Is there any such thing as an authentication reverse proxy/load balancer?
Whenever I'm building an app, the most boring and repetitive thing I do is authentication. I've been thinking lately about the fact that any app is going to be put behind a load balancer or reverse proxy in prod anyway to enable horizontal scaling of VMs at your cloud of choice (AWS, DO, etc.). Wouldn't it be cool if that load balancer or reverse proxy could handle authentication so the app doesn't have to?
What I'd like is the ability to set up some "magic" software, tell it the internal IP addresses and ports of my multiple app servers (running, say, a Ruby or Go app for example), give it database access credentials so it can handle creating, updating, authenticating and removing users according to my database schema (so some form of field mapping support), and then have it just modify HTTP/S requests after authenticating to strip headers like
Anyway, does something like this already exist? If so, what's it called and where can I learn more about it?
If not, I may go build something like this. Would be a killer replacement for building your own auth all the damn time.
EDIT: I should mention I'm looking for an open source product here, something I can deploy myself. Thanks!
https://redd.it/kfamam
@r_devops
Whenever I'm building an app, the most boring and repetitive thing I do is authentication. I've been thinking lately about the fact that any app is going to be put behind a load balancer or reverse proxy in prod anyway to enable horizontal scaling of VMs at your cloud of choice (AWS, DO, etc.). Wouldn't it be cool if that load balancer or reverse proxy could handle authentication so the app doesn't have to?
What I'd like is the ability to set up some "magic" software, tell it the internal IP addresses and ports of my multiple app servers (running, say, a Ruby or Go app for example), give it database access credentials so it can handle creating, updating, authenticating and removing users according to my database schema (so some form of field mapping support), and then have it just modify HTTP/S requests after authenticating to strip headers like
Authorization (so my app can't "accidentally" waste time verifying a JWT that was already verified) and add a header, something like X-User-ID so I can just "trust" that this is always correct since it's coming from my load balancer/reverse proxy. Obviously, these app servers wouldn't be directly available over the internet so a malicious user couldn't just inject that user id header and bypass the gatekeeper...Anyway, does something like this already exist? If so, what's it called and where can I learn more about it?
If not, I may go build something like this. Would be a killer replacement for building your own auth all the damn time.
EDIT: I should mention I'm looking for an open source product here, something I can deploy myself. Thanks!
https://redd.it/kfamam
@r_devops
JSON Web Tokens - jwt.io
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
Can you refuse deployments?
Was just posting my story of 2020 here https://www.reddit.com/r/devops/comments/kf5ohe/whats_your_lead_time/
It got me thinking, in your org do you as a “DevOps team” have any say on when or how things go into production after any formal change requests are approved by the business?
Now obviously we’re responsible for pipelines quality etc but if developers haven’t done fair share of testing (manual or automated) or your not confident on something going to production will work due to rushed or a history of bad code quality from a team do you have any sway/authority to push back?
For example:
1) sonarcloud might show test coverage is below 80% is that a leaver to push back on a deployment?
2) last 3 deployments went poorly and had be rolled back from team x etc
3) Junior team didn’t get any code reviewed by senior software engineers
Just keen for thoughts!
https://redd.it/kf97nu
@r_devops
Was just posting my story of 2020 here https://www.reddit.com/r/devops/comments/kf5ohe/whats_your_lead_time/
It got me thinking, in your org do you as a “DevOps team” have any say on when or how things go into production after any formal change requests are approved by the business?
Now obviously we’re responsible for pipelines quality etc but if developers haven’t done fair share of testing (manual or automated) or your not confident on something going to production will work due to rushed or a history of bad code quality from a team do you have any sway/authority to push back?
For example:
1) sonarcloud might show test coverage is below 80% is that a leaver to push back on a deployment?
2) last 3 deployments went poorly and had be rolled back from team x etc
3) Junior team didn’t get any code reviewed by senior software engineers
Just keen for thoughts!
https://redd.it/kf97nu
@r_devops
reddit
What's your lead time?
Out of curiosity, what's your typical lead time to get an application, service, API, etc... from concept to production ready? This includes a...
Any examples of non-trivial Continuous Deployment setups?
Every time I go looking at the CI/CD setups and examples, they are all so simple that it is not actionable to take the next step for making something real. Most workflows boil down to: build, test, ssh into box, install.
We currently have a decade+ old custom built set of tooling that does the job, but is fairly painful to extend. I'd like to add some ability to tag and deploy docker images across platforms now, and that's likely to be painful with the current code. Considering all the existing solutions out there, it seems like I should be able to someone else's but every time I look I don't find anything that explains more than the trivial use case.
Our use case isn't really THAT hard, but we do have these things that complicate it:
1. We have a staging environment. So we normally build and roll out to those machines. Every build for us rolls out to the staging environment.
2. We don't have direct SSH access to staging or production from the world. So if we set up CI/CD in Bitbucket, it can't directly SSH to boxes to deploy the code. We currently build by clicking a button on a Jenkins box inside our network which can SSH to them, but it would be nice to get out of the job of maintaining that. We could set up like an API endpoint that Bitbucket Pipelines pokes to trigger the deploy. But wondering what anyone else is doing here.
3. Roughly every 2 weeks we mark what is on staging to roll out to production. This is probably the simpler task and if we had to custom build this so be it, again would be nice if we didn't have to bespoke this.
Every time I'm looking at Droid/Pipeline/Action/Travis/Bamboo/CodeDeploy, they all seem to stop far short of the mark for how I can get to where we are now. I'd even be open to completely reinventing our environments, if there's a story for getting there. Unfortunately, our application is complicated enough that just switching to K8s/GKE/Azure is too big a bite to take.
Thanks for any pointers!
https://redd.it/kf8dja
@r_devops
Every time I go looking at the CI/CD setups and examples, they are all so simple that it is not actionable to take the next step for making something real. Most workflows boil down to: build, test, ssh into box, install.
We currently have a decade+ old custom built set of tooling that does the job, but is fairly painful to extend. I'd like to add some ability to tag and deploy docker images across platforms now, and that's likely to be painful with the current code. Considering all the existing solutions out there, it seems like I should be able to someone else's but every time I look I don't find anything that explains more than the trivial use case.
Our use case isn't really THAT hard, but we do have these things that complicate it:
1. We have a staging environment. So we normally build and roll out to those machines. Every build for us rolls out to the staging environment.
2. We don't have direct SSH access to staging or production from the world. So if we set up CI/CD in Bitbucket, it can't directly SSH to boxes to deploy the code. We currently build by clicking a button on a Jenkins box inside our network which can SSH to them, but it would be nice to get out of the job of maintaining that. We could set up like an API endpoint that Bitbucket Pipelines pokes to trigger the deploy. But wondering what anyone else is doing here.
3. Roughly every 2 weeks we mark what is on staging to roll out to production. This is probably the simpler task and if we had to custom build this so be it, again would be nice if we didn't have to bespoke this.
Every time I'm looking at Droid/Pipeline/Action/Travis/Bamboo/CodeDeploy, they all seem to stop far short of the mark for how I can get to where we are now. I'd even be open to completely reinventing our environments, if there's a story for getting there. Unfortunately, our application is complicated enough that just switching to K8s/GKE/Azure is too big a bite to take.
Thanks for any pointers!
https://redd.it/kf8dja
@r_devops
reddit
Any examples of non-trivial Continuous Deployment setups?
Every time I go looking at the CI/CD setups and examples, they are all so simple that it is not actionable to take the next step for making...
Junior DevOps Engineer Jobs & Salary Prediction in NYC
Hello all,
My post says it all but still to clarify, as I want to get into a full time (Entry) Junior DevOps Engineering job in NYC, what is my average salary expectation? I just don’t want to get low balled or taken advantage off in any way so just curious. Thank you!
https://redd.it/kfdrey
@r_devops
Hello all,
My post says it all but still to clarify, as I want to get into a full time (Entry) Junior DevOps Engineering job in NYC, what is my average salary expectation? I just don’t want to get low balled or taken advantage off in any way so just curious. Thank you!
https://redd.it/kfdrey
@r_devops
Transitioning from SDET to Devops...
Hey everyone,
So it was announced a couple weeks ago that my team is going to be split into two: SDET and Devops. I was asked to go into Devops team under a new manager(who is currently my teammate). I have ~2-3 years of experience after graduating college.
My current responsibilities include, e2e automation for testing our product, validations, maintaining Jenkins, creating pipeline as code and some other stuff.
Some tools we will be using: Jenkins, AWS, Ansible, Terraform, Dockers, k8s, TravisCI,concourseCI, and probably more
We have two weeks off, so I want to spend some time getting ready and learning more to be ready. What are some recommendations? Stuff I should learn? I feel like I'm not ready at all or maybe I'm just worrying too much.
https://redd.it/kfeg4i
@r_devops
Hey everyone,
So it was announced a couple weeks ago that my team is going to be split into two: SDET and Devops. I was asked to go into Devops team under a new manager(who is currently my teammate). I have ~2-3 years of experience after graduating college.
My current responsibilities include, e2e automation for testing our product, validations, maintaining Jenkins, creating pipeline as code and some other stuff.
Some tools we will be using: Jenkins, AWS, Ansible, Terraform, Dockers, k8s, TravisCI,concourseCI, and probably more
We have two weeks off, so I want to spend some time getting ready and learning more to be ready. What are some recommendations? Stuff I should learn? I feel like I'm not ready at all or maybe I'm just worrying too much.
https://redd.it/kfeg4i
@r_devops
reddit
Transitioning from SDET to Devops...
Hey everyone, So it was announced a couple weeks ago that my team is going to be split into two: SDET and Devops. I was asked to go into Devops...
disable lan gossip on consul cluster
Hi all,
You are my last hope :(
We have a consul cluster which 99% use only as key val data store.
This cluster serve multiple customers which doesn't have any connection between them.
By default, consul create a network mesh between all clients on the cluster. he use this feature to reduce the load from the servers and provide better consistency.
In our case we can't open connectivity between the customers.
Do you have any idea how to overcome this limitation??
https://redd.it/kf7qu2
@r_devops
Hi all,
You are my last hope :(
We have a consul cluster which 99% use only as key val data store.
This cluster serve multiple customers which doesn't have any connection between them.
By default, consul create a network mesh between all clients on the cluster. he use this feature to reduce the load from the servers and provide better consistency.
In our case we can't open connectivity between the customers.
Do you have any idea how to overcome this limitation??
https://redd.it/kf7qu2
@r_devops
reddit
disable lan gossip on consul cluster
Hi all, You are my last hope :( We have a consul cluster which 99% use only as key val data store. This cluster serve multiple customers...
FaaS & Security - What you should know before going serverless
Serverless is a growing trend and can offload some of the security responsibility, but brings out some additional security considerations applications owners should know before making the plunge into serverless.
https://dev.to/mackenziejj/faas-security-considerations-to-know-before-going-serverless-2o2n
What is everyone's view on using serverless architecture (Functions as a service) from a perspective of security?
https://redd.it/kezqob
@r_devops
Serverless is a growing trend and can offload some of the security responsibility, but brings out some additional security considerations applications owners should know before making the plunge into serverless.
https://dev.to/mackenziejj/faas-security-considerations-to-know-before-going-serverless-2o2n
What is everyone's view on using serverless architecture (Functions as a service) from a perspective of security?
https://redd.it/kezqob
@r_devops
DEV Community
FaaS Security- What you should know before deciding to go serverless
Serverless architecture is becoming a compelling choice for developers and companies to host their ap...
How are you managing credentials in Jenkins?
Use case: We use Jenkins to run operational scripts and some CI pipelines along with the credentials plugin to store service account passwords and ssh keys for authentication to APIs and servers.
Current Implementation: Currently we are managing credentials via the Jenkins Puppet module paired with encrypted hiera, so we are able to use IaC for secrets without exposing them.
Problem: The main issue we are facing is that the Jenkins Puppet module doesnt support updating credentials. I.e. when a service account password is changed in AD, we have to update the puppet code, and then manually delete the credential object in the Jenkins UI and then puppet will add the updated password back to Jenkins. Obviously, this is a pain in the ass to manage.
Potential Solutions?: Use an external secrets repo like Vault or Conjure, automate the deletion of the credential needing an update, rewrite jenkins module.
https://redd.it/kf6q5u
@r_devops
Use case: We use Jenkins to run operational scripts and some CI pipelines along with the credentials plugin to store service account passwords and ssh keys for authentication to APIs and servers.
Current Implementation: Currently we are managing credentials via the Jenkins Puppet module paired with encrypted hiera, so we are able to use IaC for secrets without exposing them.
Problem: The main issue we are facing is that the Jenkins Puppet module doesnt support updating credentials. I.e. when a service account password is changed in AD, we have to update the puppet code, and then manually delete the credential object in the Jenkins UI and then puppet will add the updated password back to Jenkins. Obviously, this is a pain in the ass to manage.
Potential Solutions?: Use an external secrets repo like Vault or Conjure, automate the deletion of the credential needing an update, rewrite jenkins module.
https://redd.it/kf6q5u
@r_devops
reddit
How are you managing credentials in Jenkins?
Use case: We use Jenkins to run operational scripts and some CI pipelines along with the credentials plugin to store service account passwords and...
What cloud storage provider to choose?
We are searching for a cloud service. We need to store our data and documents somewhere. At first, we were thinking of a NAS server, but it's too pricy and too complicated and we don't need that. I got a suggestion to try a cloud service.
What do you recommend and why? The most important thing for us is to share our files very easily because several people work on one document. The best way would be to have a folder on a desktop shared between several PCs. Does the cloud have this functionality?
https://redd.it/kf6pf2
@r_devops
We are searching for a cloud service. We need to store our data and documents somewhere. At first, we were thinking of a NAS server, but it's too pricy and too complicated and we don't need that. I got a suggestion to try a cloud service.
What do you recommend and why? The most important thing for us is to share our files very easily because several people work on one document. The best way would be to have a folder on a desktop shared between several PCs. Does the cloud have this functionality?
https://redd.it/kf6pf2
@r_devops
reddit
What cloud storage provider to choose?
We are searching for a cloud service. We need to store our data and documents somewhere. At first, we were thinking of a NAS server, but it's too...
CLI for different tools
Not that long ago I found a CLI that was something like an alias for many different systems/tools. I wanted to test it, but I lost the name. Are you familiar with such tool? It worked something like this:
this-tool-name build # builds docker from local Dockerfile
this-tool-name something-else # performs an action using aws-cli
this-tool-name extra-action # runs ansible-playbook
https://redd.it/kfibzk
@r_devops
Not that long ago I found a CLI that was something like an alias for many different systems/tools. I wanted to test it, but I lost the name. Are you familiar with such tool? It worked something like this:
this-tool-name build # builds docker from local Dockerfile
this-tool-name something-else # performs an action using aws-cli
this-tool-name extra-action # runs ansible-playbook
https://redd.it/kfibzk
@r_devops
reddit
CLI for different tools
Not that long ago I found a CLI that was something like an alias for many different systems/tools. I wanted to test it, but I lost the name. Are...
DevOps Engineer Career Progression (DevOps Engineer to DevOps Lead)k8s to azure service fabric
Hey! 👋
I am currently working as a DevOps Engineer in a fortune 100 company. My work mostly involves around k8s, creating clusters (Vanilla K8s on various providers like azure / VMware/ Nutanix, etc), writing tools in go/python, etc. My team is fairly big and I learned a lot about k8s in the last 2 years in this.
To get a pay hike, I decided to move on to a new opportunity and got offered a role as a DevOps lead in a small (20ish) people company. When I say lead, I am 1st DevOps engineer being hired as they want to scale their product in the coming years.
What would you advise for someone novice to azure service fabric?
Are there any books/courses I should be looking into?
I am well versed in Python, have significant experience in C/C++, and learning GO (Mainly writing controllers/operators). Is C# is must learn to work with Azure Service Fabric?
What development machine (Windows / Mac / Linux) I should opt for? (I am currently using Mac and very comfortable on it but have used windows a lot as well so don't really mind.)
Note: I am from the EU
https://redd.it/kf41jp
@r_devops
Hey! 👋
I am currently working as a DevOps Engineer in a fortune 100 company. My work mostly involves around k8s, creating clusters (Vanilla K8s on various providers like azure / VMware/ Nutanix, etc), writing tools in go/python, etc. My team is fairly big and I learned a lot about k8s in the last 2 years in this.
To get a pay hike, I decided to move on to a new opportunity and got offered a role as a DevOps lead in a small (20ish) people company. When I say lead, I am 1st DevOps engineer being hired as they want to scale their product in the coming years.
What would you advise for someone novice to azure service fabric?
Are there any books/courses I should be looking into?
I am well versed in Python, have significant experience in C/C++, and learning GO (Mainly writing controllers/operators). Is C# is must learn to work with Azure Service Fabric?
What development machine (Windows / Mac / Linux) I should opt for? (I am currently using Mac and very comfortable on it but have used windows a lot as well so don't really mind.)
Note: I am from the EU
https://redd.it/kf41jp
@r_devops
reddit
DevOps Engineer Career Progression (DevOps Engineer to DevOps...
Hey! 👋 I am currently working as a DevOps Engineer in a fortune 100 company. My work mostly involves around k8s, creating clusters (Vanilla K8s...
Websocket Monitoring - Need Advice
What are the best way to do monitoring for websocket connections?
for example we would want to measure:
* length of time the websocket sessions are open
* the amount of time it takes from getting a websocket request until the response is sent back
* amount of times websocket connections closed unexpectedly
we would like to measure these as server-side metrics only without the external network effects.
which tools would you use for this use case?
thanks in advanced!
https://redd.it/kevtem
@r_devops
What are the best way to do monitoring for websocket connections?
for example we would want to measure:
* length of time the websocket sessions are open
* the amount of time it takes from getting a websocket request until the response is sent back
* amount of times websocket connections closed unexpectedly
we would like to measure these as server-side metrics only without the external network effects.
which tools would you use for this use case?
thanks in advanced!
https://redd.it/kevtem
@r_devops
reddit
Websocket Monitoring - Need Advice
What are the best way to do monitoring for websocket connections? for example we would want to measure: * length of time the websocket...
A Micro Continuous Delivery software
Is there's any micro CD system. I want software that will watch GitHub for pushes and pull the changes to my VPS then I will execute some commands, nothing fancy!
https://redd.it/kfkkz0
@r_devops
Is there's any micro CD system. I want software that will watch GitHub for pushes and pull the changes to my VPS then I will execute some commands, nothing fancy!
https://redd.it/kfkkz0
@r_devops
reddit
A Micro Continuous Delivery software
Is there's any micro CD system. I want software that will watch GitHub for pushes and pull the changes to my VPS then I will execute some...
GitHub will stop allowing basic auth for git operations
How do you guys plan to mitigate this in your pipelines? Some plugins we use require us to use basic auth to work with git.
Edit: never mind read the actual blog post. Make sure you use PAT’s
https://www.theregister.com/2020/12/17/githubbanspasswords/
https://redd.it/kfl5f2
@r_devops
How do you guys plan to mitigate this in your pipelines? Some plugins we use require us to use basic auth to work with git.
Edit: never mind read the actual blog post. Make sure you use PAT’s
https://www.theregister.com/2020/12/17/githubbanspasswords/
https://redd.it/kfl5f2
@r_devops
Its that time of the year again :) What have you automated lately ?
I know this been asked couple of time but however I am sure there are new things you guys have automated ? :D
https://redd.it/keuhpi
@r_devops
I know this been asked couple of time but however I am sure there are new things you guys have automated ? :D
https://redd.it/keuhpi
@r_devops
reddit
Its that time of the year again :) What have you automated lately ?
I know this been asked couple of time but however I am sure there are new things you guys have automated ? :D
DevOps beginning help
Hello r/devops community
I have been a on-premise sysadmin for over 4 years, recently I got AWS CCP and Security+ certified and would like to begin my journey on devops, where would I start learning things like chef, puppet, ansible, jenkins and Teraform?
https://redd.it/kfntah
@r_devops
Hello r/devops community
I have been a on-premise sysadmin for over 4 years, recently I got AWS CCP and Security+ certified and would like to begin my journey on devops, where would I start learning things like chef, puppet, ansible, jenkins and Teraform?
https://redd.it/kfntah
@r_devops
reddit
DevOps beginning help
Hello r/devops community I have been a on-premise sysadmin for over 4 years, recently I got AWS CCP and Security+ certified and would like to...
Pipelines: A Free DevOps/SRE Bootcamp
Hey all! This is my quarterly announcement for a completely free DevOps/SRE bootcamp I run that is beginning January 4th of 2020.
What is it?
Pipelines: A Journey into Software Delivery, automation and Infrastructure
Pipelines is a technical training series designed to expose you to concepts in DevOps and Site Reliability Engineering. Throughout the Journey, it will help you understand how you can help organizations deliver software faster and more efficiently, as well as how you can ensure millions of people can access these digital products reliably.
When and Where is it?
Mondays and Wednesdays at 7pm ET from January 4 2021 - February 24 2021 on Twitch!
channel: https://twitch.tv/mastermndio
Who is it for?
This is the "Apprentice" level of the course, so it is designed for those new to the discipline who want to be exposed to and get hands on with the many topics needed to be an effective practitioner of DevOps/Site Reliability principles. There will be "Journeyman" and "Master" levels of the Pipelines course that follow this course for anyone who is looking for a deeper dive into these disciplines.
How Much is it?
It is 100% free to participate is ALL parts of the bootcamp. Due to popular requests, we have implemented a pay what you want model if you'd like to support, but there is ABSOLUTELY NO OBLIGATION. Our goal is simply to expand access to digital engineering skills.
More Info and Registration
You can find complete information about all bootcamps at https://academy.mastermnd.io
Click Here For Curriculum
Click Here for direct Registration
​
P.S. Recording will go up on YouTube 24 hours after they have aired, due to Twitch ToS, but in order to keep the channel clean and organized for upcoming content, The recording will be private, and the link will be accessible from Google Classroom.
​
If you have any questions, ask away here or shoot me an email at [email protected]. Thanks and I look forward to learning with you!
https://redd.it/kfpffg
@r_devops
Hey all! This is my quarterly announcement for a completely free DevOps/SRE bootcamp I run that is beginning January 4th of 2020.
What is it?
Pipelines: A Journey into Software Delivery, automation and Infrastructure
Pipelines is a technical training series designed to expose you to concepts in DevOps and Site Reliability Engineering. Throughout the Journey, it will help you understand how you can help organizations deliver software faster and more efficiently, as well as how you can ensure millions of people can access these digital products reliably.
When and Where is it?
Mondays and Wednesdays at 7pm ET from January 4 2021 - February 24 2021 on Twitch!
channel: https://twitch.tv/mastermndio
Who is it for?
This is the "Apprentice" level of the course, so it is designed for those new to the discipline who want to be exposed to and get hands on with the many topics needed to be an effective practitioner of DevOps/Site Reliability principles. There will be "Journeyman" and "Master" levels of the Pipelines course that follow this course for anyone who is looking for a deeper dive into these disciplines.
How Much is it?
It is 100% free to participate is ALL parts of the bootcamp. Due to popular requests, we have implemented a pay what you want model if you'd like to support, but there is ABSOLUTELY NO OBLIGATION. Our goal is simply to expand access to digital engineering skills.
More Info and Registration
You can find complete information about all bootcamps at https://academy.mastermnd.io
Click Here For Curriculum
Click Here for direct Registration
​
P.S. Recording will go up on YouTube 24 hours after they have aired, due to Twitch ToS, but in order to keep the channel clean and organized for upcoming content, The recording will be private, and the link will be accessible from Google Classroom.
​
If you have any questions, ask away here or shoot me an email at [email protected]. Thanks and I look forward to learning with you!
https://redd.it/kfpffg
@r_devops
Twitch
mastermndio - Twitch
Switching To Linux 2023: Linux Desktop Setup !setup #linux #ubuntu #popos
help with deployment on Iot devices. is ansible pull right for me?
Hello, this is all fairly new for me so I hope you are able to guide me in the right direction.
I have the following challenge: I have multiple raspberry pi which are running some python scripts and are sending sensor data to GCP. Right now, the main issues I need to solve are for monitorization (considering zabbix) and scalability of this operation (considering ansible).
Right now it's all very manual, preparing an SD card with some automation scripts on first deployment. But any changes need to be done manually through ssh. Now that the main work the rpis perform is relatively stable, I am looking to automate the process.
The main constraint I have is that the rpis will be in various locations and due to how it's set up, I cannot depend on the IP address to "push" stuff to them. I need the rpis to initiate the conversation so to speak.
So I have been looking into ansible for executing commands on the rpis, and I have it set up in a few in "pull" mode, such that they run a cron job checking a Git repository and execute a few simple plays from local.yml if it detects any changes.
What I need is the following:
-I want to be able to execute commands to specific devices. So far I have seen ansible using inventory files, but these are using IP address. Is there a different way to control what devices execute which plays? Right now they all execute local.yml in the same way.
-Set up the git repository to private, while still allowing the rpis to get whatever is in there to execute the commands. As I understand it, it is possible, though I am not sure what will change.
Idk if this is the right way of doing it, so I hope someone can guide me in the right path. Basically I am interested in being able to setup and configure the rpis automatically and ideally personalize them. For example, they are all getting the same initial setup and python scripts, but they have some variables in the scripts which depend on the particular location, so I'd like to customize these somehow.
Am I going about this the right way?
https://redd.it/kfiosw
@r_devops
Hello, this is all fairly new for me so I hope you are able to guide me in the right direction.
I have the following challenge: I have multiple raspberry pi which are running some python scripts and are sending sensor data to GCP. Right now, the main issues I need to solve are for monitorization (considering zabbix) and scalability of this operation (considering ansible).
Right now it's all very manual, preparing an SD card with some automation scripts on first deployment. But any changes need to be done manually through ssh. Now that the main work the rpis perform is relatively stable, I am looking to automate the process.
The main constraint I have is that the rpis will be in various locations and due to how it's set up, I cannot depend on the IP address to "push" stuff to them. I need the rpis to initiate the conversation so to speak.
So I have been looking into ansible for executing commands on the rpis, and I have it set up in a few in "pull" mode, such that they run a cron job checking a Git repository and execute a few simple plays from local.yml if it detects any changes.
What I need is the following:
-I want to be able to execute commands to specific devices. So far I have seen ansible using inventory files, but these are using IP address. Is there a different way to control what devices execute which plays? Right now they all execute local.yml in the same way.
-Set up the git repository to private, while still allowing the rpis to get whatever is in there to execute the commands. As I understand it, it is possible, though I am not sure what will change.
Idk if this is the right way of doing it, so I hope someone can guide me in the right path. Basically I am interested in being able to setup and configure the rpis automatically and ideally personalize them. For example, they are all getting the same initial setup and python scripts, but they have some variables in the scripts which depend on the particular location, so I'd like to customize these somehow.
Am I going about this the right way?
https://redd.it/kfiosw
@r_devops
reddit
help with deployment on Iot devices. is ansible pull right for me?
Hello, this is all fairly new for me so I hope you are able to guide me in the right direction. I have the following challenge: I have multiple...
Is this what DevOps is like?
I've been working as a SRE for the past year, straight out of college. Atm I'm getting bored with my job, and I'm starting to feel a little frustrated. I'm working in a small team, providing support for a single Bus. Unit, inside a larger organization that has a main SRE team that provides support for the hole company. Atm, my team's only purpose is to remove all of the burden out of developers in our BU, so that they can focus on developing, meaning that we spent most of our time taking care of their dependencies. My team is not really providing any new solutions for anything, we are simply following the rest of the company's aproach to everything, and we don't really have a chance to speak up with our own opinions.
Since this is my first job in IT, and I don't really have a wide view of how things happen in other companies, I would just like you to tell me:
I spend my days requesting tickets to other teams, changing env. variables, updating pipelines, bootstraping new RDSs, applying terraform to create new rabbitmq queues, etc. I'm I at a dead-end job? Should I try to find a new place to work?
https://redd.it/kfl6wq
@r_devops
I've been working as a SRE for the past year, straight out of college. Atm I'm getting bored with my job, and I'm starting to feel a little frustrated. I'm working in a small team, providing support for a single Bus. Unit, inside a larger organization that has a main SRE team that provides support for the hole company. Atm, my team's only purpose is to remove all of the burden out of developers in our BU, so that they can focus on developing, meaning that we spent most of our time taking care of their dependencies. My team is not really providing any new solutions for anything, we are simply following the rest of the company's aproach to everything, and we don't really have a chance to speak up with our own opinions.
Since this is my first job in IT, and I don't really have a wide view of how things happen in other companies, I would just like you to tell me:
I spend my days requesting tickets to other teams, changing env. variables, updating pipelines, bootstraping new RDSs, applying terraform to create new rabbitmq queues, etc. I'm I at a dead-end job? Should I try to find a new place to work?
https://redd.it/kfl6wq
@r_devops
reddit
Is this what DevOps is like?
I've been working as a SRE for the past year, straight out of college. Atm I'm getting bored with my job, and I'm starting to feel a little...
What are the Kubernetes Interview Questions for 2020
Companies use Kubernetes because:
It helps in breaking down the containers into smaller modules to ensure more granular management.
Has quite an improved infrastructure than other DevOps tools.
It makes it seamless to deploy software upgrades frequently.
Has the foundation for the cloud-native apps.
This category lists the questions that are asked related to the general working of Kubernetes during the interviews.
1. The classic question --- What do you know about Kubernetes?
2. How do you think Kubernetes is related to Docker?
3. What difference do you find between Docker Swarm and Kubernetes?
4. What do you understand by container orchestration?
5. What difference do you find between deploying applications on the host and containers?
6. What are clusters in Kubernetes?
7. What do you know about Heapster?
8. What is Google Container Engine?
9. What is Kubectl?
10. What is Minikube?
11. What is Kubelet?
12. How Kubernetes simplifies the containerized Deployment?
13. What is the use of nodes in Kubernetes?
14. What are the two prime components of Kubernetes architecture?
https://redd.it/kfhmtn
@r_devops
Companies use Kubernetes because:
It helps in breaking down the containers into smaller modules to ensure more granular management.
Has quite an improved infrastructure than other DevOps tools.
It makes it seamless to deploy software upgrades frequently.
Has the foundation for the cloud-native apps.
This category lists the questions that are asked related to the general working of Kubernetes during the interviews.
1. The classic question --- What do you know about Kubernetes?
2. How do you think Kubernetes is related to Docker?
3. What difference do you find between Docker Swarm and Kubernetes?
4. What do you understand by container orchestration?
5. What difference do you find between deploying applications on the host and containers?
6. What are clusters in Kubernetes?
7. What do you know about Heapster?
8. What is Google Container Engine?
9. What is Kubectl?
10. What is Minikube?
11. What is Kubelet?
12. How Kubernetes simplifies the containerized Deployment?
13. What is the use of nodes in Kubernetes?
14. What are the two prime components of Kubernetes architecture?
https://redd.it/kfhmtn
@r_devops
reddit
What are the Kubernetes Interview Questions for 2020
**Companies use Kubernetes because:** * It helps in breaking down the containers into smaller modules to ensure more granular management. * Has...
Salary negotiation help
Hi all,
This is a throw away account because I think a few people I work with currently know my Reddit.
I was recently head hunted for a job and have no idea how much salary I can ask for. My only friends in the field are at my current work place so I don't know if I can ask them about this.
It's a start up so presumably I can ask for shares? I have no idea how much is appropriate and as for salary, well my current rate is around £55k but comes with a huge amount of employee benefits as well as job security that this new place probably can't offer.
What should my initial asks be? What would you kind folk do in this scenario?
https://redd.it/kfhfu4
@r_devops
Hi all,
This is a throw away account because I think a few people I work with currently know my Reddit.
I was recently head hunted for a job and have no idea how much salary I can ask for. My only friends in the field are at my current work place so I don't know if I can ask them about this.
It's a start up so presumably I can ask for shares? I have no idea how much is appropriate and as for salary, well my current rate is around £55k but comes with a huge amount of employee benefits as well as job security that this new place probably can't offer.
What should my initial asks be? What would you kind folk do in this scenario?
https://redd.it/kfhfu4
@r_devops
reddit
Salary negotiation help
Hi all, This is a throw away account because I think a few people I work with currently know my Reddit. I was recently head hunted for a job and...