installed vault on mac, opened the zip file and then ran the binary(?) and it still is not showing vault

do I need to export my PATH variable or other? it did ask me to change my shell to zsh so I did, but still get this:

z@Mac-Users-Apple-Computer ~ % vault
zsh: command not found: vault

https://redd.it/kwgt5a
@r_devops

Preparation for Entry level DevOps coding interview (Python+Bash)

Hi there everybody,

I'm currently a SysAdmin/VMware cloud engineer at a small company and looking to do the move from System to DevOps.

I'm interviewing for a Junior DevOps role early next week.

The prep guide stated :

>" Practice pragmatic exercises to automate & solve problems efficiently and elegantly in the
>
>language you feel most comfortable with. No need for complex algorithms, just think of something
>
>you don’t want to do anymore and how you would automate it."

I don't have too many automation possibilities at my current role, and would like to get some ideas from you for tasks that might help me in get prepared.

Some of the tasks I've already practiced :

1. Creating a "Backup" of a folder using tar, making it run every day using crontab and naming the file with the date.
2. Deleting files older than X days from a log file

https://redd.it/kwftun
@r_devops

Automating the execution and reporting of JUnit 5 tests

Hey folks!

I hope this an appropriate post and that it is considered within the community post rules. If it is not I apologize in advance. For those of you who work on Java projects that utilize JUnit 5 for your testing framework, I developed a YouTube series on automating the execution and reporting of JUnit 5 test methods using the JUnit 5 Console Launcher utility, InfluxDB, Grafana, and Jenkins.

In the series I cover:

1. How to use the JUnit 5 Console Launcher to execute JUnit 5 test methods from the command-line
2. Developing a Jenkins pipeline that uses the Console Launcher to automatically execute the JUnit 5 test cases and report results within Jenkins
3. Publishing test results to an InfluxDB database
4. Finally, how to create a Grafana dashboard that displays useful test metrics such as test execution duration and test status over time (this section of the series will be published soon)

I hope that you find this series valuable if you're working with this tech stack!

https://www.youtube.com/watch?v=tF7iFi5xSAQ&list=PLrSqqHFS8XPb\_0zOxufQXllGL9Ta6GbC2&ab\_channel=TechandBeyondwithMoss

https://redd.it/kwr9b4
@r_devops

Possible to use IaC for AWS Directory Service (AWS Managed AD)?

I'm working on an environment that needs to be repeatable, and some part of it involves consistent Active Directory Objects (OUs, certain users/groups). So far all of my code is in Terraform, which does have an AD provider, but not one that works with AWS Directory Service, because WinRM is disabled. Aside from just shooting a PowerShell script at AD and hoping for the best, does anyone know of any other way to achieve what I need?

https://redd.it/kwqlrx
@r_devops

Proper linting (manual, on save, on commit, ...)

My experience is based on using lint in full-stack projects. Here I experienced 3 different ways of using lint - all with advantages and disadvantages. We mostly use default lint settings, specifically for the project (e.g. `eslint-plugin-vue` for Vue.js projects) - so maybe the problem is simply tweaking the default lint for each project.

Also, using more restrictive lint rules moves code management to team management. For example jurniors tend to have more "weird" problems to solve with the tradeoff they cannot commit (that) bad code

* **Manual lint:**
* ➕ No unexpected behavior as I have full control
* ➖ As all non-automation: I tend to forget about it and commit unlinted code
* **Lint on save** (imho most impracticable)**:**
* ➕ The code is ALWAYS properly linted
* ➖ Really annoying while developing. You experiment with a code section and nothing works because "unused variable", etc.
* **Lint on commit:**
* ➕ Fluent development - proper code in the repo
* ➖ I experienced CI causing problems, I did not have on my machine™

Can you relate to this problems and what is your opinion?

Do other projects/workflows also have these problems (for example C++, Desktop)?

https://redd.it/kwb75i
@r_devops

Using Istio with ALB on AWS EKS

I managed to configure AWS ALB to point to istio ingress gateway using what is described here https://stackoverflow.com/a/62463576/2429333 2

How I understand it works right now is:

Client -> ALB -> Istio ingress gateway -> application pods

and with an LB created with using serviceAnnotations on Istio service it is:

Client -> ELB/NLB -> application pods

Is that correct? If so how can I use ALB with Istio and get rid of that additional network hop?

​

PS This is actually my question from Istio's discuss https://discuss.istio.io/t/using-istio-with-alb-on-aws-eks/9429

https://redd.it/kwdolx
@r_devops

Making a possible switch to devops

Hello r/devops,

I have been working in software testing for about 6.5 years and I feel like I am reaching a plateau in terms of my growth and my ability to make an impact in software teams. The last few jobs I have had have all been the same in terms of the expectations of me and it all really boils down to "we have quality issues, now that we have someone who is here for that so we won't have them anymore. Oh and by the way we don't want to really change anything". Safe to say it gets a little old after hearing it a few times.

I have had a brief job working as part of an SRE/systems team and I am coming to a point where I think I want to change directions in my career and I find myself drawn to the DevOps movement/mindset and helping teams set up the systems they need to delivery high quality software at a rapid pace. My question for all of you is what kind of certifications/skills would you say are the ones that count for getting into a systems/DevOps/cloud group within an IT organization?

Specifically I'm not dead set on something like the above and other options like sysadmin/network are also something I would like to explore. Finally for people out there who have been working in positions like I have described above what would you say are the things you would tell your younger self if you could do it all over again?

Thank you,

IrateBuccaneer

https://redd.it/kwp0qe
@r_devops

Is kubernetes any good for hosting stuff that requires an FTP access?

I know that kubernetes works fine with apps that are designed in some microservice way (on example a file storage is hosted in separate S3 cloud, database is replicated somewhere else, etc. etc.), but some of the apps requires an FTP access (okay, its wordpress) to set some things up.

This would work like one master'ish node with FTP container that syncs filesystem to other nodes in case of HA right?

https://redd.it/kwrzfr
@r_devops

Choosing between Azure DevOps, Azure DevOps Server, and GHES Actions

Which do you use for your pipelines?

Any good/bad experiences?

Would you recommend any over the others?

https://redd.it/kwmp7a
@r_devops

Handling developer feature branches in cicd?

How is your organization currently handling pipelines for feature development? Is there an automated Jenkins pipeline that spins up temporary namespaces? Are you using cloud hosted options like Azure dev spaces? Are you using open source tools like scaffold?

https://redd.it/kwll45
@r_devops

Remote Debugging in AWS

Hi all,

As developers, we are losing our ability to debug after push our application to cloud. There are several workarounds to solve this issue. I wrote a blog post about this and wanted to discuss more here. On how are you debugging the compute on cloud? What's the practices that you've been following?

https://thenewstack.io/remote-debugging-in-aws-the-missing-link-in-your-debugging-toolset/

https://redd.it/kwc7z3
@r_devops

Who is running on bare metal?

Why?

How are you managing your data center?

What are the top five problems you face?

https://redd.it/kx0qy0
@r_devops

advice for local testing

I'm using MacOS catalina for local testing. I'm testing SDK's used for a NOSQL database.

I have a database cluster running in docker containers. This is working just fine.

I need to test SDK from 6 languages (Java, C, nodejs, python, C#, Go). Unfortunately I cannot simply run the code from my machine because there some test cases that won't work. Let's say I have two query nodes and need to run queries against both nodes. I have to open port 8093 which is used by the query service. Due to the way docker for Mac works, I can't expose the same port on multiple containers (otherwise I get a port is already allocated error).

What I've done for now is build my own docker image with runtimes for 6 languages. This is also working. However this image is large (almost 2GB). I feel like I'm doing it wrong. Shouldn't container images be small? How would you folks approach testing?

By the way, the only reason I'm using docker for the database as is it's very fast to spin up a cluster (I have a bash script that does this). I suppose one simple solution is to use vagrant instead of docker (then I wouldn't have port conflict issue), but it would be slow and I'm not sure how to do this. If vagrant (or anything else besides docker) is a simpler/better solution I'm willing to explore it.

https://redd.it/kwz312
@r_devops

What is Infrastructure as Code

Hello,

I wrote a blog post "What Infrastructure as Code", discussing Infrastructure as a Service, Infrastructure as Code, Infrastructure as Data, and a few others.

Only definitions, no value judgments.

Feedback more than welcome.

https://dominik-tornow.medium.com/what-is-infrastructure-as-code-30c112ec440f

(On medium, not paywalled)

https://redd.it/kv64v0
@r_devops

Is there a "delta" post from Kubernetes to Azure Kubernetes (AKS)?

I will use in AKS, in a few weeks and start / create a new cluster.

​

I´m pretty familiar with Kubernetes / ADM /kudectl etc. Creating and maintaining Bare metal k8s clusters. But is there a post / tutorial / page whatever about Kubernetes AKS?

​

Gotchas
What to look out for?
Differences in patching / Maintaining Kube
Networking

etc?

https://redd.it/kx5a8g
@r_devops

How to Publish Artifacts on Maven Central with GitHub Actions

A concise step-by-step guide on how to publish your first artifact to Maven Central via Github Actions: https://medium.com/codestory/how-to-publish-artifacts-on-maven-central-24342fd286cd

https://redd.it/kx6cgt
@r_devops

SQLite Databases With Python -Mega Course | Complete Course |Creating a Database and Running Queries

https://www.youtube.com/channel/UCuAjoGTTf7iaMixpiEdKFZQ

https://redd.it/kxa6ih
@r_devops

We launched a free cloud security and compliance tool

Hey fellow DevOps bois. I'm sharing this free product we launched today hoping it's actually helpful and not just shilling. I got involved here because I have nightmares about the 500 row spreadsheet we got from compliance a few years ago, and I never wanted to go through that again. I'd love any thoughts from you guys.

https://redd.it/kxah4u
@r_devops

HTTPS works for the frontend, but not for the API in the same domain.

Hey guys, I've built a microservices architecture with the following structure:

* frontend built with Nuxt.js
* api gateway built with FastAPI
* service 1
* service 2
* service 3

I used Docker Compose to manage all the services. The API gateway takes all API calls from the frontend, then routes them to the appropriate microservice. I deployed it on Digital Ocean and I was able to access the frontend on [https://mydomain.com](https://mydomain.com/), the API on [https://mydomain.com:8001](https://mydomain.com:8001/) and they were able to communicate with each other.

Everything worked until I tried to set up nginx with an SSL certificate provisioned by Let's Encrypt to enable HTTPS. I set up nginx and HTTPS following [this tutorial](https://danielwachtel.com/devops/deploying-multiple-dockerized-apps-digitalocean-docker-compose-contexts) and now the frontend is listening properly on [https://mydomain.com](https://mydomain.com/) but apparently the API is still on [https://mydomain.com:8001](https://mydomain.com:8001/), so whenever the frontend sends a request to the API I get a 'Mixed Content Error'.

I thought that once the SSL certificate was enabled for the domain, HTTPS would be enabled for the API as well. What am I missing here? I should change the nginx configuration or something is wrong with the API configuration?

https://redd.it/kxanx2
@r_devops

How to manage a large number of AWS Infrastructures?

Hello guys,

I hope someone with experience or a similar situation can give some help here. So we have a custom microservice App running on ECS with a lot of AWS infra parts and we manage this with Terraform ( Deployment, maintenance, improvements, patches etc ). We deploy App with Terraform to client's AWS accounts. So that's a lot of AWS accounts to manage given that we have separated AWS per env, prod, and nonproduction.
My question is how you guys manage or how you would manage let say 20 clients X 2 env = 40 AWS accounts/deployments/infrastructures? Let say I need to deploy some infra fix or feature with Terraform to all of them, how would you do that, as manually one by one is impossible?

I was thinking to use maybe AWS Systems manager, but I'm not really sure that it supports Terraform, maybe we should switch to CloudFormation?


Any help is appreciated :)

https://redd.it/kxehcs
@r_devops

Monitoring AWS ECS on EC2 - more than cloudwatch

I am looking for ideas or best practices on how to monitor the EC2 which provides the docker containers for ECS. Fargate is more expensive in our use case.

We are running some python Backends but also regular some proprietary software, which we can't adapt.

As cloudwatch has a) very limited metrics and b) a delay of up to 5minutes till you see the metrics, we want to use prometheus (node-exporter) and/or icinga agent.

We have both running for the rest of our infrastructure. Combined with ELK and grafana, this gives us great data. Just not for everything running on ECS.

ECS is configured with LoadBalancer and autoscaling, so discovery is necessary.

Obviously there is the option to add icinga-agent and node-exporter into the container itself or add it as a side-car. Updating the clients or configs or certs would potentially require a deployment of the app, which involves other Dev teams.

We kind of want to split monitoring from the actual app and be able to update configs or versions without touching the app container.

No idea if this is the right approach, we didn't find any solution, hence I am hoping for some friendly tips or better approaches to Monitor our apps.

https://redd.it/kxj0g4
@r_devops