Question about learning aws

Hey guys, i am currently a software student and i am interested in getting a job in devops, currently i am trying to improve my python ,git and linux knowledge and i saw that it is important to learn a cloud provider service as well for the start like aws but im not sure what that means, should l just learn matiriel from resources for certifications even if im not going to take a cert exam, or i should focus on certain services, and if so then any recommandations on what to focus on that is more relevent to devops ?

https://redd.it/lo9vjc
@r_devops

Is there any good tutorial on how to make a dev and a production environment for a Wordpress application?

Is there any good tutorial on how to make a dev and a production environment for a Wordpress application? I am trying to learn some basics, so I can make a dev and a production environment with docker for most simple Wordpress application.

https://redd.it/lo8eb9
@r_devops

Question about setting rolling updates and pipelines

I'm trying to get a better understanding of devops concepts and haven't had much luck reading through aws documentation for rolling updates.

I'm aware of how rolling updates are supposed to work, my question is more to the specifics of how it would be configured.

Is there a specific aws tool that would work best to setup automated rolling updates?

My example scenario would be a working pipeline set to a test instance. The rolling update would then be set up and applied from the test instance on to a live production environment using cloudformation (or is there a better service for this?).

https://redd.it/lo92fu
@r_devops

How to run elixir commands with gitlab-ci

To automate elixir based application ,created a `systemd` service

```
[Service]
Type=simple
User=gitlab-runner
Group=gitlab-runner
Environment=LANG=en_US.UTF-8

WorkingDirectory=/path/to/elixirModule

ExecStart=/path/to/elixirModule/bin/elixir_module start
ExecStop=/path/to/elixirModule/bin/elixir_module stop
```

In `.gitlab-ci.yml`
```
build-project:
stage: build_elixir_module
tags:
- elixer-shell
script:
- mix ecto.drop
- MIX_ENV=prod mix release
- ls -lh _build/prod
- cp _build/prod/elixir_module-0.1.0.tar.gz /path/to/elixirModule/
- tar -xvf /path/to/elixirModule/elixir_module-0.1.0.tar.gz
- sudo systemctl stop elixirModule
- cd /path/to/elixirModule
- bin/elixir_module start_iex
- EctoMnesia.Storage.storage_up(ElixirModuleRepo.config)
- ElixirModuleRepo.ReleaseTasks.migrate
- sudo systemctl stop elixirModule
```

These two commands should be executed within `iex` terminal.
```
EctoMnesia.Storage.storage_up(ElixirModuleRepo.config)
ElixirModuleRepo.ReleaseTasks.migrate
```

With current configuration, I get following error

> iex(elixir_module@node1)1> $ EctoMnesia.Storage.storage_up(ElixirModuleRepo.config)
1468 bash: eval: line 125: syntax error near unexpected token `ElixirModuleRepo.config'

How to run these two commands inside `iex`. Also if my approach is buggy or any sort of wrong config, please let me know.

https://redd.it/lnxjmf
@r_devops

Node Express microservice on AWS Fargate with Terraform

Hello community,

I have created a reference project to deploy a Node Express microservice onto Amazon ECS on AWS Fargate with Terraform. I hope you find this useful!

* Node Express app containerised with Docker
* CI/CD with AWS CodePipeline
* Deploys app on AWS Fargate
* Creates, and retrieves data from MongoDB
* AWS resources managed in Terraform

If you find this useful, please give this project a star!

Github project URL: [https://github.com/MatthewCYLau/node-aws-fargate-terraform](https://github.com/MatthewCYLau/node-aws-fargate-terraform)

https://redd.it/lnsa9w
@r_devops

Open API Enabler (?)

This might be a dumb question. I was thinking about open APIs. Customers always want it out of a platform so they can tie a tool into the rest of their ecosystem. Vendors take their time creating them for the most part for some reason. Then there is a bunch of documentation that needs to be made to help customers tie it in. Or the customer needs some folks that can do it on their own. A lot of the time I notice customer don’t even end up using it much.

Do you think there is a way to make some sort out open api enabler tool? Something that speeds up the process and makes it easier for vendors to get it setup and customers to tie it in faster and more effectively?

That is vague and like I said may be a dumb question. Hoping people more technically savvy then I may have some answers.

https://redd.it/lnuv5z
@r_devops

I'm Looking for any recommendations on where to find log management tips and best practices

I'm looking to increase my knowledge of log management best practices for security and infrastructure and I wanted to ask the experts for your suggestions on good training or youtube videos. Of course, I prefer free training but I'll I will take low entry cost as well. Here is what I have found so far. Does someone have anything valuable to add to this?



Log management best practices for SIEM (Youtube)

https://www.youtube.com/watch?v=t5NOhVmhbGE

Advanced Log Management Course (6 sessions) (Live)

https://www.humio.com/advanced-log-management-course-strategies-techniques-and-tactics

Advanced Techniques for AWS Monitoring, Metrics and Logging Course (Pre-recorded)

https://cloudacademy.com/course/advanced-techniques-for-aws-monitoring-metrics-and-logging/introduction-27/

https://redd.it/lnrsqs
@r_devops

what are your experiences

.      Describe your experience with DevOps platforms, source code management, CI/CD Pipelines, et cetera. Experience with developing and maintaining pipelines. Mention security tools used in pipelines, in any.


3.      What AWS native services have you used/deployed and what method did you use to deploy them?


4.      Describe your VMware Cloud on AWS experience if any.


5.      Describe your experience with VMware SRM or equivalent third-party solution. Please include DR related experience and how many protected VMs, etc.


6.      List the scripting and/or programming languages you have experience with and give an example or two about a script you wrote.

​

7.      Describe your experience with deploying new Windows or Linux Server builds, can include both VMware templates and Cloud native.


8.      Describe your experience with networking and network equipment, such as routing and firewalls.


9.      In one sentence, what is your favorite product or solution to work with?

https://redd.it/lnyibs
@r_devops

Blog Last week --> Kernel 5.11; Schedule IstioCon 2021; Disaster Recovery for Consul; AWS EKS 1.19; +35 other news and press releases

Keep informed: one place, many sources! This is my weekly post, where I collect news/* from the last week and make this batch news/* post.

Feedbacks/suggestions/* are always welcome :)

See on Medium: https://lozanomatheus.medium.com/7387db26d017?source=friends\_link&sk=04f1bb2e9ecc56253db5b267152b24c4

See on my Website: https://www.lozanomatheus.com/post/week07-news-updates-reminders-aws-hashicorp-istio-kubernetes-linux

https://redd.it/lp5n29
@r_devops

Deployment into production environment running in private network

Our production servers run within a secured private network. Outside access is heavily limited. Deployment consists of someone logging in through VPN, which uses multi-factor authentication, and running build and deployment scripts. These build the application into JARs and then deploy them into the production servers.

I'm trying to automate this process and I'm having problems with how to automate deployment into such secured environment. What are possible automation solutions given the above constraints? Are there tools that could help me?

Only way that comes to mind is to have daemon running within the secure network, which pools some service for some kind of 'build finished' command and when it triggers it, it downloads binaries, verifies their signatures and deploys them. But I feel that would be lots of work to make it stable and secure.

https://redd.it/lp2wpv
@r_devops

Cloud Native DevOps Bootcamp... worth it?

I came across this Cloud DevOps 10 week bootcamp for n cloudskills.io

https://cloudskills.io/courses/cloud-native

To subscribe, it’s $27 a month with the ability to cancel anytime. Looking at the concepts and lessons.... is this worth it for someone new to DevOps and wanting to get into cloud?

The last week they also give you tips on your LinkedIn and resume to get hired/promoted, which I thought was cool.

What do you think?

https://redd.it/lp4dlf
@r_devops

Survey on the state of self-managing teams

One could argue that one of the less technical, but very important, aspects of DevOps is the fact that teams and employees need to work autonomously and self-managing, to quickly zoom in on the right solution for their challenges, without having to ask for permission. Do you agree?


To get a better view of the current state of self-managing teams, we are currently doing an international survey, and i'd like to invite you also to share 5min of your valuable time to answer the few questions. (Bonus: You also have a chance of winning one of the $50 AWS gift cards she's giving away to submitters.) All info stays anonymous and of course you'll receive the resulting report in a few weeks time.

https://forms.gle/VVbDuDhGtpBRsM9QA

tnx!

https://redd.it/lp4qwv
@r_devops

Youtube in vid ad skip

A chrome extension for youtube that tracks other users skip behaviour and uses that data to skip in video ads such as skillshare, brilliant, world of war, raid shadow legends, ect

Is this a good idea?

https://redd.it/lozgtd
@r_devops

Meet Harvester -> Open Source Hyperconverged Infrastructure (HCI) Software

Harvester implements HCI on bare metal servers. Here are some notable features of the Harvester:

1. VM lifecycle management including SSH-Key injection, Cloud-init and, graphic and serial port console
2. Distributed block storage
3. Multiple NICs connecting to the management network or VLANs
4. ISO image repository
5. Virtual Machine templates

I went live with Sheng to discuss the features and concepts of Harvester with Demos'

Hope you like it!

https://youtu.be/87\_ODymEGC0

https://redd.it/lot4oh
@r_devops

DevOps for beginners?

I have compiled a "little" article for newbies to get started in the world of DevOps. A lot of the resources in this article have been tried and tested by me and they have proven to be extremely easy to understand and follow. to read more follow this link
https://link.medium.com/q8ONxaC32db

https://redd.it/lopcte
@r_devops

How did devops work before the onset of cloud computing?

Sometimes it seems that many people rely a ton on cloud technologies and these few questions came to mind.

1.How did devops work before the onset of cloud computing?

2.What technologies would you use today to achieve this?

3.When would you use the old approach?

4.What have you learnt from it?

https://redd.it/lpnnkq
@r_devops

A (over)simplified comparison of DevOps, SecOps and DevSecOps

Mild entertainment purposes only.

**DevOps**

"Launch new code daily!"

Priority - rapid delivery of value

Bring devs and ops on the same page

More likely to use public cloud

Example - social media app

​

**SecOps**

"Protect this fortress!"

Priority - security above all else

Integrate security practices into ops

More likely to run on-prem

Example - human clinical trial tool

​

**DevSecOps**

"Mission-critical and pronto!"

Priority - scale-up securely while delivering value

Bring dev, security and ops on the same page

More likely to use hybrid infrastructure

Example - fast-growing fintech

https://redd.it/lpl3ky
@r_devops

Automate baseline deployment

I am seeking some suggestions from the greatest community ever.

So my environment consists of Linux and Windows nodes. They are connected to each other in a localised network

Baselines are sent to me regularly, i.e on a weekly basis. The Baselines are from a team who are based overseas. I download the patches from an internal server and manually deploy them as my environment is not connected to any internet or Intranet. Making the environment face the internet or intranet is not possible at all.

With that being said, the challenge is, not all baselines are not the same, some replace drivers, some edit configuration, or install updated software, so meaning when I receive the patches, it comes with a document that tells me what to do exactly, so i just blindly follow the document

​

This process is very very tedious and annoying- imagine doing it every week.

Is there any way to automate this?

​

Edit: There is no way of knowing what changes the baseline makes, I will only know it after I have deployed it

https://redd.it/lpo6ag
@r_devops

Needs some help deciding the best DevOps strategy (AWS hell)

Hello!Long story short, I'm forcing myself to learn AWS and to practice, I'm trying to deploy a side project but it's fighting me every step of the way. Here's what I want to end up with:

Frontend (mysite.com) <-- HTTPS --> Backend (api.mysite.com) <---> Database (RDS/Postgres)

Nothing groundbreaking:a React frontend that talks to a basic CRUD server (likely Express.js) hosted under the `api` subdomain with a Postgres database - ideally, I also want pipelines for the front and backend that propagates from GitHub.

It doesn't make sense to me to deploy to an EC2 instance as I'll have to pay for all the uptime. I tried setting up the backend API with AWS API Gateway and AWS Lambda in a serverless way, but connecting this to the RDS database was a nightmare.

I feel like this should super simple but it's been days of stress can anyone please point me in the right direction, please!?!?!?

https://redd.it/lpmi91
@r_devops

Argo CD Vault Replacer Plugin

I recently collaborated on an Argo CD plugin called ArgoCD-Vault-Replacer. It allows you to merge your code in Git with your secrets in Hashicorp Vault to deploy into your Kubernetes cluster(s). It supports ‘normal’ Kubernetes yaml (or yml) manifests (of any type) as well as argocd-managed Kustomize and Helm charts.

The plugin camne about because I'm currently pushing my company deeper and deeper into GitOps and the thorny topic of secrets management came up. We already have Vault in place so went looking at the existing options available to us. For one reason or another, they weren't quite right for us, so this plugin was born. Of course, there's no guarantee that this is right for you, there are other great solutions out there.

It works by you first authenticating the Argo CD pods with Vault using Vault's Kubernetes Auth Method. Then you simply modify your yaml (or yml, or Helm, or Kustomize scripts) to point it at the relevant path(s) and key(s) in vault that you wish to add to your code.

In the following example, we populate a Kubernetes Secret with the key secretkey on the path path/to/your/secret. As we are using a Vault kv2 store, we must include ../data/.. in our path. Kubernetes secrets are base64 encoded, so we add the modifier |base64 and the plugin handles the rest.

apiVersion: v1
kind: Secret
metadata:
name: argocd-vault-replacer-secret
data:
sample-secret: <vault:path/data/to/your/secret~secretkey|base64>
type: Opaque

When Argo CD runs, it will pull your yaml from Git, find the secret at the given path and will merge the two together inside your cluster. The result is exactly what you’d expect, a nicely populated Kubernetes Secret.

If you’re already using Argo CD and Vault, then this is really simple to set up and start using. Please do try it out, and issues, comments and PRs are more than welcome: github.com/crumbhole/argocd-vault-replacer

https://redd.it/lphgti
@r_devops

a curated collection of resources on how orgs around the world practice Site Reliability Engineering

How They SRE is a curated knowledge repository of best practices, tools, techniques, and culture of SRE adopted by the leading technology or tech-savvy organizations.

Many organizations regularly come forward and share their best practices, tools, techniques and offer an insight into engineering culture on various public platforms like engineering blogs, conferences & meetups. The content is curated from these avenues and shared in this repository.

https://github.com/upgundecha/howtheysre

https://redd.it/lpdfcg
@r_devops