#general (2020-2)

General conversations related to DevOps/Automation

General Discussions

2020-02-16

SweetOps avatar
SweetOps
08:00:08 PM

Hey everyone, give a warm welcome to our newest members!

  • @21042jim
  • @Christoph Gerkens

Good to have you here =)

2020-02-15

SweetOps avatar
SweetOps
08:00:09 PM

Hey everyone, give a warm welcome to our newest members!

  • @Kevin Hetman
  • @krismulica
  • @acs0508
  • @Örjan Sjöholm

Good to have you here =)

2020-02-14

SweetOps avatar
SweetOps
08:00:13 PM

Hey everyone, give a warm welcome to our newest members!

  • @Sudesh Lalmal Pathirana
  • @mattia.bertorello
  • @Olivier

Good to have you here =)

2020-02-13

Erik Osterman avatar
Erik Osterman

what are everyones favorite videos for learning terraform, helm, kubernetes, etc? please share with me!

Zachary Loeber avatar
Zachary Loeber

I don’t use videos for learning much but thus far I think that Kubernetes In Action is the current bible of kubernetes.

Alex Siegman avatar
Alex Siegman

Same, videos tend to be too slow-paced for me, and I’m a quick reader. I’d rather read, pause where I want, test, play, search for answers…

A coworker of mine has enjoyed the LinuxAcademy content, I can’t vouge for it but it’s helped him learn stuff.

grv avatar
kelseyhightower/kubernetes-the-hard-way

Bootstrap Kubernetes the hard way on Google Cloud Platform. No scripts. - kelseyhightower/kubernetes-the-hard-way

grv avatar

Also, courses on udemy from Edward Viaene, for Kubernetes, terraform and Prometheus are good ones I can think of

grv avatar
Edward Viaene | DevOps, Cloud, Big Data Specialist| Udemy

Edward Viaene is a Udemy instructor with educational courses available for enrollment. Check out the latest courses taught by Edward Viaene

SweetOps avatar
SweetOps
08:00:17 PM

Hey everyone, give a warm welcome to our newest members!

  • @Siraj Rauff
  • @ericyang879
  • @sekhar modu
  • @Vidhya Vijayakumar

Good to have you here =)

Erik Osterman avatar
Erik Osterman

Helpful feedback @Zachary Loeber @Alex Siegman

Erik Osterman avatar
Erik Osterman

Let me rephrase this to what learning materials have ya’ll found the most helpful

Erik Osterman avatar
Erik Osterman

I am trying to curate some content to help newcomers to grok the concepts and give them a place to get started

Erik Osterman avatar
Erik Osterman

I am personally searching for content and overwhelmed with how bad most of the stuff is (well, to be kind - just not the way I would explain it), so it’s not surprising that if someone is a newcomer to this stuff how hard it is to find good learning materials

Alex Siegman avatar
Alex Siegman

For people brand new to kubernetes, I’ve found “Kubernetes Up and Running” pretty invaluable for learning the basic concepts. It’s available for free from a few places, I haven’t found a give-information-free link in my quick google, but https://azure.microsoft.com/en-us/resources/kubernetes-up-and-running/

Kubernetes: Up and Running, Second Edition

Improve the agility, reliability, and efficiency of your distributed systems by using Kubernetes. Get the practical Kubernetes deployment skills you need in this O’Reilly e-book. You’ll learn how to:Develop and deploy real-world applications.Create and run a simple cluster.Integrate storage in…

Alex Siegman avatar
Alex Siegman

Or you can buy it from o’reilly / amazon

Alex Siegman avatar
Alex Siegman

I think it helps to be focused on what you’re trying to learn, and more importantly, for what purpose. Example being, Up and Running is a great book for anyone who has need to understand basic kubernetes concepts. But if you’re a developer who has to make the program and stuff it in to a container, will that necessarily help you? I find it harder to find learning materials at the level and “depth” around a given concept than materials for a tool or concept in general

Erik Osterman avatar
Erik Osterman

that’s a good point.

Alex Siegman avatar
Alex Siegman

Another great example is python books. There’s a million “learn python” books, but all of them cover the same boring stuff. What about a “learn python for someone who already knows python” book - where it goes more in to style, architecture choices for python programs, good designs for whatever, etc. I don’t need to be taught python, I want to learn/explore idiomatic approaches to problems in python, learn to use the language elegantly and efficiently, etc.

Erik Osterman avatar
Erik Osterman

“here’s what you need to know as a developer…:”

:--1:1
grv avatar

@Erik Osterman can i be added to the terraform channel, kicked myself out by mistake

Erik Osterman avatar
Erik Osterman

Hrmmm anyone can join any channel :-)

Erik Osterman avatar
Erik Osterman

Even if you leave one…

grv avatar

good to know, thanks

Sudesh Lalmal Pathirana avatar
Sudesh Lalmal Pathirana

hii

1

2020-02-12

2020-02-11

SweetOps avatar
SweetOps
08:00:09 PM

Hey everyone, give a warm welcome to our newest members!

  • @Geoff Weinhold
  • @julius.blank
  • @Conti Mattia
  • @Meg Yahl

Good to have you here =)

Zachary Loeber avatar
Zachary Loeber

Dang, the daily new member list is getting larger and larger. The cult of devops is spreading….

:--1:2
Geoff Weinhold avatar
Geoff Weinhold

come closer to the light!

Patrick M. Slattery avatar
Patrick M. Slattery

Question on secrets for things such as DB passwords etc. Does anyone keep the originals in a Git repo (encrypted of course)? We do and I’m questioning myself on whether we should.

Pro: We have the master copy offline from the K8S cluster and in the event of a total failure we still have access to the original passwords.

Cons: Do we really need to keep yet another copy of the passwords? They are in the Azure Keyvault/Google Secret Manager (where apps pull them them from)

Anybody have any good reasons to go either way?

Yonatan Koren avatar
Yonatan Koren

@Patrick M. Slattery I mean, it sounds like you’re facing the burden of keeping passwords in more than place. What about a centralized secrets management solution such as HashiCorp Vault?

Pros:

• Secrets are in one place

• Failure scenario: Vault’s storage can be HA, for example with Consul as the data store. Even in total failure, you will be okay if you have enabled Consul backups to AWS S3.

• Cloud agnostic - i.e. you’re not relying on AWS KMS, GSM, etc

• Dynamic Secrets Engines (You can give admin credentials to Vault and it will issue and automatically revoke temporary DB credentials)

• A k8s mutation webhook controller which essentially acts as an operator to allow injection of secrets to pods https://www.vaultproject.io/docs/platform/k8s/injector/index.html Cons:

• Expensive to run HashiCorp’s reference architecture of 5 Consul nodes + 3 Vault nodes (https://learn.hashicorp.com/vault/operations/ops-reference-architecture) - Vault integrated Raft storage is still in beta until 1.4.0

• You’re running a third party application on top of everything you’re already running

• Re: Failure scenario and automated backups - for non-Enterprise Consul you need to manage automated backups yourself

Patrick M. Slattery avatar
Patrick M. Slattery

Yeah, I’ve heard a couple of Vault horror stories that keep me away from it. We ourselves initially used Consul for state management in our app and had several disasters with it. It would be hard to persuade anyone here to run Consul again.

Patrick M. Slattery avatar
Patrick M. Slattery

That said the pros are all very much what I really want…

grv avatar

You can use AWS secrets manager (if on AWS), but it becomes really expensive if there are large number of secrets to be stored (we are also in the same boat right now on which secrets manager to use though)

Patrick M. Slattery avatar
Patrick M. Slattery

We are currently using Azure Keyvault / Google Secrets Manager (We are moving away from Azure though) Price for either is not anything crazy but then again we only have a few dozen secrets in each instance at most

Patrick M. Slattery avatar
Patrick M. Slattery

Google Secrets Manager is nice but is pretty light on features being so new (Still in beta)

Chris Fowles avatar
Chris Fowles

as long as the encryption is well protected i (depending on the workload) don’t see a massive issue with using git as the source of truth as long as they are that. things like needing to rotate at short intervals and needing to audit retrieval of secrets would change that recommendation

Chris Fowles avatar
Chris Fowles

vault and consul are great tools, but they’re not without operational overheads - they need to be kept running and maintained

Chris Fowles avatar
Chris Fowles

if you can’t commit to the overhead required to run them you’re introducing a weakness into the system rather than a strength as they’ll quickly end up in the critical path

:--1:2
Yonatan Koren avatar
Yonatan Koren

This was very concisely said, I try and formulate such a sentence when someone throws Kubernetes into the conversation, even them having never operated it

2020-02-10

SweetOps avatar
SweetOps
08:00:19 PM

Hey everyone, give a warm welcome to our newest members!

  • @Daniel Stoor

Good to have you here =)

2020-02-09

SweetOps avatar
SweetOps
08:00:08 PM

Hey everyone, give a warm welcome to our newest members!

  • @Aaron Lennon

Good to have you here =)

2020-02-08

SweetOps avatar
SweetOps
08:00:21 PM

Hey everyone, give a warm welcome to our newest members!

  • @rustemabd
  • @Andrew Cameron-Douglas
  • @Tom Howarth

Good to have you here =)

rustemabd avatar
rustemabd

Thank you! Happy to join! :–1:

Tom Howarth avatar
Tom Howarth

Thanks for letting me in. I am still on my learning journey. so please be kind :)

Erik Osterman avatar
Erik Osterman

@Tom Howarth all skill levels welcome!

2020-02-07

SweetOps avatar
SweetOps
08:00:26 PM

Hey everyone, give a warm welcome to our newest members!

  • @Norbert Fenk
  • @Dhrumil Patel

Good to have you here =)

2020-02-06

SweetOps avatar
SweetOps
08:00:13 PM

Hey everyone, give a warm welcome to our newest members!

  • @Mike Martin
  • @Zack Hewison
  • @Miranda Pearson
  • @Silke Van den Broeck
  • @hugomelo97

Good to have you here =)

:--1:1
Mike Martin avatar
Mike Martin

Thanks for the shout out! Really enjoyed the zoom session yesterday - will be back next week!

Zack Hewison avatar
Zack Hewison

Thanks for the welcome! Hello

Erik Osterman avatar
Erik Osterman

Thanks @Mike Martin! Ya, yesterday’s #office-hours was a good one. See you next week!

Erik Osterman avatar
Erik Osterman

Hey @Zack Hewison!

2020-02-04

SweetOps avatar
SweetOps
08:00:14 PM

Hey everyone, give a warm welcome to our newest members!

  • @cia
  • @Josh Hudson
  • @tomkinson
  • @Maciej Kozlowski
  • @Jason Carter

Good to have you here =)

2
tomkinson avatar
tomkinson

thanks!

Jason Carter avatar
Jason Carter

Thanks

2020-02-03

wannafly37 avatar
wannafly37

2nd interview for my first DevOps type role today! Anyone want to share tips?

MattyB avatar
MattyB

#jobs had some good discussion on it recently. i’m not sure how much is relevant to a first timer though

:--1:1
Erik Osterman avatar
Erik Osterman

Ya some good interview questions were posted in #jobs. Honestly, it comes down to the interviewer and their style of interviewing.

SweetOps avatar
SweetOps
08:00:12 PM

Hey everyone, give a warm welcome to our newest members!

  • @wattiez.morgan
  • @Victor D
  • @Prasanna Pawar
  • @Almas Hilman Muhtadi
  • @Dan Griffiths
  • @Sharanya reddy pagidi

Good to have you here =)

:--1:2
gyoza avatar
gyoza

thx for the hard work on that elasticsearch module thats really nice.

Erik Osterman avatar
Erik Osterman

Thanks @gyoza!

    keyboard_arrow_up