Blog Entries

14. 06. 2024 Alessandro Valentini DevOps, NetEye

Automating the Full NetEye Release Procedure

One of the first issues we added more than 2 years ago to our DevOps backlog was automating the infrastructure preparation and release of NetEye, but we postponed it for a long time because it was too big to do. A bit of background Every 2 months we release a new NetEye version: this basically…

Read More
24. 05. 2024 Alessandro Valentini DevOps

OpenShift: How to Check and Reset Ceph Storage in Warning State

Every so often it may happen (in particular after a cluster update or hardware issues) that you see your storage in a warning state on OpenShift. The first thing to do is to check what’s wrong with your cluster: sometimes you may have a real issue, in other cases it may just be a temporary…

Read More
01. 12. 2023 Alessandro Valentini Development, DevOps

How to Install Matomo on OpenShift

Recently we felt the need to collect anonymous metrics about how our users are visiting our websites. After some investigation, the development team proposed using Matomo: a free and open source software project which collects usage metrics while guaranteeing 100% privacy alongside the chance to be self-hosted. We decided to install it on OpenShift, since…

Read More
28. 11. 2023 Alessandro Valentini DevOps

My OpenShift Journey #7: Enabling Persistent Monitoring

Some days after installing an OpenShift cluster you may notice a warning related to insights: the system is complaining because metrics are not stored in a persistent way and a restart of the container may cause the loss of metrics. In OpenShift it is possible to configure several custom metrics. In this post I will…

Read More
10. 08. 2023 Alessandro Valentini Bug Fixes, NetEye

Bug Fixes for NetEye 4.31 and 4.30

We fixed a bug in NetEye Userguide clarifying the procedure to setup custom certificate on a NetEye Mirror in Change NGINX Certificates section both in NetEye 4.30 and 4.31.

Read More
18. 07. 2023 Alessandro Valentini DevOps

My OpenShift Journey #6: Pipelining Part II

In my previous blog-post I wrote an introduction to pipelining in OpenShift. This blog post is a follow-up to explain how to trigger a pipeline automatically. Tekton triggers are quite complex and need some explanation in order to be understood. To trigger a pipeline you need several components. In the graph below you can see…

Read More
17. 07. 2023 Alessandro Valentini DevOps

My OpenShift Journey #6: Pipelining Part I

It’s been a while since my last blog post about our OpenShift journey since as a devops team, we’ve been focusing on other activities for a while. Today I’d like to talk a bit about how to use OpenShift for CI purposes. As described in our productive use case, we implemented several pipelines to build…

Read More
06. 04. 2023 Alessandro Valentini DevOps, NetEye

A Productive OpenShift Use Case: NetEye User Guide

In December 2022 we decided to completely restructure the code of our User Guide. Previously, each project contained its own documentation, but this led to very difficult and time-consuming development having the code scattered across more than 40 repositories. Furthermore our contributors are not necessarily NetEye developers, or even developers at all. Setting up a…

Read More
20. 12. 2022 Alessandro Valentini DevOps

One Year as a DevOps Engineer

The Beginning When I started my new role as a DevOps Engineer at the beginning of 2022, we had little experience in DevOps as a team. We tried several times to implement automation in order to simplify maintenance and reduce the amount of overall effort we invested in routine activities. However, since DevOps engineers are…

Read More
23. 11. 2022 Alessandro Valentini Events

Our Experience at SREcon22 Europe

Looking at how several companies have managed their services, we discovered a relatively new (for us) technical role, the Site Reliability Engineer. As IBM reports: The principle behind the SRE is that using software code to automate oversight of large software systems is a more scalable and sustainable strategy than manual intervention – especially as those…

Read More
05. 10. 2022 Alessandro Valentini DevOps

My OpenShift Journey #3: Active Directory Integration and User Management

In our migration journey from multiple VMs to OpenShift, one mandatory step is the integration with our company’s Active Directory. This is the default IdP for our services like Jenkins, NetEye, etc., and we want to centralize authentication and permissions as much as possible. Integration with OpenShift is less straightforward than it is with other…

Read More
14. 07. 2022 Alessandro Valentini DevOps

My OpenShift Journey #2: Nginx Load Balancing and SSL Termination

In a previous blog post I described how we installed our first OpenShift cluster and how we used HA Proxy as a load balancer. Our cluster is meant to host both internal services (like CI and docker registry) and public services, and we thus have to expose them on multiple domains with valid SSL certificates….

Read More
07. 07. 2022 Alessandro Valentini DevOps

My OpenShift Journey #1: Getting Started with a Cluster

Within our Research and Development team we maintain a set of both physical and virtual machines for many purposes: internal repository mirrors, CI/CD, testing, internal docker registry, etc… Maintaining them is demanding, especially considering that our infrastructure has grown over the years and was often configured by different colleagues using different software and tools. And…

Read More
06. 05. 2022 Alessandro Valentini Development, NetEye

Pinning a Module to a Specific Kernel Release

During our implementation of the NetEye migration to Red Hat 8 we decided to drop our internal mirror for system packages and instead rely on Red Hat’s official repositories. Our goal was to improve reliability, speed up the delivery of updates, and alleviate the development team’s workload. But it also introduced a new issue: we…

Read More
15. 03. 2022 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.22

We fixed a wrong behaviour which causes neteye satellite config create to do not work when executed with –tenant parameter. For NetEye 4.22 we updated the following packages: elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, filebeat, filebeat-autosetup, filebeat-neteye-config, apm-server, apm-server-autosetup, apm-server-neteye-config, kibana, kibana-autosetup, kibana-neteye-config, logstash, logstash-autosetup, logstash-neteye-config to version 7.15.0_neteye3.37.2-1

Read More