I am in very similiar position right now, and I have decided to bite the bullet and drop all non individual contributor responsibilities. I'm not yet sure how it will go but it's my #1 priority to arrange it with Cxx. I know this was supposed to feel like "step up" but it's not who I am. I don't aspire to great managers, I respect people like Carmack. I want to be the best and most productive engineer, that's where I have most fun. If the money is similiar, that's what it's about.
I'm of the (weak) opinion that if you have www.coolapp and api.coolapp, you should have port 80 closed on api. - don't even serve redirects. Any legitimate traffic would be broken anyway, and it prevents you from even accidentally doing something stupid like serving a cookie without secure, or receiving (unencrypted) a token from a misconfigured client.
It doesn't as long as you handle the HTTP->HTTPS redirect on your proxy (NGINX, Apache, Caddy or similar) and don't pass any of these requests to your backend.
Don't allow any HTTP requests to be passed to your actual backend app, handle them only on the proxy.
For example:
You set up NGINX on ports 80 and 443 and open these ports (TCP for 80 and TCP/UDP for 443) to the internet, and close all other ports. Your backend runs on port 3000, and you configure NGINX to proxy pass coolstore.com/api to said port 3000.
All client-traffic HTTPS is handled on the NGINX proxy (it can also serve your static files very well). Any HTTP requests are sent response status 301 with HTTPS version of request URL.
Try Cloud Deploy - it’s a new service and significantly easier than using a self managed CD tool like Spinnaker or Argon.
If you know all of the points I listed before, have a look at GKE benefits like horizontal and vertical pod autoscaling, cluster autoscaling, istio, config connector, anthos
not at all, but our devops guy ragequit the job and I want to be able to help piece things together if fire emerges, or help the team. Every engineer has some knowledge so together we're able to handle most of it. I want to use this opportunity to learn more.
This is almost exactly how I became devops in the first place - the existing guy quit suddenly and I had to pick up the pieces in a hurry.
If you're already comfortable with the basics, then focus on one particular element and master it. The other bits will come over time. I recommend Kubernetes as a focus, given your list.
Keep in mind at all times that the infrastructure serves the business.
At one time I would have recommended theserverside.com, at least for anybody working mainly in Java (or another JVM language) but I kinda feel like their content has gotten pretty watered down. Still, might be worth giving it a look.
