Recommended books for k8s ecosystem

Hello, so I have just finished KodeKloud CKAD course. I liked it and I feel I have a solid grasp of fundamentals.

Now I am looking for a book (or any recommended resources) on actual ecosystem and approach to managing k8s cluster. Ideally it would be a comprehensive overview with comparison of tools and techniques with clearly stated pros and cons.

Examples:

CI/CD - How do you actually deliver changes (I am sure you are not just running `k apply` manually. What are approaches? Some GH Actions setup with access to the cluster? FluxCD? ArgoCD? I would like to see a good overview of what problems those tools target and what are shortcomings or quirks - when to use each one.
How to structure your codebase \- do you use Helm or Tanka with jsonnet? How much abstraction is recommended? How do you structure your resources and reusable parts?
How do you keep IaC for things that are NOT strictly k8s resources - like plugins and addons you installed, or AWS resources that are not k8s managed (S3 buckets, IAM roles)?
Comparison of Ingress solutions etc.

I hope this gives you and idea what I am looking for. Most things I find on the internet and in books is strictly k8s - so basically what I touched upon in KodeKloud CKAD course. Do you know of any books/resources that actually address what I am looking for?

Thanks in advance 🙇🏻

https://redd.it/1i771z0
@r_devops

Advice for this year and future interviews

Hello,

I been learning DevOps for around 9 months, my current job is at Service Desk for 5 years and would like to shift to this new role...

Long story short I been using KodeKloud, Udemy and Youtube for the first 7 months in order to learn and then recently I got into a course in the university about DevOps (6 months long, I do not have a university degree hence I cant apply for a master). My plans for this year is to finish the university which includes Azure and AWS Cloud Practitioner certifications and get certified in CKA/CKS. Apart from that I am working in two projects, one within the university and a second with a mentor.

Recently I was reached out for a Junior DevOps position interview and wanted to experience how an interview looks like. Here is my point, in the technical interview what I have seen so far to succeed, you need to basically remember everything, every technology command and its flags, every syntax for a pipeline, script, IaC... and you aren't able to get into the documentation even to check some syntax. I do know the concepts and how the technology works but most of the time I need to check my notes for syntax or commands since I'm not writing Dockerfiles or deployments in K8s or making bash/python scripts for 8h a day.

How should I go about this right now in order to improve for interviews for the future? I am planning to look for real interviews in 6-9 months

https://redd.it/1i77wwt
@r_devops

Database for C#MVVM Desktop app

Good Morning!

First of all, I'm sorry for the lack of misuse of techincal terms , my not so good english and the long text.

I'm developing an Desktop App in C# MVVM Winui that is supposed to receive data from objects ( for now only focusing on receiving position [lat,long,alt\] speed and direction) and represent it on a map . My estimation for max number of objects at the same time would be a few thousands and thats already a very positive estimate for what will probably be the real number.

The program follows an hierarchy let's say an owner has 20 objects, it receives 20 object tracks and will share those 20 object tracks with others owner( and vice versa) in a single message. Therefore, even if there are 1000 objects that are, there won't be an owner receiving 1k single message in a space of seconds, it will probably come in batches of tens
Data is received by a singleton class (services.AddSingleton<IncomingDataHandler>();)

My initial idea was a global variable that would hold all that data in observable collections/property changed and through Dependecy Injection, the viewModel would just read from there .

I had a lot of problems because of memory leaks, the viewModels were acumulating to the a lot of subscription because of those.

So I'm trying to move even more to the reliance of Databases (the app has another purposes outside of tracking, but this is the biggest challenge because is real-time data, the other data doesn't change so frequently and I can support some lag)

My new ideia is for the app to receive data , , store in a database so the ViewModel-View responsible for displaying the data can constantly read from the db for the updates. So I need fast writes and reads, and no need for ACID, some data can be lost, so i focused in NonSQL

Do you guys know any database that is reliable for this? Or is this idea not even feasible and I should stay with a global Variable but with better event subscription( using Reactive or something else ?

I'm focusing in embedded Database so the user does not need to install and/or setup a server

For reference, my first option was RocksDB but i'm having an hard time to understand it because it is information in internet is mostly C++.

Thank you guys for your attention.

https://redd.it/1i78mzg
@r_devops

How Would You Investigate Using Logs and Metrics?

A critical service in your infrastructure keeps crashing unexpectedly, and users are reporting issues. You’ve got access to logs, metrics, and traces. How would you approach troubleshooting this problem? Which tools would you use, and what key data would you look for to find out why it’s happening?

https://redd.it/1i79952
@r_devops

If you dig DeepSeek and Cursor as much as I do, check this project out: https://github.com/danilofalcao/cursor-deepseek It makes possible to use DeepSeek model in Cursor's Composer as 'gpt-4o' P.S.: It's not perfect, but it's a start 😊 Contributions are more than welcome!

# If you dig DeepSeek and Cursor as much as I do, check this project out: https://github.com/danilofalcao/cursor-deepseek It makes possible to use DeepSeek model in Cursor's Composer as 'gpt-4o' P.S.: It's not perfect, but it's a start 😊 Contributions are more than welcome!

[](https://www.reddit.com/r/coolgithubprojects/?f=flair_name%3A%22GO%22)

https://redd.it/1i7b1t9
@r_devops

host for api

I need to host a .net API with a postgress database, but Azure plans are so expensive... I need other hosting options, where do you usually host?

https://redd.it/1i7agcn
@r_devops

Is it bad practice to run your internal tooling (e.g. self-hosted Grafana, pipeline runners, image registry) in the same place as your core workloads? Where do you run yours?

I've been tasked with setting up Sonarqube for our org and the guidance is to run it on our staging EKS cluster, alongside all of our staging microservices. Our CI/CD pipeline runners also run in this cluster. It's not production at least but it still feels wrong. I thought it was better to keep those kind of workloads separate from your core ones for better isolation and separation of purpose. We're a small company, so we don't need enterprise levels of design complexity. But I don't think that's an excuse in this case.

Curious to know if my understanding is correct and where the rest of you are running your tooling. Any guidance? Thanks.

https://redd.it/1i7c7h8
@r_devops

Relax your shoulders

Literally, your shoulders might be unintentionally hunched/shrugged right now. I think as IT professionals we should all be aware of this. I started working as a Linux admin right out of college and then transitioned into devops and noticed neck and back pain just a few months into working. I shrugged it off, being young I thought it would just go away. But here I am almost 6 years later with the same pain and it seems to morph every year. Sometimes it’s bearable sometimes it isn’t. Point is we all need to be more aware of our posture. Hours of typing and moving a mouse can really do some damage over time.

https://redd.it/1i7doxk
@r_devops

Make container scripts (more) independent of specific tooling

Point of note for container scripts:

If you're coding scripts that use a "docker" command on behalf of users you can't assume that docker is installed any more.

`podman`, `nerdctl` & `docker` - & I think at least one other that I can't think of right now - all have the same command structure, for now.

So any script running, say `docker build ...` or `docker run ...` should actually do something like this:

#!/usr/bin/env bash
source `logging.sh`
container_ctl () {
local containerctl

containerctl=$(command -v /bin/podman)
if [[ -z "${containerctl}" ]]; then
# Assume nerdctl in path as global fallback
containerctl=$(command -v nerdctl)

[[ -z "${containerctl}" ]] && \
(log_this "ERROR" "fallback nerdctl not found"; exit 1)
fi
log_this "INFO" "using container control, ${containerctl}"

echo "${containerctl}"
}

"$(container_ctl)" build ..."$(container_ctl)" run ...``````

More complicated? Yes.

Easier to use by users who don't want to install your particular tool of choice?

Also yes.

https://redd.it/1i7eh7l
@r_devops

Stratoshark was released today – "Wireshark for the Cloud"

Stratoshark was just released, it was made by the same people that are behind Wireshark. Looks like it could be a super useful tool for my workflow, I'm checking it out later today.

Here's their more in depth description:
Stratoshark lets you explore and investigate the application-level behavior of your systems. You can capture system call and log activity and use a variety of advanced features to troubleshoot and analyze that activity. If you've ever used Wireshark, Stratoshark will look very familiar! It's a sibling application that shares the same dissection and filtering engine and much of the same user interface. It supports the same file format as Falco and Sysdig CLI, which lets you pivot seamlessly between each tool. As an added bonus, it's open source, just like Wireshark and Falco.

https://stratoshark.org/

https://redd.it/1i7dmb0
@r_devops

ECS with multiple containers hostname resolve issue

Hi,



I am working on a dev environment where I want to dpeloy my on-prem docker-compose on ecs.

The app needs to connect to the db but I got stuck in the host name issue.



In Docker compose, we could easily reference the service name when it requires a connection from one container to another in the bridge network. However, in AWS ECS, when I try to do the same with bridge mode, awsvpc mode, it still did not work.



I tried to use localhost, 127.0.01, postgres.my-namespace.local, both either of them work in my situation. What is the solution on this case?



They are both running on my EC2 instances via ECS, much appreciated it!



I feel feel ECS is like the docker instance that you manage yourself. They are not really HA or robust unless you are using fargate mode. The storage part for the EC2 based is still the same and manage by myself.. It is good for the testing environment but to move forward, it will be eks.



https://redd.it/1i7ie1j
@r_devops

BMC on unsupported HW?

New devops gig and I come from a managing enterprise servers.

Now the new place is fun but kinda shot themselves in the foot with hard to reach machines with no native bmc support that I am aware of (thinkstation p620).

What can I do if I want to send them a reboot command, set the boot order to pxe, set the remote image uri and reboot?

I was thinking of creating the images with ssh access so a script can login passwordless (interbal network only so I don't mind) and maybe some grub magic to boot to pxe?

https://redd.it/1i7k8mf
@r_devops

Getting started with IaC?

Hi everybody, I’m fairly new to iac having only done KodeKloud’s terraform course and played around with pulumi at my new job.

Some guy set up some of our infra using pulumi and left. No one else knows what that guy did. He also wrote the infra in C sharp and didn’t document what he did.

I code mostly in python, we use azure, and I’ve want to set up some basic infra for some projects: function apps, some docker web apps, some data/mlops.

But because I’m new to azure (I worked as a data scientist/ml engineer at a company that didn’t use cloud - self hosted) I am not familiar with a lot of the options for different resources. Especially, around networking. I am finding going to the Azure GUI back and back again and almost wondering if I should start from the Azure GUI and once I’m more familiar with all the resources and their options move over to Terraform/pulumi. Thoughts?

https://redd.it/1i7jr63
@r_devops

How Can I Redirect Azure APIM Traffic to a Self-Hosted API Gateway Without DNS Changes?

We are using Azure in the company I work for. I am a backend developer, and since I have limited knowledge of cloud systems, I was asked to review the costs alongside the relevant teams due to increased expenses.

An Azure API Management Service (APIM) has been set up here, which I believe is unnecessary because its costs are extremely high.

Unfortunately, there are clients, such as handheld terminals, that rely on this APIM. These devices do not dynamically retrieve the API address; it is hardcoded into the application. In short, changing the APIM address is not currently possible.

Is it feasible to assign the `xxxxx-azure-api.net` address (which is managed by Azure, so it doesn’t seem likely) to an Application Gateway? My assumption is that when the APIM is shut down, this DNS would become available, and I could assign it to the Application Gateway.

Ultimately, the goal is to shut down the APIM and redirect traffic to a self-hosted API Gateway without requiring a DNS change. Could you suggest any methods to achieve this?

Thank you for your assistance.

https://redd.it/1i7mnmm
@r_devops

Can we all together create The perfect DevOps roadmap?

Hey folks,

I know we have roadmap sh however imo it is too vague and has too many tools that serve the same purpose. For example, why does it list 4-5 observability tools, languages, and CI/CDs? It also keeps outdated tools like Jenkins and Puppet while newer solutions are increasingly preferred in job postings. The whole thing is overwhelming and even confusing. Roadmaps are often used by newbies - they need guidance, not a list of all available tools.

I think we need something concrete, modern, and extremely relevant to the current job market, especially during these times.

Could we join forces to create a great DevOps roadmap? I created a public GitHub repo: https://github.com/prepare-sh/roadmaps. You can fork it, edit devops.json, and create a PR.

I also created a UI that will be displayed at: https://prepare.sh/roadmap/devops

thanks

edit: if you don't like UI we can host it anywhere else as long as it will stays free and available to the community

https://redd.it/1i7rn02
@r_devops

Project Idea for Resume?

So i'm currently working as an Automation Architect for a mid-size company. I have a C.S. degree and have decent coding proficiency. That being said i've had a desire to make a lateral move or at least dip my fingers into DevOps.

I'm going through KodeKloud right now doing their devops path and am enjoying it, I want to eventually get the docker cert (How hard is it btw?) and Kubernetes cert.

That being said I don't really have anything personal I can sort of "practice" this on. I know people at work that have cool home labs but I just don't really have anything like that I can do.

An idea was to make a project and use docker to sort of develop/deploy a simple web application (I mean super simple) using various docker containers and linking them up.

Like flak/redis/mysql etc...

Is that something that would be like "ok this guy at least knows some shit" if I were to put it on github or would it be kind of a waste.

Also curious what sort of things people practice on their homelab? Like what products do you use?

https://redd.it/1i7rgeo
@r_devops

Made a video deploying Prometheus and Grafana

Check it out if youre interested https://youtu.be/xhjoGqM-hVI

https://redd.it/1i7rfar
@r_devops

Is finishing Full Stack Open course (https://fullstackopen.com/) worth the time to get started?

Background: I currently work as a tech support. I have been taking online courses on web dev for some time now (have a few certs for basic courses on Coursera and Udemy), but I do not have any practical/professional experience with web development. My plan is to switch from tech support to web dev in the near future. I have just started Full Stack Open and I really like the course so far.


In my job, one of our tasks is to sometimes collaborate with our DevOps team. I have no experience and knowledge on devops, but I have been intrigued by what they do so I have been looking up on some info about the field. And I find it really interesting to the point where I'm thinking of changing my plan and focus on DevOps instead.

My questions are:

* Is it still worth the time to finish fullstackopen or should I try to look for and focus on more DevOps-focused course? The course covers a lot of skills required to be a full stack web developer, so I think it is still worth the time, but I could be wrong.
* The next best course I found is this specialization from Cousera: [IBM DevOps and Software Engineering Professional Certificate](https://www.coursera.org/professional-certificates/devops-and-software-engineering). I am thinking of either switching to this course now or taking this after completing fullstackopen. Is this a good course to get started?
* Brutally honest: is my goal realistic? That is, is it a common scenario for someone with no experience to take online courses, build a portfolio, and switch to a DevOps role (either within company or outside)?


Thank you!

https://redd.it/1i7utwd
@r_devops

Terraform Github Provider | Question for users

Hi,

I'm one of the administrators of a large GitHub organization. We are in the process of creating self-service capabilities for our users since we are struggling with the volume of support tasks for minor operations, such as assigning organization secrets to repositories and adding repositories to GitHub apps.

Currently, we are using self-service repositories (running custom scripts on GitHub Actions under the hood) where users can create pull requests to request changes.

I am considering migrating to Terraform since it is more robust, and we can manage the current state more effectively than with custom scripts. I would appreciate hearing from those who have experience with the Terraform GitHub provider. What are the pros and cons, and what potential hidden issues should we watch out for?

The key requirement is that users should still be able to create pull requests with suggested changes, so we need to keep the configuration files user-friendly.

Looking forward to your insights!

https://redd.it/1i7yqf6
@r_devops

From Marketing Problem Solver to Developer: Seeking Guidance to Build My Tech Portfolio!

I'm considering a career transition into software development and would appreciate your insights and recommendations.

I have a background in problem-solving for clients in the marketing field, where I've spent the last 15 years. Throughout this time, I've frequently engaged in building MVPs and solutions to address issues arising from various platforms' inability to communicate effectively. My experience includes extensive data-driven analysis using tools like SQL and BigQuery.

Fundamentally, I was trained in the old days of VB6, ASP, and even some C, along with various front-end web development technologies. Additionally, I have a working understanding of machine learning models and have utilized large language models (LLMs) in a few projects.

While I have accumulated a lot of practical knowledge over the years, I sometimes feel like I have "too much knowledge for my own good" without a clear direction on how to formalize it. I'm eager to create a tangible portfolio that I can showcase on platforms like GitHub. My goal is to prepare myself for more formal projects or job opportunities in the software development field within the next year or two.

As a newbie looking to break into this field, I'm seeking advice on how to effectively leverage my existing skills, resources for building a portfolio, or steps to take for transitioning into development. Any guidance would be greatly appreciated!

https://redd.it/1i7yxk3
@r_devops

Opengrep - a truly Open Source fork of the Code Security tool Semgrep - Announced

In December, the code security scanner Semgrep made a bunch of changes to their licensing model and scanning engine making it harder to use and share rules between various tools or use the free version at scale. Opengrep was launched by a consortium of vendors for a truly open source alternative: https://www.opengrep.dev/

https://redd.it/1i83yde
@r_devops