Building a Home Cloud with Proxmox: DNS + Terraform

This is part of my series on setting up a Kubernetes cluster at home using Proxmox and Terraform


https://blog.sunshower.io/2021/02/22/building-a-home-cloud-with-proxmox-dns-terraform/

https://redd.it/lq1gbm
@r_devops

Thinking about creating a web app to keep track of upgrades

Hi friends!

So a problem I noticed working in the field is making sure upgrading components of a platform doesn't break the platform itself. I do this by "researching" aka reading through release notes and noting down possible conflicts.

I was thinking of creating a web app where we can track upgrades, dependencies, and potential conflicts. We can also mark the upgrade as "Do it", "Skip", and "On latest version". I also am thinking of having an anonymous sharing feature where we can share our research, so that someone else upgrading can have a reference (or if they are really lazy they can just rely on the researcher's findings). Maybe once the app gets traction, I can invite the companies responsible for the components to contribute as well.

What do you guys think? Is this a viable app idea? Any suggestions?

Thanks!

https://redd.it/lptni0
@r_devops

Flask app inside docker container

So deployed 2 flask apps in 2 separate docker containers
Each app hai 2 endpoints.
/testHealth - this endpoint hits the same container you call it from and throws back a json output saying “ flask running “
/testComms - this endpoint hits other container’s /testHealth endpoint

Turns out /testHealth works but /testComms isnt working.

There is a server code 500 error

so app1 runs on port 5000 and app2 on 6000
Localhost:5000/testHealth would run while localhost:6000/testComms wouldnt run and throw 500 error.

Now upon inspection with the newest docker update. You need to replace localhost with ip address of your docker container. In my case it was 172.XX.X.X
So if its 172.XX.X.X:5000/testhealth it would return the correct response.

PS: my docker desktop is updated to the latest version. I have forwarded the port using -p flag and I my host is 0.0.0.0 in my flask app. I am using a 2019 Macbook pro with Big Sur.

Is this something docker hasnt documented yet?

https://redd.it/lptmjf
@r_devops

A lost devops

Hello guys,

I'm a relatively young devops (3 years experience) searching what could be an interesting company to work at. I'm planning to leave my current position and to relocate myself to Dublin.

I really love my job, but our team is small. I end up being interrupted by level 1 & 2 support tasks way too often. After two years in this company it kind of feel like I need to move on if I want to improve my skills.

I got different advices: "You should try to work for Google, AWS,..., those are big companies with the most interesting positions". But also: "Why don't you apply to a small consulting company? In a too big structure you will be stuck in a box, whereas in a small one you will have more room to learn".

Now I do not now where I should start looking. Learning is extremely important to me. And being able to work on different projects too. On the other hand, I cannot find any consulting company that seems to display this kind of mindset in Dublin. Maybe I'm heading the wrong way, or maybe I do not know how to search what I'm looking for...

So if any one has an advice for a confused devops, I would really appreciate it!

https://redd.it/lpsysh
@r_devops

You are on an island, and can only have Terraform or Ansible for IaC. Which do you choose and why?

Trying to decide on which path to go down. We are using LocalStack, AWS, and mostly what they call Serverless tools. It seems that both have a lot of pluses and minuses.

https://redd.it/lqk92n
@r_devops

If you were responsible for Jenkins before switching to a cloud-based solution, how do you feel your job changed since the switch?

(based on a Twitter thread here)

View Poll

https://redd.it/lqgyad
@r_devops

What do you wish somebody told you when you were a fledgling devops person?

As said fledgling person I'm really curious!

https://redd.it/lqpl59
@r_devops

Question about write Kubernetes deployment

Hey all,

I am coming from a Python development background (backend) and I just got a new Backend/DevOps job offer from a company I am really interested in.

They gave me a home assignment and I feel kinda lost and would love some help.
I need to write a declarative Jenkins pipeline to deploy a Kubernetes cluster to EC2.

Can someone point out some good references that will help me to get started?

https://redd.it/lqmhin
@r_devops

How Serverless computing may change the DevOps role, more thoughts welcome

I shared my thoughts on how Serverless computing may change the DevOps role here https://syang.substack.com/p/does-serverless-make-devops-job-less

love to hear your thoughts either here or in the comments area of the original post

https://redd.it/lqsopa
@r_devops

SLI/SLO research/titles

I'm a QA manager and have been tasked with creating SLI/SLOs for very large and complex system. I'm looking for resources and training to start me down this path.

I currently have a production support team that sits within QA to deal with incidents and bugs but they are busy so I'm also looking to add a dedicated resource to implement SLI/SLO for my unit and I'm looking for suggestions on what this job title would be? It certainly would combine the creation and tracking of uptime, which would involve working with dev teams to create new metrics and production dashboard, in addition monitoring our production health proactively. Would be great to have some incident management skills as well.

https://redd.it/lqezx8
@r_devops

Vault OIDC login issue

Hello,

i'm trying to configure OIDC with vault, with Gsuite.

​

After logging in with my google user, in get in vault this Error:

Vault login failed. Error exchanging oidc code: "oauth2: cannot fetch token: 400 Bad Request\\nResponse: {\\"error\\":\\"invalid_client\\"}".

​

I went by this guide

https://nandovillalba.medium.com/set-up-vault-oidc-with-cognito-and-google-idp-654ea578fd32

​

​

please help!

https://redd.it/lqezx7
@r_devops

How social portals avoid mixed content errors?

As we may know, a website that uses a SSL certificate do not (at least by default to my knowledge) shows that page is secure if there is an http link.

If you may write a post or some other form of dynamic content on a website, then what server settings are related to allowing for mixed content without removing that sweet lock in our URL bar?

https://redd.it/lqwzp7
@r_devops

Circle CI and airflow tips, suggestions and help welcome!

I'm using Circle CI for the first time and am not that familiar with setting up a CI.

I want to setup A CI to smoke test DAGS from airflow and test other parts in the code. Circle CI has a specific set of installs and dependancies that made it hard to test.

​

I'm Using the docker puckel/docker-airflow too simplify the installation progress and setup of the env.

I got the idea that I'm doing something wrong. any suggestions, tip or help would be appriciated!

The current config looks like this. The pwd and ls are for reference so I now what to copy where and the current structure(Still not familiar with debugging CI)

 yml
version: 2.1

workflows:
    test:
        jobs:
            - build-and-test
jobs: 
    build-and-test:
        docker:
            - image: puckel/docker-airflow:1.10.9              
        steps:
            - checkout
            - run:
                  name: install dependencies
                  command: |
                    pip install -r requirements_test.txt
            - run: 
                command: |
                    pwd
                    cd ..
                    pwd
                    mkdir dags
                    cp -r project/airflow/dags/* dags/
                    export AIRFLOW_DAGS=/usr/local/airflow/dags 
                    cd dags
                    airflow initdb
                    pwd
                    python -m unittest -v tests/test*

                name: Test

ps. Sorry if this is the wrong reddit to ask such questions

https://redd.it/lqe7s9
@r_devops

Best tracing tool for serverless ? (maybe Lambda, Azure Functions, etc..)

I was thinking on tracing tools to keep observability in serverless applications/architectures.

So, in your experience guys, which are the best options to integrate serverless tracing/observability in our architectures.


I love the way of Jaeger works for micro services. And I know there are options like X-Ray for lambda, but: did you know automations, integrations or any useful resources to implement tracing on serverless?

https://redd.it/lqcixf
@r_devops

Gitlab Artifact storage solutions

Hello everyone,

We use gitlab CI and one of the problems we have been having is running out of storage space. Currently we store all the artifacts locally in the default path /var/opt/gitlab/gitlab-rails/shared/artifacts and its proving to not be working out. I am just curious how others have dealt with storage issues in gitlab and if there are any recommendations.

Currently the solutions that come to mind are either using AWS s3 or using a big company NAS.

https://redd.it/lqaikm
@r_devops

Order of operations for BDD tests in pipeline and API dependency from FE microservices

Building a CI/CD pipeline and I'm trying to wrap my brain around a few things:

* Where in the pipeline steps do the BDD tests go?
* I was original thinking (based on some tutorials) that I'd have a step where the Linux VM is made, then the microservice is built in the VM, then tests are run... if they pass, build the Docker image and deploy to K8S. But it seems like I should be building the Docker image, running the image in a container and testing that since that is what is getting deployed to K8S.
* How do I handle what seems like a pretty common use case where the FE makes a call to the API, but they have separate pipelines?

https://redd.it/lqz2o9
@r_devops

I heard on a Podcast that the CompTia Server+ might be a good step into DevOps... thoughts?

I was listening to a Podcast hosted by CloudSkills.io (the podcast is called CloudSkills.fm on Apple Podcasts) and the host Mike Pfeiffer mentioned that someone who has little to no experience in the IT world, and wants to break into and take a step towards DevOps, that system administration is important. He mentions that the CompTia Server+ certification is a good vendor neutral cert to get some knowledge about servers, networking, virtualization. He mentions once you understand those core concepts -- then move on to a Fundamental Cloud cert like Azure Fundamentals or AWS Cloud Practitioner.

What's your thoughts on this? I have a few years of IT Help Desk under my belt, and want to take the next steps on moving towards system administration and cloud. Searching through LinkedIn at people that work in the field of DevOps -- I don't see many people have it. Also, looking at job listing for DevOps Engineers -- I don't see this cert mentioned in there either.

What's your opinion?

https://redd.it/lqryv4
@r_devops

What tools to you use to automate security hardening of your images for EC2 or for your containers ?

I'm been using this ansible role for my linux VMs.

https://galaxy.ansible.com/dev-sec/os-hardening

I'm looking for recommendations to harden my linux-based VMs and containers.

https://redd.it/lqqijs
@r_devops

Laptop Recommendations to build a Home Lab

I'm looking to buy a laptop to build my own personal home lab. Does anyone have any recommendations for the type of laptop to buy that will help me get a home lab started?

https://redd.it/lqs1pq
@r_devops

Insights on Cloud4C?

Does anyone have any insight on Cloud4C that they can share?

Across the usual touchpoints (twitter, reddit, glassdoors, google), I can only find loads of press releases and positive sentiment, and not one person using colorful expletives to describe the company, which is the most suspicious thing. It irks me...

Thoughts?

https://redd.it/lrhr6g
@r_devops

I did it guys

Had to tell someone as it's not yet official

But I've secured a role at my company as a Platform/DevOps Engineer

Once HR and the managers sort it all out I'll be transitioning over from ServiceOps

I'll be finally spending my days building the platform rather than resetting a developers password or restarting a windows service ... Happy days

https://redd.it/lregzj
@r_devops