Moving from an Nginx VM with root access to a GH action deployed VM
Hello there
I have a legacy Nginx app which is the HTTP reverse service of our internal apps, running on a VM.And in the company, all the employees have root access to this VM and people edit in production files and restart nginx service by themselves.
It's defo not the best option or the best practice, but we are a small team and I would like to improve the process, make it more secure and scalable for a bigger team in the future.
At first I thought about having a repositories with only the \`/etc/nginx/\` folder that would be editable by the maintainer. Then, on push on master it would then try on a \`staging VM\` to deploy and runs \`nginx -t\` to test the config files. It would probably have a really fast deployment but it won't help for a from-scratch deployment with a completely brand new Debian, for example.
So my second thought went to an ansible playbook that will run the installation and file copying and run the test, but at the moment I am wondering then how I will run my test? Should my playbook first try to deploy on my \`staging VM\` and if everything is alright then deploy on my \`production VM\`
If I'm using a staging VM, then I guess I somehow need to reset this VM after use?
Or am I totally wrong and if so if you have any other idea please hit me up :)
I'm really keen to hear from you. Thank you in advance
https://redd.it/k8hthb
@r_devops
Hello there
I have a legacy Nginx app which is the HTTP reverse service of our internal apps, running on a VM.And in the company, all the employees have root access to this VM and people edit in production files and restart nginx service by themselves.
It's defo not the best option or the best practice, but we are a small team and I would like to improve the process, make it more secure and scalable for a bigger team in the future.
At first I thought about having a repositories with only the \`/etc/nginx/\` folder that would be editable by the maintainer. Then, on push on master it would then try on a \`staging VM\` to deploy and runs \`nginx -t\` to test the config files. It would probably have a really fast deployment but it won't help for a from-scratch deployment with a completely brand new Debian, for example.
So my second thought went to an ansible playbook that will run the installation and file copying and run the test, but at the moment I am wondering then how I will run my test? Should my playbook first try to deploy on my \`staging VM\` and if everything is alright then deploy on my \`production VM\`
If I'm using a staging VM, then I guess I somehow need to reset this VM after use?
Or am I totally wrong and if so if you have any other idea please hit me up :)
I'm really keen to hear from you. Thank you in advance
https://redd.it/k8hthb
@r_devops
reddit
Moving from an Nginx VM with root access to a GH action deployed VM
Hello there I have a legacy Nginx app which is the HTTP reverse service of our internal apps, running on a VM.And in the company, all the...
Is CodeArtifact feature full enough to replace Artifactory?
Have gotten a few different answers on this, but we’re a mid sized org and find Artifactory to be good, but expensive for what it is. We’ve been looking into CodeArtifact but wonder about limitations. What’s the consensus?
[View Poll](https://www.reddit.com/poll/k84oz5)
https://redd.it/k84oz5
@r_devops
Have gotten a few different answers on this, but we’re a mid sized org and find Artifactory to be good, but expensive for what it is. We’ve been looking into CodeArtifact but wonder about limitations. What’s the consensus?
[View Poll](https://www.reddit.com/poll/k84oz5)
https://redd.it/k84oz5
@r_devops
reddit
Is CodeArtifact feature full enough to replace Artifactory?
Have gotten a few different answers on this, but we’re a mid sized org and find Artifactory to be good, but expensive for what it is. We’ve been...
Criteria for selecting an API gateway for a cloud environment
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (Key Performance Indicator) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3yp
@r_devops
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (Key Performance Indicator) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3yp
@r_devops
reddit
Criteria for selecting an API gateway for a cloud environment
Hello everyone, I am currently writing my thesis and would be very grateful for your opinions and comments. Specifically, I'm dealing with how...
Criteria for selecting an API gateway for a cloud environment
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3m2
@r_devops
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3m2
@r_devops
reddit
Criteria for selecting an API gateway for a cloud environment
Hello everyone, I am currently writing my thesis and would be very grateful for your opinions and comments. Specifically, I'm dealing with how...
Criteria for selecting an API gateway for a cloud environment
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3la
@r_devops
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m3la
@r_devops
reddit
Criteria for selecting an API gateway for a cloud environment
Hello everyone, I am currently writing my thesis and would be very grateful for your opinions and comments. Specifically, I'm dealing with how...
Criteria for selecting an API gateway for a cloud environment
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m39a
@r_devops
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (*Key Performance Indicator*) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m39a
@r_devops
reddit
Criteria for selecting an API gateway for a cloud environment
Hello everyone, I am currently writing my thesis and would be very grateful for your opinions and comments. Specifically, I'm dealing with how...
Which tools do you use today for determining top recurring causes of alerts? Have these tools been effective in reducing ops pain?
In my experience, I have not found a state of the art tool that most engineers use.
https://redd.it/k8mqk4
@r_devops
In my experience, I have not found a state of the art tool that most engineers use.
https://redd.it/k8mqk4
@r_devops
reddit
Which tools do you use today for determining top recurring causes...
In my experience, I have not found a state of the art tool that most engineers use.
Criteria for selecting an API gateway for a cloud environment
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (Key Performance Indicator) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m5m5
@r_devops
Hello everyone,
I am currently writing my thesis and would be very grateful for your opinions and comments.
Specifically, I'm dealing with how an API gateway can be used to secure an corporate network.
One part deals with the selection of an API gateway for a defined use case, here also with a focus on security features. I would be interested in concrete insights into the selection process in companies, how they select a API gateway and if the criteria mentioned below apply or if a certain aspect is missing.
In the following you will find a list between functional and non-functional properties:
# Functional features
**General features**
*Info: This includes general features of the product.*
* Analytics (Reports, Insides in the usage of the API)
* API technology (GraphQL, REST,.. )
* Caching
* Data security
* Error handling
* Life-Cycle Management (The ability to support different channels such as beta, test and production. This includes the ability to support multiple versions - API versioning.)
* Extensibility
* Import/Export API-definition
* Performance
* Load Balancing
* Management-API (An own API which is provided by the gateway itself for administration. For example to define new routes to services.)
* Monitoring
* Operation Model
* Payload transformation
* Logging
* Quote (Number of maximum connections per hour or other defined interval)
* Rate Limiting (Limitation of requests in a certain time interval. E.g. when providing a certain service, the customer can make 1000 requests / per hour)
* Scalability (This refers to the general ability that the product can scale depending on a certain performance)
* Redundancy (over different regions, but also redundancy in one region)
**Security features**
*Info: This includes security specific features of the product.*
* Audits (ISO 27001,9001; HIPAA; BSI C5)
* Authentication
* Authorization
* Security policies
* Thread protection
* Protocol (HTTP/HTTPS)
* Open/Closed source (the code can be viewed and checked)
# Non-functional features
**Support**
*Info: Aspects that can support the user during use.*
* Community (Developer forums, Meets-Ups,..)
* Documentation Software
* Support (commercial assistance with specific problems)
* Training (how to use the software)
**Operation**
*Info: Special aspects that can be considered when operating the product.*
* Configuration
* Usability
* Installation
* Maintenance intensity
**Producer**
*Info: This is about some aspects that concern the manufacturer and especially how the market share is.*
* Producer/Provider Eco-System
* Experience of the producer
* Size of Producer/Provider and turnover
* Industry Leadership
* Length of software on the market
* Software market share
**Product**
*Info: Specific KPIs (Key Performance Indicator) for the product.*
* Cost over time
* Initial Cost
* License Price
* Licensing model
* Platform hosting offering
**Corporate technology strategy for the use of the product**
* Possible uses
* Organization fit (how well the product fits into the company)
* Prototyping and development speed
Can you think of any other aspects that are important to consider? Maybe criteria that are not mentioned here?
Thank's for your help!
You can also write to me privately, if something else comes up ;)
https://redd.it/k8m5m5
@r_devops
reddit
Criteria for selecting an API gateway for a cloud environment
Hello everyone, I am currently writing my thesis and would be very grateful for your opinions and comments. Specifically, I'm dealing with how...
When should I start applying for devops jobs?
Hi everyone, I have been working as a cloud engineer for 2 years now working primarily with GCP/AWS and in administration. I have three certs: GCP Professional Architect cert, AWS Solutions Architect Associate, AWS Security Specialty. I have been wanting to transition myself into devops as I believe the technology is very cool, so my question is: When should I start applying? Currently, I am scared to apply thinking I may not have all the qualifications needed. I am familiar with cloudformation & python, and have general concept knowledge of other devops tools such as kubernetes, docker, terraform, ansible, but I have not had the opportunity to work with them. I am thinking I need to get maybe an AWS Dev Associate Cert and AWS Devops Professional Cert. Then after that I could try to apply while pursuing a Certified Kubernetes Administrator and Terraform Cert. Should I start applying for jobs right now even if I know I don't meet all the prerequisites? Or should I wait till I get some additional certs before I start applying. Thank you all!
https://redd.it/k8kmkv
@r_devops
Hi everyone, I have been working as a cloud engineer for 2 years now working primarily with GCP/AWS and in administration. I have three certs: GCP Professional Architect cert, AWS Solutions Architect Associate, AWS Security Specialty. I have been wanting to transition myself into devops as I believe the technology is very cool, so my question is: When should I start applying? Currently, I am scared to apply thinking I may not have all the qualifications needed. I am familiar with cloudformation & python, and have general concept knowledge of other devops tools such as kubernetes, docker, terraform, ansible, but I have not had the opportunity to work with them. I am thinking I need to get maybe an AWS Dev Associate Cert and AWS Devops Professional Cert. Then after that I could try to apply while pursuing a Certified Kubernetes Administrator and Terraform Cert. Should I start applying for jobs right now even if I know I don't meet all the prerequisites? Or should I wait till I get some additional certs before I start applying. Thank you all!
https://redd.it/k8kmkv
@r_devops
reddit
When should I start applying for devops jobs?
Hi everyone, I have been working as a cloud engineer for 2 years now working primarily with GCP/AWS and in administration. I have three certs: GCP...
Cannot ssh to my vm after switching to NAT and port forwarding
[https://www.simplified.guide/\_media/virtualbox/port-forwarding/virtualbox-settings-network-advanced-port-forwarding-configure.png](https://www.simplified.guide/_media/virtualbox/port-forwarding/virtualbox-settings-network-advanced-port-forwarding-configure.png?w=620&tok=e460a2)
I switched from bridge adapter to NAT and then decided to use port forwarding, but I can no longer connect to ssh. I used 192.168.2.16 and port 22 to connect to ssh, but when I put those two values in the Guest IP and port number field, I can no longer connect via ssh. Can someone explain me what I am doing wrong?
https://redd.it/k8ulww
@r_devops
[https://www.simplified.guide/\_media/virtualbox/port-forwarding/virtualbox-settings-network-advanced-port-forwarding-configure.png](https://www.simplified.guide/_media/virtualbox/port-forwarding/virtualbox-settings-network-advanced-port-forwarding-configure.png?w=620&tok=e460a2)
I switched from bridge adapter to NAT and then decided to use port forwarding, but I can no longer connect to ssh. I used 192.168.2.16 and port 22 to connect to ssh, but when I put those two values in the Guest IP and port number field, I can no longer connect via ssh. Can someone explain me what I am doing wrong?
https://redd.it/k8ulww
@r_devops
Having a little trouble with TLS cert for Hashicorp Vault/Consul cluster
Hi there.
So I'm a bit new at this, but I recently figured out all the steps to stand up a Vault/consul cluster using Terraform. The cluster works, but I can't go live with it until I can figure out what is going wrong with the cert.
Here's what I understand to be the facts - let me know if one of these is incorrect:
* In order for the backend (Consul) to work correctly, the cert needs a SAN for both vault.service.consul, and [127.0.0.1](https://127.0.0.1).
* SSL/TLS certificates don't let you add SANs for domains that are not related to the primary Common Name, so my cert for [vault.example.com](https://vault.example.com) gives errors if I try to add these in.
* The documentation directs you to use a Self-Signed cert, and then make the public key readily available. This is not ideal, as I'm trying to roll this out as our general password manager, and having to install certs is going to reduce the adoption rate amongst less tech-savvy users in my org.
Are there any suggestions on how to resolve this so that I can use a public cert and still have backend functionality? Does everyone else using Vault seriously use a self-signed cert? That seems bonkers to me.
​
UPDATE: Just throwing stuff at the wall to see what sticks, I installed a public wildcart cert, with no SANs. The frontend works with no errors, and the Vault appears to be talking to the backend. But if I run the `vault status` command on the Vault server, I'm getting an error that there are no SANs for [127.0.0.1](https://127.0.0.1). I don't really want to leave it like this, because I don't know what else might not be talking.
I've been messing with different options in my Default.hcl file, but anything I update to the FQDN here either has DNS problems, or, if I route it correctly in the hosts file, swings back to the same SAN error.
https://redd.it/k8iu0u
@r_devops
Hi there.
So I'm a bit new at this, but I recently figured out all the steps to stand up a Vault/consul cluster using Terraform. The cluster works, but I can't go live with it until I can figure out what is going wrong with the cert.
Here's what I understand to be the facts - let me know if one of these is incorrect:
* In order for the backend (Consul) to work correctly, the cert needs a SAN for both vault.service.consul, and [127.0.0.1](https://127.0.0.1).
* SSL/TLS certificates don't let you add SANs for domains that are not related to the primary Common Name, so my cert for [vault.example.com](https://vault.example.com) gives errors if I try to add these in.
* The documentation directs you to use a Self-Signed cert, and then make the public key readily available. This is not ideal, as I'm trying to roll this out as our general password manager, and having to install certs is going to reduce the adoption rate amongst less tech-savvy users in my org.
Are there any suggestions on how to resolve this so that I can use a public cert and still have backend functionality? Does everyone else using Vault seriously use a self-signed cert? That seems bonkers to me.
​
UPDATE: Just throwing stuff at the wall to see what sticks, I installed a public wildcart cert, with no SANs. The frontend works with no errors, and the Vault appears to be talking to the backend. But if I run the `vault status` command on the Vault server, I'm getting an error that there are no SANs for [127.0.0.1](https://127.0.0.1). I don't really want to leave it like this, because I don't know what else might not be talking.
I've been messing with different options in my Default.hcl file, but anything I update to the FQDN here either has DNS problems, or, if I route it correctly in the hosts file, swings back to the same SAN error.
https://redd.it/k8iu0u
@r_devops
reddit
Having a little trouble with TLS cert for Hashicorp Vault/Consul...
Hi there. So I'm a bit new at this, but I recently figured out all the steps to stand up a Vault/consul cluster using Terraform. The cluster...
Choosing between AWS and Heroku for a brand new stack
What would you build your new SaaS product on?
AWS is so powerful, and gives tons of free credits to startups. But then it's also quite complex, even with Terraform it seems tricky.
Heroku is so nice and simple, it just works, with CI and all. But then I imagine it'll get expensive quickly, and they only offer a basic set of services without much flexibility.
What else would you consider?
https://redd.it/k8ipqw
@r_devops
What would you build your new SaaS product on?
AWS is so powerful, and gives tons of free credits to startups. But then it's also quite complex, even with Terraform it seems tricky.
Heroku is so nice and simple, it just works, with CI and all. But then I imagine it'll get expensive quickly, and they only offer a basic set of services without much flexibility.
What else would you consider?
https://redd.it/k8ipqw
@r_devops
reddit
Choosing between AWS and Heroku for a brand new stack
What would you build your new SaaS product on? AWS is so powerful, and gives tons of free credits to startups. But then it's also quite complex,...
Password Mangers
Just wondering what folks here use for sharing passwords. I've used Dashlane, LastPass and 1Password but I'm looking for a tool which is SOC2 compliant and support GSuite as an identity provider.
Thus far, only Keeper seems to fit the bill but I haven't had a chance to test it out yet.
Looking for suggestions/recommendations.
https://redd.it/k7zphn
@r_devops
Just wondering what folks here use for sharing passwords. I've used Dashlane, LastPass and 1Password but I'm looking for a tool which is SOC2 compliant and support GSuite as an identity provider.
Thus far, only Keeper seems to fit the bill but I haven't had a chance to test it out yet.
Looking for suggestions/recommendations.
https://redd.it/k7zphn
@r_devops
reddit
Password Mangers
Just wondering what folks here use for sharing passwords. I've used Dashlane, LastPass and 1Password but I'm looking for a tool which is SOC2...
Stumped on automating single sign on saml for each new aws account
Basically I'm using jumpcloud as my sso provider and they have no apis to programmatically create a single sign on solution. This is a pain point because creating the single sign on saml is very manual process (the aws side can be automated with terraform but not the sso provider jumpcloud portion). Any suggestions / better sso providers anyone would recommend? I also tried using aws sso itself and ran into the same manual process issue and also HashiCorp sso and it also does not appear to have resources / apis available to programmatically create sso saml. Any suggestions?
https://redd.it/k7yn2i
@r_devops
Basically I'm using jumpcloud as my sso provider and they have no apis to programmatically create a single sign on solution. This is a pain point because creating the single sign on saml is very manual process (the aws side can be automated with terraform but not the sso provider jumpcloud portion). Any suggestions / better sso providers anyone would recommend? I also tried using aws sso itself and ran into the same manual process issue and also HashiCorp sso and it also does not appear to have resources / apis available to programmatically create sso saml. Any suggestions?
https://redd.it/k7yn2i
@r_devops
reddit
Stumped on automating single sign on saml for each new aws account
Basically I'm using jumpcloud as my sso provider and they have no apis to programmatically create a single sign on solution. This is a pain point...
32 hour outage and it's my fault. What do?
Throwaway account.
I'm a DevOps/CloudEng at a growing fintech company. We're approaching launch day and as you might imagine, everyone wants to deploy their projects and get them live ASAP.
Ultimately the goal is to automate as much as possible, but as an early stage company, there are many unknowns so there's still a lot of human intervention in the deployment process. Lastly I've been working non-stop over 10-11 hours everyday and some weekends.
So come Friday night, I'm changing the S3/Cloudfront configuration for our main website and tested it partially so I left for the weekend. I didn't realize it was misconfigured untill this morning when the CEO slacked me that the site was down.
Obviously panicked and fixed it immediately, only to realize that the site had been down for around 32 hours (weekend)
I wrote a detailed postmortem with the Cloudtrail events and I pretend to discuss it later with everyone. But some comments from the CTO made me feel quite guilty and bad as it looks like it was a total rookie mistake.
What do you recommend doing here?
https://redd.it/k7t0yy
@r_devops
Throwaway account.
I'm a DevOps/CloudEng at a growing fintech company. We're approaching launch day and as you might imagine, everyone wants to deploy their projects and get them live ASAP.
Ultimately the goal is to automate as much as possible, but as an early stage company, there are many unknowns so there's still a lot of human intervention in the deployment process. Lastly I've been working non-stop over 10-11 hours everyday and some weekends.
So come Friday night, I'm changing the S3/Cloudfront configuration for our main website and tested it partially so I left for the weekend. I didn't realize it was misconfigured untill this morning when the CEO slacked me that the site was down.
Obviously panicked and fixed it immediately, only to realize that the site had been down for around 32 hours (weekend)
I wrote a detailed postmortem with the Cloudtrail events and I pretend to discuss it later with everyone. But some comments from the CTO made me feel quite guilty and bad as it looks like it was a total rookie mistake.
What do you recommend doing here?
https://redd.it/k7t0yy
@r_devops
reddit
32 hour outage and it's my fault. What do?
Throwaway account. I'm a DevOps/CloudEng at a growing fintech company. We're approaching launch day and as you might imagine, everyone wants to...
Windows and Docker in production
Does anyone use Windows Docker containers for live applications?
I’ve been experimenting with it for a while and am unconvinced it’s suitable for use. Docker EE seems massively under documented and has an almost non-existent community.
It works, I can create images and run containers using Docker EE on Windows Server 2019 but I’m concerned we would get issues in live that could be very complex to resolve.
I’m wondering if we’d be better off sticking with scripted VMs and save containers until we can go fully Linux.
https://redd.it/k7r0mc
@r_devops
Does anyone use Windows Docker containers for live applications?
I’ve been experimenting with it for a while and am unconvinced it’s suitable for use. Docker EE seems massively under documented and has an almost non-existent community.
It works, I can create images and run containers using Docker EE on Windows Server 2019 but I’m concerned we would get issues in live that could be very complex to resolve.
I’m wondering if we’d be better off sticking with scripted VMs and save containers until we can go fully Linux.
https://redd.it/k7r0mc
@r_devops
reddit
Windows and Docker in production
Does anyone use Windows Docker containers for live applications? I’ve been experimenting with it for a while and am unconvinced it’s suitable...
AWS - Auto Scaling Group, Launch Configuration, Scale-out & Scale-in Pol...
[https://youtu.be/b-HVDkZKMCc](https://youtu.be/b-HVDkZKMCc)
https://redd.it/k92xin
@r_devops
[https://youtu.be/b-HVDkZKMCc](https://youtu.be/b-HVDkZKMCc)
https://redd.it/k92xin
@r_devops
YouTube
AWS - Auto Scaling Group, Launch Configuration, Scale-out & Scale-in Policies
AWS - Auto Scaling Group, Launch Configuration, Scale-out & Scale-in Policies
How to setup AWS Auto-scaling from scratch?
- How to choose subnets correctly?
- Configuring a Public ELB with Private EC2 instances.
- Defining Scaling policies to add and remove…
How to setup AWS Auto-scaling from scratch?
- How to choose subnets correctly?
- Configuring a Public ELB with Private EC2 instances.
- Defining Scaling policies to add and remove…
Terraform: EC2 Stop action
Hi,
I'm currently trying to set up a Cloudwatch metric alarm in Terraform that will stop an EC2 instance when it gets into its "Alarm" state. The idea is to stop the ec2 instance if it remains idle for too long. This seems to be possible when done via the AWS Console according to those [docs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html#AddingStopActions) but I struggle to create an equivalent "Stop action" in Terraform.
I used the [aws\_cloudwatch\_metric\_alarm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) resource to create the alarm but this is all so far 🤷🏻♂️
Does anybody happen to know how to do that (if it's even possible)?
Note: I've found a few tutorials/gists online showing how to achieve that via a lambda but I was hoping there would be another way given it's feasible with just a couple clicks in the console.
https://redd.it/k93v45
@r_devops
Hi,
I'm currently trying to set up a Cloudwatch metric alarm in Terraform that will stop an EC2 instance when it gets into its "Alarm" state. The idea is to stop the ec2 instance if it remains idle for too long. This seems to be possible when done via the AWS Console according to those [docs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html#AddingStopActions) but I struggle to create an equivalent "Stop action" in Terraform.
I used the [aws\_cloudwatch\_metric\_alarm](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) resource to create the alarm but this is all so far 🤷🏻♂️
Does anybody happen to know how to do that (if it's even possible)?
Note: I've found a few tutorials/gists online showing how to achieve that via a lambda but I was hoping there would be another way given it's feasible with just a couple clicks in the console.
https://redd.it/k93v45
@r_devops
Amazon
Create alarms to stop, terminate, reboot, or recover an EC2 instance - Amazon CloudWatch
Create CloudWatch alarms that automatically stop, terminate, reboot, or recover your Amazon EC2 instances.
Adaptive Request Concurrency. Resilient observability at scale.
This is a post written by the [Vector.dev](https://Vector.dev) team that discusses Adaptive Request Concurrency for observability pipelines. Automatically optimizing HTTP communication. It introduces an old networking concept into the o11y domain. Let us know what you think!
[https://vector.dev/blog/adaptive-request-concurrency/](https://vector.dev/blog/adaptive-request-concurrency/)
https://redd.it/k966i3
@r_devops
This is a post written by the [Vector.dev](https://Vector.dev) team that discusses Adaptive Request Concurrency for observability pipelines. Automatically optimizing HTTP communication. It introduces an old networking concept into the o11y domain. Let us know what you think!
[https://vector.dev/blog/adaptive-request-concurrency/](https://vector.dev/blog/adaptive-request-concurrency/)
https://redd.it/k966i3
@r_devops
vector.dev
A lightweight, ultra-fast tool for building observability pipelines
Going From Infrastructure to Developer Is A Reality
If you look at conferences from say, five years ago to now, it's changed drastically. There's no more talk about operating systems or server versions. Instead, it's all about "the cloud" and "development". Conferences like:
1. MS Build
2. AWS re-invent
3. MS Ignite
and even smaller conferences/meetups.
What does this mean for infrastructure people?
Well, here's the thing... it's exactly what we've always seen in tech, a transition. The same transition as when bare-metal server folks had to start thinking about virtualization. It's just another shift. The biggest difference is this shift is happening pretty fast.
It also kind of feels like the standard sysadmin/infrastructure engineer is being pushed to the side, which may be the reality. However, this reality isn't a death sentence. It's an opportunity. Let me explain why.
When people think of a "developer", they automatically think to be a developer you have to build the next Twitter or some other crazy app. The simple fact is, that's not the case. You can be an infrastructure developer or a cloud developer that writes code for cloud servers or on-prem environments.
The problem with the explanations we see today is no one is actually explaining HOW a sysadmin or infrastructure engineer can move into a developer role and STILL BE an infrastructure guy or gal. No one is explaining what concepts an infrastructure person needs to know to be a developer. A few of these concepts are:
1. Computer science concepts like declarative/imperative or pointers.
2. Testing (unit, mock, integration, etc.) infrastructure code
3. Source control. Not only GitHub, but a little history like distributed vs centralized source control
4. What sprints are and different types of cultural working environments
5. CICD for infrastructure
6. Code editors and IDEs
There's definitely more concepts, but I think these are the core focuses.
I recently created a YouTube video about this and I'm going to start a little series on this. Let me know your thoughts :)
[https://www.youtube.com/watch?v=u-0T-JN0GZc](https://www.youtube.com/watch?v=u-0T-JN0GZc)
https://redd.it/k97vuf
@r_devops
If you look at conferences from say, five years ago to now, it's changed drastically. There's no more talk about operating systems or server versions. Instead, it's all about "the cloud" and "development". Conferences like:
1. MS Build
2. AWS re-invent
3. MS Ignite
and even smaller conferences/meetups.
What does this mean for infrastructure people?
Well, here's the thing... it's exactly what we've always seen in tech, a transition. The same transition as when bare-metal server folks had to start thinking about virtualization. It's just another shift. The biggest difference is this shift is happening pretty fast.
It also kind of feels like the standard sysadmin/infrastructure engineer is being pushed to the side, which may be the reality. However, this reality isn't a death sentence. It's an opportunity. Let me explain why.
When people think of a "developer", they automatically think to be a developer you have to build the next Twitter or some other crazy app. The simple fact is, that's not the case. You can be an infrastructure developer or a cloud developer that writes code for cloud servers or on-prem environments.
The problem with the explanations we see today is no one is actually explaining HOW a sysadmin or infrastructure engineer can move into a developer role and STILL BE an infrastructure guy or gal. No one is explaining what concepts an infrastructure person needs to know to be a developer. A few of these concepts are:
1. Computer science concepts like declarative/imperative or pointers.
2. Testing (unit, mock, integration, etc.) infrastructure code
3. Source control. Not only GitHub, but a little history like distributed vs centralized source control
4. What sprints are and different types of cultural working environments
5. CICD for infrastructure
6. Code editors and IDEs
There's definitely more concepts, but I think these are the core focuses.
I recently created a YouTube video about this and I'm going to start a little series on this. Let me know your thoughts :)
[https://www.youtube.com/watch?v=u-0T-JN0GZc](https://www.youtube.com/watch?v=u-0T-JN0GZc)
https://redd.it/k97vuf
@r_devops
YouTube
Infrastructure Engineers and Sysadmins NEED to Code [Reality in 2020]
If you look at conferences from say, five years ago to now, it's changed drastically. There's no more talk about operating systems or server versions. Instead, it's all about "the cloud" and "development". Conferences like:
1. MS Build
2. AWS re-invent
3.…
1. MS Build
2. AWS re-invent
3.…
Great GitHub feature announcements
Really cool features announced at GitHub Universe.
- Dark mode
- Auto-merge pull requests
- Discussions for a community chats
- Required manual approval for Actions
And many more as well. Read more [here](https://github.blog/2020-12-08-new-from-universe-2020-dark-mode-github-sponsors-for-companies-and-more).
Really great to see GitHub advancing as a DevOps platform!
https://redd.it/k9945g
@r_devops
Really cool features announced at GitHub Universe.
- Dark mode
- Auto-merge pull requests
- Discussions for a community chats
- Required manual approval for Actions
And many more as well. Read more [here](https://github.blog/2020-12-08-new-from-universe-2020-dark-mode-github-sponsors-for-companies-and-more).
Really great to see GitHub advancing as a DevOps platform!
https://redd.it/k9945g
@r_devops
The GitHub Blog
New from Universe 2020: Dark mode, GitHub Sponsors for companies, and more
Check out the latest announcements from GitHub Universe 2020, including dark mode, Sponsors for companies, improvements to Actions, and more.