• 2 Posts
  • 20 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle


















  • Ha i can totally feel the pain. Its a lot to learn! I’ve personally gone the traefik route instead of nginx. It does a lot of the rewriting by itself just by attaching labels to docker instances, and there is excellent middlewares available for security measures, like oauth forwarding or modsecurity. You can write your own middleware too and it’s quite simple to do without having to interact with the full http session. As for logging, you can configure other logging drivers for docker. If you’re worried about them being too ephemeral, send them to syslog or journald. Or set up fluentd and store them in the cloud. What makes things less complicated these days i think is that we now have “small things doing few things very well” in services with all sorts of containers, you just have to glue them all together.


  • I am really confused by what I’m reading here. This is exactly it. If you have a specific DevOps role or team plus developers… Congratulations you have Operations again. Developers should empowered to fuck (their) shit up and fix it, that means having mandate, tooling and responsibilities for running things in production. And auditing and compliance is definitely possible all while doing do.