86
Reddit DevOps. #devops Thanks @reddit2telegram and @r_channels
Comparison of configuration file languages
The trade-offs between :
JSON
YAML
ConfigParser (as used in setup.cfg)
TOML
https://gist.github.com/njsmith/78f68204c5d969f8c8bc645ef77d4a8f
https://redd.it/1gi142b
@r_devops
Software Engineer Jobs Report 10/30: Every week I spend hours scraping the internet for recently posted software engineer jobs. I hand pick the best ones, put them in a list, and share them to help your job search. Here is this weeks spreadsheet. Devops roles included
Hey friends, every week I search the internet for software engineer jobs that have been recently posted on a company's career page. I collect the jobs, put them in a spreadsheet, and share them with anyone whose looking for their next role. All for free.
I hand pick the ones I know are good roles, with market salaries, and no glaring flags (extremely low salaries, unreasonable expectations). Though its not easy to tell if the roles require leetcode or not. I want to figure out how to get the information in the future.
The data is sourced by my own web scraping bots, paid sources, free sources, VC sites, and the typical job board sites. I spend an ungodly amount on the web so you don't have too!
About me, I am a senior software engineer with a decade of work history, and ample job searching experience to know that its a long game and its a numbers game.
If there are other roles you'd like to see, let me know in the comments.
To get the nicely formatted spreadsheet, click here.
If you want to read my write up, click here.
if you want to get these in an email, click here.
If you want to see all previous job reports, click here.
Cheers!
https://redd.it/1gi2s0f
@r_devops
If you're a Dagger user and also playing with A/ML, you might like new Kitops modules.
[KitOps](https://kitops.ml/), with an OCI-compliant packaging format enables the seamless sharing of all necessary artifacts involved in the AI/ML model lifecycle. This includes datasets, code, configurations, and the models themselves.
Kit modules for Dagger are now available on the Daggerverse.
**Included Modules:**
* kit : Use common kit commands such as pack, unpack, push, tag
* huggingface: Download repositories from huggingface
* gguf: Convert to GGUF model serialization
[Find more ](https://daggerverse.dev/mod/github.com/jozu-ai/daggerverse/kit@a4e5e833af49ad44c91a94a28a2dfbafc5f49510)
https://redd.it/1ghzckc
@r_devops
What are core tools of DevOps role?
Hi everyone,
I am Cloud Engineer now, focusing only on AWS but I don't know what to do or how to begin to be a DevOps engineer. Is cloud engineer a good starting point to become a DevOps guy? What are the tools needed and must be mastered first in terms of DevOps requirement?
Thank you.
https://redd.it/1ghwmj3
@r_devops
Is it worth to do the CKA now?
Same as Title says, i have a other AWS and Azure certs not a professional ones associate level ones. is it good to have CKA in my resume.
https://redd.it/1ghugg3
@r_devops
Seeking Advice on Securing a Node.js API and SQL Database for a Small WPF Desktop App
I'm looking to provision an SQL database using services like DigitalOcean, Linode, Vultr, or AWS. For security reasons, I want to set up a Node.js API to interact with this database, as my application is a small WPF desktop app that will be used by no more than three users from their personal computers.
I have experience creating a Node.js API without any security features, primarily for testing. However, I now need to secure both the API and the database.
I realize that security can be a vast and complex subject, but I'm looking for some baseline practices that will allow me to achieve a reasonable level of security without diving into overwhelming details.
What are some practical steps or recommendations you would suggest for securing the API and the database in this scenario? Thank you!
https://redd.it/1ght9kp
@r_devops
Why charmed kubeflow requires minimum of 32GB of RAM and 50GB of storage
I am wondering why charmed kubeflow that uses juju and microk8s needs 50gb of storage and 32GB of RAM. Can anyone explain me why it need too much resources? I thought k8s is lightweight kubernetes distribution lol
https://redd.it/1ghq85d
@r_devops
Brazil’s Pix payment system is one of the world’s most used instant payment systems
I wrote an article about how one of the largest instant payment systems in the world Nearly 42 billion transactions in 2023. Pix transactions are almost five times greater than the combined volume of debit and credit card transactions,
# How long does Pix transfer take?transactions occur instantly, at an average time of 2.5 seconds.
rasvihostings/brazils-pix-payment-system-is-one-of-the-world-s-most-used-instant-payment-systems-73adbd702ce3">rasvihostings/brazils-pix-payment-system-is-one-of-the-world-s-most-used-instant-payment-systems-73adbd702ce3" rel="nofollow">https://medium.com/@rasvihostings/brazils-pix-payment-system-is-one-of-the-world-s-most-used-instant-payment-systems-73adbd702ce3
https://redd.it/1ghn861
@r_devops
Full Stack React framework
Full Stack web framework with React + Faster. Automatic routes, reload and component bundle. It uses its own RSC engine, combining SSR and CSR. 100% Deno, no Node dependencies. Fully compatible with Deno Deploy and Serverless Environments. Please give a star :) link
https://redd.it/1ghi0en
@r_devops
are there some good tutorials about Talos and Flatcar for container oriented OS?
I am curious about the Talos / Flatcar Container OS stuff, at work I have had some good run with x86_64 QEMU / Libvirt / Packer / Ansible stuff and would like to explore similar terrain when it comes to OSs for containerized applications?
Flatcar someone starts with Butane Configuration but it never expresses clear what Butane is etc.
Any heads up on Flatcar and subsequently Talos would be great
https://redd.it/1gh83g6
@r_devops
Hashicorp vault with dynamoDB as backend storage.
Hey, I have to make Vault highly available using DynamoDB as backend, I know that Consul is an option but I prefer to use AWS service.
Currently we have the open-source version on a dev environment - k8s(EKS), one pod using encrpyted EBS volume.
I found this tutorial https://www.automat-it.com/blog/deploying-hashicorp-vault-to-eks-cluster-with-dynamodb-backend/ but I am not sure about it, and more specifically for the encryption step.
I've tried their documentation - "yea you can use it with DynamoDB" and that's.
If someone had similar task, please share some guidance.
https://redd.it/1gh8tzd
@r_devops
I built a tool to track GitHub Actions costs - looking for early users & feedback
Hey folks! Over the past few months, I've been building BuildBudget - a tool to help teams understand and optimize their GitHub Actions spending. The problem hit close to home when our team's CI/CD costs started climbing and we couldn't easily figure out which workflows were the main contributors.
What it does right now:
* Shows your top 100 most time-consuming workflows and jobs
* Breaks down usage by repo, org, workflow, or job
* Calculates costs for GitHub-hosted runners
* Compares what you'd pay using AWS CodeBuild instead
It's pretty bare bones at the moment, but it works. I'm sharing it early because I want to shape its development based on real feedback from other engineers dealing with CI/CD costs. Check it out at [buildbudget.dev](https://buildbudget.dev) \- it's free during beta, and setup takes less than a minute if you're using GitHub.com. It's also available for teams using GitHub Enterprise Server, via webhook.
I'd really appreciate your thoughts on:
* What other cost insights would be useful?
* Which CI/CD cost problems are you struggling with?
* What would make this actually valuable for your team?
Happy to answer any questions!
https://redd.it/1gh434z
@r_devops
Deployments still suck, but maybe they don’t have to
Found this interesting blog post about why deployments are still painful in 2024. The author breaks down how deploying even a basic Rails app to AWS requires wrestling with Docker, ECR, ECS, load balancers, security groups, and more DevOps complexity. They contrast this with Heroku's revolutionary "git push" simplicity from 2007, and discuss newer PaaS alternatives like Fly.io and Railway.app. While these platforms work well for standard apps, they can become limiting for specialized needs. The post highlights some promising developments, like Cased's branch deployment system, and suggests that Vercel's success in frontend deployments points to a future where we might have more integrated, opinionated platforms that handle everything from CI/CD to monitoring without requiring developers to piece together multiple tools.
https://www.blacksmith.sh/blog/deployments-still-suck-but-maybe-they-dont-have-to
https://redd.it/1gh11ue
@r_devops
Another FREE Workshop? Oh yeah! Building Dev-Friendly IaC with OpenTofu
A couple of months back, we launched a 10-week OpenTofu workshop that saw over 320 signups, and I’m grateful for everyone who’s been sticking with us each week. Seeing the feedback and demand, we’re excited to roll out a new workshop.
This time, it’s about creating IaC that actually supports developers without forcing them to wade through endless configs and ops-land details.
In this 4-hour hands-on session, we’ll cover principles like convention over configuration and explore practical ways to cut the config chaos, so devs can stay focused on their core work, while ops keeps infrastructure sane.
Expect practical patterns for building IaC with defaults, preset scenarios, and abstractions that align with how developers actually need to work - not tools that pile more work on them.
Same as before: Slack cohort, Q&A, hands-on lab.
Register here. Limited spots, and I mean it this time! LOL last time I didn't put a cap on it and we got way to many people. Keeping it to 100 seats for my hairline's sake!
https://redd.it/1ggrcrc
@r_devops
cheaper New Relic and datadog alternatives for Tracing/apm/profiling
Our datadog bill is starting to get a little long in the tooth for web APM purposes. We use datadog for web APM because we need insight into site code for PHP, asp.dotnet, node, and python. Specifically when the code is having issues to be able to trace the calls to figure out where the issue is.
For logging we use elastic and we're happy with that. Metrics are nice but that's not what we use DD for. So if it can't do traces it's automatically a non-starter.
We also use the database APM feature as well which has been super helpful across mysql, postgres, and mssql work loads and tying web apm traces to db traces.
What else is out there?
https://redd.it/1ggjc61
@r_devops
Public Service Whitelisting
I've found myself in between a few different requirements and would like a fresh perspective. One of my company's dev teams has an ECS based service that has only been used internally but now needs to be reachable for a third party integration. So our dev team wants a new public load balancer with just the third party's IPs whitelisted. We typically don't whitelist, instead opting for a zero trust based model using Cloudflare proxying, a comprehensive WAF ruleset, OIDC auth, etc. The third party has also recommended against whitelisting since their service uses 100+ multi-region IPs that will change over time. I have suggested everything from VPN access, client certificates / mTLS, private links, etc. instead of whitelisting, but our dev team is on a tight deadline and the solutions suggested would require either changing the existing service or getting the third party to make changes. Am I crazy for pushing against this? Are there any other options?
https://redd.it/1gi389o
@r_devops
What are the bad parts about being a Devops?
What are the bad parts about being a Devops Engineer?
https://redd.it/1gi0hu4
@r_devops
What does "Yes" look like
“No” is an easy default response to big technical asks. It manages the risk and expense of large projects with unknown complexity and (let’s be honest) will often take less of your time than a “Yes”. Some times it’s also the correct answer. No, we can’t make a square with three sides.
“No” usually doesn’t help the business though. There’s a reason the PHB is asking for a square with three sides. It might also be tied to some fundamental misunderstanding, but underneath the request is a problem they’re trying to solve (maybe they just need a triangle). Your job as a skilled devops professional is to understand and help solve that problem.
As a matter of soft skills, you should generally address their question in some way before telling them it sounds like the wrong question. “Squares definitionally have four sides, but we do have the ability to make three-sided polygons. They’re called triangles, and they can only have one right angle unlike a square.”
By the time a technical request makes it from the business side over to the tech organization, “yes” is really the only answer they’ll accept. You might be tempted to say “no” and leave it at that, but instead you should just tell them what “yes” looks like.
Switching analogies, let’s say the PHB wants to build a racquetball court as an addition to the office building. Instead of saying “that’s way out of budget and we can’t even get a building permit for that addition” try explaining what it would take to make it work if you had unlimited resources. Explain the cost of labor and materials for the building, the legal process of getting the permits, the unsolved problem of where to fit such a building on the premises.
At the end if you can give a ballpark of the time and total cost and what other projects will be deprioritized to accomplish it, your “yes, and” will have a much stronger case than a “no”. If you frame your answer as “yes” and then let them discover that such a project isn’t feasible, now you can work together to figure out another solution.
If you had just flatly said “no” in the first place you’re making the interaction adversarial. With a “yes, and” it’s collaborative. Alright, that won’t work but let’s explore other solutions.
And now comes the best question you can ever ask a business person: “What problem are we trying to solve?”
Contrary to popular belief, business people are pretty terrible at communication so they generally don’t think to start with the problem at hand. But once you have that you can use your special engineer brain to find a solution. If the PHB wants a racquetball court because they want to be able to play racquetball, you can suggest they get a YMCA membership instead. Now you’ve solved their problem and saved them a big pile of money. If you do this a few times you will be every PHB’s favorite engineer.
https://redd.it/1ghy9rq
@r_devops
SSL for Vikunja and Wikijs
Hi All
We have installed Vikunja and Wikijs for task tracking and documentation via docker compose . They are working with http but need to enable https ,similar to proxy_pass on nginx like below
myhost.com/wiki --> route to wiki
myhost.com/tasks ---> route to Vikunja
Using caddy installed as docker , I am able to route to either Vikunja or wiki at 443 but unable to achieve above setup .
Has anyone tried using caddy to achieve above setup ,not necessarily with wiki and Vikunja but with other solutions/services
Basically trying to achieve below using caddy
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name myhost.com;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /wiki {
proxy_pass http://localhost:3000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
location /tasks {
proxy_pass http://localhost:3456;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}
Any help is appreciated 🙂
Thanks
https://redd.it/1ghw7i0
@r_devops
New Grad Seeking Advice on Pursuing a DevOps Career
Hello, I’m a new grad with a deep interest in DevOps.
To give you a brief introduction, I started my journey during a co-op term with the Ontario government, where I was involved in a Kubernetes project. This experience sparked my fascination with Kubernetes, which was not the kind of thing taught in university, leading me to dive deeper into studying and eventually discovering DevOps. Since then, I’ve been dedicated to building a strong foundation, earning certifications like CKA, CKAD, LFCS, AWS Admin, Azure Admin, and CCNA, and doing projects to hone my skills. I’m continually working to advance my knowledge and skills and would appreciate any advice on pursuing a career in DevOps.
1. I know that DevOps is not typically an entry-level position. Therefore, even if it's not exactly DevOps, what entry-level positions are there that involve technologies like Kubernetes, Jenkins, Terraform, and cloud platforms? I am very passionate about these tools and would like an opportunity to work with them.
2. I am aware that the job market is currently tough. I am open to part-time jobs or volunteering if it means gaining experience in my field. Are there opportunities available that would allow me to work with DevOps technologies in such capacities?
I appreciate any feedback you can provide.
https://redd.it/1ghtk8k
@r_devops
Remote Job in US Companies
Hello Everyone! I am a devops engineer with expiration of 3 years and am looking for new opportunity. Are there any companies which offer work from home in india and have very good work culture.
https://redd.it/1ghs1vb
@r_devops
How to write production level python code?
Hey Everyone,
I am a recent grad and wanted to know any guide or resources for best practices while making produciton elevl applicaitons using Python and frameworks like Flask, Django ?
Thanks
https://redd.it/1ghmogd
@r_devops
How do you give access to your npm artifacts on Google Cloud so you can pull the latest changes from it?
How do you give access to your npm artifacts on Google Cloud so you can pull the latest changes from it? I tried to look online for some resources, but couldn't find any. I need to be able to generate a npmrc file that allows you to call npm update to pull the libraries inside the artifacts, and create a user that will give access to users as well as the build process and store any secret on Google Cloud itself that gets referenced whenever needed by Google Cloud Build and any other service that might need it.
https://redd.it/1ghl3md
@r_devops
What are some recently created DSL's that are not based on old ideas?
I'm not an experienced developer, and have just been teaching myself. I believe I have a pretty novel idea and want to find someone experienced, to get some advice about how to approach building it. It concerns specific, intuitive analysis and ability to act on rules sets.
https://redd.it/1ghfdod
@r_devops
How much Linux is enough for DevOps?
I recently came across a post saying Kubernetes is an abstraction of Linux. Since I already have basic Linux knowledge and have started learning Kubernetes, I'm wondering if I should first study Linux in more depth before moving on to Kubernetes, Docker, Ansible, etc.
So, how much Linux knowledge is enough, and where should I learn it? I’ve heard about Red Hat certifications—should I pursue one, and if so, which would you recommend? Do these certifications help with securing good DevOps or cloud roles? I’m currently a Cloud Engineer looking to deepen my expertise and grow into a senior position. I was also considering the CKA Kubernetes certification but paused for now. Which certification would be more beneficial, Red Hat or Kubernetes CKA? Any suggestions?
Link of post: ericjalal.fi/kubernetes-is-just-linux-c4312666e27b">Kubernetes is just Linux. I started working with Kubernetes a… | by Eric Jalal | Medium
https://redd.it/1gh9tcu
@r_devops
My First ever DevOps interview
This was my very first interview for a DevOps engineering role. Coming from a non-technical background, I took the initiative to learn everything on my own. I turned to YouTube and self-taught programming. After facing many challenges, I eventually joined a company as a junior software developer, where I worked for over two years. During this time, I realized that DevOps was more intriguing to me than programming alone. I started learning AWS on my own, building on some familiarity with Amazon from a prior non-technical role there. To further solidify my skills, I completed the Cloud Resume Challenge, which covers many foundational tasks expected of a DevOps or cloud engineer. I also earned the AWS Cloud Quest certification as an AWS Cloud Practitioner. A few months later, I secured an internship in AWS Cloud Engineering, marking what I see as the true starting point of my DevOps career
I didn’t expect to crack it on the first try, though I had a bit of hope. The interviewer began by introducing himself and then asked me to do the same. I handled this easily and confidently. The next question was, ‘Why DevOps and not programming?’ I explained that I’m more drawn to the later stages of the software lifecycle. He then skipped some of the technical questions on Linux and Docker, given my prior experience working with them. He asked about Kubernetes, and I shared that I’d worked with it while deploying a Django project of my own. He followed up with a few detailed questions, and although I couldn’t answer them technically, I described the role of different Kubernetes components and why they’re used.
At the end of the interview, I asked about the experience they were looking for, as the job description hadn’t specified any required years of experience. He mentioned that they’re ideally looking for someone with more experience, but with plans to expand, they might open roles for less experienced candidates in the future. I shared that this was my first DevOps interview and asked for feedback on skills to focus on. He offered some helpful pointers, and it became clear that they need someone ready to handle tasks independently from day one.
What’s less clear to me is what specific skills or projects would best prepare me to get into an entry-level DevOps role.
Anyone have any thoughts?
https://redd.it/1gh544l
@r_devops
How important is peer review?
I'm currently working in an environment that I'm not really used to. Peer review has always just been a normal part of the way I've worked in all my previous teams. Often it's in the form of PRs, but it can just be general feedback on something you've designed or built.
In this team I'm working in though, it's just not a thing they seem to do. From their perspective, they've just got a task to do and they just do it. As long as it works, that's all that really matters. In a recent meeting, a colleague of mine said flatly that he doesn't want to review other people's work. He says he's got other things he'd rather be doing and that he trusts our ability.
I don't agree with his point at all. The point isn't about trust, it's about encouraging each other to think critically about implementation, to knowledge share and to prevent siloing. But curious to hear what the rest of you think.
https://redd.it/1gh30un
@r_devops
Interview preparations tips
I will schedule an interview for a staff SRE role at GMC. I don’t know what are the things that I have to prepare for the interview. I have searched, and it seems like they don’t have a standard interview process that varies according to location and roles.
Anybody faced GMC staff-level roles Site reliability engineer?
https://redd.it/1ggtz60
@r_devops
Tuning a CICD pipeline to less than 60 seconds
I got a bit pissed that my CICD pipeline was taking so long so I tuned it down to about 60 seconds.
Once I got it working on my side project on GitHub I did similar for my day job on GitLab.
Here’s a writeup of the general techniques I used. I’m mildly convinced this can work for most app builds and deploys that don’t involve running a bunch of terraform that has to wait on infrastructure.
Linting, security scanning, and building all in about a minute, in case anyone is interested:
https://mzfit.app/blog/the_one_where_i_tune_my_cdcd_pipeline/
https://redd.it/1ggst63
@r_devops
cfgmgmtcamp talks are closing in just a couple hours!
it's coming down to the wire! Only a couple hours left. If you haven't got your #cfgmgmtcamp talks submitted, go do it NOW! https://cfp.cfgmgmtcamp.org/ghent2025/cfp
https://redd.it/1ggpeon
@r_devops