How do you promote code to environments?

Eager to learn about various approaches and adopt one of them.

Currently, I struggle with branch per environment approach where:

1. Developer pushes code to the dev branch.
2. Github Actions build code, pushes the image to the registry, and pushes built code to the staging branch where it gets applied to the staging cluster ArgoCD which monitors the staging branch.
3. If all is good, code is promoted to the main branch via PR and automatically applied to the production cluster with ArgoCD which monitors the main branch.

How do you do CI and promote code to production?

https://redd.it/ljlrsy
@r_devops

How "Free" are the cloud services?

I want to spin up a few VMs and try a few features in cloud. Does the AWS, Azure or GCP really have any truly free service? The last time I spun a few VMs to try few things on AWS they charged me few $$ after 2 weeks. I did not upload any data, now AWS is chasing me.

Most of these cloud providers give credits to explore their services, but are they really free?

https://redd.it/lk58yj
@r_devops

Docker on Windows (WSL 2) without Docker Desktop

I like to use Docker now and then on my Windows machine. While Docker Desktop is quite clever, I don't like to have it constantly running, and the slow startup time is troublesome. After some experimenting, I have the Docker daemon running in one of my WSL 2 instances, and other instances can access the shared Docker socket just fine.

For those who dabble in Docker on their Windows machine, perhaps you will find my notes interesting:

Instead of using an init system such as systemd to launch the Docker daemon, launch it by calling `dockerd` manually. This can even be auto-launched.
If sharing the Docker daemon between WSL instances is desired, configure it to use a socket stored in the shared /mnt/wsl directory.
If sharing and privileged access without sudo are desired, configure the `docker` group to have the same group ID across all WSL instances.
Rather than launch a Windows-based Docker client, launch docker inside WSL. A convenience Powershell function is an option for doing this, if docker from Powershell is desired.

A much more detailed and careful explanation.

I welcome your thoughts.

https://redd.it/lk27wb
@r_devops

Creating CICD pipeline to deploy to AWS

I am trying to design a CICD that can deploy Cloudformation via Jenkins. I am thinking I need the following scripts:

A script to assume the role into the account.
A script to compile the template (eg injecting a lambda into Cloudformation or creating a s3 bucket to upload the zip)
A script to validate if the stack compiled correctly

A script to deploy the stack

Do I need to pass the IAM user credentials in each stage of the pipeline? If so how can I create a persistent environment with such information? How can I upload the lambda for instance into s3 and inject the information into the lambda resource? Do I need an IAM user or role to do the same?

https://redd.it/ljzro1
@r_devops

Blog This week is the end of the AWS RDS Postgres 9.5 and Istio 1.7. New release of the HashiCorp Boundary, Istio and Kubernetes.

Hello,

A few weeks ago I started the weekly news. I basically check the news from the last week and create a "batch" news. It also has a reminder section, that's where I put the reminders from end-of-life/support, critical security patches, etc.

Feedbacks/suggestions/* are always welcome :)

See on Medium: https://medium.com/news-updates-and-reminders-cloud-devops-sre-chaos/week06-news-updates-reminders-aws-hashicorp-istio-kubernetes-linux-761e326001db?sk=cd7117bb380d11991190a35ac54b241b

​

See on my Website: https://www.lozanomatheus.com/post/week06-news-updates-reminders-aws-hashicorp-istio-kubernetes-linux

https://redd.it/ljzhxf
@r_devops

What internal tools have you built around prometheus?

What do they do and how easy were they to build?

https://redd.it/ljwxwo
@r_devops

Change Position (Small Org)

Hi Everyone!

I’m looking for some advice about my career if possible. I currently work for a small SME (UK based) and have 1/2 years experience in the industry. I’m basically a single person Ops team working with two devs who have very little influence on the Ops side. In a previous job, I worked for a startup, so don’t really have much experience working in a large Org/business on a large set of infrastructure. Have I shot myself in the foot? Should I change companies? I’m wanting to eventually move to a large org in an architect level position.

https://redd.it/ljvtam
@r_devops

AWS or GCP new career in Japan DEVOPS

I'm looking to change my career path from IT onsite infrastructure to DEVOPS. (Currently working in tokyo as IT onsite engenieer)

According to my understanding because the trends in the near future GCP will dominate the spectrum that now is leading AWS, but in Japan, I cannot find a single job hiring position involving GCP. I need to take a desition asap while finish my CCNA.

Need some help and guidance for my new path. Hope someone can share thoughts and advice.


Cheers.

https://redd.it/lkc1uq
@r_devops

What "cloud native" is really good for?

This is a honest question, I swear. There are tons of marketing slides explaining the "benefits of cloud native approach", but my question is - what is it really good for? Like for your project/product/company - what specifically have you gained by going cloud-native?

https://redd.it/lkbx9e
@r_devops

When is it wise to switch back from serverless?

Cost can become an issue with serverless functions especially for constant large-scale loads
Performance is not optimal (even with all the magic serverless functionality to support computes)

​

>When certain functionalities are getting used really frequently and their performance is not that great for the consuming users or client microservices, while costs can be lower in terms of cloud resource usage for a certain workload, and when the application is proven and parts of it can be carved in delimited microservices, that is the time.
>
>Microservices are faster and cheaper but it takes more to build and modify them. So both serverless and microservices have their place in an event driven organization of systems.
>
>\- Nicolae Marasoiu

Anything else? I know you've got an opinion - let's see it,

https://redd.it/lkd6ku
@r_devops

Advice Request Infrastructure + Configuration + Deployment Management Stack

Hi all,

I am strating to automate the infrastructure and the configuration for a personal project. And I am using the following tools:

Terraform: AWS EC2 instances, RDS and other resources management (creation, destruction etc..)
Ansible: Configuration management (installing all the required packages)
K8s: Apps deployment
Jenkins: CI/CD with Gitlab

I want to know what do you guys think about this stack? Are better ways to do what I want to acheive? I am not a devops expert and I want to have a reference from more experienced folks.

Thanks in advance

https://redd.it/lkenwy
@r_devops

How to improve?

Hi!
How do you guys improve yourselves for your job? does your company give you any tools/resources to do so? how did you guys manage or managed when you started working?

https://redd.it/lkea0p
@r_devops

The role of "Devops Engineer" in 2021?

Hi all! I'm going to be interviewed for a position with title Devops Engineer, which is a bit controversial since devops should be a practice/way of working instead of separate role or position. Based on the requirements on job ad, it looks more like a cloud infrastucture engineer since technologies like AWS, Kubernetes, Terraform etc. were mentioned alongside CI/CD, Golang, ELK etc.


The question is, what would you expect from a role like this in 2021 and what questions would you ask to clarify the job responsibilities? I have a background in backend development with lots of cloudy+devopsy stuff which I like, but I like coding a lot too and wouldn't want to drop it completely.

https://redd.it/lkcakv
@r_devops

Modernizing Workflow

Hello everyone,

at work I am part of a two-man IT/development/sysadmin/... team supporting a team of academics. Two main tasks I am tackling are:

1. development of small, one-shot web apps that need to be hosted indefinitely
2. Continuous development of larger web apps

Both are hosted on-premise, my publish workflow currently consists of:

1. Marking a new release via a git tag
2. Have Gitlab-CI create docker images for me
3. Use SaltStack to manually update which container version runs on a single Docker host. Some HA is achieved by the hypervisor which runs the Docker host.
4. Manually update ports/hostname in the Apache reverse proxy.

While this works ok, I feel I need some advice into modernizing this workflow. All the manual pushing/updating is very error-prone and slow while I am finding it hard to monitor all these apps, especially the ones that are out of development.

Additionally, I find myself needing to run batch jobs (on schedule or triggered by data transfers) that are either Python or Fortran code with a complex chain of dependencies. I thought about making my app start Docker containers with pre-prepared images containing required libraries but I am not sure how to approach this.

Will using something like Nomad/Consul or Kubernetes make all this easier to work with? Especially the deployment and monitoring workflow. Most of this stuff is not critical (production-lite) as of now so it's easy to try various stuff.

https://redd.it/lk9vhm
@r_devops

Managing Azure DevOps Service Principals

I have written up a simple blog post on how to reconfigure Service Principals so they are clearer and have better security within Azure DevOps. Hope this helps some people

https://jamescook.dev/cleanup-azure-devops-service-principals

https://redd.it/lkb59p
@r_devops

biggest struggles as a software developer (all levels)

Hi,

which are your main struggles as software developers?

https://redd.it/lke7v2
@r_devops

Stderr monitoring in k8s

Hello guys, i was talking with few developers from my company today and they asked me is there a way to get alerts via slack when there is an error in deployment, all of the things i can think of atm are metrics only, do you have any idea what would be the best way to handle something like that? I would like to avoid having some 3rd party apps like slack bots having access to my namespaces and pods, I also deployed ELK a few weeks ago, so is there maybe some elk alerting service that would come in handy?

Thank you!

https://redd.it/lkogzq
@r_devops

Curated GitHub repository on how organisations around the world practice SRE and DevOps

I’m curating engineering blog posts, videos and other cool resources on Site Reliability Engineering ans DevOps in a GitHub repository

https://github.com/upgundecha/howtheysre

https://redd.it/lkr952
@r_devops

What are some must know technologies for devops?

I am learning devops after being a developer and I want to know what are the must know technologies and which ones I should start with learning first and are the most essential and which are the least essential and anything in between. I am currently learning docker and jenkins. I have heard some about kuberneties and terraform but not sure how important it is to have each in a server.

https://redd.it/lksygo
@r_devops

CircleCI vs Jenkins

Just wanted to know if CircleCI was offering something new that Jenkins hasn't offered before??

https://redd.it/lklsrn
@r_devops

Estimate cost per user for cloud infrastructure

Lets say that I have a product which allows users to sign up and sell personal services (think craigslist..etc). How do I estimate cost per user, cost per month..etc.

Basically, I am trying to figure out, how much should I be charging user so that I am atleast breaking even, and I want this trend to scale with users.

Is there a formula or other tools that allow to do this end to end cost estimation and growth simulation ?

https://redd.it/lko5ym
@r_devops