Icinga2 how to delay notifications only for warning state

Hello, I have a lot of errors when I try to separate the notifications time for the warning state. I need to receive the WARNING notification for example after 10m.

This is my templates:

template Notification "mail-host-notification" {

command = "mail-host-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ Up, Down, ]

}

​

template Notification "mail-service-notification" {

command = "mail-service-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ OK, Critical, Unknown, ]

}

​

template Notification "mail-warning-notification" {

command = "mail-service-notification"

period = "24x7"

types = [ Problem, Acknowledgement, Recovery, Custom, FlappingStart, FlappingEnd, DowntimeStart, DowntimeEnd, DowntimeRemoved, ]

states = [ Warning, ]

}

And this is my Apply notifications:

apply Notification "mail-icingaadmin" to Host {

import "mail-host-notification"

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

​

assign where host.vars.notification.mail

}

​

apply Notification "mail-icingaadmin" to Service {

import "mail-service-notification"

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

assign where host.vars.notification.mail

}

apply Notification "mail-icingaadmin" to Service {

import "mail-warning-notification"

times.begin = 10m

user_groups = host.vars.notification.mail.groups

users = host.vars.notification.mail.users

//interval = 2h

//vars.notification_logtosyslog = true

assign where host.vars.notification.mail

}

Where the mail for warning are delayed by 10m by the line times.begin = 10m

But I have a lot of double declaration for objects notification. What's the solutions? Thank you.

https://redd.it/lwpwen
@r_devops

DevOps that is not DevOps

Hello All,

I started a new job that is titled "Systems Analyst" but I work in a group called "DevOps". Essentially, we are the people who set up triage, create defects, and just pull data that is relevant and feed it to the actual developers who can then make the needed changes.

My question is: There is barely any actual working on servers, it's a Fortune 500 so everything is super siloed out, but like my co-worker was telling me, "no code writing, we don't do deployments, we don't run apps or start scripts, none of that stuff". And I am thinking, what kind of DevOps role is this? The most command line you will do is logging into a log server and pulling out log data. Everything else is done via Interactive Web Sites. Even standard debugging of stuff is done either via a SQL query or some other kind of way that I am not used to.

I wasn't really sure what to expect, I took the job to build out my resume. Because I was having a struggle finding anything else at the time. Can anyone else relate to this very siloed corporate tech environment, where one could very easily work in 'devops' and not know a thing truly about any of the DevOps stuff we love so much. I am guessing this team took the name "dev" and "ops" and combined it without actually understanding the implications, but then again, maybe I am reading too far into it, but the day I would actually work in DevOps, and not have the authority to push code, work with infrastructure and automation, and all the stuff we love, is that day I thought would never happen. Don't get me wrong, many of the trending DevOps tools and frameworks are being used, just not by this particular DevOps team, and it's really Development Production Support, to be clear. So there are hundreds of other teams, so things are just so vast.

This is what to expect when working for a very large fortune 500 (That is not in a tech space)? Where you have all these "architects, and developers and DevOps engineers" who really don't know anything? As I understand I could leave my current post after a period of time and go to one of the other teams, so it isn't a death sentence per se, I am just trying to understand, and don't exactly want to ask my boss! And I am not complaining because the pay is better than I ever have had. I just wonder what they actually pay people who actually know stuff / get to get their hands dirty.

​

Thanks All, Ciao.

https://redd.it/lwpnsx
@r_devops

No product roadmap

I work in a 3 year old SaaS startup with no product roadmap. How common is that? Dev just moves things around on a kanban board based on customer requests. Seems like it’s a bit f-d up. Existing customers don’t always know when new features roll out and as a marketing lead I struggle to understand what is going on. Obviously this is a bigger leadership problem as our 2 cofounders have conflicting visions. I’m wondering how common is this as a completely non technical person who loves tech.

https://redd.it/lxb140
@r_devops

What are the best options to stay updated with new technology?

I am relatively new to DevOps and still trying to find junior position. I am curious to know that what are the best ways in industry to stay updated with new tools and technologies.
Also, every new technology has it’s own challenges and issues and you can only know about some issues when you start using them. How do you overcome those challenges?
Thanks :)

https://redd.it/lwn6ue
@r_devops

How to get a job using k8s without much experience?

So I've begun to look for another job because my current one is not very challenging and it's getting stale. It's been pretty discouraging to say the least. I'm looking for a senior role as I've spent almost two years consulting in devops now and a couple years as an SRE and another 5 as a software engineer.

It seems these days that to most companies, devops is basically kubernetes and docker and that's it. I could meet almost every other aspect of the JD, but the second I mention I have little docker/k8s experience I dahm near get the phone hung up on me. I have tons of certifications in AWS, GCP, and Terraform and a Master's Degree, doesn't mean shit without k8s apparently.

I've been asking for clients at work who use k8s but since we work with a lot of companies looking to migrate, they are on legacy tech stacks and a lot of it is lift-and-shift. So I'm kind of stuck as my only option is to get a certification in Kubernetes. I've gotten pretty good at taking certs at this point (got 4 pro certs and 3 associate certs in 18 months) so I know I can do it if I put in the time. I just need to be able to answer the interview questions, I'm a pretty fast learner and docker/k8s is easy enough to understand conceptually, I don't think that's going to stump me at this point.

My fear is that even getting the cert won't be enough as I know people like experience more. I'm not willing to take a mid-level job as I could probably make senior consultant here in less time, and in a few years another tool will come out that everyone will go crazy about and I'm not trying to make my career about tools. DevOps is way more than that, if I forced every client to use k8s I'd be out of a job pretty fast.

What has been your experience with this? For the guys that work with k8s, what is the best way to convince a potential employer that you know your stuff? My strategy is to get the cert and write some blog posts about k8s, maybe contribute to open source as well if I have the time.

https://redd.it/lwijyd
@r_devops

3 Best Practices for Shifting Security Left3 Best Practices for Shifting Security Left

"Companies want to tighten their security fast, confidently, and with full transparency. A good place to start is by codifying your policies and shifting your security left, but it’s not enough!"

In this live webinar, we dive deep into the cultural philosophy of where security stands today in the cloud space, how to promote alignment between security and DevOps, and how to adopt a security culture that protects your cloud infrastructure.

Why should you attend?

\- Learn three best practices to shifting your cloud security left

\- Bridge the gap between your security team and DevOps

\- Learn what is policy-as-code

\- Understand which workflows that you should implement to properly shift left your SecDevOps.

\- Learn how to continuously tighten cloud security with the proper visibility and analytics

Join us on the 4th of March.

You can ask our experts anything!

Register here: https://www.magalix.com/3-best-practices-for-shifting-left 

#cybersecurity #cybersecurity #cloudsecurity #securities #computersecurity

https://redd.it/lwgpot
@r_devops

Am I Good Fit?

Hey everyone,

​

I was recently enlightened about the role of a DevOps Engineer and how they play a key role in getting software updates to the masses. I have been inspired to pursue a career in it for the automation aspect, but am not sure if a company would "take a chance" on me.

​

My professional background includes 3 years of \~300-500 people environments working with a team to manage virtualized Windows servers and some certifications including the CCNA, Security+, Azure Fundamentals and an associates in networking.

​

Since I am heavily experienced in Windows/PowerShell and a bit of Azure, I'm shifting my attention to Linux/Bash, Azure (and AWS), Jenkins, Docker, Kubernetes, Ansible, etc. I am utilizing this video to get me started on DevOps labbing and concepts.

​

So my questions:

Would a company take a chance on me to be a DevOps Engineer?

Should I only apply to Junior DevOps Engineer positions?

Should I get Azure or AWS DevOps professional certifications?

How do I prove on a resume that I would be fit for the job with no actual DevOps experience?

​

Thank you so much for reading and please let me know what you think.

https://redd.it/lwfg40
@r_devops

Is there a cloud with affordable DDoS protection?

Hi everyone. Recently, I got involved in a project that doesn't have a huge budget, but it's in an industry that's vulnerable to DDoS attacks of hundreds of Gbps. We'd like to use a cloud to host our infrastructure, but it looks like cloud providers either don't offer a decent one, or it's extremely expensive. The big three require at least $3k/year for their DDoS mitigation, which would exhaust our infrastructure budget. The only suitable hosting platform seems to be OVH, but it's not really a cloud if we have to manage dedicated servers. Do you know of any possibilities?

https://redd.it/lwdb17
@r_devops

Nexus on a NAS

I got a silly question,
I have a NAS lying around collecting dust.
Can I install nexus repository on it ?

https://redd.it/lxrg01
@r_devops

Is DevOps "Support" Engineer a serious role?

I know titles are flimsy, but I've been working with a big company for a few years now and my title has been "Software Engineer" except the issue is that I've done more System Administration type of work and haven't been part of any development cycle. This is because we use old technology, but we're transitioning into modern technology stack and they promised opportunities in development.

The time has come and the roadmap has been shared and it seems that we're going to be called "DevOps Support Engineers" to work with the "DevOps" engineers that were hired about a year ago to help with the development and transition.

I've been excited about going into DevOps and learning the new technology stack, but I feel like I'm just a SysAdmin for DevOps technologies.

So within the DevOps Engineer role, do some people work more on the dev side and others work more on the operation side?

I know ideally people should be able to do "everything", but I feel like my job is just make a stark distinction between those who will develop and maintain the pipelines and those who will make sure to fix any issues that arise (i.e. DevOps "support" engineers).

https://redd.it/lxr5wk
@r_devops

Azure conditional access + kubectl = weekly annoyance

Hi, i was wondering. Does anyone else run into this issue with kubectl and azure conditional access? https://github.com/kubernetes/client-go/issues/931

Every seven days i have to manually delete my access tokens and go through the login process. The login process is fine but its tedious to remove the access token in kubeconfig. This can be done with some cli magic, but why put ducktape on a already broken pipe..

I don't know enough go to fix this issue myself yet, but i would assume others also run into this when using 2fa and Azure to connect to clusters. How are you dealing with it in your org?

https://redd.it/lxo4nf
@r_devops

Getting non Git defined Data in GitOps

Hi guys,

To keep it short, I was responsible for creating a new cloud for a company and (ofc) adopted the GitOps way. The stack in is Kubernetes / AWS / Terraform and ArgoCD (there are more but don't matter for this topic).

At some point we started using a bunch of OSS that were built for Kubernetes (like prometheus-operator, albingresscontroller) and I noticed that most of these techs that require interaction with an AWS service will authenticate via an Role ARN you defined in AWS and have to place in the annotation of the service account that the respective deployment will be using.

​

The problem is, how do you get the ARN in the SA annotation before commiting the resource to Kubernetes (As in GitOps you would have everything defined already in Git). I have yet to find or come up with a simple solution. Anyone else here had this issue ? How did you tackle it?

https://redd.it/lxku8q
@r_devops

Technological Stack Version Control

Hello,

One of the things I am noticing would be nice to have on the infrastructure I am doing devops on, is a way to keep track of all software components and their versions. Like keeping an inventory and managing it along the way of making their updates and stuff like that.

I am unaware if there exists any software that does that already and that maybe you use it on a daily basis, but if you know anything that would do this kind of tracking and that keeps it simple, please write it on comments.

Needless to say that excel is not an option :-D

​

Thanks for sharing your info and thoughts!

https://redd.it/lxqudw
@r_devops

AWS codebuild equivalent of the jenkins build name setter plugin?

Is there a way to set change the default build IDs from the AWS randomly generated gibberish to something more descriptive?

https://redd.it/lxy1o5
@r_devops

Tekton CI



Im thinking about using Tekton for a CICD system, for a k8s based product.

I’d like to hear how many of you are familiar, and feedback and anything that can contribute to the discussion

Tekton is a Ci system that is k8s native, and defined as tasks that can be reused in multiple pipelines, pipelinesRuns, and more - so you can fine tune your needs.

Its main advantage is that its yaml based, and is very easy to understand.
It also have rather low need for maintenance as its on the cluster, so Its more easy IMO than jenkins to manage and maintain.

The main problem I see is that its rather new, 3 years old, and that it might not be battle tested enough.

Learnings curve to code is also pretty tough, as it have alot of new definitions and resources, but once things are set and written its rather easy to understand and reuse.


I think as gitlab/hub CI are yaml based, we start to understand that this is the future of CI, I also read that gitlab plan to allow Tekton syntax in the future in their own gitlab-ci,
There is also a new beta concept that they are trying out which is a hub, it holds many tasks that are prewritten and you can copy and reuse as your own, this might help too.

Im not sure about its works between clusters, but as its container based, you can code the use case and just use the container in your CI system, so I think this sentence actually cover alot, why use jenkins agent as container if you can just run the containers themselves on a shared PVC, and much more.

The project is also backed by red hat (red hat pipelines is a downstream project), and is a part of the CD foundation.

I really want to love that, and thus feel a bit biased,
Ill be glad to hear your thoughts.

Cheers.

For the unfamiliar:

https://github.com/tektoncd/pipeline

https://tekton.dev/

https://redd.it/lxw1ia
@r_devops

Backing up databases

I want to understand the best practices for backing up databases.
Can I just backup the entirety of /var/lib/postgresql/data?
On stackoverflow they have recommended the following: https://stackoverflow.com/questions/24718706/backup-restore-a-dockerized-postgresql-database.

Is there anything wrong with going with the former approach?

https://redd.it/lxt2kk
@r_devops

Test Automation for Waterfall

Developer Claim: By waiting until the product code is near or at completion to execute your primary test automation capabilities, your likely missing out on some of the benefits offered by test automation. In other words, generally speaking, there are missed opportunities when pairing test automation and waterfall-like software development, where the automation team starts once the developer has a Release Candidate. He believes that moving the automation team earlier in the process would offer more value.

My Response: That sounds reasonable, but what well respected source claims of this inherent conflict between test automation and waterfall? Sure we can argue to move the test automation team to the left, but where do we point to for an objective assessment.

Developer Response: Siiiiigggghhh

Anyone here know of any reputable sources that address this question that we can mull over?

https://redd.it/ly1qzb
@r_devops

Does anyone know when Microsoft Outlook's new macOS application will support third party IMAP accounts?

I want to shift gears and use the new stuff, but I can't leave one of my accoutns behind.

https://redd.it/lxofkp
@r_devops

unified monitoring for EKS cluster and additional envs

I'm relatively new to the DevOps world so forgive the newb question. We've got a legacy installation of zenoss which for all intents and purposes works alright, but we lack the knowledge to troubleshoot it and moving forward it seems like Prometheus or INfluxDB are more appropriate. We've got some atypical (I think) VM envs, AWS EC2, and AWS EKS environments that all need to be monitored. The EKS is what throws me for a loop, albeit, I'm very new to EKS as well, but it seems like I basically need to run another instance of my monitoring in another EKS cluster or inside of the ones I'm interested in monitoring. These seems like I'm missing something because I have a hard time understanding how other shops would have separate instances running of their monitoring software that weren't all wired in/tied together.

Can someone offer me the zoomed out view of how I need to conceive of monitoring local, VM, and cloud environments?

​

Thank you.

https://redd.it/lxn33g
@r_devops

Histograms allow users to compress and analyze massive amounts of telemetry data. Check out OpenHistogram.io, which is 100% open source and free.

Check out OpenHistogram.io, which is 100% open source, free, and vendor neutral - creating open standards for sharing telemetry data between vendor platforms.

https://redd.it/lxmqxg
@r_devops

Cloudify Community edition

Does anyone have an experience using Cloudify Community edition in production? I am evaluating it for the project we work on, would like to hear if someone has real life experience.

Also, is there a similar multi-cloud environment lifecycle orchestrator?

Thanks.

https://redd.it/lxl1tr
@r_devops