86
Reddit DevOps. #devops Thanks @reddit2telegram and @r_channels
CKA recommendations
Hey, tech community! I'm preparing for the Certified Kubernetes Administrator (CKA) exam. Any recommendations for the resources (yt channel, courses, blogs) to ace it? Drop your suggestions!
\#CKA \#Kubernetes \#DevOps \#recommendations
https://redd.it/1hhp3kz
@r_devops
What is Docker? The Complete Beginner’s Guide to Docker Concepts
Nice Article I guess:-- hemantkumarceo001/what-is-docker-the-complete-beginners-guide-to-docker-concepts-adda7313b98a" rel="nofollow">https://medium.com/@hemantkumarceo001/what-is-docker-the-complete-beginners-guide-to-docker-concepts-adda7313b98a
https://redd.it/1hhllmd
@r_devops
DR for on prem VCS, or nah…lol
I’ve got a single node, single database on prem Azure DevOps installation in a dedicated VM. All the basics are setup. The dev team doesn’t practice any kind of CI/CD, or really even know how to do anything outside of clone a repo and commit their changes, so job security cool I guess. However, I raised a concern to management about the single node/db for DR reasons and there was significant pushback. They said Git is distributed so we don’t need any DR. My response was that the team might have clones of code repos in their personal laptops, however the chance of those repos reflecting PROD are slim to none never-mind configuration. They then said PROD was good enough and I could see why they thought that and I still don’t really agree because it lacks substance. As a dev team, isn’t our source code business critical, even more so because the client can’t operate their business without it, and relying on a random dev laptop or “just prod” isn’t really as reliable or simple/straight forward as cloning the existing VM and using it as the DR appliance, shipping the daily backup to the cloned VM? Maybe I am just naive, dumb, ignorant or all of the above but something just doesn’t seem right about the response from leadership. Can anyone smarter and more experienced than myself please provide some insight into what might be going on behind the scenes because I am at a real loss here and don’t know what to do.
https://redd.it/1hhfstt
@r_devops
GitHub copilot is free for everyone
https://github.com/features/copilot?utmcampaign=socialms
https://redd.it/1hhbehe
@r_devops
does dsa usually be asked in devops interviews ?
just curious to know, is dsa asked in devops interviews? I mean I understand dsa is something entirely different gives problem solving skills but I am curious to know is dsa usually asked in devops interviews?
https://redd.it/1hh8h9j
@r_devops
At what time is the daily stand-up in your company?
Just thought it would be interesting to get some data on where do companies stand when it comes to this issue. I know many work remote so when it comes to defining the time, use the one your company works under instead of your own (in other words, if you actually had to work on-site, at what time would the daily stand-up be in said location).
View Poll
https://redd.it/1hh4nqm
@r_devops
Devops/Infra or Data fields?
Hello everyone, I have some doubts about my career, in fact I am Junior Support IT and in my company there are many areas that I can enter as a Junior, but in my current position I am closer to DevOps but when I see all the seniors I only see stress and a lot of after-hours activations and I don't know if I want to sleep with a phone next to me.
For all of you, is the Jr/Pl/Sr DevOps field really like this? What about Data Science or Data Engineering, what do you think?
https://redd.it/1hgznh5
@r_devops
Need help with starting afresh
Hi Everyone, I am someone who is from non computer science background but had to join a IT services company right after college.My first role was Build and Release Management. That went on for 4 years. Then after a career break trying something and failing there, I resumed my career in IT as Devops engineer. Now I am doing this for 5 years. But I feel I am a misfit and not natural for the role. The infra upgrades and tech debt and whole staying upto date makes me restless and I feel like I am not well equipped technically. So starting 2025, I want to work on myself and start afresh. Want to re-learn the whole thing starting from
How data center works.What are the components of a server and how cables,networks,switches etc work and how infra is managed and how networking works in the background like really basics to understan what I am doing. I hope you are getting what I am trying to achieve. To learn as someone who has no idea what is software ops is or how infra works and how linux functions etc.
Can you please help me with videos or blogs or anything to read or watch that can help me become a better DevOps engineer. Thank you for reading. Appreciate your patience and interest.
https://redd.it/1hgy8tp
@r_devops
Deployment confusion and other concerns
We are using AWS. I just learned about SOPS few days ago. We have 3 AWS accounts, DEV, STAGE and PRODUCTION. We also have Hashicorp Vault servers for each AWS accounts.
From what I read today from SOPS documentation, it looks like it can upload encrypted yaml or json to Vault using KMS. I hope I interpreted it right. Please correct me if I'm wrong.
Currently, our users are using vault cli to update their secrets in vault. They asked about tracking of their secret keys. I mentioned SOPS to them and also mentioned that the encrypted yaml or json file can be stored in our git repository. However, that will require an automated pipeline to be created so that it can send the encrypted file to Vault. They didn't like the idea since they look like in a rush for a solution. So I mentioned they can directly upload the encrypted file to Vault using vault cli. However, they said "We can do that but this doesn't prevent someone from our team from making a mistake in upload a non-encrypted json file".
And regarding the deployment of encrypted json to different environments, do you folks have a dedicated engineer per environment that is responsible for uploading encrypted file? Don't you use CI/CD for deployments of the encrypted file?
Would love to hear your devops pipline setup that deploys SOPS encrypted files.
https://redd.it/1hgvxyj
@r_devops
The Right Way: Provisioning a Virtual Machine in Vagrant (With Website Deployment Locally)
Started out new series on Medium, Share your support through follow
Link:-- hemantkumarceo001/the-right-way-provisioning-a-virtual-machine-in-vagrant-with-website-deployment-locally-bbcd2b3b602f">hemantkumarceo001/the-right-way-provisioning-a-virtual-machine-in-vagrant-with-website-deployment-locally-bbcd2b3b602f" rel="nofollow">https://medium.com/@hemantkumarceo001/the-right-way-provisioning-a-virtual-machine-in-vagrant-with-website-deployment-locally-bbcd2b3b602f
https://redd.it/1hgub9p
@r_devops
Secret Scanning repos org-wide - Feasible?
I'm at my 3rd company now that has no had any type of secret detection in GitHub aside from the main product repos. These aren't public, they are part of the internal org, so the blast radius is somewhat limited.
However all 3 companies have refused to get GH advanced security features which would give us secret detection. I've been thinking about coding up something as a project with other team members a scanner that would continuously scan code across the entire organization and run the yelp detect-secrets cli to detect passwords, API keys, etc. committed to git.
Are there any tools that do this already, and how feasible is this? There seem to be a million ways to detect secrets already, pre-commit hooks, CI/CD pipelines w/ protected branches, etc., but they can all be bypassed. pre-commit hooks are not enforced, CI/CD pipelines can have someone with write access change them, and they don't stop anything.
The thought process is to control our repos with webhooks (configurable by owners only) that are triggered on every commit. These would send to some compute that scans the commits for secrets, then either sends an alert or pushes a commit automatically with the sensitive text deleted (i.e. api-key=1234 becomes api-key-)
https://redd.it/1hgr8dj
@r_devops
Devops for Robotics- What are people doing for their robotics telemetry? Here's a run down of what my startup landed on.
This is a longshot, I'm curious if anyone here is doing devops for robotics startups, and what kinds of tooling they're using to ingest and visualize metrics for their robotics stack.
I just made a video about how we're using Grafana, InfluxDB, ROS2, and Loki to more quickly solve robot failures in the field.
https://redd.it/1hgpuvb
@r_devops
How does your org handle local dev environments?
My org has a lot of toil around local dev envs (managing multiple projects with different ruby versions), and I'm curious how other companies are handling theirs. Our prod/staging envs are EKS, but our local env I'm pretty sure is held together by docker compose. Considered using tilt or minikube, but we use many AWS services that our apps rely on.
https://redd.it/1hgn9iy
@r_devops
Ephemeral Environments in Serverless: yay or nay?
For developers working with serverless architectures: how do you manage testing and debugging when environments are ephemeral by nature? Do you find it improves or hinders your workflow?
For context I was reading about how ephemeral environments in serverless can optimize devex ( see https://devops.com/the-implications-of-architecture-optimizing-developer-experience-for-serverless-success/ ).... but challenges like cold starts, limited visibility, and debugging in temporary environments make me a wee bit weary.
I guess like...do ephemeral environments make your life easier for quick iteration or do they create friction when you need consistency for debugging and testing?
Curious to hear how others see it.
https://redd.it/1hgfyig
@r_devops
🚀 Data-Driven Feedback Loops: How DevOps and Data Science Inform Product Iterations
In today’s fast-paced digital landscape, continuous product iteration is key to staying competitive. By combining DevOps and data science, businesses can create data-driven feedback loops that accelerate product development, improve decision-making, and ensure that every update is grounded in real-world insights.
Here’s how this powerful combination works:
✅ Real-Time Data Collection & Analysis: Automating data collection from user interactions, system performance, and customer feedback unlocks deeper insights and enables quicker action.
✅ DevOps-Driven Speed: By automating deployment, monitoring, and incident response, DevOps ensures faster, more efficient iterations. Each release is optimized for performance and user experience when combined with data science.
✅ Case Study – Netflix: Netflix is a prime example of this approach, continuously using real-time user behaviour data to refine its recommendation algorithms. They also leverage A/B testing to assess and improve features before scaling them.
Looking ahead, AI and machine learning will supercharge these feedback loops, driving hyper-personalized experiences and real-time product iterations. As we embrace an increasingly automated and intelligent future, leveraging these technologies will be crucial to developing products that truly resonate with users.
Let’s harness the power of data and automation to keep innovating and improving!
https://redd.it/1hgboxz
@r_devops
Uploading Data to MS SQL
I am working on adding a table with data to our Azure SQL db and wondering what is the most straightforward way to add data to it. The data is in an excel file right now and it is about 100K rows.
Disclaimer, I am new to this and never did this beforehand
https://redd.it/1hhmjq7
@r_devops
dumbproxy - simple, scriptable, secure forward proxy
Today I'll share updates about [dumbproxy](https://github.com/SenseUnit/dumbproxy?tab=readme-ov-file#dumbproxy) project. It was already announced on reddit and elsewhere couple of years ago, but it grew bigger since then.
Back then we had just HTTP(S) forward proxy with automatic cert management and basic auth functions. But today a lot has changed.
Let me tell you how it grew up since then. New features developed recently:
* HMAC-based basic auth - useful to provide authentication to a fleet of proxy servers without need for them to contact central authority each time to verify credentials.
* Optional DNS cache.
* Per-user bandwidth limits.
* Scripting with JS:
* Access filters - allows complex request filtering. Usecases may vary from just complex ACL thing to implementation of something like adblockers.
* Dynamic upstream proxy selection - there is also a lot of interesting usecases varying from simplest like redirecting .onion domain via Tor daemon, to spreading load, balancing with affinity by domain, etc.
* ... some more. See link in the beginning of the post for a complete list of features.
Hope some people will find it useful!
https://redd.it/1hhe26x
@r_devops
which iac tools has the most longevity?
I'll be writing an aws stack which I'll be maintaining sporadically. Which tool should I pick that is going to last me 10 years, and will give me the least headaches? I don't have time to relearn and migrate everything every year
I'm aware of TF, CDKTF, Pulumi, SST, CDK
Thanks
EDIT: I dont' care about cross provider
https://redd.it/1hhdppd
@r_devops
Prometheus Annotations - can I have multiple scrape paths for a particular AKS deployment?
Basically, I would like to have more than just the single /metrics path as a scrape path for Prometheus in my Kubernetes cluster - maybe both a /metrics and a /metrics/foobar, for example. Is this possible?
I know that Prometheus can scrape from multiple ports via annotation settings, simply by making a comma delimited list of which ports. I do not know, and can't seem to find anything confirming or denying, wether or not the same thing is possible with paths.
https://redd.it/1hhasvl
@r_devops
Internal Docs Gems
Hey! I am interested in gems for internal documentation. I've worked for many companies and have seen it done many different ways.
Is there anything cool you do or have seen? Any great examples to follow? Is it all manual, automated, or some hybrid? How do you host it? What content is included?
Some examples on my end of content:
- Onboarding / Getting Started
- SOPs & HOWTOs
- Retrospectives (at least links)
- Github Badges
- Inventories (human readable)
https://redd.it/1hh759h
@r_devops
K8s from scratch as a beginner
Hello!
I am a devops engineer working with ansible since the last 3 years. I have a little exposure to docker, and 0 with kubernetes.
I gave an interview where the requirement was for with someone with k8s, i obviously did not get to the second round but it's made me realise my blatant gap
So my goal now is to get hands on experience with mini projects. What would the best resource for k8s be?
Sadly in my organisation there's no way to switch to teams using other tools so any kind of learning I have to do myself.
Suggestions and advice appreciated!
Thank you.
https://redd.it/1hh0r34
@r_devops
Introducing Windows Containers
I wrote an article on my company's blog about Windows Containers, hope you enjoy it
https://code.gematik.de/tech/2024/12/17/introducing-windows-containers.html
https://redd.it/1hgvo44
@r_devops
How do I convince A friend to choose DevOps Over Data Engineering
A close friend of mine is exploring opportunities in the tech industry. She has some foundational experience with Linux, primarily gained through YouTube tutorials and practice exercises. I suggested she consider a career in DevOps, as it has a lot of potential. However, I understand that female colleagues often influence each other's choices.
Just yesterday, she mentioned her interest in becoming a data engineer. This piqued my curiosity, as I'm wondering how the two fields compare in terms of difficulty and opportunities. I would appreciate insights from experts on the distinctions between data engineering and DevOps, and which might be a better fit for her ambitions.
https://redd.it/1hgy08h
@r_devops
Diagnosing random 502/504
Experienced Dev with many years of hobby homelab and small scale service deployment experience currently looking after an inherited microservices stack running in AWS and trying to wear my ops hat.
We are getting a significant amount of 502/504 errors for calls to various services and I'm at a bit of a loss trying to isolate the cause.
We are a retail business and currently in our peak busy period. For scale context, I am seeing about 200k requests per hour pass through our elb.
The basic setup is:
- all services run in ecs EC2 clusters
- most apis are simple node express apps.
- main website is a next JS app.
- most services are deployed with 2-3 tasks across 3 clusters (on demand and spot) in us and Australia.
The basic flow of requests to the main website is route 53 points to a cloud front distribution which has two origins pointing at load balancers in us-east-1 and ap-southeast-2. Website requests get directed to an nginx reverse proxy which rewrites some urls and points back at website.mycompany.com which I presume then goes back through another cloud front distribution, back through the same load balancer to the website-next service.
There are some downstream APIs that get called as part of most requests by the next app both from server side generated code and the client.
I've got some dash oards set uponitoring request volumes, CPU and memory for the services and the instances, 500 and 400 errors etc. aside from the spikes in 500 errors most resources seem nominal. I don't see a direct correlation between request volumes and errors. CPU and memory resources all sit at average levels.
We get these random bursts of sporadic 5xx errors, which seem to be mostly coming from the load balancer. Fairly often an api request will be processed but the alb decides to return a 502. Sometimes the root request for a page on the site will return a 502, and I have seen it happen, but the 502 response comes back in a second or two so it doesn't feel like it's really timing out - most timeouts are set at default type values of 10 or 30 seconds. Sometimes we will get a random js chunk request fail as part of loading a website page. But other chunks come back fine.
This is pretty random and not huge. We still process thousands of successful transactions per hour.
At a bit of a loss how to debug this.
Questions are...
Any tips for debugging ?
Any pointers to discords that might be helpful in helping me work through this ?
Anybody offer part time AWS support to help me clean this mess up ? I don't have the budget for a full time DevOps person, but am interested in hearing from people whou might want an ongoing casual devops role... Is that a thing ?
https://redd.it/1hgwbgv
@r_devops
Looking for tool to produce documentation from templates files
I there anyone aware of any tools/frameworks for producing documentation (in MS Word or PDF format) from templated markdown files (could be multiple tools chained together)?
I have been task with rewriting and updating a lot of old "formal" technical documentation (think architectural, instructions, and DR documents) for systems. A lot of our systems follow the same design patterns, so currently we have a lot of generic wiki pages (in markdown) by myself, outlining the overall designs, procedures, etc.
As I been told I need to produce a document for each system (even if it copying and pasting simlar text/diagrams between documents). I am now wounding if there any good tool to take templates (which can make use of varibles) and stich them together. I am even thinking to try and to hook it into CD pipeline so once a templates file is update, it can produce a new document and publish it.
Unfortunately presenting this documentation on the source controlled Wiki is not a option for business - however as long as they get a word/pdf document at the end of the process they are happy.
(apologies, i know this might not be "devops" but I suspect this subreddit might have some suggestions on how to modernize documentation generation).
Thanks
https://redd.it/1hgpf2w
@r_devops
PII and PHI scanners?
Building out ops right now for a ML team and am looking for a tool to scan for PII and PHI. Right now we don’t have a great way to do this and are relying on devs being smart and repo structure to ignore certain regions of projects. However, I would be much more comfortable if I could have something we could run as a precommit. There a few I have found but none of them look great so far (many seem like research projects). Before I start just testing a bunch of different tools, any recommendations?
https://redd.it/1hgr8pg
@r_devops
VPC-Native Clusters now available in GA on DigitalOcean Kubernetes (DOKS)
This feature brings seamless integration between DOKS clusters and VPC resources. With this update, any new cluster created is by default a VPC-native DOKS cluster, a significant advancement that helps ensure secure and isolated networking for your workloads. Learn more in the blog post announcement.
https://redd.it/1hgn6nb
@r_devops
I know we can Use the Google cloud DLP API to help detect whether data contains PHI
I know we can Use the Google cloud DLP API to help detect whether data contains PHI
https://cloud.google.com/sensitive-data-protection/docs/infotypes-reference#united\_states
Is your current approach to data governance robust enough to identify and protect sensitive information like PHI? Or are you considering building a custom NLP model to analyze your data and detect PHI effectively? Curious to hear which path you're leaning toward and what challenges you're facing.
https://redd.it/1hggy42
@r_devops
How do I integrate Apache JMeter with Dynatrace Managed to monitor performance during load tests?
I'm new to both JMeter and Dynatrace Managed, and I'm working on a project where I need to run load tests using JMeter and monitor the application's performance and resource usage in Dynatrace. I want to test this with an application I already have running on my localhost.
I’ve tried looking for tutorials, videos, and blogs, but most of the content I found is either outdated or not detailed enough.
* What are the key steps for setting up the integration between JMeter and Dynatrace Managed?
* How can I ensure metrics like response times, throughput, and resource utilization are visible in Dynatrace?
* Are there specific JMeter plugins, Dynatrace configurations, or API settings I should be aware of to get accurate insights?
Any guidance, tips, or up-to-date resources would be greatly appreciated!
https://redd.it/1hgdvxb
@r_devops
Where to store JWTs
I was curious about where to store JWTs and found this video that explains it pretty clearly. It’s a quick watch and gave me a better understanding of the best practices for handling tokens securely. If you're wondering the same, it might be worth checking out! https://youtu.be/c7vsTXuwm8A
https://redd.it/1hga7gw
@r_devops