Prometheus/Alert Manager

Hi,

Is there a way to determine if a previous alert that was open is being fired again in Prometheus/Alert Manager setup? I'm trying to run an automation script for an alert only if the alert was fired for the first time. If the script doesn't resolve the alert, it should not run again and instead send a notification.

​

Thanks in advance.

https://redd.it/kr3jm9
@r_devops

Can you jump straight into DevOps out of college?

A little bit of background...

I’m 28 years old trying to make a career shift. I’m about to finish my 4 year IT degree. Currently I hold all three AWS associate certifications. On my downtime I’ve also picked up Terraform, Ansible (still need some practice), Jenkins, and some Docker as well. I’m also proficient in Python and Node.js. In the past I’ve done some front end dev work for a couple colleagues of mine. My goal is to get a DevOps position in the near future.
Now I understand this position is for individuals who are well into their career and know their shit and I know DevOps is a culture/methodology and not a title.

On my down time I’ve worked a project. In that project I’ve spun up a few EC2 instances using Terraform and configured them using Ansible. The first instance was a Jenkins server to build out a CD pipeline and the other instance was a dockerized python app.

Aside from that how can I get more hands on experience with DevOps?

Also, Is it possible for someone like myself to get straight into DevOps?

https://redd.it/kr1jh3
@r_devops

Terraform Cost Estimation 2021 Guide

We wrote a guide to help you decide which Terraform cost estimation provider is the best fit based on different use cases (set up, pricing, accuracy, policy integration): https://scalr.com/blog/terraform-cost-estimation/

https://redd.it/kr1dfs
@r_devops

'The Phoenix Project' and 'The DevOps Handbook'

I currently work in Support and i'm looking to just have a read about DevOps in my spare time (I enjoy reading books :P) and was wondering if these would be good books to read to get started / provide excellent value career wise. I have no development experience and do very little basic automation for my work using python.


The two books I am considering : 'The Phoenix Project' and 'The DevOps Handbook'


Is one better to start with for complete beginners like myself? is prior knowledge required?


Thanks in advance!

https://redd.it/krcs4c
@r_devops

Is it illegal to make a Mac virtual machine?

Is it illegal to make a Mac virtual machine? I need to make a VM running Mac so I can test websites on Safari. Is it illegal? If so, what are the alternatives?

https://redd.it/krdbj5
@r_devops

How do you debug a dockerized application without connecting to the vm through ssh?

How do you debug a dockerized application without connecting to the vm through ssh? Do you have any tip? Do people really just rebuild their boxes while adding another log command until they get the info they need?

https://redd.it/krelvh
@r_devops

What's the point of running a dockerized application inside a VM box?

What's the point of running a dockerized application inside a VM box? We're running a dockerized application inside a Linux VM box and I was wondering why not just run it on Windows since the dockerized application is just installing Linux.

https://redd.it/kre57a
@r_devops

Is there an issue to using Hyper-V?

Is there an issue to using Hyper-V? I can't remember what it was, but I am pretty sure using Hyper-V caused issues when trying to make a Linux or Mac virtual machine. Am I correct?

https://redd.it/krd8no
@r_devops

Chrome Extension Internal Tools?

Hi everyone! I'm a recent CS grad and I've been really interested in custom internal Chrome Extensions. I've compiled a list of examples from LinkedIn, and a surprising amount of them are for developer-focused workflows.

I would love to ask the community if you have built Chrome Extensions for devops! And, if so why?

https://redd.it/krb8sn
@r_devops

Sealed secrets

Does it make sense to seal and store secrets in Git instead of using tools like Hashi Vault?

​

\>> https://youtu.be/xd2QoV6GJlc

https://redd.it/kroosp
@r_devops

Purchasing Processes

Hey All,

I'm in the process of building a tool to streamline remote access to K8s clusters.

We're almost to the finish line and are trying to determine the right price for this SaaS tool.

Ideally, we want engineers with a small project scope to use the tool without having to go through a complicated procurement process or run the purchase decision up the chain of command. When I was a dev working at a large tech company, tool procurement was always such a nightmare, we want to fix that when possible.

I think it would be interesting to compare purchasing practices across different industries. Please reply with the following format:

Industry:
Company size (est.):
Company location (country):
Your Seniority (dev, sr, manager, director, etc.):
Price amount when you ask your boss to purchase something:
Price amount when you ask your boss's boss to purchase something:
Price amount when you ask procurement to purchase something:

​

https://redd.it/kradle
@r_devops

Want switch to Cloud Computing and Operations side

Hi guys, hope you're all safe and sound. Well, I am working as a software engineer(a/c to my designation) in a big private company and right now I am assigned some websites project in which I should just have to solve some issues or bugs and I am doing it for the last 8 to 9 months. But the problem is I want to switch to the cloud computing side or at least the DevOps part because that's what I want to be in the future. As of now, I didn't get any chance to work some operations part in any of my projects and I really want to be a cloud engineer or DevOps engineer. Please tell me what should I do now? I am getting depressed when I think about it. I cannot afford to switch to any other company as in these pandemic days, it will not be a good idea. Guys do suggest to me how do I take my career path into what I want.

Thanks

https://redd.it/krqat9
@r_devops

Agile Line Name Suggestions

So my department is standing up a new line with the sole focus of cloud contact center solutions. Currently we have two on prem contact center teams: Game of Phones, and Lords of the Ring, I was hoping to keep a similar theme. They asked me (I came up with the previous two 5+ years ago so I’m the name guy now) to come up with a list to help the team out with picking one. They asked to have some reference to cloud in the name and I’d like to keep it themed around pop culture.

I had simple ideas like Cloud Wars or The cloud awakens but can’t think of a way to combine all three... cloud pun, phone pun, pop culture.

https://redd.it/kr086b
@r_devops

Best sources to prepare for Professional Cloud Architect Certification

In my current workplace I need to pass googles "Professional Cloud Architect Certification". I have some practical knowledge in Google Cloud Platform, but from my experience with AWS certification there are a lot of micro details that could be missed in day to day work. So could you please share cources, books or other sources that helped you preparing to the certification.

https://redd.it/kqzcyf
@r_devops

What is the main difference between bare metal offerings from Packet vs. AWS, Azure, etc. ?

I'm researching the bare metal market, and with a non-technical background, I'm struggling to understand the key differences between a bare metal offering from a company such as Packet (now owned by Equinix) vs. bare metal offerings from AWS, Google, Azure, and others. How do they compare on performance? I know Packet is known for great automation and support, is that something AWS and others do well too?

https://redd.it/kruopz
@r_devops

For GitLab's CI, should deployment server information be stored in the gitlab-ci.yml directly, or is there a way to decouple it from the git itself?

We're setting up CI for the first time with GitLab (self-hosted). We have a single local staging server, but will be deploying to several production servers, and we use docker on both the staging and production.

At the moment we just have the staging server information setup inside of the gitlab-ci.yml, and this is largely duplicated across several projects. But this feels wrong to me?

The first reason is because we're duplicating the production server information across multiple gits, so if we change the server we will have to go and change each one.

And secondly because it seems we're coupling this information to each git project, and it doesn't feel related to them. E.g. we have an api project, and storing the production server information in the yml file in there doesn't feel like it should be there, as it's not really part of the api, but how it's deployed.

In regards to the second point it also feels like that for the container registry as well, e.g. we have the container registry and name setup in the yml file. Am I overthinking that, or should that information be stored elsewhere?

For the production deployment we plan to do a similar thing, except we are going to have it call a script on one manager of the docker swarm, and that will deploy and setup services for the others. Again is this a good way to do it?

My main question is, is there a better way to handle this? So that the production server information isn't stored in the git in the gitlab-ci.yml? And should things like the location and name of the container and container registry be kept in there/the git as well?

https://redd.it/krsk4c
@r_devops

Good Zero-Trust Access Solutions on AWS?

I'm looking into a a way for users to get remote access into a private network based on credentials and not IP (i.e. "zero trust"). Preferably I'm looking for something on AWS that's free and open source and I could manage myself.

I'm very much interested in HashiCorp's Boundary software, but it's still in its infancy at the moment. I have heard of Pomerium, Pritunl Zero, and even using Amazon's Application Load Balancer to solve the problem, but I'm not sure how they compare.

Do you have any recommendations?

https://redd.it/krxm6v
@r_devops

Jenkins VM with GKE agents on JNLP

Anyone using a Jenkins VM ( currently in GCE ) with GKE agents?

Im trying to configure it, and ive got the connections to GKE working, ( Test Connection is good ),
Im using this image - https://hub.docker.com/r/jenkins/inbound-agent/dockerfile
I CAN make a pod.

So my connection does begin.

It DOES say :Successfully pulled image "jenkins/inbound-agent"

But afterwards it just deletes is and recreates a new one in a loop.

​

If i leave the Command to Run as blank, it loops and fails, if i set a command to something like "top", it sits for longer as an active pod. ( in my case for 300secs just to be able to diagnose ), and if i go to the Jenkins master - Nodes and check that agent, i see:
Created Pod: jenkins-agents/jenkins-slave-xb55m

Waiting for agent to connect (29/300): jenkins-slave-xb55m

Waiting for agent to connect (58/300): jenkins-slave-xb55m

Waiting for agent to connect (87/300): jenkins-slave-xb55m

Waiting for agent to connect (116/300): jenkins-slave-xb55m

Until it runs out and we repeat..

​

Any suggestions?

https://redd.it/krplgy
@r_devops

create local repository git init not working

it's not creating any files in my folder I'm using Mac is thats a problem

https://redd.it/krww66
@r_devops

Anyone running their ci/cd server on nomad?

What CI/CD servers are yall using on nomad?
i've got a nomad cluster that i really really enjoyed making, so easy.

Now i'd like to start moving some CI/cd agents on to it. But i'd like first class integration.

I haven't been able to find many solutions besides Waypoint, and gitlab, and we JUST moved to github so hard sell on buying another thing.

So what CI/cd solutions host well on nomad? i mostly just need a script schuedler/checkout handler, nothing fancy.

https://redd.it/krzizt
@r_devops

How to use Helm plugins with Terraform's Helm Provider?



Hello all,

I am currently attempting to use the Helm provider to deploy a chart into AWS EKS. This chart has a couple of secrets that I have had encrypted using AWS KMS and the helm-secrets plugin found here:

https://github.com/jkroepke/helm-secret

When deploying directly through Helm, I can simply wrap the regular deployment with the helm secrets plugin like so:

helm secrets install my-chart . -f .\secrets.my-chart-secrets.yaml

and it successfully installs into my cluster no worries. I've also done a successful terraform apply using the helm provider and without encrypted secrets, but I'd like to store them in Github securely.

I am unsure on how to combined these two strategies so I can deploy using terraform and also use the helm-secrets plugin. To expand, I am unsure on how to use plugins in general with it, and I can't seem to find any examples.

In the documentation:

https://registry.terraform.io/providers/hashicorp/helm/latest/docs

there is a plugins_path argument, but I can't figure out a way to actually execute a plugin during the deployment. The helm_release resource doesn't provide many clues for this either.

Is there currently a way to use a helm plugin? If not, would my best bet then be to run a local exec to decrypt the file with the secrets plugin, pass the file in as a values parameter when doing the deployment, and then clean the workspace? This seems like a messy way of doing it when the secrets plugin has a way of handling the decryption and cleaning as a wrapper.

https://redd.it/krw2ln
@r_devops