.

https://redd.it/k717xi
@r_devops

HashiCorp Certified: Terraform Associate exam issue.

Hello everyone. Today I tried to pass my Terraform exam on PSI platform but face issue. After verification photos and 360 I got a message in secure browser that I must wait up to 15 minutes until proctor verified my identities. 10 minutes passed, 20 passed. I got message proctor not joined please restart your session. I did that. Again 5 minutes passed, 10 passed I wrote to chat: Hello Is anybody here? And suddenly proctor answered I'm here. I continue waiting because I thought that now everything will be fine but after 10 minutes of waiting I'm again got message that I should restart browser and bla bla bla. Same happened 2 times more and I decide not to waste my time. More than hour passed since appointment time.

Is anybody faced same issue. If yes how did you get free retake or refund? PSI live support always busy and never reply. Maybe anybody knows any Hashicorp or PSI e-mail addresses which could be useful to resolve this issue?

https://redd.it/k7jkk2
@r_devops

How to prepare for Kubernetes certification (CKA)?

I am learning k8s and have no real-world experience with it outside my homelab. I'd like to get certified with CKA. I'm currently halfway through Mumshad Mannambeth's CKA course with some nice labs in Kodekloud, but I'm wondering if that's enough? What else would you recommend? thanks!

https://redd.it/k7351v
@r_devops

What is Everyone Using Instead of Puppet Pipelines

We've been using Puppet Pipelines extensively in my company. Our application is hosted on a mix of Windows/Linux VMs in a co-located DC. We use Pipelines to do run through all the steps, adjust the load balancer, turn off services, sync files from artifactory, turn it all back on, etc.

When they announced it was going away we started looking at other tools, but many seem dedicated to the cloud, AWS, hyper-converged VM stuff, etc. Has anyone else found a replacement? It's interesting that Puppet didn't even attempt to recommend what customers try to migrate to.

https://redd.it/k7ly9s
@r_devops

Come join our Kubernetes focused discord server!

I'm posting this again as I've made some changes to the server. Discord offers a lot of things the Slack workspace doesn't such as:

• A channel just for Kubernetes memes.
• Voice chats you can cry about production issues in
• Less professional so we can take out our frustrations on each other!
• Music rooms
• Doesn't do that annoying aesthetic shit with hyperlinks

https://discord.gg/zSSRFB3G3h

https://redd.it/k6zt1u
@r_devops

K8s volumes

https://medium.com/swlh/k8s-volumes-claims-part1-138012b6f52

https://redd.it/k7p0vk
@r_devops

What is the difference between services like mailgun and some backend script running on dedicated IP?

I am going to handle a newsletter for system with around 15k users and I am wondering whenever go for solutions like mailgun, or use something selfhosted.

I don't know what are some decent hardware / environment requirements for it.

https://redd.it/k7u5lt
@r_devops

Retrieva data from Azure App Configuration with Powershell

Hi yall,

I was suprised that MSFT still hasn't made a PowerShell Module to work with App Configuration data, so I made my own: [link](https://github.com/mieel/PSAzureAppConfiguration)

It uses the `az appconfig` in the background (so you need `azure cli` installed), but it added support for referencing to other keys, within the value.

## Install module

`install-module PSAzureAppConfiguration -Repository PSGallery`

## Usage

Log in Azure account using a service principal

`$clientId = 'client/app id'`

`$tenantId = 'tenant id'`

`$secret = 'client secret'`

`az login --service-principal --username $clientId --password $secret --tenant $tenantId`

Get configuration:

`$MyConfig = Get-AppConfigurationKeyValue -Store MyAppConfigStore -Label Production`

https://redd.it/k7txnd
@r_devops

Connecting to a vm using ssh with a NAT adapter

I heard bridged adapter was ok, but you couldn't access to the Internet using a bridged adapter. Is that true? I was able to ssh into my virtual box, and install linux packages, so I am not sure how that can be true. Anyway, how do you connect to a VM using a NAT adapter instead?

https://redd.it/k8780k
@r_devops

AWS MacOS EC2 machines vs Azure pipelines/GHA

The price per hour of mac EC2 machines are sitting at a little over 1 USD. I'm just wondering why their solution is better for CI/CD builds when Azure and GitHub already have pretty cheap alternatives that have worked for me in the past.

There seems to be a lot of hype over it and people calling it a game-changer. I just don't see what's special with their solution.

https://redd.it/k886p4
@r_devops

How to Configure OpenShift 4 Cluster Nodes: MachineConfig Operator and CoreOS

OpenShift and OKD 4 are using CoreOS for cluster nodes. The only way to configure them is to use Ignition and OSTree. Both of them are automated with MachineConfig Operator, which we will see in this video - how it works and how to use it to customize the cluster:

[https://www.youtube.com/watch?v=ntP4DVjrRd8&feature=youtu.be](https://www.youtube.com/watch?v=ntP4DVjrRd8&feature=youtu.be)

https://redd.it/k8eisq
@r_devops

Istio Service Mesh: A Beginners Guide

This post will give a high-level introduction to Istio and its related concepts and terminologies.
[https://www.loginradius.com/blog/async/istio-service-mesh/](https://www.loginradius.com/blog/async/istio-service-mesh/)

https://redd.it/k8fubi
@r_devops

Noob questions, what do you guys do when you experience an outage?

Hey guys,

I saw there were a couple of big outages this year and in the years before. What do you guys do when you experience such outages and is it total chaos like I imagine it in my head?

https://redd.it/k8ie2t
@r_devops

Have you guys notices any difference in mentality between those who come into devops from the dev side and those who come in from the ops side?

I've been thinking about this as I've been only recently getting into the devops field. My background is mainly ops. I came into this from systems engineering. I always saw development as something only really smart people do and I could never do that. But as I have been educating myself and interacting with developers, I found that I really loved the process of development. As I started writing up YAML files or Python scripts, I recognized that I was developing but never fully recognized it as that. I'm also starting to see how many ops people who do not understand development are frankly either really bad at their jobs or are becoming more and more specialized to the point of being boxed in. I never wanted to be like that and so it seemed like devops became the natural progression for me as an ops person. But I also think this came with being more exposed to devs and seeing how efficient many processes can become by incorporating more development (or automation) into my job.


How did you get into devops and what attracts you to it from either side?

https://redd.it/k8jn52
@r_devops

Moving from an Nginx VM with root access to a GH action deployed VM

Hello there

I have a legacy Nginx app which is the HTTP reverse service of our internal apps, running on a VM.And in the company, all the employees have root access to this VM and people edit in production files and restart nginx service by themselves.

It's defo not the best option or the best practice, but we are a small team and I would like to improve the process, make it more secure and scalable for a bigger team in the future.

At first I thought about having a repositories with only the \`/etc/nginx/\` folder that would be editable by the maintainer. Then, on push on master it would then try on a \`staging VM\` to deploy and runs \`nginx -t\` to test the config files. It would probably have a really fast deployment but it won't help for a from-scratch deployment with a completely brand new Debian, for example.

So my second thought went to an ansible playbook that will run the installation and file copying and run the test, but at the moment I am wondering then how I will run my test? Should my playbook first try to deploy on my \`staging VM\` and if everything is alright then deploy on my \`production VM\`

If I'm using a staging VM, then I guess I somehow need to reset this VM after use?

Or am I totally wrong and if so if you have any other idea please hit me up :)

I'm really keen to hear from you. Thank you in advance

https://redd.it/k8hthb
@r_devops

Is CodeArtifact feature full enough to replace Artifactory?

Have gotten a few different answers on this, but we’re a mid sized org and find Artifactory to be good, but expensive for what it is. We’ve been looking into CodeArtifact but wonder about limitations. What’s the consensus?

[View Poll](https://www.reddit.com/poll/k84oz5)

https://redd.it/k84oz5
@r_devops