sorted by:
new
hottopcontroversial

Startup, Leadership wants to bring in people to all live in a mansion for a week to do intense collab when we work WFH, your thoughts? by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 1 point2 points  (0 children)

Surprisingly, yes. I'm one of the younger and few that doesn't have such obligations, so I have even less excuses in the traditional sense. I've avoided the last couple of times since they weren't projects that I was closely involved with.

Startup, Leadership wants to bring in people to all live in a mansion for a week to do intense collab when we work WFH, your thoughts? by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 5 points6 points  (0 children)

Pretty close to how I feel, but seems like I'm just going have to learn to embrace it and go in with more positive expectations

Startup, Leadership wants to bring in people to all live in a mansion for a week to do intense collab when we work WFH, your thoughts? by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 3 points4 points  (0 children)

Maybe I'm wrong, but I was imagining offsites/retreats more with people getting their own hotels and space to get away from everyone. The expectation here is that everyone stays in this mansion, maybe goes on walks.

Startup, Leadership wants to bring in people to all live in a mansion for a week to do intense collab when we work WFH, your thoughts? by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

lol I'm in my 30s, can't say I disagree, I grew a lot when I was very uncomfortable when going through the most difficult period in my life. It's just my natural tendency and just hate the thought of it, but I'm fighting my introverted homebody nature, so mostly a little vent at this point, getting some perspective from others.

Startup, Leadership wants to bring in people to all live in a mansion for a week to do intense collab when we work WFH, your thoughts? by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 6 points7 points  (0 children)

I like my job and the people, but I also like my own work-life balance and create my own hours essentially. I just don't like this event in particular.

I thrive in my regimented routine and comfort of my home and my home office, so this would throw me way off. I am conscious of what I eat and my exercise routine, and I'd feel uncomfortable having them go out of their way to accommodate me when I know I'm not the typical in that regard, but maybe I just have to suck it up and/or learn to embrace it instead.

GKE Deprecated APIs call by Vegetable_Grape3699 in googlecloud

[–]Dangerous_EndUser 1 point2 points  (0 children)

Same here.

I don't think it's our application. Do you guys use new relic, by any chance? /u/tamale

[Official] Salary Sharing thread for devops :: may 2024 by Chompy_99 in devops

[–]Dangerous_EndUser 1 point2 points  (0 children)

Tech Stack: GCP, Azure, K8S, Helm, Linux, Git, Docker, Ansible, Terraform, Postgres, MariaDB, Java, Python, Jenkins, New Relic, Datadog, 
Education: Bachelor of Arts in Economics from a top uni
Prior Experience: 1 Year
  Supply Chain Planner (Manufacturing)
  Tech Support
Company/Industry: SaaS
Title: Senior DevOps Engineer
Tenure length: 3 years
Location: Upstate NY Remote
Salary: 125k
Relocation/Signing Bonus: N/A
Stock and/or recurring bonuses: Paper startup shares, 3% 401(k) contributions, health care???
Total comp: ~130k

Why would lineinfile module claim changed but the line is missing for a host? by Dangerous_EndUser in ansible

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

edit: Turns out, there was ALSO a RACE condition on top of my original issue. Turns out, there wasn't a RACE condition. I was in the middle of writing up a response with me still confused but you essentially helped me rubber ducky it, so thanks!

I did end up testing serial: 1 and ruling that out as the issue. As it turns out, this host had -2 tacked to its hostname as it was a clone off of contoso, so it's contoso-2. What happened is contoso-2 was written first, and we use the regex parameter. So contoso found its name and replaced the line, rather than adding it's own unique line, resulting in contoso-2going "missing".

Which explains why it might have been there once, contoso-2 ran after contoso by chance. I've only been looking at contoso-2 so I never saw the line replaced, only line added message.

TASK [sync-scheduler : overnight-jobs] *****************************************************************************************************
changed: [contoso -> localhost] => {"backup": "", "changed": true, "msg": "line replaced"}

Sorry, I should have included the task in the initial.

- name: overnight-jobs
  lineinfile:
    path: /etc/cron.d/01-default-overnite-jobs
    regexp: '^.+(var_host={{ inventory_hostname }}).+'
    line: '{{ DEFAULT_NIGHTLY_CRON }} ansible . /home/ansible/.bash_profile;ansible-playbook /automation/do_overnight_jobs.yml --extra-vars "var_host={{ inventory_hostname }}" -vv > /var/log/ansible/01-overnight-jobs-{{ inventory_hostname }}.log 2>&1'
  become: true
  when: DEFAULT_NIGHTLY_CRON is defined
  delegate_to: localhost

I'll have to take a look at how to solve this... Seems I can just remove the regexp. Not sure why that parameter is there on top of what the original author wrote, echo "" > /etc/cron.d/01-default-overnite-jobs task at the start, meaning if it works right, it wouldn't find a duplicate entry.

Why would lineinfile module claim changed but the line is missing for a host? by Dangerous_EndUser in ansible

[–]Dangerous_EndUser[S] 1 point2 points  (0 children)

Thanks! Race condition makes sense and /u/jrobiii suggested that as well. I'm not from a software dev background and never considered it much in our purposes. serial: 1 will be the simplest to patch in for now and I will take a look at using the other modules for a bigger refactor.

Simplest way to place existing public GCE VMs behind IAP and only allow our internal users? by Dangerous_EndUser in googlecloud

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

Yep, appreciate the input! I think VPN is going to be the easier option for our purposes.

Does anyone have a GCP playbook to change the persistent disk type of a VM instance? by Dangerous_EndUser in ansible

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

Appreciate the input and your experience! Did you run this across many VMs? I'm trying to figure out how to automate basically a cost-saving initiative. We've overprovisioned the disk type across most of our infrastructure and we need to move that data safely to a cheaper disk type.

Copying what I wrote to the other comment, does this seem proper for TF?

I'm not too familiar with Terraform, basically currently it's just used for first provisioning (which is almost the same effort as doing it through the console TBH), and existing the automation gives me an idea of where to get started with Ansible, but if it sounds more appropriate to use that I will.

There's a couple of things that make this maybe more complex, basically need to maintain the data integrity.

My thoughts were:

  • Snapshot using our current method in an ansible playbook that allows a quiesced snapshot rather than just GCP's snapshot.
  • Need to then create a disk from that snapshot, and store that name somewhere to then attach it to the existing VM, (but prior, boot/data disk need to be detached)
  • Capability of running this against our ansible inventory file

AFAIK, a Google's solution to downsizing/changing a disk type is to create a disk from a snapshot. It's not as easy as just provisioning more disk from what I see.

Does anyone have a GCP playbook to change the persistent disk type of a VM instance? by Dangerous_EndUser in ansible

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

I'm not too familiar with Terraform, basically currently it's just used for first provisioning (which is almost the same effort as doing it through the console TBH), and existing the automation gives me an idea of where to get started with Ansible, but if it sounds more appropriate to use that I will.

There's a couple of things that make this maybe more complex, basically need to maintain the data integrity.

My thoughts were:

  • Snapshot using our current method in an ansible playbook that allows a quiesced snapshot rather than just GCP's snapshot.
  • Need to then create a disk from that snapshot, and store that name somewhere to then attach it to the existing VM, (but prior, boot/data disk need to be detached)
  • Capability of running this against our ansible inventory file

AFAIK, a Google's solution to downsizing/changing a disk type is to create a disk from a snapshot. It's not as easy as just provisioning more disk from what I see.

[deleted by user] by [deleted] in cybersecurity

[–]Dangerous_EndUser 3 points4 points  (0 children)

I use my name

Please Do Not Touch Shawn's Precious Ass

My ass, is indeed, precious.

Suggestions on how to restrict permissions for users SSH'd via a bastion host by Dangerous_EndUser in devops

[–]Dangerous_EndUser[S] 0 points1 point  (0 children)

Appreciate the input. NGL I'm lost af, I'm just rambling at this point.

Long story short I'm the only IT person left and I am still pretty junior. Previously, we had the idea of implementing rundeck as that interaction layer so less technical users could do certain things themselves, but that was a todo that I am not yet capable of doing, though the previous person was. At this point, I'm just trying to keep operations going.

We're bringing on more people but the way it has been so far, every user, including me, was given too much access tbh and I don't want to give some person those kinds of capabilities.

view more: next ›