When approaching to GitOps workflow you will soon have to choose between push and pull based approach. In this blog-post I will explain the high-level differences of each approach with pros and cons. What is GitOps GitOps stands for Git Operation: in this workflow all the infrastructure configurations are stored in a Git repository, which…
Read MoreRecently we had to provision a couple of NetEye machines on Azure for production purposes. Our procedure essentially creates a RedHat 8.10 VM starting with an official RedHat image, and adds the NetEye repositories to install the required software. This procedure is what we usually follow to create training environments, but these machines are usually…
Read MoreWhen you prepare a machine for production, you usually want to use a redundant network interface in order to be resilient to possible network outages. When we created our OpenShift cluster this wasn’t possible during the installation procedure, at least not using the UPI procedure. We recently added a new node and discovered this new…
Read MoreOne of the first issues we added more than 2 years ago to our DevOps backlog was automating the infrastructure preparation and release of NetEye, but we postponed it for a long time because it was too big to do. A bit of background Every 2 months we release a new NetEye version: this basically…
Read MoreEvery so often it may happen (in particular after a cluster update or hardware issues) that you see your storage in a warning state on OpenShift. The first thing to do is to check what’s wrong with your cluster: sometimes you may have a real issue, in other cases it may just be a temporary…
Read MoreRecently we felt the need to collect anonymous metrics about how our users are visiting our websites. After some investigation, the development team proposed using Matomo: a free and open source software project which collects usage metrics while guaranteeing 100% privacy alongside the chance to be self-hosted. We decided to install it on OpenShift, since…
Read MoreSome days after installing an OpenShift cluster you may notice a warning related to insights: the system is complaining because metrics are not stored in a persistent way and a restart of the container may cause the loss of metrics. In OpenShift it is possible to configure several custom metrics. In this post I will…
Read MoreWe fixed a bug in NetEye Userguide clarifying the procedure to setup custom certificate on a NetEye Mirror in Change NGINX Certificates section both in NetEye 4.30 and 4.31.
Read MoreIn my previous blog-post I wrote an introduction to pipelining in OpenShift. This blog post is a follow-up to explain how to trigger a pipeline automatically. Tekton triggers are quite complex and need some explanation in order to be understood. To trigger a pipeline you need several components. In the graph below you can see…
Read MoreIt’s been a while since my last blog post about our OpenShift journey since as a devops team, we’ve been focusing on other activities for a while. Today I’d like to talk a bit about how to use OpenShift for CI purposes. As described in our productive use case, we implemented several pipelines to build…
Read MoreIn December 2022 we decided to completely restructure the code of our User Guide. Previously, each project contained its own documentation, but this led to very difficult and time-consuming development having the code scattered across more than 40 repositories. Furthermore our contributors are not necessarily NetEye developers, or even developers at all. Setting up a…
Read MoreThe Beginning When I started my new role as a DevOps Engineer at the beginning of 2022, we had little experience in DevOps as a team. We tried several times to implement automation in order to simplify maintenance and reduce the amount of overall effort we invested in routine activities. However, since DevOps engineers are…
Read MoreLooking at how several companies have managed their services, we discovered a relatively new (for us) technical role, the Site Reliability Engineer. As IBM reports: The principle behind the SRE is that using software code to automate oversight of large software systems is a more scalable and sustainable strategy than manual intervention – especially as those…
Read MoreIn our migration journey from multiple VMs to OpenShift, one mandatory step is the integration with our company’s Active Directory. This is the default IdP for our services like Jenkins, NetEye, etc., and we want to centralize authentication and permissions as much as possible. Integration with OpenShift is less straightforward than it is with other…
Read MoreIn a previous blog post I described how we installed our first OpenShift cluster and how we used HA Proxy as a load balancer. Our cluster is meant to host both internal services (like CI and docker registry) and public services, and we thus have to expose them on multiple domains with valid SSL certificates….
Read More