#38 - Joseph Njogu -Dev Ops - Impact Masters Podcast

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:09):
Okay, I think we can now get started.
Just an overview before webegin, I'll just do the reminder
again.
What we'll do is we'll have apresentation and then, after
that, a slight break and aninteractive session.
After All, right, yes, so thetopic today is DevOps for CTOs.
This is CTO Roundtable, so I'massuming, or I believe, most of

(00:32):
you here are CTOs or seniordevelopers and engineers in your
companies, so this will be anengaging session for you.
What we're going to do is,during the presentation, if
there are points you want tonote or areas you want to hear
more about, or areas you evenwant to share with other people
who are here today, just notethem so that during the engaging
session you can get to share.

(00:53):
We'll have that space tointeract.
All right, awesome.
So we will get started.
And we also have our SRE SiteReliability Engineer from Africa
is talking here with us, calledEdward.
Hi, edward, yes, so he will getto share insights later.
And so, for now, I will welcomeour presenter for this evening,

(01:15):
who is Joseph Njogu fromArcRide.
He's a DevOps engineer atArcRide.
So, joseph, welcome and takeover.

Speaker 2 (01:32):
Round of applause.
Hi, yeah, that's new, that'snew.
Okay, so I'm Joseph and, as Isaid, today we'll be talking
about DevOps for CTOs.
But before I do that, becauseI'm joined by my good guy here,
edu, let's introduce him.

(01:52):
He'll give us an introduction.

Speaker 3 (02:00):
Hello guys Again.
My name is Edward.
I'm a liability engineerengineer in Africa, stalking.
I started doing this role in2018.
So I've been doing this forsome time.

Speaker 2 (02:17):
Awesome, so you are the CTO.
I heard you say you are the CTO.
Do you have someone who joinedin 2018 like him?
Do you have someone who joinedin 2018 like him?
Awesome, ok, yeah, so today,our main focus will be two bits
how to build a successful DevOpsteam and maybe to highlight

(02:41):
some of the best not the right,but the best tools which are
used in the industry.
Yeah, so that will be our mainfocus.
And, because we said thesession is supposed to be
interactive, we have otherDevOps engineers who work in
different companies.
We all maybe know how we did tobuild our DevOps teams, right?

(03:03):
Yeah, so just start.
You all maybe know how we didto build our DevOps teams, right
?
Yeah, so just start.
For the first bit, they arebuilding a successful DevOps
team.
It's almost somethingstraightforward or something
logical.
How to do that?
Number one, maybe ask yourselfwhy do you need a DevOps team?
Or maybe why do you need DevOpsin your company?

(03:26):
Right, yeah, so maybe, forbecause we are developers here
and DevOps engineers, why do weneed a DevOps team?
Or why do we need a DevOpsengineer in our company?
Yeah, so maybe.
Number one, we want to, youknow, hasten the process of the

(03:46):
software development, or maybethe deployment cycles or
frequencies, right, yeah.
So number one before we nowmaybe we know why we need a
DevOps team to hasten thatprocess.
Or maybe we want someone whowill manage our infra, will
manage our, who will be doingthe deployments for our company,
right?
So maybe number one to do is todefine your goals.

(04:09):
What do you want to achieve bythe DevOps team?
Yeah, what do you want toachieve?
It's a question for you toanswer, because it's you who
want to have the DevOps team inyour organization.
Number two ask yourself howmany tools do we have out here
for DevOps engineering?

(04:30):
Because you, as the city of thecompany, will maybe take a lot
of time to define the tools thatyou want to use, not any other
person coming into yourorganization and saying this is
the tool that you want to use.
You're the right person to saythis is the tool that you'll use
.
So how many tools do we have?
What tool do we use for thistask?

(04:51):
Right, yeah?
So the next thing is to ensurethat we assemble the right team.
Now, this is the bit where wehave the real talk.
How do you assemble the rightteam for you?
Definitely, number one onething you will realize is that
maybe in Kenya right now, devopsengineers are not paid the

(05:14):
right amount of money, so mostof DevOps engineers are working
remote.
So you'll need to think wheredo I need to get these people?
Where are these people located?
So do I need to put my team onsite or do I need these DevOps

(05:35):
engineers to work remotely?
That's one.
Two do they have the rightskills.
When I say the right skills,okay, I believe in the mantra by
Atlassian that says you buildit, you ship it and you run it.
So be the developer who builds,be the developer who ships that
product and be the developerwho runs that product.

(05:58):
And in that you have the rightDevOps engineer.
Yeah, so ensure that the DevOpsengineer that you are getting,
he or she is a developer.
Two he or she has the rightskills, or rather possesses the
skill set with the right toolsfor you, or maybe the best tools

(06:20):
as you define them.
Then, from there, now assembleyour team, have them, set your
own objectives.
This is what we want to achieve, we now, as the team of these
DevOps engineers.
Right, then ask yourself howwill I measure the success of my

(06:46):
DevOps team?
How do I measure that?
Because I think the KPIs thatare driven by DevOps are the
ones which are the mostimportant, like number one the
frequency of your deployments.
How frequently do you deployyour projects or your
applications?
Two, what is the mean time torecover when you face an error?

(07:09):
So when I said you get a teamor a DevOps engineer who can
build, ship and run, now try andthink in this line, you have a
DevOps engineer who would notparticipate in building a
certain product.
Then we face an error inproduction.
Do you think that DevOpsengineer will solve that problem

(07:30):
?
The answer, maybe, is yes or no.
Yes, if he or she is adeveloper, right, but he'll take
a lot of time to figure outwhere the issue is if he or she
is not the one who built thatproduct, right.
But now think in this line thisDevOps engineer not the one who
built that product right, butnow think of this line this
DevOps engineer is the one whobuilt this product from the very
beginning and the same personwho shipped this product.

(07:53):
How long do you think they'lltake to solve that issue?
Very little time, right?
Yes, so now you see the sensebehind that.
Yes, so in this, now, beforeyou assemble this.
Now, as we said, define yourgoals.
Know what you want to achieve.
Right, remember when you arestarting.

(08:14):
Maybe, if you are a startup,maybe initially you have a very
small number of projects thatyou want to be working on.
But think in the future.
Right, what will we maybe bebuilding?
Because you might, right now,bring someone a DevOps engineer
with the right skill set at thattime, but how about tomorrow?
So now, that brings anotheraspect that you will consider

(08:37):
when building this DevOps teamNumber one build a path that
these people will be followingto upgrade their skills.
For instance, maybe havesomething like create a token
where you reward your DevOpsteam or engineers to get courses

(08:58):
, upgrade their skills, becauseI think growth is the most
important thing.
Right, we all want to grow asDevOps engineers, not just fit
in our current companies, but tofit globally right, and to also
build scalable applicationswhich are world-class.

(09:20):
Now, that's that bit, anddefinitely it follows other
things which you, as the CTO ofthe company, knows.
This is what we want Maybesomeone who is a leader, someone
who can lead others, who can bea mentor to, you know, junior
DevOps engineers and otherpeople.
Right, and also not just being aleader, but also someone who is

(09:44):
a speaker.
Now, try and imagine I was nota speaker and I'm a DevOps
engineer.
How will I pass the knowledgeto others?
You see, yeah, not saying thateveryone is a speaker, but at
least someone who can Also maybeassemble.
Maybe we can assemble this onecompany, but these are the
DevOps engineers of this company, and here he is giving them the

(10:07):
knowledge or telling them maybewhat to do.
Right, and remember, I saidthis is an interactive session.
You know it, I know it, or weknow it, or I don't know.
You know right, yeah, cool,yeah.
So in that bit, maybe, if wecan get someone else who is a
DevOps engineer, what can we addin that bit of building a
successful DevOps team, apartfrom what I've said?

(10:35):
Anything, anything.
The CTO what did you do whenyou were building that DevOps
team?
That I've not said Okay?

Speaker 5 (11:03):
he's saying she's saying repeat that, okay, I
think we understood the why,which is important.
Thereafter we just we didn'tknow what we were getting
ourselves into.
So we just knew that we neededto get there and this was how to

(11:24):
get there.
The DevOps we got into justtrial and error, and right now
we can say that we're prettycomfortable and confident of
where we are.

Speaker 2 (11:34):
Awesome.
And also I hope you know thatby 2015, almost 55% of the
companies in the world hadadapted DevOps.
Now you know, yeah, so let'sget into that other part here.
This presentation is very shortbecause I said, you know, the

(11:56):
most important bit is where weare all interacting with the
right questions right Now.
This bit we said define yourgoals, assemble the right team
is it maybe already right?
Create a culture of continuousimprovement.
When you have that, you'll seethe need as to why you want a

(12:19):
DevOps engineer.
Or maybe just educate one ofyour developers and become a
DevOps engineer.
Right?
It's another way of creating aDevOps team Embrace automation.
Which company have not embracedautomation?
That company is lagging behindright Now.

(12:41):
And this part where I said theKPIs of DevOps measure your
progress and it's just only bythe use of those KPIs that
you'll know you are progressingor not.
You'll now say do we need theDevOps team or we don't need it?
Now, this bit hereimplementation of DevOps.
What did we do to implement it?

(13:06):
Now that we have the team, wehave the right people in our
teams.
Now, mostly what we'll coverhere are the most commonly used
tools not the best, not theright tools, but the best tools
In development environment or insoftware development field.

(13:28):
What do we mean by the bestused tools or the best tool to
use?
How do you know this is thebest tool to use?
Developers in the house,awesome, yeah, definitely,
community support.
Larger developer.
You know environment?

(13:49):
Because just imagine, you facean error and you don't know how
to fix it and the tool you areusing is not used by many people
.
So the best tool is used bymany people, right?
So we have here these ones anddefinitely we have the
alternatives, because I knowsome of the other companies are

(14:10):
using other tools, but I don'tknow if there is any other
company which is not usingDocker or we are not using
Docker.
We are right.
So Docker is one of the mostcommonly used tool for
dockerization, containerization,or bundling our projects or our

(14:32):
applications into standardizedunits, that is, containers,
which is one of the best usecases for bundling our projects,
our project.
Then we have Docker Composehere.
How many people use DockerCompose here?
Exactly, docker Compose, if weare not using Docker Compose for

(14:55):
these kubernetes, right?
Yeah, so the alternative forDocker Compose is Kubernetes,
which I think for you to useKubernetes, you must be having
very strong reasons, right, notjust a reason, but very strong
reasons.

(15:15):
Maybe the load that you arecarrying, the traffic, the
number of users.
Also, definitely if you have alot of money, right yeah.
Then we have DocHub there.

(15:38):
But the reason I just usedDocHub just for illustrations I
know most of us use, maybe ECRthis is the container registry
or image registry.
So some of us use Doc Hub,which is open source, others use
ECR, others use GCR, right,yeah, just for storing our
Docker images that we create upthere.
Then we all know that.

(15:59):
Where do we start in DevOps?
When you hear about DevOps,where do you think you are
supposed to start exactly?
So DevOps starts at CI, cd,right, yeah, so we have a circle
CI there.
Other people use github actions, but these are commonly used

(16:20):
but not the best ones, right,the best ones are something like
Jenkins.
People use something likeGitLab CI.
Others use Travis CI, teamcity,bamboo, etc.
But definitely, as we said, knowthe tools that you want to use.
Do some research before we saythis is what we'll use.

(16:41):
We let cover your objectives.
Objectives how usable is it?
How is it user base?
Right, like, for instance, Icould say right now, so, because
he is used by 48,000organizations globally for

(17:03):
GitHub actions.
I know it's almost everydeveloper, right?
Almost Not everyone.
Then we have another tool here,a very simple tool.
Now, when we move from CI CD,we now start thinking about
infrastructure as code, right,or rather, it's thinking about
the infrastructure.
Where do we want to deploy ourwork?

(17:24):
Where do we want to like?
Where is our prod environment?
Most of us use infra as aservice.
Yes, right, and maybe a smallnumber using pass.
I don't know if everyone usesthat, but yes is the most used,
not unless you know you want tofocus a lot on the business

(17:47):
logic and leave the managementor the configuration of your
infra to the organizations,right, yeah, so when you want to
achieve that infrastructure ascode, we have a tool here called
Ansible.
It's a very nice tool to use,called Ansible.

(18:09):
It's a very nice tool to use.
Ansible, used by around 20,000organizations globally.
Alternative for that, we haveTerraform right, we have Pulumi.
Those are the best ones.
Why am I saying the best ones?
You know we have something likeCloudFormation, but it's one of
the best.
Why?
Because when you're thinking asa DevOps engineer, you're
supposed to think aboutmulti-cloud, not just focusing

(18:32):
on one cloud provider.
Right, when you talk aboutCloudFormation, you just talk
about AWS, but when you talkabout Ansible, terraform, pulumi
, you talk about multi-cloud.
Right Now, remember I've saidAnsible has IAC, that in
infrastructure S code, right.
But remember, we also useAnsible in another format or for

(18:56):
another use case.
That is, configurationmanagement, right.
So for that configurationmanagement, we can either use
Ansible, chef or Puppet, right,just depending on what you want
to use.
The reason I say it here isbecause, like, okay, when we
build Docker images, we tend torun them on Linux-based

(19:18):
environment, right?
Linux, by default, is based inPython.
Ansible is based in Python, sothe best tool to Python, ansible
is based in Python, so the besttool to use Ansible.
Then, on cloud, also, thinkabout most people I know are
using AWS, others GCP, I don'tknow Azure.

(19:39):
How many are using Azure?
Yeah, so most of us are eitherin GCP or AWS, which, again,
before you now go into this, youhave to ask yourself do I need
to hire two groups of people?
Do I need to hire a DevOpsengineer and a cloud engineer,

(20:01):
or do I need to hire a DevOpsengineer who has cloud
engineering skillsets?
Definitely, by defining yourgoals, you'll know what to use.
Again, in terms of access toour infrastructure that you have
in cloud, think about somethinglike SSH.
I know this one is not new toyou guys, right?

(20:22):
Ssh, ssh I know this one is notnew to you guys, right?
Ssh Straightforward right?
You don't have to say this,it's straightforward.
And yeah, because this was notmeant for developers, it was

(20:47):
meant for CTOs.
In fact, he processed how, by a, yeah, could build an image
high queen, of a.
If I think about right now, theright tools.
Definitely have not listed allthe tools here to use, like I
want us to go into another smallsection here to isolate every

(21:09):
other part of DevOps and knowwhat you need when getting the
right people.
Now, when you talk about DevOps,you talk about Linux.
So someone is supposed to behaving Linux skill set, right.
Then the next thing when youtalk about cloud, you talk a lot
about networking.

(21:29):
So VPC In AWS, they talk aboutcloud, route 53, right, there's
something like Route 53.
So talk about that thing.
Gateways, internet protocols,yeah, so networking, linux.
Then definitely you areconfiguring or managing cloud

(21:50):
environments.
So talk about cloud.
What cloud environment or whatcloud provider do you want your
DevOps engineer to have?
Do you want him or her to haveall of them or just one?
Then talk about configurationmanagement tools.
Which one do you want to use?
Do you want to use Ansible Chefor Puppet For infrastructure as

(22:14):
code?
Do you want to use Terraform ordo you want to use Pulumi?
Pulumi is, they say, it'slanguage antagonistic, something
of that sort.
You can do Pulumi with anylanguage Python, c, sharp, Java,
golang.
That is Pulumi.
So which tool in that categorydo you want your DevOps engineer

(22:36):
to be having?
Then, from configurationmanagement, you talk about now
the CICD, which platform orwhich skill set or which tool
you want to be having?
Circleci, let's remove Git inthat category CircleCI, travisci
, jenkins, gitlabci For thosewho are using GitLab definitely

(22:57):
GitLabCI.
Circleci is configurable with,or integratable with, github.
How about Bamboo?
How about TeamCity?
See, then you start.
Now, those were the tools forensuring build of your product.
Now, how about when you want torun your product, tunai Lewa,

(23:19):
when you run your product, youbuild, you ship and you run, run
.
Run definitely means now wherethese guys reside, the infra,
the time when your applicationis in operation, that is, we are
not talking about monitoringthat bit.
So we know, like it to likeGrafana, prometheus, if maybe

(23:43):
you are dealing with time seriesdata, you need to talk about
the TIC stack, that is,telegraph, infraxdb, chronograph
and capacitor.
You need to talk about thosethings.
Then maybe you want to be.
You have a lot of search inyour application.

(24:05):
Now you talk about the ELK,elasticsearch, kibana and
Logstash.
Those are the things you needto be talking about now.
Something else a very nice toolfor monitoring Prometheus.
Right, talk about Prometheus.
Prometheus and Grafana go handin hand, right?
Yeah, so those are the thingsyou need to talk about or to

(24:28):
think in that line, butdefinitely comes handy when you
are defining your goals.
To what extent do you want yourDevOps engineer to go, or to
what scope is it encapsulated?
Okay, yeah, so in that category.

(24:49):
Then again, you talk about aprogramming language.
We said ensure that your dev,your devops engineer, is a
developer.
If you have developers and youjust want him or her to be a dev
engineer, you might maybe lookinto the scripting aspect of it,
right?
Ruby, go and Python forscripting purposes.

(25:09):
Yeah, so that's one programminglanguage, to at least have one
programming language.
What else have I left?
Okay, and definitely I thinkthat's it not, unless we have

(25:30):
questions in that bit.
Definitely I didn't exhausteverything.
Maybe you can tell me somethingthat I didn't say, or maybe you
expected to hear aboutsomething that I didn't say.
We will say what we will say.

Speaker 9 (25:59):
In the flow that you have in, I think, the first or
second slide.
You have measured there.
I'm not sure whether I've seenanything in terms of tools that
are on measurement measurementof the whole DevOps process.

Speaker 2 (26:20):
In that the KPIs.
Those are the KPIs, notnecessarily having the tools
that measure that you had yourobjectives right Now.
One of the KPIs is the meantime to recovery when you have
an error, like how long did ittake to recover from a fail?

(26:40):
So that is one of themeasurements, not a tool for
measuring, okay.
Then another one is thefrequency of your deployments
how often do you deploy, howoften do you deliver your latest
builds?
I answered not a tool formeasuring, but those aspects,

(27:02):
the the KPIs, key performanceindicators.

Speaker 7 (27:07):
Okay, yeah, another question so I was just wondering
from the measure part have youheard of people using time

(27:31):
series models on that like MLmodels?

Speaker 2 (27:38):
People using ML models.
Time series DB yeah, okay.
Or time series stuff.
Time series DB yeah Okay.
All time series data yeah, wedo, because we are IoT-based
company, so we deal with a lotof data and we have a time

(27:59):
series data because you know,when you're talking about fleet
management, when you're talkingabout the sensors in the iot
cards, all based with time, allbased on time yeah, so in terms
of that, you have tsdb, that is,the time series database
specifically for that tsdb,leave alone the interest, the
influx db for that yeah.

(28:21):
So what's the question?

Speaker 9 (28:22):
If you're using it to do the or stop waiting for all
the progress.

Speaker 2 (28:32):
I see that bit.
You are saying like anomalydetection, okay, so if, okay,
that is not DevOps stuff, yeah,we are doing that for anomaly
detection.
I'll give an instance.
Okay, I said I work at Accred.
We work on EV, that is,electric vehicles, and when you

(28:53):
talk about EV, you talk aboutthe ECUs, that is, electronic
controller units, right, and themotor controller unit.
Now, in the ECU, you expect alot of fails to happen, or maybe
minimal fails to happen, basedon conditions, maybe, like, for
instance, it's raining, youexpect if that ECU gets in touch

(29:14):
with water, some issues mighthappen, or not just instant, but
you expect something to happenbecause of the performance.
It's not normal as it is alwaysright.
Yeah, so to do that?
You definitely know.
You say the ML models forpredictions, definite
predictions, but that is datascience, not DevOps, really.

Speaker 3 (29:47):
Hello.
Yeah, I would say it can beextended to cover DevOps,
because I know his name is Ben.
He's our data engineer and he'sbeen helping us in working in
that area.
Basically, we want to focusmore on the males, so basically

(30:11):
we can predictively anticipateerrors, like all such issues
here.

Speaker 2 (30:25):
OK, has he Exactly?
Yeah, because I think the onlything mostly he'll do in that
bit, you, as a data scientist,you will have that model.
You will build that model forpredicting right based on some
history or maybe based on whatyou anticipate right, but his

(30:48):
work mostly will be deployingthat model or monitoring if that
model is working as he expectedor defined right.
In that line though Not thatI'm answering the question fully
, but in that line, right.
Yeah.
So another question from backthere.
Kevo, you had a lot ofquestions.

(31:09):
Okay, another question.

Speaker 10 (31:31):
It's a long story, okay, okay.
So I'm good, let me, but I wasaddressing it to you, so let me,
but I was addressing it to you.

(31:52):
So come sit here and I come sithere.
What the difference like?
How would you, what would yourecommend?
We have two applications.
This application, you're theone developing it, then you host

(32:14):
it to your customers, but thisother one, you develop you ship
to be hosted to the customerside.
So, in terms of, I believe youare experienced with the devops
industry.
So, in terms of tool selection,team selection, can you just

(32:39):
take a brief to describe how youwill differentiate the tool
selection and team selection forthe two applications?

Speaker 2 (32:51):
Now you are saying, in a scenario you have two
applications.
One application, say, you aresaying it's for the client side,
you want it to be hosted by.
Okay, In the client side.

(33:16):
What do you mean by that?
You develop your application.

Speaker 10 (33:19):
Then you tell the client these are the specs I
want for you to have in yourservers.
Then you tell the client theseare the specs I want for you to
have in your servers.
Then you host it there.
Yeah, that's the difference.

Speaker 2 (33:32):
Understood, edu.
What's your question Now,according to what I've
understood?
Before I answer, this is astory that I've heard before.
Right Now, you said twoapplications One you can host on
your end, then the other oneyou wanted to be hosted on the
client side.
When I mean by that, you meanthey have their own servers and

(33:54):
by that quote-unquote on-premiseserver.

Speaker 5 (33:57):
Right, yeah, but okay , before I answer, I think we
are moving to cloud what ishappening on, okay, there's some
organization that don't do oncloud because of security and
they prefer hosting there, andthey have the capacity.
A government, and you'retalking about government all

(34:22):
right that's a very nicequestion.

Speaker 2 (34:26):
To be honest, now you want the tool selection for the
two solutions, right?
In terms of team or in terms oftools?
Both, oh, thank you.
Now let me come back here.

(34:47):
Let's start with the first one,right?
This one is an in-house productthat you are building for maybe
your own company and you willship it on cloud, say on cloud,
or maybe, yes, let's say oncloud.
You understand that there arecompanies.
If you don't, you understandthat there are companies who
build, you don't you understandthat there are companies who
build products which, quote,unquote they dog food.

(35:09):
Understand that Dog food, likeyou build, and you are still the
person who will use thatproduct, right?
So, with that, definitely, youwant highly qualified people
because, if, okay, imagineyou're cooking food, so how do
you do it With passion?
Right?
So you also want to hiresomeone who can do that,

(35:32):
definitely, who understandscloud, not just understands, has
its.
You know noise, ins and outs ofcloud.
Because we all know, okay, wehave this meme, quote and quote
again.
We have this meme in a trendTwitter that why are you poor?
Did you gamble?
No, exactly, I left an EC2instance running.

(35:56):
So try and imagine you bringsomeone who does not know the
ins and outs of cloud Thensomewhere else, you know, maybe
he's doing trial and errorthings.
Then he starts or he creates anEC2 instance, then he just
leaves it there.
You can imagine the bill by theend of the month, right?

(36:19):
Yeah, so one you want to havesomeone who understands cloud,
because it's cloud we aretalking about cloud.
Leave alone even these toolsthat we have here, because I
think the tools, we can alwayslearn them, these tools.
But here, before you interactwith this bit, here, you must be

(36:42):
knowledgeable with it.
It's not just you know, it'snot even a matter of leaving
your EC2 instance running.
It's a matter of knowing whichis the best service to use.
You know, not all service ornot all applications you know
requires to be deployed on,maybe, ec2 instance.
Some requires to be deployed asLambda functions.
Maybe you need a serverlessservice, right?

(37:04):
So you also want someone whounderstands that.
Why do I need to deploy it onan EC2 instance?
Why do I want to use a server?
Why not a serverless?
See Again.
So those are the things.
Understand cloud.
That's for your team.
Also, for the tools, definitely, we have them here.
If someone is not using Docker,it's just deploying an

(37:26):
application in a bare server ora bare metal server.
You have to think or to rethink, why go in that approach.
And you know, when you useDocker you save a lot of
resources, cpu, and it alsogives you the leverage to deploy
a lot of applications in oneserver, right, and maybe in one

(37:48):
EC2 instance.
If you're using an EC2 instancebut I know the team here maybe
the AT team can tell us theydon't do EC2 instance when it
comes to deploying Dockerizedapplications.
So you have to think about mostused AWS here, right?
So we have the Fargate servicefor containers, right, think

(38:12):
about that.
So get someone who understandsFargate.
So talk about someone who willunderstand how to integrate all
these tools with the rightservice that you want to use Now
on-prem.
Definitely it's someone whounderstands the hardware, right,
the hardware.
You understand the hardware.

(38:34):
But remember how do we accessthe server In a remote, even if
it's an on-prem server, weaccess it using SSH, right,
because we have the IP address,so it using SSH, right, because
we have the IP address, so it'sSSH.
So definitely the tools he'llbe using tools that use SSH.
We have Ansible, so on and soforth.

(38:55):
And definitely, if you saygovernment, you'll know it's a
series.
Yeah, so not just that.
We said server networking, howto configure those servers.
Okay, we have server andmachines.
How to configure machines?
The server is the software,right?
The machine is the thingcarrying the server, right, I

(39:17):
hope I'm not wrong.
The machine carries the server,the server is the software.
Am I correct?
How about the machine?
No, no, no, no, no, thesoftware.

(39:37):
Yeah, we say we want to spin aLinux server.
Are we spinning a software orare we spinning hardware?
Okay, I'm not really wrong, butthe machine is the thing

(40:07):
holding the server, the server.
You talk about the software.
Just do research.
But that's the thing.
The server is the software, themachine.
Now, you have the specs of themachine, not the specs of the
server.

(40:46):
So I think we can agree to thisof the machine, not the specs of
the server as a whole, setup,including the operating system
in the actual machine.
Ok, I won't say no.
Yeah, so we are saying someonewho understands configuration of
that server.
Definitely, either, on-premmostly they use Windows Server
2012, linux servers yeah,definitely someone who will

(41:09):
understand Linux for those.
Maybe for the state, for thefirst time you are using Linux.
Okay, maybe you've used Linuxfor the last five years.
How many times have that machinecrashed?
Your laptop?
How many times have it crashed?
Several, right, what am I evendoing?

(41:32):
Am I a Linux system admin?
Yeah, so another thing yourealize that initially, before
we had the DevOps engineers, theSREs, the platform engineers we
were talking about the systemadmins, right?
So for on-prem, you wantsomeones the platform engineers
we were talking about the systemadmins right?
So for on-prem, you wantsomeone who is a system admin
and I think when branching intoDevOps, we have DevOps for

(41:55):
system admins.
So you might consider such aperson if you have on-prem
servers, right, are you unsigneda money semi-victim gaining?

Speaker 10 (42:07):
because I'm saying, to a great extent you've
answered, but especially on youknow whether you are clear on

(42:28):
team selection like, for example, they the in-house one, the one
you are deploying as a serviceto the customer.
You're the one hosting it.
I don't know now which thatthat one, when you compare to
the one that you are deployingon-prem to the client.

Speaker 2 (42:50):
Yeah, to differentiate, we said when I
was starting, DevOps engineerscan work remotely or on-site,
right?
Definitely, if you have on-premservers, would you still
consider using remote DevOpsengineers?
Not necessarily because, okay,we said for them, they must, if

(43:18):
not just a must, they should besystem admins.
Most system admins workson-site because it's on-prem,
not cloud, right, Just becauseyou want to fix it, because you
know the power, you know whatthe CPU does, right?
Yeah, on-site Maybe it's theonly difference.
But you see, the tools does notchange, Tooling does not change

(43:43):
because the mode of access SSHonly the mode of working remote
or on-site.

Speaker 10 (44:02):
Okay, thanks for that.
Now you are the owner of aproduct.
Maybe there are clients who areusing your product when it was
still legacy.
Maybe yourself now you areaggravating towards the
modernity, but maybe your clientis happy with a legacy version.

(44:26):
How, in terms of DevOps, itstarts with a culture.
Right Now, in terms ofinstilling this culture, you
don't want to lose this customeryet.
You want them to go the modernway.

Speaker 2 (44:49):
Yeah, again, a nice question.
If I may give an example, youknow of Atlassian products,
right?
Atlassian?
You can either opt to use cloudproducts or on-prem products.
So what does that mean?
Maybe we are giving it yourexample.

(45:10):
Some customers did not want tomove to cloud, they wanted the
legacy one which is on-prem,right?
So we still have that approachwhere you can use the on-prem
and there's those who can usecloud, just that, okay, maybe
another example You're a datascientist.
We have this tool calledSuperset, right, superset is a

(45:35):
tool for analyzing data or fordoing analytics.
You can either have it on cloudor you can do your own
deployments on-prem, your owncase how you want to use it.
So it's for you now, as adeveloper or the owner of the
product, to you want to maintainor to retain all your customers

(45:56):
?
Go with that approach.
Or, if we have a lot of ifs, doI want to have the two
approaches, cloud or on-premreasons?
Or maybe factors number onecost?
What is the cost of maintainingon-prem reasons?
Or maybe factors number onecost?
What is the cost of maintainingon-prem products?
Right, you know, you might behaving maybe two or three

(46:16):
customers who do not want tomigrate, but when you compare
the money they are bringing, allthe revenue they are generating
to your accounts, it's reallysmall compared to the ones who
will go to cloud Sacrifice Right.
I don't know if I answered yourquestion In automation what are

(46:50):
the key areas?

Speaker 10 (46:52):
in the DevOps environment.

Speaker 3 (46:57):
Do we?

Speaker 2 (47:00):
apply automation.
Automation, edu, are you ready?
We're answering him now.
Automation.
Before I answer that, there arethree, isn't it the three
virtues of a programmer?
Anyone in computing, I bet Itend to think they are
programmers, right?
Virtue number one we say it'sinteractive.

(47:21):
Virtue number one it's there,the three virtues of a
programmer, programmers in thehouse.
Virtue number one laziness.
Right, you said you're not aprogrammer, right, yeah.
Now number one is laziness.
Right, let's tackle laziness.

(47:43):
Laziness is like you're justtired of doing everything again
and again, like when you washyour lap, the first thing you do
is update, upgrade, installsomething, activate virtual
environments, running servers,ensuring that all the services
are now running, you see?
So how do you do that?
How do you ensure that you arelazy as a programmer?

(48:04):
You automate that.
So anything which is repetitiveor recurrent, you automate One
thing to consider the next thingor the next virtue.
Virtue number two is impatient,right, impatient.
So you hate waiting.
Do you understand what I meanby that?

(48:26):
Like, imagine you have a taskwhich is taking almost three
minutes.
Think when you switch on yourlaptop, then you take two
minutes, two minutes before work.
How does it feel?
And then maybe you have oneminute to join a meeting, you
take two minutes.
You see that.
Now think of a test that yourun.

(48:48):
Then it takes a lot of time.
You grow impatient, right?
So what do you do to beimpatient?
What do you automate?
Now, definitely, if you areimpatient with waiting CTO, you

(49:08):
want to tell us Now.
You said Optimizing, but now,before you optimize, as a

(49:28):
software engineer, you measure,you measure.
Yes, right, yeah, so before youoptimize, you measure.
Then the last virtue, the lastvirtue is hubris.
Then you build a software youare very proud of.

(49:50):
The third one is hubris.
Do you know what hubris is?
The one with the rings?
You build a software you arevery proud of because it's
solving their problems, hubris.
The reason I say the threevirtues is because number one it
answers your question why orwhat you will consider when
automating.
That's the first thing you lookat.
Number one when provisioningyour infra on cloud, you look at

(50:11):
.
Number one you look at whenprovisioning your infra on cloud
, when, maybe, using Playbook.
Playbook is a set of tasks thatyou do Like you install Linux,
sudo, apt, update, upgrade,install this, install that.
Now what if you can write ascript that will do all that in

(50:31):
one-off command?
Right, yeah, I hope I'veanswered.
Yeah, any other question?
Okay, polly.

Speaker 7 (50:49):
Could you consider a makefile part of the DevOps
thing?

Speaker 2 (50:58):
Yeah, he is asking would we consider makefile?
Right, when you talk aboutmakefile, you say like make PDF,
make this, make some Okay, Iknow that thing where you have
funny, something right, oryou're talking about the latex,
live latex, it applies the samething.

(51:19):
Make, right, yeah, so make file.
You are automating somethinglike, for example, you want to
have buildsh, that is forbuilding your Docker image and
pushing it to Docker Hub right,so you have make, yeah, one.
You have simplified thatprocess, all the repetitive
things of doing it.
Now, an alternative for okay, Iwant to show you how make is a

(51:42):
part of DevOps.
An alternative in Python isusing fabric, where you have fab
file, because fab file and makeright, they go hard in hand.
You have fabric and you havemake.
Even said the answer was a yesor no, in fact, right In terms

(52:14):
of, okay, the way I consider itas a DevOps tool, before I come
to that part where you now haveto install it.
Now, there was a time I asked Ihad a presentation at Atlassian,
atlassian and 80, right, yeah.
So I had a question.
You have a new joiner in yourcompany.
You are the DevOps engineer.
How long should that new joinertake to set up a project that

(52:37):
you have on your repository.
How long A week.
No, I think the maximum amountof time they're supposed to take
is 20 minutes to set up a newproject or that project which is

(52:58):
already existing on arepository is why you, as a
developer or a DevOps engineer,you have this.
You understand the aspectbehind the dev containers, the
remote dev containers in VS Code.
Know that?
The dev container?
Yeah, exactly.

(53:19):
So if you have a dev container,it means you and make file
right.
Yeah, because now you arecreating another virtualized
environment inside of VS Codethat will be doing all the works
in that project and make fileis the thing, or rather, the
make is the thing just to openup the conversation, I think you

(53:51):
could, yeah, so that we canmove the microphone so that
those who are following alongcan hear when the questions are
being asked.

Speaker 1 (54:00):
So just yeah, proceed .

Speaker 11 (54:02):
Thank you.

Speaker 1 (54:31):
But just before, apologies, I will just
disappoint you for five minutesor less.
Let us then.
The conversation is good andit's very engaging, so let's
keep up with that spirit.
Let's top up a bit of ourenergy, just so that we can
begin with this session andcontinue for a while after,

(54:52):
right, yeah?
So let's take five minutes,stretch a bit, internalize, take
down the notes and thequestions you want to hear more
of, and you can have snacks.
Hallelujah, yeah, that's theannouncement you've been waiting
for the whole time.
I got you so we can have snacks.

(55:15):
Then we come back and proceed.
Just five minutes, a quick fiveminutes.
Don't change the mic there's asilence

Speaker 3 (55:35):
on.

Speaker 1 (55:36):
Twitter screen and then you start on Twitter.

Speaker 2 (55:48):
I'm confused, hey, what happened.

Speaker 1 (55:56):
All right, so feel free, danny.
Thank you.

Speaker 3 (56:40):
One two, one two, One two, one two.
Testing one two.
Testing one two is.

Speaker 1 (58:10):
Thank you, okay.
Okay, I think that break wasneeded.
It seems you all were suffering.
You didn't want to say a kidogo.
It's hard to speak with noenergy, okay, but now you're
ready.
You're ready.
You have more questions and youwant to engage further?
Perfect, so that is it.
We will proceed with thesession.

(58:30):
So, if you have questionsaround, just a recap what we
have seen or covered so far,what has been presented, has
been on DevOps, how to structureyour team and best tools and
what to consider, such assetting goals, the measurables
that you should look at, theright tools, what to research on
and the like.
So that's where the discussionis centered around.

(58:51):
For that, we will have ourDevOps engineer, sre, site
reliability engineer.
I hear the word engineer ispretty important in this
conversation, so I will keep itthat way.
They'll be here to engagefurther.
So before we left, we had aquestion right over here.
That's where we'll pick up from.

Speaker 11 (59:12):
Hi guys.
So my question was a bitstraightforward.
I wanted to know if there's asignificant difference between
DevOps and MLOps, and MLOps yeah, and ML Ops yeah.

Speaker 3 (59:33):
Okay, maybe I can engage Ben on that, because,
again, he's our main ML engineerour data engineer.

Speaker 7 (59:45):
So when All right, thanks.
So from the two cents I knowabout DevOps and MLOps so it
kind of like merges.
So like you, I think the partof MLOps is more of that thing

(01:00:05):
called Kaizen, like forcontinuous improvement.
So for that, that's why I wassupposed to kind of put things
like automation in your workflow.
So now stuff like Docker comesin, stuff like Airflow comes in,

(01:00:25):
and I think where there matchlike DevOps and like ML, ops is
just the part for the automation.
So stuff to do with Docker andorchestration to do with stuff
like Airflow and those normalstuff like cron jobs yeah, I

(01:00:46):
hope that kinda clears the mistaround that.
I hope that kind of clears themist around that.

Speaker 2 (01:00:54):
Yeah, sure, and maybe to add the tooling yeah, the
tooling for ML or maybe data ingeneral, the tools are kind of
different from other tools, likeyou see for orchestration.
Like you see for orchestrationwhen you say orchestration in
front of a DevOps engineer, heor she will think of Kubernetes

(01:01:18):
or Docker Compose, right?
When you talk of orchestrationin front of a data engineer, he
or she will start thinking aboutorchestrating those pipelines,
the ETR, the ELT, so you talkabout Apache, airflow.
To talk about superset, youtalk about perfect, right?
Yeah, so that kind of stuff.

Speaker 5 (01:01:59):
Okay, so even the certain things is from the
management side.
So you've been technical andtalking about the tools, but for
there's a statement you startedwith knowing the why.
So most people miss or do nothave a clear goal of why they
are doing DevOps.
So there's quite a lot ofengagement with DevOps engineers

(01:02:24):
.
There's a lot of talk aboutDevOps.
Actually, the tools are quiteknown.
However, the benefit drivenfrom this particular collection
of tools and people is not quiteclear and the reason why I feel

(01:02:45):
like the why is quite animportant part and, as you
mentioned it, why it will alsoanswer to the aspect of what he
has asked about MLOps and, Ithink, from a management
perspective, how we see becauseour main question is usually the

(01:03:07):
why the technical stuff that wecan get, but we want to usually
the why the technical stuffthat we can get, but we want to
know the why.
So the KPIs do not matter whatis in here.
At least, once we know the why,we can measure the KPIs based
on the team that we have, andthe team will now come with the
tools how, as you said, gettingsomeone who is qualified to get

(01:03:28):
the right tools for the problemsthat we have or the solutions
that we have.
So the why I feel like inDevOps there's a talk, there's a
lot of talk about the toolsknowing, and I've been in
interviews and people reallyknow the tools, people really
know what they are for.
However, when you get now to asituation okay and this is also

(01:03:53):
the dilemma with engineers youcome out of campus knowing
computer science, but then youget to the world and you don't
know where to apply it andwhat's the end product.
So I think the best way toonboard DevOps and also goes
back to what John was asking isthe why.

(01:04:17):
As you see, in most officesthere are some who have they're
building their own products toserve their own market niche
okay and those who are justbuilders of new solutions.
You can be someone who is afreelancer.
You're building differentapplications for different

(01:04:40):
clients.
How does that person entrenchDevOps With an aspect of ML in
it?
Also, it will define someonewho actually just is a company
working on one application, aswe were mentioning earlier, and
then this application endsdevelopment On the client side.

(01:05:01):
It's a whole new ballgame.
You cannot access their servers.
All you do is you're told buildus the image, ship it to us Up
to that point.
Okay, sometimes it will be abear.
You'll just push the file, thedeployment file, and send it to
them.
They won't even build a certainimage.
All you need to do is build thefile.

(01:05:21):
So I think if I'm to contributeto the conversation today, I'll
say the why is quite importantbecause you find it carries
everything.
It carries everything.
If you don't know the why, thenDevOps loses meaning.
You can have DevOps in acompany, but as long as you

(01:05:43):
don't know where it's going.
Those tools are quite a lot, themention of those.
When you talk to someone theyknow.
So you bring them on board.
Then they realize, oh, no, okay, okay, where do I plug it in?
So it's like you for anengineer who is building an

(01:06:06):
engine.
You may give them one screw,okay, and it's a specific size.
So they know that screw, theyknow how to screw, they know how
that this goes into a certainhole and I am supposed to turn
it clockwise or anticlockwise,to open or close it.
However, if they don't knowwhat we are building number one,

(01:06:29):
it's an engine.
Number two, the place it'ssupposed to actually fit then it
loses meaning.
And that's what I've.
That's why I was interested inthis.
I wanted to know how are peopleusing DevOps in different
situations?
Okay, not that's the tool.
The tools are known, the toolsare there, but what is the

(01:06:50):
reason why people are using?
Yes, you've talked aboutautomation and, um, there's a
part that I'm missing.
So there is what we calltesting at the end testing, and
it's also a major part.
So you've automated yourdeployment process.
However, is it serving the enduser so I can deploy something

(01:07:17):
wrong?
But is there a place where youare identifying in your
automation?
Identifying is what I'vedeployed to my client the right
thing?
Is it even working?
Many times, as a developer, Ibuild something.
It is worked.
I've not even found a failureas I was building my WA file,

(01:07:41):
but then you go and click thatbutton and you realize, oh okay,
two hours gone, I have donenothing, so you need to go back
and actually do that.
So where does that come in?
Where now, most people havesaid they are quality assurance,
which now leans more to theDevOps, but I like how you've
mentioned it.
Developers actually need toknow.

(01:08:02):
Devops Mostly has been pushedto the QA, but I would like to
know how QA, which now dealswith the actual thing, have you
deployed the right thing, how itmarries into dev, because after
I've automated my deploymentprocess I need to confirm is it
the right thing?
Then I can now offer a solutionand I can now measure that my

(01:08:24):
DevOps is something I can workwith.
One of our core values at Sstecis delighting our customers.
So even if I've reduced thetime but the product is not
working, the client doesn't wantto know it's not working.
So how do we measure that inDevOps?

Speaker 2 (01:08:46):
All right, if I may start, then Edu will do the rest
of the part.
Let's handle the testing partright.
We have the CircleCI, or ratherthe CI platform that we are
using.
So for that part, it'sautomated building, automated

(01:09:06):
testing and automated deployment.
Now let's talk about testing,because the key thing here is
testing.
Now, in terms of testing, as adeveloper, you do a lot of
testing.
Number one you do the unittesting, right?
Then, if really okay for unittesting, it covers the code

(01:09:29):
coverage you want to account forany line of code you've written
.
You implemented a button.
Is it really working in termsof that code?
But when you go and click thatbutton, is it really working?
So what do we call that otherpart of testing, which is now
the usability testing?
It's called user acceptancetesting.

(01:09:49):
So before you give that productto the user or to their client,
you do the acceptance testing.
So with that, you ensure that,okay, you build, you ship, you
run that part where you've builtand you've deployed your
application.
The next thing you're supposedto do is to test and the final
part is to validate and for youto test and the final part is to

(01:10:10):
validate and for you tovalidate.
This testing here is not unittesting, it's not those
automated tests, it's theacceptance testing and that is
the one which is testing theusability of the product you
built.
So that goes back to thedeveloper, not necessarily the
DevOps engineer yeah, the DevOpsengineer.

Speaker 5 (01:10:32):
Yeah, so what is the role of regression testing and
the tools that go intoregression testing in terms of
correctness of what we areactually deploying, and is it
part of DevOps and is it part ofDevOps?

(01:10:59):
So in my listenings and thecorridors with them, they talk
about something called Selenium.
Yeah, that one was Achillean.
Achillean and tools like thoseright Are they part of DevOps?
Yeah, killian Killian and toolslike those right Are they part
of DevOps?
And are they part of the toolsthat we need to consider?

(01:11:21):
At the end of the tail end, mydeployment is okay, okay, but
then because my understanding ofDevOps is development and
operations and my operationspart really touches on the
client and I need to ensure thatthat is delivered- Okay, now
still, this is my part.

Speaker 2 (01:11:38):
I do it Now in DevOps part.
We have the CI CD, right, ci,continuous integration.
Okay, when you talk aboutcontinuous integration, you are
testing that if I've reallyintegrated this code from the
previous version that we had, isit really compatible, is it
working as it was workinginitially?

(01:12:00):
That is continuous integrationand we are doing that testing
using the likes of Selenium andothers to test that.
Remember, I've said for userquote, unquote, user acceptance
tests, that remains independent.
Okay, I hope I'm making myselfmaybe clear, but I want Edu to

(01:12:25):
add on it.

Speaker 3 (01:12:30):
So it's something like I can talk, like how I can
say what we do here.
Currently there is this modelwe call test-driven development,
whereby when the developer isworking on their code, so what
they do is write test cases testcases which the code must pass
before it gets to the deploymentphase.

(01:12:50):
So that's it's not DevOps perse, but again, when those test
cases are run, it becomes partof DevOps for our case.
So for any bit, for any codewhich is written, it has to go
through.
The test cases has to bewritten.
First.
Emails need to be validated.
You need to write a test casewith valid emails, invalid

(01:13:13):
emails, by the time it gets totesting.
When you are running the testcases, all the tests need to
pass before you proceed.

Speaker 2 (01:13:28):
Yeah, before you ask, I want to add on that TDD.
We all know that TDD are calledquote-unquote failing tests
Initially.
They must fail when weimplement what you said.
It's the time it passes, right,yeah?

Speaker 4 (01:13:50):
Just to add on what you said whoever writes the test
case is not the one to do thetesting.

Speaker 7 (01:13:57):
Yeah, yeah.

Speaker 3 (01:14:00):
Because for those cases, whoever writes the test
case also writes the code.
Then it's going to be got bythe code reviews, like I usually
do, the code reviews.

Speaker 4 (01:14:16):
Whoever is writing the code is not the one to write
the test case.
That's what I'm saying.
Test cases are writtenseparately and then handed over
to the dev for them to actuallywrite the algorithm, and all so
that now they can test.

Speaker 2 (01:14:32):
But in the instance where you are the one building,
shipping and running.

Speaker 3 (01:14:40):
Yeah, but again like in an ideal situation?
Yeah, you shouldn't, likewhoever is writing the test In
an actual software engineeringand development lifecycle.
That should be done by oneperson.
Test us Okay.

Speaker 13 (01:14:57):
He actually has built on what I wanted to ask
From the approach you've taken.
It's almost like the operatorsilos, like DevOps ends here,
development ends here, devopshere, qa here.
But my experience has beensometimes it's hard to
differentiate.
So if we are to take thedistinct or specialist route,

(01:15:21):
tell us how that would look likeand if you are to take the
model, the sheep, what you have,told us how that looks as well,
can we?
Just so that we see clearlywhat the difference is.

Speaker 5 (01:15:36):
Okay, just an addition, because sometimes
getting the silos is expensiveand we want to also know but we
would like to know in the siloswho are these individual people?

Speaker 2 (01:15:50):
Okay, if you look into the very many reasons as to
why we have DevOps, one was toeliminate that thing of working
in silos.
It was to bring aboutcollaboration and to enhance
communication.
So when you talk about silosnow, you kill the essence of
DevOps.
Yeah, so I don't even thinkthere is a reason to answer that

(01:16:13):
.

Speaker 5 (01:16:13):
No, no who is.

Speaker 13 (01:16:14):
No, no, the one who said QA or test, sorry, the
other one was actually said Iwas with you until you said now
that's no, that's not DevOpsanymore.
So I was like eh, there'sanother part that's not DevOps.

Speaker 5 (01:16:32):
So the clarity of where does DevOps end.
Then there's the testing andthen also there's a developer on
this other end who gives youwho's writing the code and
everything.
So can the players in that faceare they separable.

Speaker 2 (01:16:47):
Okay.

Speaker 10 (01:16:50):
Kindly, I think, my colleagues, I think they just
want to know.
They're not really saying silosas per se, but at the end of
the day, everyone has their rolein an organization, right?
So what they really are askingis these are DevOps, here's his

(01:17:13):
role.
Then here's the QA here's theirrole, here's the developer,
this is his role.
Thank you.

Speaker 9 (01:17:27):
I just wanted to sort of disagree with Dennis.
I think in TDD the developerhas to write the tests in the
code before they write theactual code.
The functionality that they aretrying to implement and the way

(01:17:51):
to eliminate bias is not forsomeone else to write the code,
but more it should be eliminatedduring code reviews, where
someone else actually looks atwhat they've written and tries
to verify whether the testscover everything that was meant
to be covered, whether there isthat kind of bias or anything,
before they can merge the codeinto the main repository.

Speaker 4 (01:18:12):
The reason as to why I said that is because the most
illiterate person is the onewho's going to make your system
fail.
The most illiterate person isthe one who's going to make your
system fail.
Trust you me Talking fromexperience.

Speaker 9 (01:18:27):
Yeah, though I think that is already flawed in
essence, I would say, because ifthere is no way for the code
review to catch some of thoseissues, then the code review
itself needs to be reviewed.

Speaker 14 (01:18:45):
So I feel there's some truth to both statements
and such issues tend to be veryopinionated.
But ideally, yes, it should belike that.
Ideally there should be someonefor QA, ideally, the test
should be done separately toeliminate bias.

(01:19:06):
But unfortunately we're not inan ideal world.
So we try and mitigate the bias.
So, just from defining your APIschema, you can know what kind
of tests they can come, thatwill come, and throughout your
process and your pipeline, youcan slowly by slowly, reduce

(01:19:33):
that failure rate more and moreso.
But the test is one Code review, second by the time it reaches
DevOps.
Basically, it's just aniteration on top of the other
because you're working with whatyou have at the moment.
I definitely agree with both ofyou.

(01:19:53):
Yours is the Bible truth, butunfortunately we're in the 21st
century.
So, yeah, so it's just aboutmitigating that bias.
And even if here's the crazything even if you had someone do

(01:20:14):
the test case separately, youcannot eliminate bias 100%.
I think you can see this,especially when you do a focus
group where let's say, forexample see this, especially
when you do a focus group where,let's say, for example, you had
your team, your product team,which did, let's say, ux, you

(01:20:36):
had your developers there.
Everyone did their job, butwhen it came to the client,
everything was mother godania.
So it's about bringing it to aminimum, but eliminating it
completely might not be possible.

Speaker 2 (01:20:59):
We've not even answered your previous questions
.

Speaker 1 (01:21:01):
Exactly, so is the testing matter.
You want to answer on thetesting matter or the silos, or
we're done with that.

Speaker 2 (01:21:11):
It was one thing I thought.

Speaker 1 (01:21:15):
Okay, you can contribute.

Speaker 2 (01:21:17):
Your question was where does DevOps start and end?
Now we said, as you've heard mybrother here saying, someone is
writing code and writing testsas a developer.
You test them locally right nowon a cicd platform where now

(01:21:38):
the devops engineer hasimplemented the workflow for
doing that is where he, he orshe runs the tests, not
necessarily running writing thetests, so the test has been
written by a developer, butrunning or executing those tests
to ensure that the integrationis perfect is the work of a
DevOps engineer.
Now remember Ben?

(01:22:00):
Ben asked a question how aboutmakefile?
Does it contribute to DevOps?
Right, I think I have indicatedto him yes and showed him how
it works.
Now, when you think about thatmakefile, it's in your code
repository, written by a DevOpsengineer contributing to your
code.
But, as you've seen it, do youthink I was really interacting

(01:22:22):
with the code?
Or just some few commands.
Just some few commands, right?
Not necessarily the ins andouts of that code.
So the tests you, as a developer, you are writing.
My work as a DevOps engineer isto run those tests and to
ensure that they're like, say,you have the threshold for your
coverage.
You say maybe 90 or 100, thethreshold is met.

(01:22:44):
So by me running those tests,not writing the tests, okay,
yeah, so when you, okay, wewanted to eliminate that silos
in development, so we integratedDevOps.
Now, when we have make okay, anexample of make in his
workflows.
So what have I done?

(01:23:05):
I've gotten into hisdevelopment work and created my
workflows inside his work, notnecessarily working with his
code, or rather adding lines ofcode to his files.
Get my point.
So if my work is to test, it'sto test, not to write the test,

(01:23:25):
but to test.
That's my work, then the otherwork is maybe to now automate
that testing.
Answered um.

Speaker 5 (01:23:43):
So to build up on the conversation about testing and
weight ends, okay.
So to build upon theconversation about testing and
where it ends, I look at it froma business perspective.
I'll look at where the idea iscoming from or the error is

(01:24:03):
coming from and who has realizedit.
Remember, for us to be able towrite a test, you must be
understanding the logic, the endgoal of it.
So just to marry the two ideasthat came from the gentleman, is
that the person who knows theidea, who knows the expected

(01:24:27):
result.
So I'll break it down as to howI'll reason it.
Number one I'll look is it anew feature and who understands
the new feature?
If it's a discussed feature,like in my team, I have QAs, I
have developers and I havedevops and engineers.
So if we discuss it as a teamand we understand, then I expect
the QAs to write the test.

(01:24:49):
Developers then will developbecause we understood it.
That is for a new feature.
We discussed it.
So everybody knows.
But now, when we're coming toput it to paper, I expect the
quality assurance.
Who will now come and test itto ensure that it's the right
thing that the developers havemade?
But now it can come in as a newfeature that the developer

(01:25:10):
themselves made.
But now it can come in as a newfeature that the developer
themselves has come up with.
Probably it's automation, aninnovation that they want to
bring into the code.
So, yes, the developer canwrite a test unit, a test case,
and pass it to the qualityassurance and explain the logic
behind it.
You have to understand.
For you to know that the testis failing or passing, you have

(01:25:31):
to understand the end goal.
Okay, so in that case then adeveloper can write, because
you're bringing an innovation,not everybody might understand
it, but as you explain it, youwill write the test.
So in my case, I'll still usethe tell the developer to work
with the quality assurance sothat they build the test case
together, because my qualityassurance team have the

(01:25:57):
standards of writing a test caseso that it is measurable.
But the developer willeventually have to just come up
with a sketch of a test case forthat innovation.
The third part is the clients.
A client complaint or a clientfeedback who does it reach to,
are the first thing, because ifa developer writes a test case
and has not interacted with theend user, then I'll have

(01:26:18):
problems Because they don't knowwhat the end user wants.
But my quality assurance or mycustomer success team are
sitting between who I get and myend users and my developers
behind the scenes okay, and myDevOps engineer behind the
scenes.
So I'll expect my qualityassurance based on the
interactions between them andthe user.

(01:26:40):
They come up with the testsokay, because it is until you
understand the end goal so youwant to achieve achieve sending
of birthday emails.
So the test case is ensuringthat everybody's birthday.
Once it gets there, there's ascheduler that automatically
sends.
All that will be.
The QA will understand and itis the work of the QA to

(01:27:03):
transmit the test case to thedeveloper.
Developer writes whateverthey're supposed to write and
pushes it back.
And after the DevOps.
Now, when you see the UAT, it'sa question I wanted to ask is it
automated?
Because the UAT is on theclient side, but on our end, how
do we then ensure that there'sregression testing, but of a new

(01:27:24):
feature?
I think there will be manualtesting, which is also part of
regression, however.
So when the developer sends itback, it's the QA, now who
understands the end goal of theuser, who tests For a new
feature.
After the developer has doneeverything.
They will sit down with the QAand actually do the writing For

(01:27:44):
something we've discussedin-house.
Then the quality assurance teambear the responsibility of
actually ensuring the end goalis met.
So, when I look at, when I'manswering, the question of who
has to write the test cases iswho understands the end goal
better?
Okay, depending on where we are.
Okay, I think, on theseparation, I think the people

(01:28:06):
who work with the end user, sothey'll get the feedback.
So that's a quality assurance.
Who will do the testing?
Then we have the work of theDevOps engineer and the
developer.
How they marry into each otheris then a kogmaya.
Where does it end?

(01:28:27):
So that?
And the quality assurance arethey the DevOps?
Are they in charge?
The quality assurance?
Are they the DevOps?
Are they in charge of thedevelopment and the DevOps
process?
Then how then do they marryIn-house?
How does it marry?

Speaker 11 (01:28:39):
So I hope your story .

Speaker 1 (01:28:48):
An addition before you respond Anyone else with
additions.

Speaker 11 (01:28:56):
So I think we've talked about automation before
talking about the factors weneed to consider before we
automate, because I don't thinkwe need to automate something
that can be tested once or thatfunctional testing can do that.
Yeah, please can you pardon.

(01:29:19):
I'm saying we've jumped intoautomation without considering
the factors that we need tomaybe consider first before we
automate.
We just can't automate all thefeatures.
Say, it's something that can betested once and that is it
Maybe to answer that, sorry.

Speaker 2 (01:29:41):
In a nutshell, though , this is software development.
It's a life cycle, it'scontinuous, it's iterative, so
you can never test once, or am Iwrong?
You can never test once?
Say it's continuous,iteratively, so you can never
test once, or am I wrong?
Can never test?

Speaker 11 (01:29:52):
once say it's.
Uh, it's a feature that's notdon't need.
Uh, maybe it doesn't changelike say you will only do say
test once and when that is doneit's, and when that is done it's
.

Speaker 9 (01:30:09):
Really I think for that one, like I also.

Speaker 3 (01:30:14):
For such a feature, like it becomes like a part of
the service, like which you areoffering, and for that one, like
you need to have like the testsomewhere.
So like I think, like you needto automate.

Speaker 11 (01:30:25):
Say also we also need to consider maybe the risk,
the risks that feature hasbecause you just can't automate.
Maybe you need to pick thefeatures that has a lot of
recent automate, like it has alot of importance.

Speaker 2 (01:30:48):
So maybe you'll match on that I wanted to say.

Speaker 9 (01:30:58):
even if it's a feature that doesn't change.
I think that's one of thereasons you have to have tests
for it as well, automated tests,so that even when you're
touching on another aspect ofanother part of the system that
might not, in your view, affectthis part just to make sure that
it has not affected it then theautomated tests need to be run

(01:31:21):
to just make sure that featurestill works as expected.
So that's why you would need toeven have automated tests, even
for those specific featuresthat don't change.

Speaker 2 (01:31:30):
Yeah, Also, maybe to add on, that when you use a tool
like Sarkozy I don't know ofothers, not rather Sarkozy, but
Ansible playbooks they arereferred to as idempotent.
This means that if this is thesame, these are the results you

(01:31:52):
got this time and you neverchanged anything they should be
the same result you get the nexttime you run that command, or
maybe you run that file again.
So even if you write tests andyou automate them, nothing will
change because it's idempotent.
Okay.

Speaker 4 (01:32:11):
Just once or not to answer his question.
Tests are automated to avoidhappy testing.
Most devs what they do is happytest, just cross the keyboard
and then just to advance on that.
So now people are moving to thenew model of the ML whereby you

(01:32:32):
do supervised and unsupervised.
So once you write your modelyou can train it.
So now it will run through thewhole system, whether you add a
small component to one module orsomething of the sort.

Speaker 8 (01:32:56):
All right Any additions on that question
before we move to another onePerfect of a topic on DevOps.
There's the emerging trend ofsecurity that is integrating

(01:33:16):
security into the whole DevOpsprocess.
So, for example, in ourinstance we call it DevSecOps.
So I would like maybe morediscussion into that and tools
for that process.

Speaker 3 (01:33:32):
yeah, Actually, I would say that currently it's
like security it's a function.
It becomes among the mainfeatures of a system.
Actually, it's something we candiscuss more on that.
Yeah, it becomes among the mainfeatures of our system.

Speaker 2 (01:33:53):
Actually it's something we can discuss more on
that.
Yeah, so maybe when you talk ofthat DevSecOps you talk about
now the security is shifting tothe left, right.
What do I mean by that?
Okay, before you ask thequestion, let me just build on
that.
Then you can ask Okay, please,so think here we are now

(01:34:14):
integrating developers andoperations into one to ensure
that all the processes arerunning from the very beginning
to the end, end to end.
Okay, now why not bring theaspect of security in here now
to run from the very beginningto the end?
Because when you put thesecurity at the from the very
beginning to the end, becausewhen you put the security at the
end, you are at risk.

(01:34:34):
Remember, when you are buildingyour applications, you have the
libraries that you are using.
Now the hackers nowadays aregoing to the next level.
Instead of now attackingdirectly your application, they
are attacking the library thatyou've used.
So think of that.
So if you have ensured that youimplemented security from the

(01:34:54):
very beginning, it means thatyou've covered that, that block
so actually, what you have saidis what I meant.

Speaker 8 (01:35:06):
Actually, what you have said is what I meant, sorry
, sorry.
So what you have said is what Imeant.
That is, integrating securityfrom the first step, that is,
the development building up todeployment.
For instance, in thedevelopment point we can for

(01:35:27):
instance something like staticanalysis and stuff like that.
That's what I meant.

Speaker 5 (01:35:39):
What he's trying to say is from your knowledge and
experience, can you guide on howin the DevOps, how can we
integrate, and are there toolsthat you can suggest?
Okay, that we can use in lineof that?
You know we have SonarQube andSonarLint OASU.

(01:36:02):
Oasu is a measure of the first10.
But, yes, some of the toolsthat you say I liked how you say
doc, doc, a hub, docker,composer, those are the best,
but then for different peoplecan offer different.

(01:36:23):
So how, what are the tools thatyou found in the industry that
can really aid in those whowould like to know that?

Speaker 2 (01:36:30):
Yeah, all right, now one before I answer, before you
roast me, I'm not a DevSecOpsengineer.
Okay, I'm a DevOps engineer,but I think I can handle it a
bit of it.
Now, just basically the way yousee it from.
Okay, if I may put it like this, when you are building or

(01:36:53):
writing your code, you have yourversion-controlled environment,
right, Like GitHub.
Let me talk about GitHub.
Have you seen this thing calledGitHub bots, saying the
security bot, this dependencyhas gone to this and that?
So what is that?
Dependency, vulnerabilitychecking, right?
Yeah, so it is scanning theversions that you're using for

(01:37:15):
your dependencies.
So that's one scanning yourdependencies, definitely, maybe
using the version-controlledenvironment you are using.
Others are like tools offeredby organizations like Aikido,
c-snek, right, those tools,remember, I said I'm not a

(01:37:36):
DevSecOps.
Maybe he can answer.

Speaker 3 (01:37:40):
I'm also not a very big, I haven't worked Okay, I'm
also not a DevSecOps.
But again, another thing we canadd that like is like the use
of secret management tools.
Let's say like something likeVOTE, so that, like, you don't
need to store, let's say likeyour secrets or your passwords,
like in the configuration files.

(01:38:01):
So other things like the imagescanning, like whenever, like,
an image is pushed to GCR orlike to your registry, it needs
to be scanned forvulnerabilities, at least like.
And then, adding to that, I'llalso say like using best
practices, let's say things likecode reviews.

(01:38:21):
Actually, I'll consider them aspart of security in such a way
because, again, you are able tocatch or eliminate bad code or
bad quality code.
So I would say like.
So, with proper implementationof DevOps, I think most of the
security will be captured atthat layer, but to add or to

(01:38:43):
kill it.

Speaker 2 (01:38:43):
remember there is DevOps and DevSecOps.
Please, two different topics.

Speaker 9 (01:38:59):
Ah noted noted.

Speaker 1 (01:39:01):
Oh so security Noted.
It's going into our bucket list.
Cto roundtable bucket list.
Security has been added.
Good point Anyone?

Speaker 12 (01:39:18):
I think just an addition to your question.
You can look into a tool calledSnyk.
It's S-Y-N-K.
I heard about it in a podcast.
It does security analysis ofcontainers libraries, so you can
get at least a bit of securitydetail about your application
from it.
Synk, snk yeah, synk.

Speaker 11 (01:39:44):
SNK.
Oh, snk, snk, you're using thattoo, Okay, sneak Also add.

Speaker 2 (01:39:57):
Aikido into that what you have said, aikido, aikido,
a-i-k-i-d-o.
Aikido For repository scanning.

Speaker 1 (01:40:11):
Aikido For repository scanning Aikido sneak.

Speaker 10 (01:40:40):
Okay, what I wanted to request was see, I know
everyone that has come here.
They came because maybe there'sa way they are implementing
some of the implementations andthey would like to get a bit of
inputs here and here to add onto whatever they are doing right
.
So, with that, I'll justrequest as a last thing, maybe

(01:41:04):
before we close you are a DevOpsengineer just take one project
that you ran with end to end,the shortest if possible, and
just walk us through technicallyokay, a project that involved

(01:41:31):
DevOps, end-to-end right Okay.

Speaker 2 (01:41:35):
So I have a very small one here.
You know why I'm saying that.

Speaker 13 (01:41:44):
Yeah, yeah.

Speaker 2 (01:41:45):
Today there is an event happening called Nairobi
Innovate right.
That is what I presented, so ifI present here, it will be here
.
But let's show it.
Yeah, so let's open it.

Speaker 13 (01:42:05):
Two presentations in a day.

Speaker 2 (01:42:08):
Thank you presentations end to end of the
day, yeah, so in this smallproject here, I'll talk about

(01:43:10):
this small thing, what I did toachieve maybe DevOps in it, All

(01:43:51):
right.
So we talked about Docker,right?
Sorry, sorry, sorry, sorry.
You know what I'm talking about.
Okay, so we've talked aboutDocker, circleci, docker,
compose and Ansible, right,those are the tools to so, if we

(01:44:15):
do something here, or maybe tohighlight what we have starting
from Docker.
So this is Docker very simple,simple thing.
But I would like to maybe showanother one.
Now we have.
This is Docker very simple,simple thing, but I would like
to maybe show another one.
Now we have.
This is simple, likestraightforward, right?

(01:44:36):
Then, okay, if you understandDocker, how to write a Docker
file and I said that this one islike a very basic thing you are
just deploying one container,or maybe two containers, maybe a

(01:44:57):
backend and a database, right.
But now, in a case where youhave a frontend, a backend and a
database, you also know thatmaybe you'll need other services
, like, say, the Redis server.
You'll need maybe RabbitMQ,right, when I realize I'll be
too right, yeah, so for that, itmeans that you'll need to have

(01:45:21):
a multi-stage Docker file, youunderstand?
Okay, let's see if we have ithere.
Okay, yeah, so something likethis, not into details, though.

(01:46:05):
Like we are saying, we havestage one and we have stage two.
Why would we want to have sucha thing?
Now, the first bit here is wherewe are now building.
We want to get the artifactsfor a JavaScript framework, say
Angular React.

(01:46:25):
Now here we are using Vuejs, sowe are building the artifacts
for Vuejs.
Then, on the next end, now youask yourself how do I want to
serve this application?
What web server will I be using?
Will I be using Nginx or maybeApache 2?
So, for me, I love Nginx.
So this bit here is when Iconfigure Nginx in my Docker

(01:46:49):
file and, as you can see, alsogetting the image from Docker
Hub and running all theconfigurations for Nginx.
Now you see, what we arenecessarily copying is the
nginxconf or the configurationfor Nginx.
Yeah, so something like this Ifyou've configured Nginx in your

(01:47:13):
applications, you know how ithappens, so it's just as basic
as this.
If you've configured NGINX inyour applications, you know how
it happens, so it's just asbasic as this.
I don't know what to mention.
Yeah, so we have thesemulti-builds or multi-stage
building of Docker images toensure that whatever you've
built is an image here frontedin a corner.
It's bundles and the reverseproxy server, right, yeah, so

(01:47:41):
that was not the case.
So we have a very basic Dockerfile here.
Then the next thing we talkedabout was Docker Compose.
As you can see again, it's justone service.
In fact, we don't even have adatabase.
This means that we are usingSQLite.

(01:48:02):
We have a very basic one hereTo that point.
That is Docker.
The next part, or the veryfirst part we are supposed to
talk about, is the infra how weprovision our infrastructure in
cloud.

(01:48:22):
So we have Ansible.
This one is, I would say it'svery complex.
It is supposed to be running onAWS, so as you can see from
here.
So we said Ansible uses tasksand inventory.
I said that, did I say that?

(01:48:43):
I said, okay, ansible usesplaybooks and inventory.
Inventory is the set of hoststo which we'll deploy our
application.
Now you can see the syntax forthis YAML file, just these three

(01:49:05):
hyphens up there For Ansible.
It must have those, or ratherthe YAML.
It's written.
That is how you differentiatebetween YAML and TOM.
So we have that In here.
Don't worry about this.
I'm either supposed to say allor other.
So we have that this bit here.

(01:49:29):
We said for security purposes,you are not supposed to push
your environmental variables toyour version environment from
here.
So you see, we have somevariable files here.
We have secrets and otherconfigurations, so I just called
them everything.
We have them here.

(01:49:50):
So, as you can see, they haveso many configurations here
which are very critical not tobe exposed Right down here again
for secrets.
So back here so you manage themusing this parameter here VALS

(01:50:11):
files.
Then, on the tasks, you see whatwe are doing.
We are creating a VPC.
So so, in short, whatever I'mdoing here or the application
that I deploy is not on a server, so I will not be using ec2
instance to do that.
I'll be deploying these onforget for service.

(01:50:31):
Okay, yeah, so this is the filehere.
Yeah, so, and, by the way, it'spublic in my repository.
You can get it and if you havea question, you can just ask

(01:50:52):
once.
So you've seen that to that end.
Yeah, so we all know it's veryexpensive to have an aws account
, so I don't have one as of nowbecause I do use google.
Now, the next thing that I wantus to look, we have that Now for

(01:51:15):
that playbook, this one here.
It will do all the work ofensuring that to where or the
place where we want to host ourapplication is already
provisioned with all thenecessary resources.
Like you've seen here, we havethe SIDA block for the, the ips,

(01:51:37):
the routing tables, all thoseconfigured, the vpc in aws.
You have the cedar block, youhave everything, all those
things in networking, right?
Yeah, so these are the thingsthat I'm doing.
Then, in this bit, you see, weare using ECR for our image
registry.
We are not using Docker Hub andagain, you know these things

(01:52:02):
KwaNya Muna Tumea AWS forauthentication, the key ID and
access key, Then other thingswhich contribute to versioning,
that is, tagging your image,then setting up the ECS clusters
and, as I said, in this we areusing Fargate.

(01:52:24):
Yeah, admission, now, if I may,we'll look at another one here.
Now, on this one, I want us tolook at Docker Compose here.

(01:52:49):
Sorry, ansible, ansible FargateFor hosting images, or rather
for deploying Docker images.

Speaker 3 (01:53:09):
Sorry, f-a-r-g-a-t-e, r-g-a-t-e, this one Fargate.

Speaker 2 (01:53:16):
Yeah, it's on AWS.

Speaker 3 (01:53:18):
You have this service ECS.
Basically it runs continuous,like it's where it runs
continuous without necessarilyrequiring a Polen.

Speaker 2 (01:53:28):
Ok, yeah, fagit.

Speaker 3 (01:53:31):
So the legacy is it's your money.

Speaker 2 (01:53:33):
Oh, we don't have workers.
Ok, okay, yeah, so I want us tolook at this Docker compose
file here, because it's notworking well, so maybe it
doesn't make sense.
So what do we have here?
We have a DB, a databasedefinition.
We are using Postgres and itsconfigurations.

(01:53:56):
This is a very badconfiguration, right?
Very bad.
Yeah, so it's a very bad one,because I'm supposed to either
be commenting this thing herebut presentation to this bit

(01:54:17):
here, right, or I'm not usingthis, using this bit here.
But now, what got to know couldhappen.
You reference them as variables, right, maybe quick, maybe env
in H2O2.
Right, that way?

(01:54:38):
Yeah, so that is for database.
Now, one thing you also need tounderstand when it comes to
Docker Compose or Docker, youhave this thing the volumes.
Now, that bit of security, youcan mostly manage it in Docker
Compose using networks, thiskind of a network in the Docker

(01:55:02):
Compose Internal only andinternet, right, using the
bridge.
Yeah, so the networks.
Then we have this bit herewhere we have the web and, as
you can see, so if I remove thisbit here because it's
unnecessary, I'm using an envfile.

(01:55:23):
So a env for that and thevolumes.
Then also, one thing you shouldnote is that if you want to
protect or to get that securitylayer in your application in
Docker, docker Compose, you'renot supposed to be using ports.
If you have networks, you cansee for many they are commented
out, right, so we're notsupposed to be using ports.

(01:55:46):
But again, when starting it'sgood to be using them when
starting, though, then we havethis bit here where we have
depends on.
If we are not using depends on,what do we use?
Yeah, exactly links.

(01:56:07):
Then you can see I'm usingCloudflare, so my domain names
are populated by Cloudflare.
So my domain names arepopulated by Cloudflare.
We know Cloudflare gives you adomain name which is SSL secured
, right?
So the reason that's why I'musing it.

(01:56:28):
So if I was not usingCloudflare in my playbook here,
you would see me using let'sEncrypt.
We use let's Encrypt out here,right, yeah, so I don't have
that because I have Cloudflare.
Then the rest of this bit iswhere we define them, the

(01:56:51):
networks and the volumes, right,I think that was large enough
to maybe showcase how a Dockerfile or a Docker Compose file
should look like, right, yeah,but Pinafa and other services,
as we said, like Redis, inafa,if we want to see it edge, okay,
yeah.

(01:57:13):
So back to my thing here, thisone, the one with Fargate.
So now, that was Ansible.
Now, if we look at this, thisone, I was deploying it on a
Fargate service, or rather aserverless.

(01:57:34):
Now for this one, we have aplaybook here.
This one, you see, I'm usingGCP, right?
So I'm not using AWS.
So what am I using in this one?
So in this I'm using a GoogleVM instance, which is an
alternative of EC2 instance,right?

(01:57:55):
So you can see here it'sdifferent from the other one.
The other one had a lot oflines, this one has just 109.
And what am I even doing inthis one?
These ones are almostunnecessary.
But now, from here you see, it'sthe very basic things you do
when you have your new operatingsystem, that is, your new OS on

(01:58:19):
Linux, right?
You update, upgrade and installthe dependencies that you need.
Remember, we said Linux isbased in Python, right?
I think I said that.
So you see, we'll be installinga lot of Python-based
dependencies, which we have here, python-based dependencies
which we have here.
Then, because whatever I wantto deploy is a Django

(01:58:41):
application, this means that Ihave to install Docker in my
server.
So you can see the first thingsthat you do when installing
Docker in your machine.
So you add the GPG keys, youadd the repository, that is, the
apt repository, then youinstall Docker and Docker
Compose, but for you to installboth, you still have to install

(01:59:05):
Docker CE.
That is the community edition,right?
Yeah, then from there we knowwhen we just install Docker in
Asuboanga, it has to say, likepermission denied, you have to
run as sudo.
So to eliminate that issue, yourun this thing here by adding

(01:59:25):
Docker to your user group, soyou'll just be executing Docker
commands without having toescalate your privileges.
Then these are other thingsthat happens on that server that
you created, that is the GoogleVM instance.
You need to be having a folderthat maybe you want to be

(01:59:46):
interacting with, you want toown it, okay, we know the Linux
file system, ownership andpermissions, right, so we have
to ensure we have that.
Then this bit here we saidAnsible uses SSH keys.
So you have to then get betweenyou, that is, your local

(02:00:07):
machine, the remote server, andremember we have version
controlled our, our project.
So we are using, using GitHub.
You know most of us use GitHuband SSH configured with it,
right?
So you have to let Ansible knowwhatever we want to pull from
GitHub should also be using ourSSH key which we are using or we

(02:00:31):
have configured.
Then the next thing is to pullthat project from GitHub to a
remote repository, remotedirectory that you created, this
one here which you created, andown it recursively, okay, yeah,

(02:00:52):
so you see, here in this bithere for Git.
It has a lot of parameters.
We have version.
Remember, in a good softwaredevelopment approach we use
branching right, we don't pushto main, but we usually maybe
what we take into prod is themain branch.

(02:01:14):
So the reason as to why we havethis version here is to specify
the version as to which we wantto deploy.
Maybe we wanted to deploy dev,so we would be having dev here.
So any other branch that youwant to deploy, then this part
here, if you are using Ansible,maybe you understand this bit
here.
Update, yes, you see, you do anupdate.

(02:01:35):
Okay, sorry to say this, kunawatu nakua.
Primitive unawana code kwamachine.
Ni mekata ku run una fuguwagithub remote na una editia pale
.
You see that, okay, ni me semaprimitive, get me right,
primitive.
So with this command here, whenyou run the command, when you
execute your playbook, it itwill update, it will take the

(02:01:58):
changes that are there and thechanges that are local.
Okay, then this other bit hereaccept the host key, that is, if
you have.
Okay, like, for instance, wedon't have the ansiblecfg which
has those configurations, so wehave to add it here.

(02:02:18):
Another primitive behavior forme here.
Then, as we said, the env is notsupposed to be pushed to a
version-controlled environment.
And remember, whatever we aredeploying, we are getting it
from a version-controlledenvironment, right?
So what do we do then?
And we have a env file that weneed.
We need it on the remote server.

(02:02:40):
So we use this capability withAnsible for copying.
So we are copying our env filefrom our local machine to the
remote server.
But remember the way you doyour secret management.
We also alter this part here.
Maybe you are pulling yourconfigurations from one password

(02:03:05):
, maybe from the Google secretmanagement, etc.
Then this little bit here forlogs, not very important,
because I think Docker Composehas its own logging system, so
you just query it.
Then, once all that is donethis is another basic thing that
you do when you finishinstalling Docker, you ensure

(02:03:27):
that it's running.
Then another thing, which againvery basic when building, or
rather executing your DockerCompose so it's just Docker
Compose app or build.
If you are building your images, as you can see here, this last
part here you want to removeany offhand builds that you had

(02:03:52):
Then up.
Here is where you now executeit.
Or you say docker-compose-app,but in a detached mode.
So in a detached mode it willrun silently.
Yeah, background.

(02:04:13):
Then this other bit here Okay,maybe I'm also a backend
developer, so I write Django andthis bit here will do some of
the magics the migration, themigration to see magic.
So that is, in a nutshell, ourAnsible playbook.

(02:04:34):
So now another thing that Italked about.
I said Ansible works withplaybooks and inventory.
So an inventory, I said it's alist of hosts, like now here we
have an IP address for a VMinstance that I have which is
running remotely Okay and yeah,so to that point I think I've

(02:04:58):
explained also which is runningremotely Okay.
So to that point I think I'veexplained or shown you the
Docker, docker, compose, ansibleand inventory.
So the last bit before I executethat playbook is the CircleCI
now, where we handle all that,the building of that docker

(02:05:18):
image continuously, where we runthose configuration, or rather
executing the playbookcontinuously and maybe doing the
tests continuously.
Now this is circle CI.
Let me see if I can open onehere.
So this is how CircleCI lookslike when you integrate it with

(02:05:53):
your GitHub.
All these are my projects or myrepositories that I have.
Some are configured like thisone is configured, this one is
configured, amongst others.
Now the one that right now weare talking about right now is
called String Reverse API Uphere.

(02:06:16):
We have string reverse API uphere, which is not set up
already.
Now what do we do to set it up?
For us to set it up, we shouldbe having this file here, the
configyaml for Saco CI with thejobs, or rather we have the
executors here, and you realizethat Sarkozy uses docker.

(02:06:39):
So you see, it's using dockerimages.
Yeah, so we have a variablehere which I named as image name
.
You will see where we will useit.
Now the next thing is the jobsthat will be doing.
Doing the job number one thatwe'll do is to build, that is,
to build a Docker image.
So what will we do in this one?

(02:07:01):
Now, you see, these are thenormal things when you have a
new project, on a Django project, you ensure that you have a
virtual environment, you ensurethat it's activated, you ensure
that PIP is at the newestversion, you install the
requirements, that is, theproject-wise requirements.

(02:07:21):
Maybe you run the migrations.
Then the next thing is to setup this thing here, to set up
the remote Docker.
So you just add that Dockerlayer caching to true.
Then it's now to build a Dockerimage.
This is a common command, dockerbuild hyphen.

(02:07:41):
I'll not go around this bitfast, but we have docker build
and that dot right to say thatwe are building on the current
working directory using thecurrent.
We are building on the currentworking directory using the
current docker file in thatcurrent working directory.
Let me find a repetition?
Yes, so we have this.

(02:08:02):
Now, when you use this, thehyphen t, that is, this flag we
mean that you want to targetwith either a version Okay, we
have versioning Time stamps.

(02:08:22):
All right, that is the dateversion.
Okay, so the commonly used typeof versioning is called

(02:08:44):
semantic versioning, right, yeah, there's that one.
You said Not, unless you'veread something.
So we have semantic version.
This is where we have maybe1.0.1.
Those numbers are major, mainand patch, so that's the most

(02:09:05):
common one.
Now, when you want to tag yourimage mostly in a image, you see
, when pulling images, we saylatest, most of the times.
Right, most of the times, notalways, but most of the times.
So the latest tag, or you cancreate your own custom
versioning, which is now,following that, the type of

(02:09:27):
versioning that you said youwant to use either date or the
semantic one.
Now, for me.
I love semantic and you'll seein a bit how.
So, after building this Dockerimage and tag it now for tagging
, let's go to where we are nowbuilding that thing for tagging.
We have here, do this, okay,let's see where we are tagging,

(02:09:54):
or pushing, publish, tag.
Now what are we using to tag?
You see, like the image tag, itwill come in this approach.
But now, if we come here, yousee how I have defined it that
it will take 0.0.
The number of builds that Ihave in CircleCI.

(02:10:15):
So for my first build, I have0.0.
The number of builds that Ihave in CircleCI.
So for my first build, I have0.0.1.
If I have 100 builds, I'll have0.0 points.
Yeah, now, this is therepository, that is the image
that I built and this one.

(02:10:35):
If you come to the tags, you'llsee here we have latest and we
have a version number rightwhich is 0.0.41.
So the reason as to why all thereason, there are very many
reasons of having this approachis, say, the latest version has

(02:10:56):
failed.
How will you roll back to theprevious version if, say, you do
not have the number one?
See, you will not have aspecific version to go in Now,
like if the latest version fails.
I know it's the version 0.0.41that failed, so I'll have to go
back to 0.0.39, right?

(02:11:17):
Yeah, so this is how we buildthat and we manage versioning in
docker.
So we were at this point forbuilding and tagging that image.
So the next thing that we'll donot not very necessarily this
one, but remember, we can buildimages which are very dense Like

(02:11:38):
you see, it's 2GB of an image.
What we do maybe now is toarchive it or to compress it
into a tower or a zip.
Then we archive it on Docker,or rather Docker Hub, and this
is the command for that and thepath.

(02:11:59):
You're just defining them herein this configuration file.
Now the next thing is to deploythis now, to deploy our Docker
image or Docker containers onour EC2.
Now, remember this project Iwas following the EC2 approach.
That is for AWS, so we had thiswhere we now run this one.

(02:12:24):
The main reason for runningthis is because we want Ansible
to be installed in our virtualmachine here.
Okay, so we'll act like ourvirtual machine for the moment
and we want Ansible to beinstalled for it to run.
Now, ansible is in theserequirements, then, if it's

(02:12:44):
there, this command we run.
Okay, I hope you can hear thisbit, this bit, it's command.
Then pipe.
The output of this command isthe input of this command, right
, easy, easy, easy.
The output of this command isthe input of this command, right
.
Then we have this bit herewhere we now like publish the
latest image or the latest buildthat we have.
This just makes sense.

(02:13:07):
But now to this point here Ihave to docker push.
But remember, for you to pushyou first have to log in, right,
and CircleCI manages yoursecrets.
So you can see, here we don'thave I've not like written them
down or exposed them they aremanaged by the environmental
variables in circle ci.

(02:13:28):
Maybe if you do some moreresearch you'll see that.
Yeah, so you docker login, thenyou docker tag using the latest
tag and the image tag, thisthing here.
Then after tagging we push.
Now see, I'm pushing both thelatest and that with the image
tag, which now will come with anumber.
Okay, now I think I should dothis bit here which will be used

(02:13:54):
to create or to build thosetags and publish them.
Then we have this last bit here.
Now, this is the most importantone in this Sarkozy
configuration.
Now, what we'll do.
Now the workflows.
The first one will be build onmain.
The jobs will be build and weare saying filter On which

(02:14:16):
branch do we want to do thebuild?
Only the main.
Then we want to publish thelatest.
This one now requires build.
But remember, for us to publishwe have to build.
So it will require build anddefinitely it will have to
filter on main.
Now we have this configurationup here and the project is

(02:14:38):
already on GitHub.
So if we come back here to SagoCI, we have this project and
say setup, then it's on this, onthat.
Then it says found on this.
So it says it already found aconfigyaml file in my repository

(02:14:59):
.
So I just set up.
Yeah remember what thisconfiguration will be doing.
It will be building an imagethat is a Docker image, publish
it on Docker Hub, then run anAnsible playbook to deploy it on

(02:15:20):
ECR.
But I said we don't have an ECR, so what will we do?
We'll go back to where we havesomething that can work for us
for the moment.
So we have a playbook herewhich I said it's for GCP with

(02:15:41):
all the configurations.
So what will we be doing?
This is what we'll be doing.
From this playbook, we run ourDocker Compose, which will now
build our images Right here inthis one.
We are not publishing images onDocker Hub.
We are building them on the goand running them on the go.

(02:16:02):
Okay, yeah.
So we saw this and our DockerCompose says it's built.
You can see we are at everystage, apart from the database.
We are building right.
At every stage, apart from thedatabase, we are building right,
yeah.
So if I execute these, let'scome back here.

(02:16:36):
That is just activating myvirtual environment.
Now we have to ensure that wehave Ansible installed.
So, yeah, it's installed.

(02:16:56):
So, yeah, it's installed.
So the next thing is to executeit.
Ansible playbook Ansibleplaybook hyphen.
I hosts.
These are called the Ansible adhoc commands.
I think you should look at them.

(02:17:19):
Then we execute that playbook.
So if, if the connectionbetween my SSH, it's, it's
connected SSH because we saidAnsible uses SSH, yeah, and you
can see it's deploying on this,it's deploying on that VM

(02:17:45):
instance, if we say and that IPaddress, yeah, see, we are in

(02:18:07):
that server, okay yeah.
So yeah, now, whatever I'mdeploying, it will come here
because I already deployed it.
Okay yeah, then it can deploy.
It's still working In a farfaculty access here yeah, we

(02:19:09):
said we are using Cloudflare.

Speaker 12 (02:19:10):
So to go to Marisa access, I think he'll come with
you.
So if you have questions beforeMarisa, I have a question.
You mentioned ansible is buildon Python.
I expected it to be like Pythoncode and not YAML.
Can you do Ansible in Pythoncode and less YAML?

Speaker 2 (02:19:20):
A question.
A question Not because Linux isbased in Python.
Do you have a Python code?

Speaker 12 (02:19:32):
No, but because I've interacted with Plumi and Plumi
will write very little Yarmul.

Speaker 2 (02:19:39):
I said Plumi is language and urbanistic right.
Okay.

Speaker 3 (02:19:57):
Any other questions it's not exactly, but it looks
like it.
It's like a crystal If you'recaught in here.
If you're caught in here, itbecomes a crystal.

(02:20:19):
It's always a familiarenvironment, I see.

Speaker 2 (02:20:30):
Question before we end the live.
Or when I was answering, didyou answer?

Speaker 5 (02:20:44):
Were you content?
Yes, we are contented.
I think it goes back to thecomment that I made earlier that
when you were explaining it iswhen you did the Docker Hub,
docker Docker Composer, then youhad a Docker Hub, then Cloud CI
, then Git, then you had Ansibledown there.
It's easy and very many peopleknow that language.

(02:21:07):
And it's easy when you, evenAfter we go through these is
when now you appreciate, andthat's why I appreciate what he
does.
So that's why I say it'sdifficult at face value to

(02:21:27):
actually say that someone isgood, especially for people as
CTOs.
You find someone who reallyknows the jungles and can really
speak a lot of DevOps, hasquite a lot of lingual artifacts

(02:21:49):
, you can say quite a lot ofthings, but you'll realize that
then when you go to the, thegist of it, then we need to be
able to understand the flow.
So the items you've mentionedthat are quite, quite relatable
at a city or level that numberone you've shown the security

(02:22:13):
part of it by ensuring andthere's an environment file that
is separate You've showcasedthat there are different
elements and different files foractually building different
items before the deployment,because for the longest time we
were just dealing with the code.
As long as you can do MarvinClean Compile, that was it.

(02:22:35):
But from what now we're gettingfrom this is there's no more.
And that's what I was afraid of, that I come and listen to a
session that tells me what Iknow, because from a research
perspective, I know quite a lotof jargons and what they mean.
I don't know how I got to learnML or ops, but I at least knew

(02:22:58):
something.
I don't know, but at least Iknow it's somewhere in there.
But now, when you go into thegist of ML it wasn't for
discussion today, but if we nowgo to the gist of ML, I would
like to know, as a CTO, how thendo I get to measure my team and
their knowledge of these?
And that's what internally weare developing something of that

(02:23:22):
sort where we do not getsomeone who talks.
In fact we just do a silentinterview.
Give you a paper there, we giveyou code, tell you this is the
repo, do something about Docker.
You say you know.
So at the end of the day, wewant to see at least build a
pipeline.
Okay, we'll install thenecessary, but at least build a
pipeline.
We'll tell you Docker isinstalled and everything, but

(02:23:44):
can you come up with somethinglike that?
Because most of the people inthe industry and people who say
they're quality assurance slashDevOps engineers.
They lack the qualities, as yousay.
The qualities and your emphasiswas in really good people who
actually know what they're doingand, to get to the level that
you do, at least you have aclear understanding of what

(02:24:07):
really is known.
So I think this last part hasreally informed the decision of
how to build a successful team.
How then, do I get to know fromthe language you understand the
language, so that is okay Thendo you understand the actual
workings that go into place andcan you separate the two?

(02:24:29):
And then, with the wholeconversation that was going, who
writes unit tests and who rightthe test cases and everything.
Then, when you, when I Get outof here, I think I'll go and sit
down and marry all the ideasthat we've spoken to and that
that, to me, speaks, speaks alot about what I wanted to
achieve for today.

Speaker 2 (02:24:50):
Alright, I hope I helped and happy if I did.

Speaker 1 (02:24:56):
Great feedback.
I helped and happy if I did.
That's great feedback.

Speaker 9 (02:25:03):
Yeah, there's something you mentioned
somewhere at the beginning aboutDevOps engineers not being paid
well in Kenya.
So what do you think is therange, or a good range for a
DevOps engineer?

Speaker 2 (02:25:17):
So what do you think is the range or a good range for
DevOps engineer?
So for the range, we definitelyhave to talk about entry levels
, or rather the seniority levels, before you start talking about
the range.
So let's say, a mid-levelDevOps engineer, if you are

(02:25:48):
going for an interview, let mejust start there.
Or rather you've interviewedfor DevOps engineer, you know
where to go and check for theright salary range and that is
Glassdoor and Paycheck.
I'm not the right person toanswer that.
But if I was to say I'mmid-level, what would determine

(02:26:11):
my mid-level?
The number of years I have?

Speaker 9 (02:26:14):
Probably number of years experience.

Speaker 2 (02:26:20):
Let's say what?
Three to five years ofexperience.
So if it's me who is asking forthat salary anything less than
450K it's a no-go zone.

Speaker 9 (02:26:31):
That's gross or not?
Gross.
Okay, yeah.

Speaker 5 (02:26:42):
On the question of how much is paid from a business
perspective, you come in, donot tell me what to pay you.
Okay, I'll see the value fromwhat you give.
And that's what I'm saying.
I cannot take someone Right now.
You're taking someone andyou're giving them the amount of
money that they're requestingbecause they've gone and checked
and from my end I've gone andchecked, I know they're not

(02:27:06):
paying this much.
But when it comes to their work,personally, I'll say, first of
all, from a CTO's perspective,I'll not base your salary on
what you tell me.
I'll be, show me the work, thenI'll bump it up as long as I

(02:27:27):
can get value.
And that's why I was saying thewhy is the?
Why the company and thestrategy of a company will build
on the why of why we needDevOps.
Okay, as long as we can seesatisfaction of that, then we
can match what you're coming upwith.
But before we actually get thatrealization, automation, ease

(02:27:51):
of deployment, as he has done aslong as we can get that, then
we can be able to talk aboutthat.
But in terms of payment, in theindustry, most people know the
lingual but don't know theactual working.
So very few people know theworking and for those they're
priceless.

(02:28:11):
So for those I'll appreciatethat.
They're usually good, they getyou where you want to go, and
the best thing about a good caris once it gets you where you
can count on that car, and sothat becomes priceless.
So you can actually pay morethan even the industry standards
if someone is getting the value.

(02:28:32):
That's how I would answer.

Speaker 2 (02:28:35):
Okay, a quick question question he got out of
mike, mike now, let's assume Iwas doing an interview.
This one was an interview.
How much can you pay me?

Speaker 5 (02:28:47):
I'll not answer that okay, fair enough.

Speaker 2 (02:28:54):
yeah, thank you, guys .
Guys, that was me.
I think I showcased what youwanted, not unless we have any
other questions.

Speaker 13 (02:29:06):
We have comments Ending.
Thank you so much, and Iusually, as you said, we
appreciate when someone is notjust talking, they actually walk
the talk.
So good work, man Kudos.
Thank you, thank you, thank you, thank you, and now a big round

(02:29:34):
of applause.

Speaker 1 (02:29:38):
Thank you, Joseph.
This has been a very insightfulsession Educators, informatics
and very important.
Thank you to the great audience.
We are pushing the rightbuttons.
We want to know.
Sharing amongst yourselves thatconversation is highly

(02:30:00):
encouraged.
We really do appreciate that.
Thank you so much for spendingthe time to be here and with

(02:30:20):
that we will end and concludetheir works for today, Looking
forward to seeing you guys inthe coming ones.
So, from Africa, Stalking andmyself, Sylvia, thank you and
have a good night.
Thank you, Amen.

All Episodes

#38 - Joseph Njogu -Dev Ops

Episode Transcript

Popular Podcasts

Crime Junkie

24/7 News: The Latest

Stuff You Should Know

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}#38 - Joseph Njogu -Dev Ops