Getting an "SSH authentication failed" error when creating EC2 instances using Terraform

I am trying to run an Ansible to create an EC2 instance using [this example](https://github.com/startup-systems/terraform-ansible-example).

It is creating the EC2 instance along with the security groups and VPC, however, at some point, I am getting the following error:

>Error: timeout - last error: SSH authentication failed ([email protected]:22): ssh: handshake failed: ssh: unable to authenticate, attempted methods \[none publickey\], no supported methods remain

This is how the log looks like:

aws_instance.web (remote-exec): Connecting to remote host via SSH...
aws_instance.web (remote-exec): Host: 18.212.56.230
aws_instance.web (remote-exec): User: ubuntu
aws_instance.web (remote-exec): Password: false
aws_instance.web (remote-exec): Private key: false
aws_instance.web (remote-exec): Certificate: false
aws_instance.web (remote-exec): SSH Agent: true
aws_instance.web (remote-exec): Checking Host Key: false
aws_instance.web: Still creating... [5m20s elapsed]

Error: timeout - last error: SSH authentication failed ([email protected]:22): ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Does anyone have any idea why it happens and how I can solve it?

Thanks!

https://redd.it/lv5uz6
@r_devops

What did you do on your first week as a DevOps engineer?

I come from a dev background, starting my first day as a DevOps engineer next week, am super excited!!! As per title, I'm curious what did you folks do on your first week as a DevOps engineer? Were you taking it easy or did you have a lot of things to do?

https://redd.it/lw54dd
@r_devops

DevOps for blogging with Pelican

I set up Jenkins to automatically publish my blog posts. Are there more people who are so lazy that I automate everything?

My full blog post.

https://redd.it/lw3gzu
@r_devops

How does the recruitment process for DevOps engineers actually work?

Hi,

I have a question for those who have been involved in recruiting DevOps engineers.

It seems that the term is somewhat misleading due to the sheer range of skills and backgrounds required in a functioning DevOps culture i.e., One DevOps engineer could have completely different qualifications to another, save for a mutual understanding of DevOps and how it works. I even heard one engineer say that he hates the term because it mostly exists for the benefit of recruiters.

My question is this: when you need someone with a specific skillset, would you even look for DevOps engineers specifically, or is this something you would expect the candidate to pick up once they join? e.g., recruiting for a software developer position and mentioning your DevOps culture in the job description but not the job requirements.

Would you use terms to look for a specific type of DevOps engineer?

Would you even say you are looking for a 'DevOps engineer', or would this attract the wrong kind of candidate?

https://redd.it/lw2e94
@r_devops

Ansible linting with GitHub action

Hi...I am new to ansible , need to complete a task ..when user create Pull Request ansible lint should kick and show the user whether code is mergable or not , should be automated ,so need to create jenkin pipeline file as well, can some one help me out

https://redd.it/lw1zcm
@r_devops

Devops entrepreneur

Any experienced dev/architect wanting to jump on a consulting/service startup?

https://redd.it/lwfaw4
@r_devops

Fluentd-File Output Plugin

Hello Community,

I have setup fluentd on the k3s cluster with the containerd as the container runtime and the output is set to file and the source is to capture logs of all containers from the /var/log/containers/*.log path. am finding it difficult to set the configuration of the file to the JSON format. Any fluentd experts, can you help on this. below is the fluentd config file with an example log from the output log file.

Ex log format from the output file

{"stream":"stderr","logtag":"F","log":"{\\"component\\":\\"virt-api\\",\\"contentLength\\":377,\\"level\\":\\"info\\",\\"method\\":\\"GET\\",\\"pos\\":\\"filter.go:46\\",\\"proto\\":\\"HTTP/1.1\\",\\"remoteAddress\\":\\"10.42.0.1\\",\\"statusCode\\":200,\\"timestamp\\":\\"2021-03-03T01:50:22.739834Z\\",\\"url\\":\\"/apis/subresources.kubevirt.io/v1/healthz\\",\\"username\\":\\"-\\"}","docker":

Fluentd-Config

Name: fluentd-config

Namespace: default

Labels: app.kubernetes.io/instance=fluentd

app.kubernetes.io/managed-by=Helm

app.kubernetes.io/name=fluentd

app.kubernetes.io/version=v1.12.0

helm.sh/chart=fluentd-0.2.2

Annotations: meta.helm.sh/release-name: fluentd

meta.helm.sh/release-namespace: default

Data

====

01_sources.conf:

\----

\## logs from podman

<source>

u/type tail

u/id in_tail_container_logs

u/label u/KUBERNETES

path /var/log/containers/*.log

pos_file /var/log/fluentd-containers.log.pos

tag "#{ENV['FLUENT_CONTAINER_TAIL_TAG'\] || 'kubernetes.*'}"

read_from_head true

<parse>

u/type "#{ENV['FLUENT_CONTAINER_TAIL_PARSER_TYPE'\] || 'json'}"

time_format %Y-%m-%dT%H:%M:%S.%N%:z

</parse>

emit_unmatched_lines true

</source>

02_filters.conf:

\----

<label u/KUBERNETES\>

<match kubernetes.var.log.containers.fluentd**>

u/type relabel

u/label u/FLUENTLOG

</match>

&#x200B;

\# <match kubernetes.var.log.containers.\*\*\kube-system_**>

\# u/type null

\# u/id ignore_kube_system_logs

\# </match>

&#x200B;

<filter kubernetes.**>

u/type kubernetes_metadata

u/id filter_kube_metadata

skip_labels false

skip_container_metadata false

skip_namespace_metadata true

skip_master_url true

</filter>

&#x200B;

<match **>

u/type relabel

u/label u/DISPATCH

</match>

</label>

03_dispatch.conf:

\----

<label u/DISPATCH\>

<filter **>

u/type prometheus

<metric>

name fluentd_input_status_num_records_total

type counter

desc The total number of incoming records

<labels>

tag ${tag}

hostname ${hostname}

</labels>

</metric>

</filter>

&#x200B;

<match **>

u/type relabel

u/label u/OUTPUT

</match>

</label>

04_outputs.conf:

\----

<label u/OUTPUT\>

<match **>

u/type file

path /var/log/fluent/myapp/example.log

format json

compress gzip

<buffer>

timekey 120m

timekey_use_utc true

timekey_wait 10m

</buffer>

</match>

</label>

Events: <none>

https://redd.it/lwq9pg
@r_devops

Junior DevOps - Job Interview - Tech Exam Preparation

I have the second stage (Technical Stage) of an interview for a Junior DevOps position tomorrow.

The tech task will be a scenario-based whiteboard task around a basic web stack.
The Interviewer will show you the whiteboard and ask some questions around it.

The Job is at a Software Development company but this role is more on the Ops side than the Dev side.

As far as I'm aware the company use both AWS and Azure for cloud hosting and use a varied amount of tools for their DevOps pipepline as they have said they adapt to each customer requirements and do not have a single set of tooling that they religiously use.

The first stage involved chatting with a DevOps Engineer and a Senior DevOps engineer and they already went over some technical questions with me mainly around the topics "Scaling", "High Availability", "Load Balancers", "CDNs" and "Caching".

I'm obviously going to be doing my own preparation from now until tomorrow but was just wondering if anyone else has been in / carried out an interview with a similar scenario and can shed some light of exactly what questions they may ask and what I can best do to prepare.

Keep in mind this is for a Junior DevOps role so I assume they are not going to ask me to draw out a complete CI/CD pipeline but I would like to be as prepared as possible for this.

Please let me know if I can provide any further information :)

https://redd.it/lwtn7v
@r_devops

Devopsdays Texas Day2!

We're running a FREE DevOpsDays Texas today.

Join us won't you?

https://links.devopsdaystx.org/tickets

https://redd.it/lwvc9g
@r_devops

We’re the engineers rethinking Kubernetes at Spotify. Ask us anything! crosspost r/kubernetes

https://www.reddit.com/r/kubernetes/comments/lwb31v/were\_the\_engineers\_rethinking\_kubernetes\_at/

https://redd.it/lwxp48
@r_devops

Burned out from work and lockdown

So it’s been more than a year that I’ve been stuck at home and I’m starting to feel burned out. The workloads keep increasing and timelines getting more ridiculous. Former manager left, his successor left and I seem to be headed in the same direction but can’t find inspiration to start interviewing due to current workload. I spoke to them briefly and they all came back with the burn outs made them start looking as well.

I took the advice of some and didn’t take the leadership role but now things are getting worst for the team since someone else took it.

How do you guys get inspired to start interviewing after being burned out?! I got a few interviews already but I just feel exhausted having to spend 8 hours interviewing per employer.

Edit: fix typos

https://redd.it/lwtr4p
@r_devops

Fosdem talk about infrastructure drift

We were lucky enough to hold a talk about infrastructure drift at Fosdem recently and decided to share it as a blog post for those who couldn't attend the conference.

https://driftctl.com/fosdem-pokemon-drift-talk/

https://redd.it/lwxr7v
@r_devops

Devops intern interview.

I have interview for devops intern next week. What questions should i expect from the recriuter and what should I know?

https://redd.it/lwwjyq
@r_devops

Why would Dev and Ops want DevOps and what's in it for them personally?

Hi everyone,

I hope you're doing well! I'm currently doing an internship and I'm building a devsecops service for a consulting company. In order to understand each one's needs and goals I wanted to know if any of you work on the Dev or Ops side (or have worked there), and could thus explain to me what the expectations of these two teams are regarding the implementation of DevSecOps (or DevOps) for their services. We often talk about organizational or other advantages, but it's still improvements in the broad sense and I'm not sure that a better organization or a better ride makes the devs want to invest in this DevOps project. So I want to find points of improvement so that everyone can find in the DevOps (or devSecOps) something that interests him at its scale, I probably already have some points but this will confirm them and i would like to get some more! (example : « as a dev i would like to have a new interfaces, or a new IDE or some courses to start with a DevSecOps solution and it would help me to involve myself on this project») or even explanations as to why you might be resistant to this kind of approach. I take everything as long as it's personal and not from a simple business point of view.

I hope I have made myself clear i'm not native english speaker.

Feel free to contact me if you want to discuss.

Thank you in advance, have a great day ! :)

https://redd.it/lwrnoz
@r_devops

DevOps candidates from India: Why are your resumes an endless list of bullets?

I'm in the process of hiring/interviewing candidates for a few open DevOps roles in my company. I've been seeing a lot of resumes with miles-long bulleted lists and I want to bang my head against the desk every time I see one. And they always turn out to be from India. So, Indian Engineers, why are you doing this? It feels like you're treating your resume like buzzword bingo, and it makes me want to throw it out.

https://redd.it/lwjfqo
@r_devops

3 Ways Microservices are transforming businesses today!

Microservices is the new buzzword circling around the industry today. You surely wouldn't want to miss the incredible benefits it can provide to grow the bottom line of your business. Here is how Microservices is transforming businesses these days. The blog walks you through the business benefits of Microservices.

https://redd.it/lwq91i
@r_devops

What to use for CaC?

I am slowly implementing best practice of DevOps where I work.
We used Terraform for IaC and Azure DevOps to deploy.
I am starting to look at open source Configuration as Code tools, which one I heard best of is Ansible.
However this seems it deploys the infrastructure as well.
I also don’t see the requirement as Terraform configures most, containers configure the apps and Azure DevOps tasks do the rest.

Question is do you really need a CaC and if so what suggestions do you have?

https://redd.it/lwq2be
@r_devops

Icinga2 how to delay notifications only for warning state

Hello, I have a lot of errors when I try to separate the notifications time for the warning state. I need to receive the WARNING notification for example after 10m.

This is my templates:

template Notification "mail-host-notification" {

command = "mail-host-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ Up, Down, ]

}

&#x200B;

template Notification "mail-service-notification" {

command = "mail-service-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ OK, Critical, Unknown, ]

}

&#x200B;

template Notification "mail-warning-notification" {

command = "mail-service-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ Warning, ]

}

And this is my Apply notifications:

apply Notification "mail-icingaadmin" to Host {

import "mail-host-notification"

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

&#x200B;

assign where host.vars.notification.mail

}

&#x200B;

apply Notification "mail-icingaadmin" to Service {

import "mail-service-notification"

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

assign where host.vars.notification.mail

}

apply Notification "mail-icingaadmin" to Service {

import "mail-warning-notification"

times.begin = 10m

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

assign where host.vars.notification.mail

}

Where the mail for warning are delayed by 10m by the line times.begin = 10m

But I have a lot of double declaration for objects notification. What's the solutions? Thank you.

https://redd.it/lwpwen
@r_devops

DevOps that is not DevOps

Hello All,

I started a new job that is titled "Systems Analyst" but I work in a group called "DevOps". Essentially, we are the people who set up triage, create defects, and just pull data that is relevant and feed it to the actual developers who can then make the needed changes.

My question is: There is barely any actual working on servers, it's a Fortune 500 so everything is super siloed out, but like my co-worker was telling me, "no code writing, we don't do deployments, we don't run apps or start scripts, none of that stuff". And I am thinking, what kind of DevOps role is this? The most command line you will do is logging into a log server and pulling out log data. Everything else is done via Interactive Web Sites. Even standard debugging of stuff is done either via a SQL query or some other kind of way that I am not used to.

I wasn't really sure what to expect, I took the job to build out my resume. Because I was having a struggle finding anything else at the time. Can anyone else relate to this very siloed corporate tech environment, where one could very easily work in 'devops' and not know a thing truly about any of the DevOps stuff we love so much. I am guessing this team took the name "dev" and "ops" and combined it without actually understanding the implications, but then again, maybe I am reading too far into it, but the day I would actually work in DevOps, and not have the authority to push code, work with infrastructure and automation, and all the stuff we love, is that day I thought would never happen. Don't get me wrong, many of the trending DevOps tools and frameworks are being used, just not by this particular DevOps team, and it's really Development Production Support, to be clear. So there are hundreds of other teams, so things are just so vast.

This is what to expect when working for a very large fortune 500 (That is not in a tech space)? Where you have all these "architects, and developers and DevOps engineers" who really don't know anything? As I understand I could leave my current post after a period of time and go to one of the other teams, so it isn't a death sentence per se, I am just trying to understand, and don't exactly want to ask my boss! And I am not complaining because the pay is better than I ever have had. I just wonder what they actually pay people who actually know stuff / get to get their hands dirty.

&#x200B;

Thanks All, Ciao.

https://redd.it/lwpnsx
@r_devops

No product roadmap

I work in a 3 year old SaaS startup with no product roadmap. How common is that? Dev just moves things around on a kanban board based on customer requests. Seems like it’s a bit f-d up. Existing customers don’t always know when new features roll out and as a marketing lead I struggle to understand what is going on. Obviously this is a bigger leadership problem as our 2 cofounders have conflicting visions. I’m wondering how common is this as a completely non technical person who loves tech.

https://redd.it/lxb140
@r_devops

What are the best options to stay updated with new technology?

I am relatively new to DevOps and still trying to find junior position. I am curious to know that what are the best ways in industry to stay updated with new tools and technologies.
Also, every new technology has it’s own challenges and issues and you can only know about some issues when you start using them. How do you overcome those challenges?
Thanks :)

https://redd.it/lwn6ue
@r_devops