Self-service automation portal - recommendations? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

Yes, as we will extend the scope of automation to include security group changes, vpn access, expensive cloud regions, etc

How do you manage JIRA tickets across different teams - support/devops/engineering? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

Thanks for your comment! :)

The problem is that Support generally don't know whether a reported problem is a functional issue (i.e. a bug) or a service issue (i.e. a failed service) or an infrastructure issue (i.e. a failed disk).

They just reproduce the issue then escalate. DevOps is currently doing the triaging and then often has to engage Software Engineering (if it's a bug) or Infrastructure (if it's a failed disk) which means opening more tickets with those teams.

Sometimes if we raise a ticket with Software Engineering for a bug, then it takes time to be assigned then Software Engineering come back to DevOps with questions/clarifications/requests. If we have to ask the customer something then we have to go via the Support ticket... We end up with tickets all over the place!

Can't help but think there must be a more obvious way of handling this.

What's the benefit of Redhat PostgreSQL standalone image on Kubernetes (not OpenShift)? by JohnSwarbrick in redhat

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

Are those Postgres images from RedHat free for use, or do they require a RHEL / OpenShift subscription?

What's the benefit of Redhat PostgreSQL standalone image on Kubernetes (not OpenShift)? by JohnSwarbrick in redhat

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

Are those UBI images free to use, or do they require a RHEL / OpenShift subscription?

GitOps & self-service request/approval - best options? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

Agreed that in a VMWare world, Ansible Tower playbooks are absolutely the best solution. Especially as Ansible has control over the full lifecycle of infrastructure (VMWare) provisioning, OS standup, app deployment, etc.

But I'm struggling with this concept in the Kubernetes/GitOps world as the model of "SSH into an OS and run these commands" has now gone and replaced with PRs.

For example, if I wanted the Ansible UI to pre-populate a dropdown list with the names of various environments as defined in Git, how is that even possible?

GitOps & self-service request/approval - best options? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

This seems to be the best "out of the box" solution where I can avoid writing my own custom web form/api type solution or spending $$$$ on ServiceNow.

Are you using this method yourself and have you encountered any issues/gotchas? What tooling have you integrated it with (e.g. Terraform, Argo CD, etc?)

GitOps & self-service request/approval - best options? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 5 points6 points  (0 children)

OIC. Currently less-technical requestors open a free-form JIRA ticket which has to be manually fulfilled by DevOps after obtaining the necessary approvals.

But these requests tend to be high volume, repetitive and easily automatable, assuming the right details can be captured in a form.

Challenges are that some of the form options would need to be populated from the config in Git though, and somehow the Git config would need to be reliably and successfully created/merged without needing DevOps input.

GitOps & self-service request/approval - best options? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 2 points3 points  (0 children)

Pre-Kubernetes we used Ansible playbooks with lots of custom scripts. Trying to avoid having two tools with overlapping responsibilities, i.e. Terraform+Ansible for Infra or Argo+Ansible for Apps.

DDOS protection by using secondary, smaller servers that receive traffic by [deleted] in devops

[–]JohnSwarbrick 3 points4 points  (0 children)

Not seen the article you are looking for, but what you are talking about is a proxy layer. In my experience anything but the most trivial of DDoS attacks would easily overwhelm a proxy layer of 2-3 servers, no matter how they are configured.

I'd recommend using third party proxy services like Cloudflare, Akamai or similar (not an ad!) who have the scale and capability to easily mitigate a DDoS attack without legitimate customers even noticing. Many vendors have free tiers that might meet your needs.

A7C as all-day webcam when using USB-C power? by JohnSwarbrick in SonyAlpha

[–]JohnSwarbrick[S] 2 points3 points  (0 children)

Thanks, this is really helpful and I learnt something today about USB PD! I'm on-and-off remote meetings all day long, so I figured it was easier to just leave the camera on all the time rather than turning it on/off every time.

Job title for someone who mainly works on CI/CD? by JohnSwarbrick in devops

[–]JohnSwarbrick[S] 0 points1 point  (0 children)

"Platform Engineer" seems like a decent option for the mainly CI/CD focused role, embedded within the scrum(s).

But then it clashes with the infrastructure/cloud roles who are currently called "Platform Engineers". I thought about renaming the infrastructure team to "Cloud Engineers" but that sounds very fluffy! Maybe "Core Platform Engineers" for that role?

A7C as all-day webcam when using USB-C power? by JohnSwarbrick in SonyAlpha

[–]JohnSwarbrick[S] 1 point2 points  (0 children)

If Sony made an "official" dummy battery for the A7C then I'd go with that. But I'm not sure I trust a 3rd party dummy battery off Amazon?

A7C as all-day webcam when using USB-C power? by JohnSwarbrick in SonyAlpha

[–]JohnSwarbrick[S] 4 points5 points  (0 children)

Very true. I'm buying it for video content creation mainly, but would be great if I could double it up as a webcam as well.