Unicorn vs Enterprise for senior

Hey there! I'm in need for community opinions/angles on choosing the next employer. I'm a senior devops 7 years experience. i'm a freelancer sw engineer ATM finishing my contract in a month from now for the last 1/year I like it, but "man needs to provide" (family, plus kid). Need to buy an appartment and start paying a lot of money to a bank. For these reasons I want to move back to platform/devops engineering since there my expertise lies. I unfortunately don't have k8s prod high traffic experience. I can't say I'm super eager to become a people manager, but it was fun to do big projects and lead them.

I've managed to get 2 proposals from 2 very different companies and I'm curious what do you people think is a better move. Here are they:

1:
Unicorn startup with branches in a couple of countries.
not going to do exit, maybe an equal merge, not going IPO.
tech lead position with an opportunity for growth to team lead with hands on and a caviat on the next point.
current team lead is leaving in a month from now , the only person that knows everything and is a super pro monster is a VP and he is moving to US from our country in a few months. So his availability will be second half of the day.
stack: mixed cloud, k8s prod high traffic, postgres on ec2 (because they felt it better than managed), thanos and shit, some python/go automation OSSed - looks solid in terms of tech.
there are a couple of engineers that are mids
hybrid, twice a week from office. They say wlb is good but given the HR circumstances above I don't 100% take it with a grain of salt.
salary is good, some options(equities) provoded. Yearly options bonus. Plus minor perks, regular to SaaS companies.

2:
Big cyber security tech, with RSUs, they acquire a startup not so long ago and are looking for devops people for that part of the company. Not senior role - just a private.
tech stack there's some k8s but apparently where I'm going to put my effort on - I'm going to clarify that tomorrow in more detail. Lots of hashicorp stuff, iac, some automation.aws, going multicloud
there are other engineers that are missing, team lead that is hands on who should be good, on the interview it felt like he is a bit arrogant, but that's maybe because he had to tackle some stuff during the interview - shit happens.
good wlb, 3 times from the office, some programs for summer for small children, when there's no kindergarten, yearly bonus.
regular salary is a bit lower than of that in startup proposal.
since it is a big tech they have a option later to be moved horizontally or promoted.

I need to act quickly now and I want to split in two :)))

Wdyt? Thanks to those who read this to the end.


https://redd.it/1bx63k5
@r_devops

What's the current job oppurtunities in devops as a fresher from india?

hey everyone so i haven't experienced any of the tech fields except the web dev where i learned html, css, a lil bit of js but now i think this could not be the one for me so i am planing to give some time into this field but doesn't know anything about it and as a indian we don't get the environment to actually connect and learn new things on our own anyway, so anyone from india here can tell me what's the current job scenarios in devops in india or in gloabal, one think which is being the headache is "is academics play some role" like my academics score was like fairly average (i just wanna be honest here), so can anyone give me quick summary of all the things what actually happens in this field and what should i learn as a foundation to get started, are there any courses you recommend how much time does it take to generally to achieve specific skills which are required to get a job, are there job opportunities for freshers also i only got merely like 8-10 months left to complete my graduation in IT how much can i do in this duration,

and yeah which are the languages to learn

Thanks in advace who are willing to help by replying

https://redd.it/1bx6q2x
@r_devops

Greenmask release v0.1.9. Database anonymization tool

A [new release](https://github.com/GreenmaskIO/greenmask/releases/tag/v0.1.9) introduces improvements and bug fixes.

[https://github.com/GreenmaskIO/greenmask](https://github.com/GreenmaskIO/greenmask)

# Improvements

* Implemented tables scoring according to the table size and transformation costs. This correctly spreads the tables dumping between the requested worker's pool and reduces the execution time.
* Introduced `no_verify_ssl` parameter for S3 storage
* Adjusted Dockerfile
* Refactored storage config structure
* Most of the config attributes may be set with environment variables
* Parameter `--config` is not required anymore. This simplifies the greenmask utility user experience
* Fixed `S3_REGION` environment variable usage

If you are not familiar yet with Greenmask - it is a Database anonymization tool that brings wide anonymization functionalities and techniques. Check out the [Playground](https://greenmask.io/playground/) page to get started

https://redd.it/1bx8akf
@r_devops

Build SLO for a monolith

I have a monolith service and it serves many different purposes, there are many truly independent services inside, should I build multiple Independent SLO?

https://redd.it/1bx85bx
@r_devops

New YouTube video, asking for criticism again

Following up on some of the advice given https://www.reddit.com/r/devops/comments/1bo47o9/started\_making\_youtube\_videos\_on\_devops\_related/

I'd like to receive some more criticism, constructive ones would be great.

I'm trying to develop my own style by first copying fireship style. However, I realize I lack some skill on the editing department.

​

Thank you!

https://youtu.be/dnXTFudEXN4

https://redd.it/1bxe7vi
@r_devops

Cache is King: A guide for Docker layer caching in GitHub Actions

Hey all, my friend wrote this awesome post on how to properly cache docker layers for github actions and thought I'd share
https://blacksmith.sh/blog/cache-is-king-a-guide-for-docker-layer-caching-in-github-actions

https://redd.it/1bxoy0h
@r_devops

RabbitMQ Going back into Queue

Hey,

So I have the following setup:


< Flask App with Redis for idempotency check > ---- RabbitMQ pod --- < GPU worker node >

Once the GPU worker is finished, it uploads a file. The issue is, I think the processing is taking so long on the GPU that the RabbitMQ ends up moving back the request from 'Unacked' to 'Ready', and then back to 'Unacked' when it requests it again.

The solution I will probably implement when I wake up tomorrow morning will be another idempotency check on the GPU node, and if so instantly send the ACK back if already processed. However is there a setting in RabbitMQ which does not move it back to the 'Ready' after 5-6 minutes? I am not sure why this ACK is not being sent back, I am seeing the file being uploaded. [ GPU worker finished, it uploads the processed file \]. This request is jumping between 'Ready' and 'Unacked'.

Is this an issue with RabbitMQ, should I try Kafka / do you guys all implement idempotency checks with RabbitMQ?





https://redd.it/1bxrqmu
@r_devops

Need a devops mentor

Anyone available to have a quick chat?

https://redd.it/1bxwjam
@r_devops

Vagrant box for practicing web development.

I see it could be real helpful if there were a vagrant box available which has a well equipped development environment inatalled, but also has really carefully planned out lessons and configurations that will lead you to understand things. For example one exercise could be to make a python app that uses an SQLite database. Thrre can be tool tips and interactive popups that guide, like go here to find the sqlite file. Now letw open it up and see exactly how the sqlite file is beimg used to control the app.

I can see the vision,, i can explain it so well.

https://redd.it/1by1s4p
@r_devops

2 job offers what should I do! Stick to career path or well paid job

I recently received two job offers and I'm having trouble deciding between them. I'd really appreciate your insights and advice.


DevOps Role:

Tech stack: Cloud, Kubernetes, Linux, and overall infrastructure design.

Pros: I have more experience in this area, so I anticipate an easier transition into the role.


SRE Role:

Tech stack: On-premise, C#, and PowerShell.

Pros: The offer is substantially better, and I have the flexibility to work from home. Plus, weekend work is required but flexible, with compensation days off.

Can anyone give me an insight about working as an SRE and how is it difference from working as a devops.


https://redd.it/1by3dt0
@r_devops

What are some good home assignments / interview questions for juniors?

im hiring for a junior position and i want to see how people think / troubleshoot. i think its the best way to know how good a junior candidate is as they dont have the experience yet.

i was thinking of small devops oriented home assignment that will be discussed in the interview. i dont mind the candidate using google / chatgbt in the interview to debug (thats what we do all the time anyway when working).

or maybe have some on the spot questions that will help me asset how candidate approaches and solves problems.

so what are you'all thinking / suggesting?

https://redd.it/1by4dvk
@r_devops

Update: I still want to quit and go pet dogs

Original here: https://www.reddit.com/r/devops/s/dXMTzqPbeV

Just wanted to give an update. Because I'm sure everyone out there is waiting on one /s

Basically, I've put my foot down and refocused everything. We've gotten rid of our useless scrum master (had zero knowledge of anything related to the role, I realize that good SM/PM are a great benefit). I've given the directive to the team that we are not an ops organization. Any operations requests, especially over email, are immediately pushed back and given a confluence link on how to engage with the correct teams. I've scheduled 1 hour daily with my manager and a mid/junior to refine our backlog where every item is met with "Does this fit our mission or does this really belong somewhere else?" from me, so our manager explains why this belongs on our team based on his pre-established criteria. Our standups are now 15 minutes or less and our backlog is almost healthy.

I've also put a full stop on all deliverables that aren't servicing our team's mission of reducing toil and providing self-service/automated solutions for teams.

Until now, teams were forced to go to central operations teams to request even the smallest changes to their infrastructure, like a disk/VM resize. Not because of any approval process or review... Just because. That doesn't scale. Because that doesn't scale, and that team isn't even staffed properly, overflow work was coming to us. Over half of our team was busy fulfilling basic requests every day.

This week, I sat with another engineer and said, "This is enough. All the dangerous stuff like IAM and firewall rules we'll lock down to the appropriate teams, but basic infra belongs with the app teams." And in 2 days we knocked it out. We created appropriate roles, I created automated pipelines to provision properly scoped managed identities for necessary tasks with those roles along with their federated credentials, and we tied them to automated pipelines that will automatically know and enforce the MIs being used. We're now ripping apart the TF states to remove any IAM and networking management from those repos and putting them into the management repos. It's not perfect, but it's good enough.

In 2 days of work of yelling over the desk at each other, we eliminated the toil of 5+ FTEs so that those people can focus on the important work.

Next week, I'm handing off those repos to our two highest ticket generating teams with a hard and fast rule that nobody is to fulfill any basic infrastructure requests for them. They will receive training and reference materials but, if they can't change a few variables themselves and run a PR process, they don't belong here.

Overall, things are smoother. I'm just going to keep everyone on task. After next week, the noise should drop down significantly. The intent is to get the team into some form of SDLC process where we evaluate our team's products, make improvements, and take suggestions as feature requests. Our products are pipelines and automations that keep our platform running and make lives easier for app/operations teams. Anyone that decides they want to be a basic ticket fulfiller is getting reassigned to an ops team.

Basically, I'm back to doing things I'm good at. Identifying the waste, designing a solution, gathering the necessary resources, and knocking it out.

I'm still going to quit as soon as the next thing comes along, but I'm slightly less miserable for now.

https://redd.it/1by6akm
@r_devops

Tempest-A cross-platform, cloud-synchronized, privacy and security-first terminal.

# Tempest

A cross-platform, cloud-synchronized, privacy and security-first terminal.

# Download

# Download link:

Office Website: [https://gotempest.app/download](https://gotempest.app/download)
GitHub: https://github.com/MicaApps/Tempest/releases/tag/release

# Official Website:

https://gotempest.app/

# Overview

A cross-platform, cloud-synchronized, privacy and security-first terminal.Supports Windows, macOS, Linux, iOS and Android

# Update: AI Copilot

Tempest AI helps you solve server operation and maintenance problems! You can use it to help you diagnose TCP, write SQL, read logs, etc. 

# SSH

1. Supports SSH2, SFTP and Identity Manager
2. Supports server private key verification from 1Password
3. Server performance monitoring

# Kubernetes

1. Manage Kubernetes Config
2. Manage different clusters simultaneously in different tabs, Kubeconfig is isolated
3. End-to-end encrypted sync across devices

# Local Shell

1. For Windows, additional support for MSYS, WSL (under development) and other environments
2. Will support Serial serial port

# Data Encryption and Cloud Sync

1. Encryption and decryption are performed locally on the user, and the synchronized content is always encrypted (end-to-end encryption). Encrypted keys are only saved 2. locally on the user's computer, use KeyChain or Windows Credential Manager to protect data
2. The encryption and decryption parts will be open sourced on GitHub for review
3. Seamless synchronization across devices is very smooth, welcome to experience it\~

# Share and Collaborate

1. Supports sharing and collaboration, similar to graphite documents. Send the link to your friends to share the terminal
2. Supports multi-window broadcast, that is, instructions entered in one tab can be broadcast to all tabs to configure a large number of servers at the same time
3. Supports multiple vaults, sharing vaults to teams, revoking user permissions, etc.

# Gallery

https://redd.it/1by8f2m
@r_devops

Best Practices for Identifying and Mitigating Flaky Tests

Best Practices for Identifying and Mitigating Flaky Tests


https://semaphoreci.com/blog/flaky-tests-mitigation

https://redd.it/1by6m0x
@r_devops

RBAC Query- Need to know how to assign a permission to only one user

Hello Guys,
In Azure, I would like to know which permission can be set to storage account so only that user can access it. Even the owner and co-administrator should not be able to access.
Is this possible via built-in roles or do I have to create a custom role?
Please help me out!

https://redd.it/1by6f3x
@r_devops

Has anyone gone all in on CloudWatch Container Insights with Enhanced Observability?

We're in the process of moving to EKS.

Our current observability stack is Prometheus, Grafana, and ELK on elastic.co

Any thoughts for and against on going all in on what AWS offers?

https://redd.it/1byhz45
@r_devops

Getting into devops as a fresher

I wanted to know what are the chances that I can hit it off with devops as a career path straight out of master's in comp sci.
By hitting off I mean be able to find a job eventually (I know the market is bad rn, but with the right learning and knowledge, EVENTUALLY I should be able to find a job(?)) and then grow throughout my career path.
My biggest issue right now, is that I have no professional work experience. I finished my undergrad and immediately went straight for masters. Now, I'm still pursuing a master's degree in comp sci and if I were to start getting into devops today and go on for a year, what are the chances I will stay afloat considering my professional standing. I have read that devops is a role in which you get into once you have experience as a developer or operations person first, hence this question.

Tl;dr
I don't have any work experience (currently in masters comp sci), what are my chances I'll be ok with respect to a job and growth, if I get into it rn from scratch and work on it for a year?

https://redd.it/1byhvr7
@r_devops

Tools for simulating diverse web traffic: recommendations?

Hey everyone, I am a postgrad student doing research in invalid web traffic and click fraud detection. I'm looking for tools to simulate web traffic for testing purposes. Ideally, I need tools that can mimic traffic from various locations using proxies, different browser types, and screen sizes. Any recommendations? Thanks.

https://redd.it/1byku2e
@r_devops

I love my job. Here's why...

With all of the burnout posts and new people looking to join the field I wanted to just take a minute and talk about what I love about my job. Please note this is my experience and I've certainly been places in the last 15 years that I absolutely hate and made me hate everything about tech.

Obviously I'm DevOps, I come from an Ops background. Desktop support, SysAdmin, Cloud Engineer, and a bit of SRE focusing on Observability.

Joined a company close to a year ago that is very relaxed and fun overall to work for. My job of course has me writing pipelines and copious amounts of Terraform and Ansible. I don't have a SWE background and can't write in the language we use, C++, but I can read and understand it largely.

My boss is cool and my deadlines are set by me for the most part. My work load is low for tickets and high in projects and I am given a lot of autonomy to decide what we need when we need it.

Many people say, and I am included in this, that DevOps is not an entry level job. Let me explain something I had to do that took a base understanding of DNS and Networking to show why I agree with this statement. I have two Azure Web Apps in different country's, the WebApps are the same but the difference is the database and storage accounts under them. Well using Frontdoor, I could hop to the other region once in a while causing massive latency when connecting to the DB and storage in the users region they would want to be in.

Now due to data sovereignty laws in the other region, that DB and Storage cannot be combined with the ones I utilize in the opposing region. Due to this I needed to make a private endpoint to a vent and utilize internal DNS, named the same as the public DNS to route traffic from Region As server to region As API 100% of the time. All of this is very basic with a vnet, subnet for the apps, and internal (private) DNS but understanding why this solution can work is paramount here. The basic knowledge of how Private DNS is used first then Public is very big, basic submitting to understand how to control the size of the subnet is also big.

Further I have a central zone that connects to both regions but does not connect to each other, this can be a burden without an intermediate understanding of networking and routing as private DNS, but not networks, use the same names in both regions.

My job allows me to find the best solution and implement them. This is a huge boon to me in learning further, even if it's just leveraging my Ops knowledge to expand what I know a bit more.

Remember if you want to join DevOps that's awesome and you totally should, we do some cool things! You need to come from an Ops or SWE background first. It's not because "I did it", but because basic knowledge is required to truly succeed.

https://redd.it/1bymf15
@r_devops

ProxyPass Apache2 to FlaskApp

Hi,

I want to redirect flow from [https://127.0.0.1/api/hello](https://127.0.0.1/api/hello) to my flask app.

So i did this :

<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/html

<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>

<Location "/api">
ProxyPass https://127.0.0.1:5000/api
ProxyPassReverse https://127.0.0.1:5000/api
</Location>
</VirtualHost>

Then i reloaded apache2.service

Next i created my flaskapp :

from flask import Flask

app = Flask(__name__)

u/app.route('/api/<path:value>', methods=['GET'])
def api_request(value):
return f"Value is : {value}"

if __name__ == '__main__':
app.run(host='127.0.0.1', port=5000)

Then i run it.

When i do :

`curl` [`https://127.0.0.1/api/hello`](https://127.0.0.1/api/hello) -> it doesn't works

`curl` [`https://127.0.0.1:5000/api/hello`](https://127.0.0.1:5000/api/hello) -> it works !

So my flask app works, but my apache2 seems to be misconfigured not ? I feel stupid it seem really easy and i blocked on this ..

Thanks

https://redd.it/1byrpm6
@r_devops

What does "documentation" even mean in the Scrum landscape of 2024?

I'm developing Python APIs as part of a DevOps team (we develop Python APIs, deploy them, and mostly manage the underlying infra, though there are some external dependencies). I want to document it for future colleagues, so they will have a smoother learning experience regarding the codebase and infrastructure of the current landscape.

But what "documentation" nowadays even mean? I wanted to hear from you folks.

I was thinking about having separate diagrams:

1. One explaining the infra (servers, containers, DBs etc)
2. A sequence diagram, indicating what APIs from what services talk to what
3. Maybe some sort of diagram explaining the solution from a functional PoV?

Need some advice on what documents/diagrams will actually bring value to future maintainers of the solution. Thanks!

https://redd.it/1byrx21
@r_devops