86
Reddit DevOps. #devops Thanks @reddit2telegram and @r_channels
Looking for Real-World Production Terraform or Pulumi Configurations
Hi,
I'm building a tool for simplifying cloud provisioning and deployment workflows, and I'd really appreciate some input from this community.
If you're willing to share, I'm looking for examples of **complex, real-world Terraform or Pulumi configurations used in production**. These can be across any cloud provider and should ideally reflect real organizational use (with all sensitive data redacted, of course).
To make the examples more useful, it would help if you could include:
* A brief description of what the configuration is doing (e.g., multi-region failover, hybrid networking, autoscaling setup, etc.)
* The general **company size or scale** (e.g., startup, mid-size, enterprise)
* Any interesting constraints, edge cases, or reasons why the config was structured that way
Thanks in advance!
https://redd.it/1m8ysnq
@r_devops
Please help me with nifi and nifikop that i'm trying to learn!
I encounter a few problems. I'm trying to install a simple HTTP nifi in my Azure Kubernetes.
I have a very simple setup, just for test. A single VM from which I can get into my AKS with k9s or kubectl commands.
I have a simple cluster made like:
```
az aks create --resource-group rg1 --name aks1 --node-count 3 --enable-cluster-autoscaler --min-count 3 --max-count 5 --network-plugin azure --vnet-subnet-id '/subscriptions/c3a46a89-745e-413b-9aaf-c6387f0c7760/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/vnet1-subnet1' --enable-private-cluster --zones 1 2 3
```
I did tried to install different things on it for tests and they are working so I don't think there may be a problem with the cluster itself.
Steps I did for my NIFI:
1.I installed cert manager,
```
kubectl apply -f https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml
```
2.
zookeper,
```
helm upgrade --install zookeeper-cluster bitnami/zookeeper \
--namespace nifi \
--set resources.requests.memory=256Mi \
--set resources.requests.cpu=250m \
--set resources.limits.memory=256Mi \
--set resources.limits.cpu=250m \
--set networkPolicy.enabled=true \
--set persistence.storageClass=default \
--set replicaCount=3 \
--version "13.8.4"
```
3.
Added nifikop with servieaccount and a clusterrolebinding,
```
kubectl create serviceaccount nifi -n nifi
kubectl create clusterrolebinding nifi-admin --clusterrole=cluster-admin --serviceaccount=nifi:nifi
```
4.
```
helm install nifikop \
oci://ghcr.io/konpyutaika/helm-charts/nifikop \
--namespace=nifi \
--version 1.14.1 \
--set metrics.enabled=true \
--set image.pullPolicy=IfNotPresent \
--set logLevel=INFO \
--set serviceAccount.create=false \
--set serviceAccount.name=nifi \
--set namespaces="{nifi}" \
--set resources.requests.memory=256Mi \
--set resources.requests.cpu=250m \
--set resources.limits.memory=256Mi \
--set resources.limits.cpu=250m
```
5. nifi-cluster.yaml
```
apiVersion: nifi.konpyutaika.com/v1
kind: NifiCluster
metadata:
name: simplenifi
namespace: nifi
spec:
service:
headlessEnabled: true
labels:
cluster-name: simplenifi
zkAddress: "zookeeper-cluster-headless.nifi.svc.cluster.local:2181"
zkPath: /simplenifi
clusterImage: "apache/nifi:2.4.0"
initContainers:
- name: init-nifi-utils
image: esolcontainerregistry1.azurecr.io/nifi/nifi-resources:9
imagePullPolicy: Always
command: ["sh", "-c"]
securityContext:
runAsUser: 0
args:
- |
rm -rf /opt/nifi/extensions/* && \
cp -vr /external-resources-files/jars/* /opt/nifi/extensions/
volumeMounts:
- name: nifi-external-resources
mountPath: /opt/nifi/extensions
oneNifiNodePerNode: true
readOnlyConfig:
nifiProperties:
overrideConfigs: |
nifi.sensitive.props.key=thisIsABadSensitiveKeyPassword
nifi.cluster.protocol.is.secure=false
# Disable HTTPS
nifi.web.https.host=
nifi.web.https.port=
# Enable HTTP
nifi.web.http.host=0.0.0.0
nifi.web.http.port=8080
nifi.remote.input.http.enabled=true
nifi.remote.input.secure=false
nifi.security.needClientAuth=false
nifi.security.allow.anonymous.authentication=false
nifi.security.user.authorizer: "single-user-authorizer"
managedAdminUsers:
- name: myadmin
identity: myadmin@example.com
pod:
labels:
cluster-name: simplenifi
readinessProbe:
exec:
command:
- bash
- -c
- curl -f http://localhost:8080/nifi-api
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 6
nodeConfigGroups:
default_group:
imagePullPolicy: IfNotPresent
isNode: true
serviceAccountName: default
storageConfigs:
- mountPath: "/opt/nifi/nifi-current/logs"
name: logs
Trusting the Boot Process: Inside Bottlerocket's Security Architecture
https://molnett.com/blog/25-06-30-trusting-the-boot-process
Bottlerocket is a distro developed by AWS for their more sensitive container-based environments like AWS Govcloud, EKS anywhere and others. We thought it would be a good choice for us (we're building a EU-focused Serverless cloud) as many of our customers are in Healthtech, so we've used it for all our nodes, even the Kubernetes control plane.
My colleague Mikael decided to dive deeper into how the boot process works, and in a later post how it interacts with the TPM.
I would love to hear how (and if) you've solved this for your own platforms, and if so what you think of it!
https://redd.it/1m8vewk
@r_devops
Anyone using XDR for cloud-native threat detection?
We’ve shifted most workloads to ECS and Lambda, and our old endpoint tools don’t cover squat anymore. I keep hearing about XDR as the next-gen detection approach, but it feels like half the vendors define it differently.
What are you using to detect lateral movement, container escapes, and other cloud-native threats?
https://redd.it/1m8tecu
@r_devops
Cloudflare wildcard certificates
Hi everyone,
I recently switched to using Cloudflare certificates (with DNS proxying enabled) and a wildcard cert for my domains. Just wanted to ask:
* Is this generally considered good practice?
* What are the pros and cons of using a wildcard cert with Cloudflare?
* Are there any security or scalability concerns I should be aware of compared to using individual certs?
Thanks in advance!
https://redd.it/1m8qsun
@r_devops
Using AI as a security coach in workflows
Yes, AI bad. Don't rely on it. It hallucinates. I agree with all of that. But please hear me out.
We're an ultra tiny shop. And our dev team is junior heavy. It's not an ideal situation. They consider things to be done if they work and don't always consider security implications. On review, we found a pretty glaring privilege escalation vulnerability in one of our APIs.
We're already running Snyk scans on code, but stuff like this slips by. And yes I know human review and other tools are fairly effective, but time is short and people miss things.
So, today I hopped into AI foundry and wrote a prompt and ran some sample code through it that I know is problematic. The initial results are promising and I intend to attach it to workflows for running against our critical micro service APIs when they change.
Before I do that, I wanted to get some feedback. I am working from the angle that I want it to scan subsets of the code and make sure good practices are being followed (authentication, tokens, etc) but I don't want to write the code for the dev. Because hallucination. For web apps, bounce it against things like OWASP top 10 rules, tell you where you screwed up, give a leading suggestion, but don't give a "here's the full fix" snippet. Because I want the devs to actually learn. And I want humans to remain firmly in the loop.
Does this sound like a good approach? If you've done this before, can you share any gotchas?
https://redd.it/1m8j7z8
@r_devops
I turn it into a server from my laptop at my own home.
I'm making a software for it. I welcome your suggestions.
Pls Click -> Blog <- Pls Click
https://redd.it/1m8gpqc
@r_devops
End to end CI/CD pipeline for a C application
I know the interwebs are chock a block with pipelines for Java/python, but I am an programmers who still loves his C. Recently after being away for several years due to personal reasons, I have taken up a C project for a client. Just wanted to know about the opensource options for an end to end CI/CD pipeline for a C project.
Github > Jenkins > GCC > sonarcube > trivy > Cmake or Ninja > Nexus > docker > kubernates
Is this correct ? My doubt is whether GCC and CMake can be integrated as part of this pipeline. Reason is for Java there is Maven. Do we have something for C that compiles and builds similar to maven?
Any help is most appreciated. Much obliged.
https://redd.it/1m8be6y
@r_devops
Web Dev
hello guys , hope you are all good
i want to ask about web dev cause i heard that i will need to learn front end from somme people for the 2nd year CS , so what i should learn and is it really that i will not need html , because i started to learn it
at the end , thank you to every one that responded to me
https://redd.it/1m88sx6
@r_devops
I'm a full stack software engineer who want to transition to devOps.
I have 1.5 YOE as a software developer as of now based in India. In my current role im using a lot of aws microservices and learning CI/CD,IaC and all. with my experience level is this possible to get a job in devOps field?? also wherever i get the video tutorials and they all seem like you literally need each and everything from that tech stack to really get a job,is this true? I need guidance on how I should proceed with all this.
https://redd.it/1m82zvq
@r_devops
How we automated Unity editor workflows with AI — open devops story behind the scenes
Hey folks 👋
I wanted to share something from the devops side of a project I’ve been building called Code Maestro. It’s a Unity-based tool designed to speed up repetitive editor tasks — like auto-fixing scripts, organizing assets, placing prefabs, and more. While it’s technically a Unity tool, it also became an interesting devops challenge in terms of automation, tooling, and team-less CI-like behavior.
🔧 DevOps angle:
No external server — everything runs locally as a standalone AI-powered assistant
Uses a custom lightweight task queue internally — almost like a mini CI/CD pipeline for Unity scenes
We explored different ways of triggering agents from scripts, GUI buttons, and even shell calls
Built internal logging/feedback layers to self-assess output correctness (kinda like unit tests for AI decisions)
💬 Would love to hear your thoughts:
If you’ve ever done internal tooling in Unity or another engine — what was your approach to testing / automation?
Any favorite practices for dealing with AI or agent-based flows in game dev or scripting pipelines?
The code and experiments are open:
🔗 GitHub: https://github.com/codemaestroai/advanced-unity-mcp
P.S. I’m not promoting anything commercial — just looking to exchange ideas with people working on internal tools, AI workflows, or Unity devops
https://redd.it/1m7xpbw
@r_devops
azure app services - containers deployment
Hello everyone,
recently I've got an issue with one func app and one web app, both linux. the old deployments was packing the app as a zip and deployed on those 2 app services. my issue came after I tried to deploy as a container. on deployment history, and on portal it's clearly says that was deployed from container. even the app service dont startup with the wrong docker credentials. but i have found that those app services are still reading from the old .zip that remained on those app services even of i deploy as a container.
does anybody encountered this from switching the deployment mode from . zip to container? did you find any solution?
https://redd.it/1m7vt8o
@r_devops
Aspire: modeling distributed systems without YAML or glue code
We’re building a new toolchain for distributed apps, and we’d love your feedback
Hi everyone 👋
I help work on Aspire, a toolchain we’re building at Microsoft to make it easier to develop and operate distributed applications. Aspire started as a dev-first way to model multi-service .NET apps, but it’s evolving into something broader: a polyglot, code-first way to define, run, test, and (eventually) deploy full systems.
It handles things like:
• Service discovery and dependency modeling
• Container orchestration (locally or remotely)
• Config and connection string wiring
• Built-in OpenTelemetry support
• A dashboard that understands your actual app graph
We just published our public roadmap (https://github.com/dotnet/aspire/discussions/10644) outlining where we’re headed over the next 6 months. Key themes include:
• Better support for Python and JavaScript
• Real testing tools (dashboards, mocking, CI replay)
• Multi-environment deployment modeling
• Clearer CI/CD guidance (yes, we know this is rough right now)
• Less glue, less YAML, more visibility
We’re also using Aspire internally at Microsoft to build real services, so the feedback loop between devs and the platform is tight.
If you’ve ever wired up a bunch of containers, env vars, secrets, and config files just to get a “basic” system running… this is the kind of pain we’re trying to reduce.
📣 We’d love your take:
• What’s missing from your dev/test/deploy workflows?
• Would something like this help (or get in the way)?
• What’s too “magic”? What would you want to control?
Would love to hear your thoughts, and if you want to hang out or ask questions live, we just opened a Discord: aka.ms/aspire-discord
Thanks for reading!
https://redd.it/1m7tq8g
@r_devops
Performance regression testing on PRs
Curious how teams approach performance regression testing on PRs. At what stage or scale does automating these checks (e.g., latency, throughput, resource usage) become a mission-critical part of your workflow, versus a nice-to-have? What triggers that shift on your teams?
https://redd.it/1m7qvvz
@r_devops
Anyone actually happy with their API security setup in production?
We’ve got 30+ microservices and most are exposing APIs; some public, some internal. We're using gateway-based auth and some inline rate limiting, but anything beyond that feels like patchwork.
We’re seeing more noise from bug bounty reports and struggling to track exposure across services. Anyone got a setup they trust for real API security coverage?
https://redd.it/1m7j8gj
@r_devops
reclaimPolicy: Delete
pvcSpec:
accessModes:
- ReadWriteOnce
storageClassName: "default"
resources:
requests:
storage: 10Gi
- mountPath: "/opt/nifi/extensions"
name: nifi-external-resources
pvcSpec:
accessModes:
- ReadWriteOnce
storageClassName: "default"
resources:
requests:
storage: 4Gi
resourcesRequirements:
limits:
cpu: "1"
memory: 2Gi
requests:
cpu: "1"
memory: 2Gi
nodes:
- id: 1
nodeConfigGroup: "default_group"
- id: 2
nodeConfigGroup: "default_group"
propagateLabels: true
nifiClusterTaskSpec:
retryDurationMinutes: 10
listenersConfig:
internalListeners:
- containerPort: 8080
type: http
name: http
- containerPort: 6007
type: cluster
name: cluster
- containerPort: 10000
type: s2s
name: s2s
- containerPort: 9090
type: prometheus
name: prometheus
- containerPort: 6342
type: load-balance
name: load-balance
sslSecrets:
create: true
singleUserConfiguration:
enabled: true
secretKeys:
username: username
password: password
secretRef:
name: nifi-single-user
namespace: nifi
```
6. nifi-service.yaml
```
apiVersion: v1
kind: Service
metadata:
name: nifi-http
namespace: nifi
spec:
selector:
app: nifi
cluster-name: simplenifi
ports:
port: 8080
targetPort: 8080
protocol: TCP
name: http
```
The problems I can't get over are the next. When I try to add any process into the nifi interface or do anything I get the error:
Node 0.0.0.0:8080 is unable to fulfill this request due to: Transaction ffb3ecbd-f849-4d47-9f68-099a44eb2c96 is already in progress.
But I didn't do anything into the nifi to have anything in progress.
The second problem is that, even though I have the singleuserconfiguration on true with the secret applied and etc, (i didn't post the secret here, but it is applied in the cluster) it still logs me directly without asking for an username and password. And I do have these:
nifi.security.allow.anonymous.authentication=false
nifi.security.user.authorizer: "single-user-authorizer"
I tried to ask another person from my team but he has no idea about nifi, or doesn't care to help me. I tried to read the documentation over and over and I just don't understand anymore. I'm trying this for a week already, please help me I'll give you a 6pack of beer, a burger, a pizza ANYTHING.
This is a cluster that I'm trying to make for a test, is not production ready, I don't need it to be production ready. I just need this to work. I'll be here if you guys need more info from me.
https://imgur.com/a/D77TGff Image with the nifi cluster and error
https://redd.it/1m8xlt4
@r_devops
DDoS attack - i think
I manage several ecommerce websites and their hosting for work. Over the years I have seen various types of attacks, as well as an increase an AI / bot traffic.
On the 3rd July I was alerted to high server activity on one of our sites. When I was reviewing the server and nginx logs, I could see the requests per hour to the site had gone from an average of 20,000 an hour to 120,000. However Sales had not increased,
Reviewing the nginx logs, I found that there was a large number of requests to a small group of category pages, never any request for CSS / JS - which stinks of bot.
Cherry picking some IP addresses, they only ever made one request.
Immediately we enabled cloudflare under attack mode, which made the traffic instantly drop, adding to the idea that this is bot traffic and not a successful marketing campaign.
I identified patterns in paths and created a rule in cloudflare to target this, allowing me to remove the under attack mode and keep the website online.
Between then and now I have been reviewing the requests hitting my rule.
A few times I downloaded and analysed 500 requests to the rule and they all read similar to this.
\- 493 Different IP addresses
\- 278 ASNs
\- 55 Countries
\- 13 URLs
\- 412 User Agents
\- 500 different query parameters
The website sells items to the UK, a large number of these requests are coming from Brazil, Singapore, Vietnam, India and Bangladesh
Checking on the rule today (25th july) so 3 weeks in - and within cloudflare I can see the rule is blocking a LOT of requests. This is showing is has presented the challenge 18k requests in the last 24 hours.
I should add, my rule is set to ignore for known bots.
Is this a DDoS Attack? I have never had one this sophisticated or last this long.
The website is not high value and the requests have been blocked for 3 weeks now yet they still continue to come in.
Any suggestions on additional things I can do to tackle this would also be welcome
https://redd.it/1m8vf0n
@r_devops
How to upskill?
I currently have Azure fundamentals cert and CKA. Wondering how to upskill next? Is redhat administrator cert worth doing?
https://redd.it/1m8sguk
@r_devops
Why MCP(Model Context Protocol) Matters for Your AI Projects
I wrote my first article on MCP
https://www.linkedin.com/pulse/why-mcpmodel-context-protocol-matters-your-ai-projects-deepak-kumar--fmbfc?utm_source=share&utm_medium=member_android&utm_campaign=share_via
https://redd.it/1m8snzd
@r_devops
Is the KubeCon worth attending?
I am a senior Devops. Not sure what I can get from KubeCon. Also interested in ArgoCon this November.
https://redd.it/1m8p5ec
@r_devops
DevOps professionals - I need your insights!
Hi everyone ☺️ I'm a postgraduate student researching racing to prove why DevOps adoption in large organisations (such as AWS, Microsoft, Google, Meta, etc) sometimes fails to match the hype.
I call it the DevOps Implementation Paradox (DIP) framework: companies adopt DevOps for prestige or branding, but face real struggles with legacy systems, culture and leadership misalignment.
For research, I'm running a quick survey (anonymous) to capture real-world challenges and enablers from engineers, SREs, DevOps leads and anyone working within this field or with CI/CD pipelines.
Your input will help expose the gap between DevOps hype and practical reality 👏🏻 and will be used ethically in my dissertation.
Copy survey link here:
https://docs.google.com/forms/d/e/1FAIpQLSf17Bd_kAM7G7OTeGIdq5Vcy-uGWlJ3NNaj1qzqFLKBzxkvjw/viewform?usp=header
Thank you for helping bridge the DevOps reality gap! Happy to share final insights with anyone interested.
https://redd.it/1m8h1rx
@r_devops
How to Sort Work Item View Differently
Hi All,
Does anyone know how to change the sort criteria to match the order of Work Items within the Backlog tab? We have resources that are utilized across multiple backlogs (I've told management many times this is a bad idea), so as a work-around, we've updated the Priority Field for our Features (and related Stories, Tasks, and Bugs) to hold the same priority, this way when someone comes into the Work Item view, they can see all of their work (via the Assigned to Me dropdown), prioritized from highest to lowest priority. The problem is, the Work Item view keeps moving around items within the same priority by which one has been most recently updated, which is not necessarily their top item to work on within the Feature. Any help is greatly appreciated, thanks! <3
https://redd.it/1m8e1rf
@r_devops
Technical interview with food delivery company
So I passed the initial screening interview and now have the first technical interview scheduled for a company I can’t name yet that has a known food delivery app. I have around 5 years of DevOps experience, and a good knowledge of most of the tools of the trade (docker, kubernetes, terraform, ansible, helm, kustomize, argocd…). Thing is, I never worked with mobile apps so I’m looking for any advice on what to prepare outside my scope or on how it can be different for me.
https://redd.it/1m89fz2
@r_devops
AI FOMO - is anyone using AI at work beside writing code?
I use Claude for kick starting a lot of my projects and scripts, but is there another way of using AI to my advantage? Some things that specifically come to mind:
- n8n is popping everywhere. Did anyone automate some workflow with it in a meaningful way?
- Logging and error analysis?
- IaC reviews?
- CI/CD optimizations
I want to specifically focus on the "bring your own AI" part, instead of relying on new SaaS stuff to buy or implement.
Any ideas or fun projects would be nice to learn from.
Thanks!
https://redd.it/1m8461p
@r_devops
Process vs autonomy/trust
I read this article from an engineer who worked as an SRE at Google for 16 years and this stuck with me:
>More process doesn’t mean more control, it usually just means more friction
It was surprising, I imagined a massive company like Google would be full of processes to keep things safe and would promote processes.
Setting up processes makes me feel at ease tbh. Most of the time it works. But as things get more messy, keeping track of the many playbooks etc is difficult. I feel it keeps getting harder for me to even know if they're still relevant. But where do you draw the trust line ? How rigid should safeguard rails be?
An 'it depends' question of course but I'd like to hear your thought process on this
ps. the article is more centred on this thinking process for incident management but if you want to check it out it's this one: https://rootly.com/blog/when-process-becomes-latency-optimizing-incident-response-cadence
https://redd.it/1m7yuuu
@r_devops
Suggestions and review
I am trying to get into devops role, currently i am working in WITCH in my current role i am working on automation framework which is in python. I have not completely real world experience for devops but in my current project is use of github actions and jenkins so i have been learning these two alongwith docker and kubernetes. For past 3 months. I have prepared a resume but my resume is not even getting shortlisted to at least give test or interview. Please suggest if there is anything that i should update to my resume.
https://www.dropbox.com/scl/fi/cczcuu47rlognrose3cit/IMG20250724114919.jpg?rlkey=nw1c97dlfn7fcerplqybz8h2l&st=nkhiwm8b&dl=0
https://redd.it/1m7wv4d
@r_devops
Late-Bloomer Sysadmin (35, Family Plans) – DevOps or Cloud Engineering for Career Growth?
Hi everyone,
I’m a 35-year-old sysadmin! I’m a late bloomer in IT, with about two-three years of beginner-level experience. I’m married, planning to start a family soon, and currently working remotely with decent but not great pay. My job is stable but bit boring to me, so I’m looking to switch to a future-proof career that offers better pay, remote flexibility, and work-life balance.
Right now, I’m torn between DevOps and Cloud Engineering. I like automation, which points me toward DevOps, but I’m concerned about the steep learning curve. Cloud engineering feels closer to my current sysadmin role but might be less exciting and not sure about the learning curve too.
I can dedicate 1–2 hours a day for studying during the initial phase of this career transition. How tough is the learning curve for each path? Which is easier to transition into for someone like me? And which offers better long-term growth and opportunities in today’s job market for a late starter?
FYI: Not limited to DevOps or Cloud only — please feel free to share other options as well!"
Please kindly don't give the generic "Age is just a number thingy, but I’d really appreciate some brutally honest advice." Thanks in advance for any practical advice!
https://redd.it/1m7rtfx
@r_devops
Looking for a DevOps Mentor (K8s, Helm, Jenkins, Vault, Terraform, Jira Integration, Monitoring & Logging)
I’m Ujjwal, currently on a focused journey to sharpen my DevOps skills and step up to the next level. I’ve been working hands-on with AWS, Docker, Kubernetes, and CI/CD pipelines, and I’m now looking for a mentor who can guide me with real-world practices and insights.
I’m especially looking to learn from someone experienced in:
🔹 Kubernetes (K8s) – Deployments, Services, Ingress, Node Affinity, etc.
🔹 Helm – Chart templating, custom values, production deployments
🔹 Jenkins – Declarative pipelines, GitHub/webhook integration
🔹 Vault – Secrets management in Kubernetes and CI/CD
🔹 Terraform – Infrastructure as Code (AWS preferred)
🔹 Jira Integration – With GitHub/Jenkins for DevOps workflows
🔹 Monitoring & Logging – Prometheus, Grafana, Loki, ELK stack
I’d love to connect with a mentor (even informally — weekly chat or async DMs) who’s worked in production environments and can share tips, common pitfalls, and guidance.
https://redd.it/1m7rtgs
@r_devops
Jenkins pipeline deploying NPM library to Sonatype Nexus Repo
Hi! I'm trying to deploy my custom NPM library to my repo using jenkin's pipeline,
I already have done this with maven artifacts but I need help to adjust the step to push a npm lib,
so far my stage looks like this:
stage('push artifact to nexus') {
steps {
nexusArtifactUploader artifacts: [
artifactId: 'custom-npm-lib',
classifier: '',
file: '???',
type: 'tar???'],
credentialsId: 'ffffffff-ffff-ffff-ffff-ffffffffffff',
groupId: '????',
nexusUrl: 'my-nexus-hostname:8584',
nexusVersion: 'nexus3',
protocol: 'http',
repository: 'my-npm-repo',
version: '0.0.1'
}
}
so, the question is, do I do a 'npm publish' o 'npm deploy'?? or whats the equivalent to mvn package? then, what would it be an example of nexusArtifactUploader to push the lib to the repo? thnx in advance
https://redd.it/1m7mgb4
@r_devops
Learn Linux before Kubernetes and Docker
anishnarayan/learn-linux-before-kubernetes-60d27f0bcc09?sk=93a405453499c17131642d9b87cb535a">anishnarayan/learn-linux-before-kubernetes-60d27f0bcc09?sk=93a405453499c17131642d9b87cb535a" rel="nofollow">https://medium.com/@anishnarayan/learn-linux-before-kubernetes-60d27f0bcc09?sk=93a405453499c17131642d9b87cb535a
Namespaces, cgroups (control Groups), iptables / nftables, seccomp / AppArmor, OverlayFS, and eBPF are not just Linux kernel features.
They form the base required for powerful Kubernetes and Docker features such as container isolation, limiting resource usage, network policies, runtime security, image management, and implementing networking and observability.
Each component relies on Core Linux capabilities, right from containerd and kubelet to pod security and volume mounts.
In Linux, process, network, mount, PID, user, and IPC namespaces isolate resources for containers. Coming to Kubernetes, pods run in isolated environments using namespaces by the means of Linux network namespaces, which Kubernetes manages automatically.
Kubernetes is powerful, but the real work happens down in the Linux engine room.
By understanding how Linux namespaces, cgroups, network filtering, and other features work, you’ll not only grasp Kubernetes faster — you’ll also be able to troubleshoot, secure, and optimize it much more effectively.
By understanding how Linux namespaces, cgroups, network filtering, and other features work, you’ll not only grasp Kubernetes faster, but you’ll also be able to troubleshoot, secure, and optimize it much more effectively.
To understand Docker deeply, you must explore how Linux containers are just processes with isolated views of the system, using kernel features. By practicing these tools directly, you gain foundational knowledge that makes Docker seem like a convenient wrapper over powerful Linux primitives.
Learn Linux first. It’ll make Kubernetes and Docker click.
https://redd.it/1m7l5k7
@r_devops