86
Reddit DevOps. #devops Thanks @reddit2telegram and @r_channels
What’s one cloud concept that took you way longer to understand than expected?
For me, it was IAM on AWS. At first, it seemed simple—just give users permissions, right? But once I got into roles, policies, trust relationships, and least privilege... it felt like falling down a rabbit hole.
I kept second-guessing myself every time I tried to troubleshoot access issues. Even now, I still double-check every policy I write like three times 😅
Curious—what was your “wait, why is this so complicated?” moment when learning cloud?
https://redd.it/1kf2vqj
@r_devops
Introducing VPS Pilot – My open-source project to manage and monitor VPS servers!
Built with:
Agents (Golang) installed on each VPS
Central server (Golang) receiving metrics via TCP
Dashboard (React.js) for real-time charts
TimescaleDB for storing historical data
Features so far:
CPU, memory, and network monitoring (5m to 7d views)
Discord alerts for threshold breaches
Live WebSocket updates to the dashboard
Coming soon:
Project management via config.vpspilot.json
Remote command execution and backups
Cron job management from central UI
Looking for contributors!
If you're into backend, devops, React, or Golang — PRs are welcome
GitHub: https://github.com/sanda0/vps\_pilot
\#GoLang \#ReactJS \#opensource \#monitoring \#DevOps See less
https://redd.it/1kewtsx
@r_devops
What else do I need before I apply?
I've been a systems admin for over a decade. The last two years I've been doing gitops with ansible and terraform, and also managing some kubernetes clusters on-prem. I know enough Azure to get around but I'm not an expert. I've written some minor CI/CD pipelines as well. I'd like to move into an actual DevOps position but not sure what else I need. I'm not an expert software engineer, but I can write a powershell or python script with enough time.
https://redd.it/1kesm74
@r_devops
Built a fast multi-host terminal log viewer with timeline histogram – looking for feedback
Hey all – I’ve been working on Nerdlog: an open-source fast terminal-based log viewer loosely inspired by Graylog/Kibana, having a similar timeline histogram on top, but designed to be snappy, lightweight and setup-free (it just ssh-s to the hosts and uses standard tools such as awk, tail, head, etc).
It's optimized for reading system logs (from /var/log/messages or /var/log/syslog or straight from journalctl), and being as efficient at that as possible. To share some numbers, I've been using it daily with 20+ hosts simultaneously, reading 1GB+ log files on each of them; and getting logs for the last hour was taking 2-3 seconds.
Initially I hacked it together as a revolt against company-wide enforcement of Splunk, which I found way too slow for the amount of logs that we were having; but the project is outgrowing the initial proof-of-concept stage now.
I'd love feedback from the DevOps crowd: so far it was focused on my needs as a developer to read backend logs, but I think there is good potential it can be useful in the ops context as well, I just need to know the pain points and specifics of your needs. Is there a feature that is painfully missing in whatever log viewer that you're using now? Or vice versa: a feature that you love in some other log viewer and that Nerdlog should have too? Let me know!
GitHub repo here.
And thanks!
https://redd.it/1kerwu1
@r_devops
Built a basic SSH connection manager in Python — would love feedback
Hey folks,
I’ve built a small Python library to manage SSH connections and run commands across multiple remote machines. It’s still in the early stage but works well for basic cluster operations.
# 🔧 What it does:
* Load SSH hosts from config
* Connect to multiple servers in parallel
* Run commands across all of them
* Some basic monitoring and result handling
I made this because I often deal with multiple remote machines (AI training, deployments, etc.) and got tired of managing them manually or writing repetitive scripts.
The current version is lightweight and it has only pythonic api — no GUI or TUI yet or CLI, but I’m thinking of adding that in future.
Would really appreciate:
* Feedback on structure or usage
* Suggestions for features or improvements
* If this is even useful to others in its current state
# 🔗 GitHub:
[https://github.com/goravaa/ssh-clusters-manager](https://github.com/goravaa/ssh-clusters-manager)
Thanks in advance to anyone who checks it out 🙌
https://redd.it/1kenbqu
@r_devops
Canary like deployments for Custom Resources?
Why is there no Canary-like deployment orchestrator for Custom Resources with quality gateway analysis?
AFAIK, Flagger, Keptn ( have some maintenance problems ), Argo Rollouts, these are tightly bound to K8s vanilla resources and Ingress in general, but what if I want to deploy a Custom Resource, then check metrics, then do some custom action, and promote eventually "the deployment". Ofc I know what's Canary and what's traffic shifting.
Like, how are You versioning and deploying Workflows for batch operations? I want to test it, like use the new version for 10% workloads, and do the incremental promotion eventually based on the quality gateway check ( Prometheus metrics in this case
Thanks
Is this use case nonsense, or the
https://redd.it/1kehhvs
@r_devops
DevSecOps / AI CTF today - Ctf.punksecurity.co.uk
Our CTF runs today, with entry level and difficult challenges across DevSecOps and AI. No cost to play, some prizes for the best teams.
CTFs are little competitive puzzle based games designed to expose you to different tech and have you think in different ways. In our case it’s cicd attacks and AI prompt injection attacks :)
https://ctf.punksecurity.co.uk
https://redd.it/1keev01
@r_devops
Why did it take OpenAI 24 hours to roll back a faulty model?
Hi everyone,
I read through an article by OpenAI and stumbled upon the following segment:
>With the recent GPT‑4o update, we started the rollout on Thursday, April 24th and completed it on Friday, April 25th. We spent the next two days monitoring early usage and internal signals, including user feedback. By Sunday, it was clear the model’s behavior wasn’t meeting our expectations.
>We took immediate action by pushing updates to the system prompt late Sunday night to mitigate much of the negative impact quickly, and initiated a full rollback to the previous GPT‑4o version on Monday. The full rollback took around 24 hours to manage stability and avoid introducing new issues across the deployment.
>Today, GPT‑4o traffic is now using this previous version. Since the rollback, we've been working to fully understand what went wrong and make longer-term improvements.
I am just a developer who is using services like Vercel for deployment (or in a more professional context I used Azure WebApps). Of course, I do understand that for a larger user base, more servers have to be migrated and that this can take a longer time. However, 24hrs feels like a long time to me and I would like to understand, what exactly takes that long in the process. Has anyone insights or information on this?
Thank you :)
https://redd.it/1kedugg
@r_devops
Upwind's Cloud Security CNAPP. Is it viable?
Can anyone share their real-world experience implementing Upwind's "Runtime-Powered" Cloud Security Platform?
The promise of using real-time runtime data (I think they use eBPF sensors?) to focus only on actual threats and drastically cut alert fatigue – supposedly by 95% – sounds incredibly appealing, especially for teams drowning in alerts from native tools or older solutions. They also talk about 10x faster root cause analysis.
But what's the reality? What are you giving up? Is the eBPF approach truly agentless and low-overhead as claimed, or is there hidden complexity? Does its coverage and visibility really stack up against established agentless players when it comes to things like posture management, vulnerability scanning, and workload protection all rolled into one?
I'm also interested in the value ($) proposition and how it compares in practice to vendors like Wiz or Orca. Is it genuinely simplifying vulnerability management and threat detection effectively?
https://redd.it/1ke5wbp
@r_devops
Time-based permissions
What tools are you using for managing time-based temporary permissions, such as AWS/GCP accounts, database, SSH access, etc. ?
Looking for a solution for managing permissions for people accessing restricted resources.
https://redd.it/1ke2w14
@r_devops
Jira time logging for DevOps
I work at a big company and we are required to log the time we work on jira tickets to measure our productivity and for other reports for management. Some times I work the 8 hours but most of the time I finish my tasks and sits free most of the day. So sometimes I fake the logged hours so they know that I'm fully utilized. I've raised this with my manager and he said to fill my backlog and improve the system. I get that I can find somethings to be improved but it won't be the case all the time and I'll have some idle time in the end.
So my questions to you is:
Do you face similar situations at your company? What does it looks like?
How do you measure the productivity of the team?
Is the logged time a good measure to check the engineers productivity?
Any other thoughts? :) Thanks
https://redd.it/1kdxiak
@r_devops
Cobbler/Chef Educational Resources
I’m a network engineer by day and part time lab assistant to earn a few extra bucks in the evening. They are wanting in the next 90 days to get me spun up on assisting with tickets as the physical lift and rack and cable audit is wrapping up. They utilize cobbler and chef today and asked I start learning it, I’ve never touched any of these. Are there any good resources or recommendations for getting basic down with these? I have some familiarity with ansible but that’s it.
https://redd.it/1kdv75y
@r_devops
As a DevOps Engineer, do I need to know databases?
The question pretty much. How important is it to know dbs to be a better DevOps Engineer? Mind you, I'm already a DevOps Engineer but there's barely anything I'm touching db related, or even networking related TBH. Well, networking aside, how important is it to know dbs? I mean, I know dbs (Postgres and MSSQL) a bit, is it needed to know a whole lot more?
https://redd.it/1kdrpcq
@r_devops
Redis is open source again?
Redis seems to be Open Source again!!!
With Redis 8, the Redis community is thinking of going back to open source.
Source: https://thenewstack.io/redis-is-open-source-again/
Guys let's discuss this. Is this real?
https://redd.it/1kdlg94
@r_devops
Need Advice on scaling my platform architecture
I’m building a trading platform where users interact with a chatbot to create trading strategies. Here's how it currently works:
User chats with a bot to generate a strategy
The bot generates code for the strategy
FastAPI backend saves the code in PostgreSQL (Supabase)
Each strategy runs in its own Docker container
Inside each container:
Fetches price data and checks for signals every 10 seconds
Updates profit/loss (PNL) data every 10 seconds
Executes trades when signals occur
The Problem:
I'm aiming to support 1000+ concurrent users, with each potentially running 2 strategies — that's over 2000 containers, which isn't sustainable. I’m now relying entirely on AWS.
Proposed new design:
Move to a multi-tenant architecture:
One container runs multiple user strategies (thinking 50–100 per container depending on complexity)
Containers scale based on load
Still figuring out:
How to start/stop individual strategies efficiently — maybe an event-driven system? (PostgreSQL on Supabase is currently used, but not sure if that’s the best choice for signaling)
How to update the database with the latest price + PNL without overloading it. Previously, each container updated PNL in parallel every 10 seconds. Can I keep doing this efficiently at scale?
Questions:
1. Is this architecture reasonable for handling 1000+ users?
2. Can I rely on PostgreSQL LISTEN/NOTIFY at this scale? I read it uses a single connection — is that a bottleneck or a bad idea here?
3. Is batching updates every 10 seconds acceptable? Or should I move to something like Kafka, Redis Streams, or SQS for messaging?
4. How can I determine the right number of strategies per container?
5. What AWS services should I be using here? From what I gathered with ChatGPT, I need to:
Create a Docker image for the strategy runner
Push it to AWS ECR
Use Fargate (via ECS) to run it
https://redd.it/1kdftny
@r_devops
Please guide me in learning infrastructure automation
I currently manage a few servers running some ecommerce sites (WordPress) and some custom PHP based applications (Vanilla PHP, and Laravel) on DigitalOcean. My setup is pretty basic and consists of
* Fedora Cloud OS (I upgrade servers every 6 months for my sanity)
* Nginx, PHP-FPM (multiple pools), MariaDB, Valkey (Redis)
* Postfix (send-only mail server), OpenDKIM
* Logrotate (to rotate logs per user)
* Cron job for files and db backups to each user's directory, logrotate renames the backups and retains last x days of backups.
Earlier, when servers were few, I used to do setup and configure these manually. Server would be taken down a couple of hours for maintenance and upgrade every 6 months.
Then I did basic automation and configuration by writting custom bash scripts. The maintenance time reduced from hours to less than 30mins every 6 months. Downloading backups and restoring them is the only thing that consumes more time now as the data is huge.
I'm now at a stage where I need to fully automate it as the number of servers are growing each month. From what I've understood, I need to:
* Switch from Nginx, PHP-FPM to Caddy & FrankenPHP
* Containerize each application. We currently use docker-compose for development and testing. I guess we need to learn how to use that safely in production.
* Switch from raw logs to ELK stack.
* Switch from Postfix, OpenDKIM to Maddy/Haraka/Postal setup on a separate server and use SMTP from others server to this server.
* Switch from Fedora to some LTS OS like Ubuntu.
* Switch from bash scripts for setup and configuration to something like Ansible combined with Terraform and Nomad (not sure about these two).
* Add replication to MariaDB.
* Add CI/CD pipelines with Github Private repo.
I'm quite overwhelmed and it's taking a lot of time to wrap my head around these things. I know I have to take it slow and not do it all at once.
Have someone been through such manual to fully automated setup? How did you figure your way out? Please guide me if you have any experience with any of these.
Edit: List formatting.
https://redd.it/1kf0qts
@r_devops
Resource recs for cloud engineer that eventually needs to help developers
Hi everyone!
I know this is a horrible title btw. And excuse me if I got some terms wrong. And I meant "occasionally".
Here's the issue: I work as a cloud support engineer for a very small cloud shop and our clients are mainly startups so keep that in mind lol. We are supposed to support our client's infrastructure only, but a lot of times receive tickets asking for help in things that lean into the DevOps and software development fields. I have a very superficial background in backend development so sometimes with a bit of reading the docs and researching I can be of help, but a lot of times I feel like my "help" is lacking and not substantial enough. The other day for example we got a client asking how he could reduce downtime in his app during (schema, I assume) migrations. My colleague helped him, but then this weekend I researched the topic and I'm not sure the advice he provided was great.
On top of that, I'm pretty new to technology in general, still in college and I have A TON of things to learn and study on my to-do list that are related to cloud, networking, IaC, etc, but I feel like it would be incredibly useful to pick up some things in other related fields that would help me in my job.
I'm not assuming in any way that I can pick up a book and suddenly become a genius, but what are the resources - courses, videos, books that in your experience could be helpful to someone in a position like the one I'm in?
https://redd.it/1kew9rd
@r_devops
Self-hosted alternative to AWS Elastic Beanstalk with GitHub deploy and automatic horizontal scaling (no Kubernetes)?
I’m looking for a self-hosted platform similar to AWS Elastic Beanstalk that lets me push my code to GitHub and handles deployment plus automatic horizontal scaling on VPS servers.
Requirements:
GitHub → automatic deploy
VPS-based horizontal (instance-level) scaling
Not a serverless (AWS Lambda-style) solution
No Kubernetes (I don’t want to manage K8s clusters)
Which open-source tools or platforms would you recommend?
https://redd.it/1kesqg3
@r_devops
American Sign Language in DevOps Communities and Teaching
Hello everyone,
I’m a student in university who hosts workshops within our local Google Developer Groups Chapter.
I go to a university that has a substantial deaf and hard of hearing population.
This year, I’ve hosted several talks, and on occasion have had some deaf students attend. On such days we have requested interpreting services and have been able to access them, which have a been great.
However, I have subconsciously felt that although all of our talks are in English, there is still a language barrier. Talking about Kubernetes, Containers, Linux, and other development frameworks, I’m not sure if the ideas within my presentations have been able to fully get across accessibly through an ASL context.
Has anyone encountered a similar predicament? Looking for some tips to improve my communication skills within workshop environments to make everyone feel included.
https://redd.it/1kenn11
@r_devops
Some packages on Sonatype Nexus aren't updated when using as a Composer repository
Hello,
We have a Nexus Sonatype repository for Composer and one of the devops guys who was maintaining it left and now we are not sure why some packages aren't being updated to the latest.
For example, we need to install the package robrichards/xmlseclibs: https://packagist.org/packages/robrichards/xmlseclibs
We need the latest version which is 3.1.3 but in our repository it's only 3.1.1 and i was last updated on 2024: https://ibb.co/4ZtJF9Gd
We are not sure how to make Nexus get the latest version when someone is using the composer require robrichards/xmlseclibs command
What should I try to do?
Thanks!
https://redd.it/1keiala
@r_devops
What would you be willing to pay for at your company?
Over the years, we’ve seen several licensing dramas and ongoing debates even on this sub — the latest being Redis becoming open source again.
Someone once said: “I'm fine with companies making money from software” — and I’d say that’s the bare minimum.
But the real question is: what would your company actually be willing to pay for? Just compute power? Services? Or even open source software?
If it's the latter: what are you looking for? Suppose a piece of software simply works, has decent documentation, and no major feature gaps — would you still be willing to support it financially?
How do you evaluate packaging and delivering propositions, like Linkerd, or Chainguard, to get paid for? This is what I'm currently pursuing: just releasing and packaging latest — you can try it and test it, you wouldn't ever and ever go in production with a non version pinned software, so I can offer you stable version pinned versions (always based on upstream, no forks) with SBOM and detailed changelog and upgrade instructions, if required.
https://redd.it/1keei1p
@r_devops
Collection of DevOps MCP Servers
https://github.com/rohitg00/awesome-devops-mcp-servers
https://redd.it/1keexpu
@r_devops
Where to get started
Hello, I’m a long time admirer of this form. I’m a “junior devops engineer” in the financial field that was a previous mid-level, sulfur engineer, I’ve been doing so-called devops work for about a year now where I’m assigned to a team where I’m managed their pipelining, but I feel like I’m not doingreal devops. I’ve been so studying outside of work just to get more exposure to the field, but I just want to know if there are any seniors in here that can point me in the right directionwhere I can start to get more exposure to more Devos technology. At my job, we don’t utilize a lot of the all the devops technologies. I am starting a new project at work Monday so hopefully I will get more exposure to more technologies. But any pointers would be helpful
https://redd.it/1ke8cl1
@r_devops
Need Guidance for Amazon Systems/DevOps Engineer Interview (Cloud Support Background)
Hope you're all doing well.
I'm currently working as a Cloud Support Engineer and have managed to land an interview with Amazon for a Systems/DevOps Engineer role. While I’m excited, I’m also feeling a bit stressed—mainly because I haven’t officially worked as a Systems or DevOps Engineer before.
The interview email was pretty detailed (and a little overwhelming). As most of you know, the world of DevOps is huge—tons of tools, technologies, and concepts—and it’s tough to gain hands-on experience with all of them. To top it off, the interview includes live coding sessions, which has me even more anxious.
The below qualifications are mentioned in the job description:
Proficient executing standard operating procedures and following operational best practices
• Knowledge of scripting processes in a language such as Bash, Python, or Ruby or coding software applications in a modern language such as Java, TypeScript, or similar
• Experience working cross-organizationally and leading strategic team efforts requiring work from multiple team members
• Experience performance tuning software applications and optimizing fleet utilization
• Experience with Infrastructure as Code, (such as CDK, CloudFormation, Puppet, Chef, Ansible, or similar)
I’m using the prep material Amazon provided, but I’d love any advice on what to focus on—specific tools, topics, or concepts that are likely to come up. Also, if anyone has insight into the kind of coding questions typically asked, that would be super helpful.
Any resources, tips, or just general encouragement would be massively appreciated!
Thanks in advance, and apologies if this isn’t the right place to post.
https://redd.it/1ke1vlz
@r_devops
From Rejection to Redemption: How I Broke Into DevOps
Guys, I'm here sitting on my back yard on a beautiful Saturday and I am about to sign an offer letter with a Fortune 500 company — with a 25% salary increase.
But just a few months ago, I was getting rejected from interviews that didn’t even last 10 minutes. I was so embarrassed on how bad I did on the interviews. With over a decade in IT — supporting Windows and Linux systems, solving tough problems, and holding a high-level security clearance — I thought I had a solid foundation. But in the world of DevOps, I kept hearing the same message:
“You don’t have enough experience.”
“You’re not worth senior-level DevOps pay.”
And ironically, being a high earner already seemed to work *against* me.
I was turned down from at least eight interviews. Some didn’t even give me a chance to speak. I started doubting myself — hard.
So when another recruiter reached out, I told her:
"I don’t want to waste your team’s time. My background might not align."
She said:
"Actually, we really like what we see. Let’s get you in front of the hiring manager."_
After the first interview with the **hiring manager**, I asked for **two weeks** to prepare for the technical round — not to delay, but because I was *determined* not to fail again.
At that point, I didn’t even have a home lab. But I went all in.
In those two weeks:
\- Built a full homelab from scratch
\- Deployed the Sock Shop app using ArgoCD
\- Provisioned infrastructure with Terraform
\- Set up monitoring with **Prometheus, Grafana, and Kuberhealthy**
\- Studied nonstop for a HackerRank I had never heard of
\- **Watched DevOps interview Q&A videos on YouTube while driving — even while taking my dog to the vet**
\- **Skipped volleyball — something I love — and turned down social invites from friends just to stay locked in**
The **technical interview was round 2 of 4**, but after one hour of walking through my setup, architecture, and decisions — they said:
"We’re skipping the rest. We're making you an offer."_
That moment changed everything.
**My clearance didn’t get me here. My title didn’t. My past salary didn’t.**
But *grit, sacrifice, and proof of ability* did.
And the cherry on top? I’ll get to **work from home eventually** — a goal I’ve had for years.
To anyone trying to break into DevOps:
Don’t wait until you’re “ready.”
**Start building, start learning, and never stop showing up.**
Your breakthrough might be closer than you think.
Sorry English isn't my first language and I use ChatGPT to help me with this but it's truly my experience. So good luck out there, if I can make it, you can!!!! Cheers!!!
https://redd.it/1ke1fjq
@r_devops
What is k8s in bare metal?
Newbie understanding: If I'm not mistaken, k8s in bare metal means deploying/managing a k8s cluster in a single-node server. Otherwords, control plane and node components are in a single server.
However, in managed k8s services like AWS (EKS) and DigitalOcean (DOKS). I see that control plane and node components can be on a different servers (multi-node).
So which means EKS and DOKS are more suitable for complex structure and bare metal for manageble setup.
I'll appreciate any knowledge/answer shared for my question. TIA.
https://redd.it/1kdy5af
@r_devops
i made bikya for selling used products and real estate, please check it out!
made it fully in PHP Any tips would be helpful
https://bikya.infy.uk/
https://redd.it/1kdvift
@r_devops
Is this a good DevOps book?
Is this a good DevOps book? I'm planning to buy a book on Azure DevOps."
https://www.amazon.com/Beginning-Azure-DevOps-Releasing-Applications/dp/1394165889
https://redd.it/1kdeimp
@r_devops
🚨 DevOps Interview in 2 Days with Zero Experience – Need Your Guidance!
Hey r/devops community,
I'm reaching out for some advice. I have an interview for a DevOps internship in just two days. My background includes basic knowledge of Git, Linux, and Python, but I have no prior experience in DevOps.
Given the limited time, what key areas should I focus on to make the most of my preparation? Any resources, tips, or guidance would be greatly appreciated.
Thank you in advance for your support!
https://redd.it/1kdk7va
@r_devops
MacOs HomeBrew and Open Source tooling
Hey guys!
Quick question for ya, I've been at a job for awhile now but we just got transitioned over to macOS. We were on windows machines before. Software was always distributed through self service software centers or pushed via org policy.
Now however Im running into issues getting up and running with my dev tooling (mostly cli tools, and local cluster dev). Currently homebrew isnt an approved technology, but its so common to get tools installed that way im not familiar with any other common patterns. Ive been tasked with trying to make an argument to allow it for devs from my team.
Im anticipating security folks and others having a high skepticism because they cannot "own" the software that gets installed there as far as Im aware. The current pattern would have me contact the helpdesk to install software via .pkg or be distributed.
Currently other package managers are allowed - like conda, npm, yarn, etc. But I know its not quite an apples to apples comparison.
What arguments would you make to allow homebrew into the ecosystem? Are any of your jobs able to track whats installed accurately? Im assuming the MDR/AV software locally would pick up something.
https://redd.it/1kdcehg
@r_devops