How to get a job using k8s without much experience?

So I've begun to look for another job because my current one is not very challenging and it's getting stale. It's been pretty discouraging to say the least. I'm looking for a senior role as I've spent almost two years consulting in devops now and a couple years as an SRE and another 5 as a software engineer.

It seems these days that to most companies, devops is basically kubernetes and docker and that's it. I could meet almost every other aspect of the JD, but the second I mention I have little docker/k8s experience I dahm near get the phone hung up on me. I have tons of certifications in AWS, GCP, and Terraform and a Master's Degree, doesn't mean shit without k8s apparently.

I've been asking for clients at work who use k8s but since we work with a lot of companies looking to migrate, they are on legacy tech stacks and a lot of it is lift-and-shift. So I'm kind of stuck as my only option is to get a certification in Kubernetes. I've gotten pretty good at taking certs at this point (got 4 pro certs and 3 associate certs in 18 months) so I know I can do it if I put in the time. I just need to be able to answer the interview questions, I'm a pretty fast learner and docker/k8s is easy enough to understand conceptually, I don't think that's going to stump me at this point.

My fear is that even getting the cert won't be enough as I know people like experience more. I'm not willing to take a mid-level job as I could probably make senior consultant here in less time, and in a few years another tool will come out that everyone will go crazy about and I'm not trying to make my career about tools. DevOps is way more than that, if I forced every client to use k8s I'd be out of a job pretty fast.

What has been your experience with this? For the guys that work with k8s, what is the best way to convince a potential employer that you know your stuff? My strategy is to get the cert and write some blog posts about k8s, maybe contribute to open source as well if I have the time.

https://redd.it/lwijyd
@r_devops

3 Best Practices for Shifting Security Left3 Best Practices for Shifting Security Left

"Companies want to tighten their security fast, confidently, and with full transparency. A good place to start is by codifying your policies and shifting your security left, but it’s not enough!"

In this live webinar, we dive deep into the cultural philosophy of where security stands today in the cloud space, how to promote alignment between security and DevOps, and how to adopt a security culture that protects your cloud infrastructure.

Why should you attend?

\- Learn three best practices to shifting your cloud security left

\- Bridge the gap between your security team and DevOps

\- Learn what is policy-as-code

\- Understand which workflows that you should implement to properly shift left your SecDevOps.

\- Learn how to continuously tighten cloud security with the proper visibility and analytics

Join us on the 4th of March.

You can ask our experts anything!

Register here: https://www.magalix.com/3-best-practices-for-shifting-left 

#cybersecurity #cybersecurity #cloudsecurity #securities #computersecurity

https://redd.it/lwgpot
@r_devops

Am I Good Fit?

Hey everyone,

​

I was recently enlightened about the role of a DevOps Engineer and how they play a key role in getting software updates to the masses. I have been inspired to pursue a career in it for the automation aspect, but am not sure if a company would "take a chance" on me.

​

My professional background includes 3 years of \~300-500 people environments working with a team to manage virtualized Windows servers and some certifications including the CCNA, Security+, Azure Fundamentals and an associates in networking.

​

Since I am heavily experienced in Windows/PowerShell and a bit of Azure, I'm shifting my attention to Linux/Bash, Azure (and AWS), Jenkins, Docker, Kubernetes, Ansible, etc. I am utilizing this video to get me started on DevOps labbing and concepts.

​

So my questions:

Would a company take a chance on me to be a DevOps Engineer?

Should I only apply to Junior DevOps Engineer positions?

Should I get Azure or AWS DevOps professional certifications?

How do I prove on a resume that I would be fit for the job with no actual DevOps experience?

​

Thank you so much for reading and please let me know what you think.

https://redd.it/lwfg40
@r_devops

Is there a cloud with affordable DDoS protection?

Hi everyone. Recently, I got involved in a project that doesn't have a huge budget, but it's in an industry that's vulnerable to DDoS attacks of hundreds of Gbps. We'd like to use a cloud to host our infrastructure, but it looks like cloud providers either don't offer a decent one, or it's extremely expensive. The big three require at least $3k/year for their DDoS mitigation, which would exhaust our infrastructure budget. The only suitable hosting platform seems to be OVH, but it's not really a cloud if we have to manage dedicated servers. Do you know of any possibilities?

https://redd.it/lwdb17
@r_devops

Nexus on a NAS

I got a silly question,
I have a NAS lying around collecting dust.
Can I install nexus repository on it ?

https://redd.it/lxrg01
@r_devops

Is DevOps "Support" Engineer a serious role?

I know titles are flimsy, but I've been working with a big company for a few years now and my title has been "Software Engineer" except the issue is that I've done more System Administration type of work and haven't been part of any development cycle. This is because we use old technology, but we're transitioning into modern technology stack and they promised opportunities in development.

The time has come and the roadmap has been shared and it seems that we're going to be called "DevOps Support Engineers" to work with the "DevOps" engineers that were hired about a year ago to help with the development and transition.

I've been excited about going into DevOps and learning the new technology stack, but I feel like I'm just a SysAdmin for DevOps technologies.

So within the DevOps Engineer role, do some people work more on the dev side and others work more on the operation side?

I know ideally people should be able to do "everything", but I feel like my job is just make a stark distinction between those who will develop and maintain the pipelines and those who will make sure to fix any issues that arise (i.e. DevOps "support" engineers).

https://redd.it/lxr5wk
@r_devops

Azure conditional access + kubectl = weekly annoyance

Hi, i was wondering. Does anyone else run into this issue with kubectl and azure conditional access? https://github.com/kubernetes/client-go/issues/931

Every seven days i have to manually delete my access tokens and go through the login process. The login process is fine but its tedious to remove the access token in kubeconfig. This can be done with some cli magic, but why put ducktape on a already broken pipe..

I don't know enough go to fix this issue myself yet, but i would assume others also run into this when using 2fa and Azure to connect to clusters. How are you dealing with it in your org?

https://redd.it/lxo4nf
@r_devops

Getting non Git defined Data in GitOps

Hi guys,

To keep it short, I was responsible for creating a new cloud for a company and (ofc) adopted the GitOps way. The stack in is Kubernetes / AWS / Terraform and ArgoCD (there are more but don't matter for this topic).

At some point we started using a bunch of OSS that were built for Kubernetes (like prometheus-operator, albingresscontroller) and I noticed that most of these techs that require interaction with an AWS service will authenticate via an Role ARN you defined in AWS and have to place in the annotation of the service account that the respective deployment will be using.

​

The problem is, how do you get the ARN in the SA annotation before commiting the resource to Kubernetes (As in GitOps you would have everything defined already in Git). I have yet to find or come up with a simple solution. Anyone else here had this issue ? How did you tackle it?

https://redd.it/lxku8q
@r_devops

Technological Stack Version Control

Hello,

One of the things I am noticing would be nice to have on the infrastructure I am doing devops on, is a way to keep track of all software components and their versions. Like keeping an inventory and managing it along the way of making their updates and stuff like that.

I am unaware if there exists any software that does that already and that maybe you use it on a daily basis, but if you know anything that would do this kind of tracking and that keeps it simple, please write it on comments.

Needless to say that excel is not an option :-D

​

Thanks for sharing your info and thoughts!

https://redd.it/lxqudw
@r_devops

AWS codebuild equivalent of the jenkins build name setter plugin?

Is there a way to set change the default build IDs from the AWS randomly generated gibberish to something more descriptive?

https://redd.it/lxy1o5
@r_devops

Tekton CI



Im thinking about using Tekton for a CICD system, for a k8s based product.

I’d like to hear how many of you are familiar, and feedback and anything that can contribute to the discussion

Tekton is a Ci system that is k8s native, and defined as tasks that can be reused in multiple pipelines, pipelinesRuns, and more - so you can fine tune your needs.

Its main advantage is that its yaml based, and is very easy to understand.
It also have rather low need for maintenance as its on the cluster, so Its more easy IMO than jenkins to manage and maintain.

The main problem I see is that its rather new, 3 years old, and that it might not be battle tested enough.

Learnings curve to code is also pretty tough, as it have alot of new definitions and resources, but once things are set and written its rather easy to understand and reuse.


I think as gitlab/hub CI are yaml based, we start to understand that this is the future of CI, I also read that gitlab plan to allow Tekton syntax in the future in their own gitlab-ci,
There is also a new beta concept that they are trying out which is a hub, it holds many tasks that are prewritten and you can copy and reuse as your own, this might help too.

Im not sure about its works between clusters, but as its container based, you can code the use case and just use the container in your CI system, so I think this sentence actually cover alot, why use jenkins agent as container if you can just run the containers themselves on a shared PVC, and much more.

The project is also backed by red hat (red hat pipelines is a downstream project), and is a part of the CD foundation.

I really want to love that, and thus feel a bit biased,
Ill be glad to hear your thoughts.

Cheers.

For the unfamiliar:

https://github.com/tektoncd/pipeline

https://tekton.dev/

https://redd.it/lxw1ia
@r_devops

Backing up databases

I want to understand the best practices for backing up databases.
Can I just backup the entirety of /var/lib/postgresql/data?
On stackoverflow they have recommended the following: https://stackoverflow.com/questions/24718706/backup-restore-a-dockerized-postgresql-database.

Is there anything wrong with going with the former approach?

https://redd.it/lxt2kk
@r_devops

Test Automation for Waterfall

Developer Claim: By waiting until the product code is near or at completion to execute your primary test automation capabilities, your likely missing out on some of the benefits offered by test automation. In other words, generally speaking, there are missed opportunities when pairing test automation and waterfall-like software development, where the automation team starts once the developer has a Release Candidate. He believes that moving the automation team earlier in the process would offer more value.

My Response: That sounds reasonable, but what well respected source claims of this inherent conflict between test automation and waterfall? Sure we can argue to move the test automation team to the left, but where do we point to for an objective assessment.

Developer Response: Siiiiigggghhh

Anyone here know of any reputable sources that address this question that we can mull over?

https://redd.it/ly1qzb
@r_devops

Does anyone know when Microsoft Outlook's new macOS application will support third party IMAP accounts?

I want to shift gears and use the new stuff, but I can't leave one of my accoutns behind.

https://redd.it/lxofkp
@r_devops

unified monitoring for EKS cluster and additional envs

I'm relatively new to the DevOps world so forgive the newb question. We've got a legacy installation of zenoss which for all intents and purposes works alright, but we lack the knowledge to troubleshoot it and moving forward it seems like Prometheus or INfluxDB are more appropriate. We've got some atypical (I think) VM envs, AWS EC2, and AWS EKS environments that all need to be monitored. The EKS is what throws me for a loop, albeit, I'm very new to EKS as well, but it seems like I basically need to run another instance of my monitoring in another EKS cluster or inside of the ones I'm interested in monitoring. These seems like I'm missing something because I have a hard time understanding how other shops would have separate instances running of their monitoring software that weren't all wired in/tied together.

Can someone offer me the zoomed out view of how I need to conceive of monitoring local, VM, and cloud environments?

​

Thank you.

https://redd.it/lxn33g
@r_devops

Histograms allow users to compress and analyze massive amounts of telemetry data. Check out OpenHistogram.io, which is 100% open source and free.

Check out OpenHistogram.io, which is 100% open source, free, and vendor neutral - creating open standards for sharing telemetry data between vendor platforms.

https://redd.it/lxmqxg
@r_devops

Cloudify Community edition

Does anyone have an experience using Cloudify Community edition in production? I am evaluating it for the project we work on, would like to hear if someone has real life experience.

Also, is there a similar multi-cloud environment lifecycle orchestrator?

Thanks.

https://redd.it/lxl1tr
@r_devops

Nexus on a NAS

I got a silly question,
I have a NAS lying around collecting dust.
Can I install nexus repository on it ?

https://redd.it/lxrdr0
@r_devops

From all the "infrastructure as code" tools which DSL (code) you think is the most intuitive for big projects?

Hello all

I'm kind of new to the DevOps ecosystem, I notice there are many DSL languages for the IoC
I have high level question, what do you think is the most intuitive DSL no matter which TOOL?

https://redd.it/lxfmxw
@r_devops

Klustered #3 - Live Cluster Debugging and Special SIG Honk CTF

Hi everyone. Thank you for the kind words on the two previous episodes!

Episode 3 happened yesterday. This time, I’m joined by Kubernetes contributor, Michael Hausenblas. Unfortunately for us, we’re up against Justin Garrison & SIG Honk (Ian Coldwater, Duffie Cooley, Rory McCune, and Brad Geeseman)

This one seem some rather unique “breaks” from both teams. I won’t leave any spoilers in case you want to guess as you watch.

Again, thanks for being so supportive of this series. I hope you enjoy 😍

https://youtu.be/Ps2CQm6_aZU

https://redd.it/ly7tdd
@r_devops

Hey everyone. Wondering if anyone can help me on advice for a simple SaltStack POC - just need to find a robust Linux distribution or something but having a time with it.

If you could humor me also, eli5 why saltstack’s Googlable doco is so tailored to every environment it lives in, that would also rly help.

https://redd.it/lxf4fs
@r_devops