is my resume ok ? 5 YOE

https://imgur.com/a/hIzDBpq

Thanks !

https://redd.it/1iyv66i
@r_devops

can you guys roast my resume?

Hello everyone, I'm a masters student who has just started to apply for jobs. I don't have much experience in the IT field so I created my resume based on projects solely. I'm looking for jobs in devops(I know companies don't hire freshers for devops role) and SRE, cloud engineer and related jobs. I'm still learning devops so that is the reason I don't have any devops but will soon be adding it after learning.
can any of you guys could roast/review my resume? it would be really appreciated.

Resume link : https://www.reddit.com/r/aws/comments/1iyws7u/can\_you\_guys\_roast\_my\_resume/

Thanks in advance!

https://redd.it/1iywybb
@r_devops

Should I get degree in Cloud computing or Software Engineering from WGU

I have associates degree in computer science and internship experience in devops. Applying for jobs and no luck. thinking about getting bachelors degree from WGU in cloud computing or I should apply for Software engineering , Data Analytics or Cybersecurity?

https://redd.it/1iyypoh
@r_devops

What to do

I am looking to pursue a major . Should I choose computer engineer, software engineer, or electrical engineer. If I want to be come a DevOps.

https://redd.it/1iyz313
@r_devops

How do you manage database access?

We have a few AWS Aurora PostgreSQL databases where we manage database roles for our applications. This is done via psql.

The obvious problem is that it's very manual and not visible without running multiple psql commands. It's tedious to see which roles are available and which schemas, tables, columns they have access to.

What do you all use to visualize and manage this? Even better if it's a universal tool for other kinds of databases (MySQL, Trino, etc.)

Thanks for any advice!

https://redd.it/1iyqa64
@r_devops

IIS vs NGINX vs Apache

I had to install and configure a server to deploy web applications and APIs built in Node.js, I must clarify that these applications are intranet, they will be used only inside of the local company network. This is my first server and I was a little bit scared so I started with Windows Server. I built an Express server to serve each web app and I managed to deploy every single web service.

I wanted to go with a built-in web server to handle issues such as caching and security, a gateway to protect these APIs and serve these applications and I went with IIS, but I am having trouble while deploying web apps that are developed with React. All I hear about IIS is that it is crap and it only fits with Microsoft technologies.

I have the freedom to change anything I want so I want to ask you: should I change the host to a Linux distro and use NGINX or Apache to fulfill my needs even though I don't have experience with built-in web servers o with Linux in general? Or should I stick with IIS from now until I learn about Linux and web servers properly?

https://redd.it/1iz1kt3
@r_devops

Vagrant - WSL - Ansible

Anyone have some knowledge on how to make this set up work properly? I figured out how to make wsl and windows and vagrant to work together on virtualbox but it’s the ansible piece that’s killing my project.

My goal is pretty simple, I am learning ansible so I want to spin up 3 Ubuntu VMs in vagrant then have ansible run through each of the nodes and create a new user on each machine. My problem seems to happen with at ssh as it gets stuck after creating the first vm.

https://redd.it/1iz1kv3
@r_devops

Is there a debugger or some tool to check which container calls which container?

I have like 30 containers calling one another using messages and http calls, and sometimes it's impossible to know what is calling what because each services are coupled to each other and keep calling one another.

https://redd.it/1iz4bk9
@r_devops

SonatypeNexus OSS: Error during transaction commit and more DB errors

I am using Nexus version `3.70.1-02` which is the last version that supports OrientDB. It is deployed on a k8s cluster as a pod. I have been facing multiple issues ever since I tried to fetch a statistics about sizes of different repositories hosted on the nexus using `kubectl exec -it -u root <nexus-pod>` and executed following commands:

java -jar /opt/sonatype/nexus/lib/support/nexus-orient-console.jar
> CONNECT PLOCAL:/nexus-data/db/component admin admin
> select bucket.repositoryname as repository,sum(size) as bytes from asset group by bucket.repositoryname order by bytes desc limit 10;

This command worked as expected but ever since I am facing various transaction errors while reading/writing or even fetching metadata from various repos. I host APT, docker, raw repos on Nexus.

com.orientechnologies.orient.core.db.OPartitionedDatabasePool$DatabaseDocumentTxPooled - $ANSI{green {db=component}} Error on transaction commit 570FD604
com.orientechnologies.orient.core.exception.OStorageException: Error during transaction commit
DB name="component"

First I sensed something wrong with permissions as persistent volume in on the host machine so I did chmod -R 775 <nexus-persistent-location> and chown 200:200 <nexus-persistent-location> but this didn't solve the problem.

Every now and then I have to REBUILD the indices using REBUILD INDEX *; command and then delete nexus pod for k8s to create a new one and that works for some time(4-7hrs). Any clues what may be wrong here.

https://redd.it/1iz7rgk
@r_devops

Looking for Feedback on Our Multi-Environment (Dev/RC/Prod) GitLab CI/CD + Docker + Nexus Setup with Semantic Versioning

tl;dr: We have a multi-branch approach (develop, rc, main) with Docker + GitLab CI + Nexus for images. We’re finalizing how we do semantic versioning, environment variables, and Docker Compose setups. Would appreciate any wisdom from experienced DevOps folks!

Hey everyone! I’m working on a small team, and we’re currently establishing a DevOps pipeline for our microservice (a Java/Spring Boot app) and plan to replicate the same approach across multiple projects. We’d love to get some feedback from the DevOps community on our architecture and any potential pitfalls or improvements. Here’s our rough setup:


---

Our Git / Branching Model

We have three main branches:

1. develop – merges from feature/hotfix branches


2. rc – merges from develop when we’re ready for a release candidate


3. main – merges from rc for final production releases



Each branch deploys to its corresponding environment (dev → staging/RC → prod). We protect these branches so only maintainers can approve merges.



---

CI/CD with GitLab

We’re using Docker-in-Docker (dind) to build our Docker images inside GitLab CI, then pushing to Nexus as our Docker registry.

For Semantic Versioning, we’re still deciding between:

Option A: Formal semver only on production merges, while dev/rc images get tagged with branch + commitSHA.

Option B: Distinct semver or “pre-release” tags for dev (v1.2.3-dev), rc (v1.2.3-rc), and final (v1.2.3).


Considering Conventional Commits + semantic-release to auto-bump versions in the future, but that might be overkill initially.



---

Docker Compose & Environment Variables

We have a single docker-compose.yml that spins up PostgreSQL, pgAdmin, and our app container.

For different environments, we might use:

Separate .env files (e.g. .env.dev, .env.rc, .env.prod)

Or Docker Compose profiles (e.g., --profile dev / --profile rc).


Secrets and credentials (DB user/pass, etc.) are stored in GitLab CI variables. During deploy, we generate a .env on the target server (or pass env vars directly).

For production, everything is behind protected branches and environment-scoped variables.



---

Questions / Areas We’d Love Feedback On

1. Semantic Versioning Approach – Is it practical to do formal semver only for production and keep “branch + commitSHA” tags for dev/rc? Or is a uniform semver approach better?


2. Docker-in-Docker – Any pros/cons we should be wary of? Are there better ways to build Docker images in GitLab pipelines?


3. .env Handling – We plan to generate .env in the pipeline or store it on the server. Is that a good practice, or should we consider a different approach (e.g., Vault or similar)?


4. Nexus as a Docker Registry – Any best practices for tag management, cleanup, or security we should know?


5. Overall Flow – Does the dev → rc → main branching and environment progression sound solid, or do you recommend a different branching flow?



We’d love any advice, critiques, or “watch out for this!” tips from people who’ve done similar setups in production. Thanks in advance for your insights!

Thanks so much, everyone!

https://redd.it/1iz9evh
@r_devops

Best server configuration

Let suppose i want to run service :

Laravel service

Redis service

Node Service

RabbitMq Service


Then which server architecture and Linux distribution is good for early startup

Based on uber like application to run

https://redd.it/1izbv1x
@r_devops

Best server configuration

Let suppose i want to run service :

Laravel service

Redis service

Node Service

RabbitMq Service


Then which server architecture and Linux distribution is good for early startup

Based on uber like application to run

https://redd.it/1izbui7
@r_devops

AWS centralized secrets management and delegation across multi-accounts + how to share relevant secrets in-team and with third parties if needed?

AWS centralized secrets management and delegation across multi-accounts + how to share relevant secrets in-team and with third parties if needed?

https://redd.it/1izbsfw
@r_devops

Help Deploying OWASP ZAP on Kubernetes and Linking to GitLab CI

I’m integrating OWASP ZAP into my CI/CD pipeline and have been asked to deploy it on Kubernetes and connect it to GitLab CI. However, I haven’t found relevant documentation on how to properly set this up.

Has anyone done this before or found good resources to follow? Any guidance or examples would be greatly appreciated!

https://redd.it/1izfeuv
@r_devops

Guidance

Hello All,

I have been learning about Cloud and Devops for last 5-6 months and have built 3 applications.
I have built Java API application which connects to Azure Cosmos DB and is deployed on AKS/ Azure Web App using Azure Devops.

I have followed the same process to build and deploy a Node.js and python application. For IAC I have used bicep.

I have been searching for a job change and have been unsuccessful so far. I request you to help me provide your experience and guidance on to which other skills I need to learn in order to stand out and atleast be selected for an interview.


Thank you for all the help in Advance. Looking forward for your help.

Thank you 🙇🏻‍♂️

https://redd.it/1izgdri
@r_devops

Does anyone knows about ComplianceAsCode project, and and if it is easily upgradable ?

I've been assigned to an old project that is using the framework "ComplianceAsCode" in order to write structured documentations. This project has been kept "as it is" since 0.1.58, and today, we would like to renew it and be able to come back to current version which is 0.1.76.

I'm searching for some advice, does anybody knows about this project ?

https://redd.it/1izfy2j
@r_devops

Flexible rate limiting on applications that have none

We have some .net IIS applications sitting behind ALBs that do not have a concept of rate limiting. They are not getting upgraded to core anytime soon. There are features built into IIS, but it would be a redeploy everytime we want to change something. It's also IP based which is a non-starter because some customers have multiple accounts coming from the same IP. Ideally, we'd want to crack the bearer token and get the ID of who sent the request. Than we can set rate limits for big vs small customers.

What have you seen that's effective? Googling today it looks like either nginx was some lua scripting to redis or something like kong gateway whose price is...prohibitive. There look to be some creative solutions with isto, but being these are all EC2 instances and not containers I am not confident how that would work.



https://redd.it/1izjqob
@r_devops

AI agent creates a terraform devops project on AWS

I used Gemini 2.0 flash thinking to create a devops project from scratch. I used Roo vscode extension, gave it an advanced/detailed prompt. Got it to download & study docs, write terraform code, fmt, validate, fix all errors, till success 🎉

I'm a gray devops beard (if I had one!), and not much into making videos. Let me know how to improve or what you'd like to see (AI + devops)

https://youtube.com/watch?v=9ltORvpb57o

https://redd.it/1izkn10
@r_devops

What can your Lead do to make your life better?

I am newly promoted to Lead DevOps Engineer, and it came unexpected. I am running through my head ideas of what I can do to make the place better for my team.

Here's some thoughts:

1. Minimize context-switching and unexpected requests.
Our developers usually DM us on Slack with their issues/ideas, and this involves constant context-switching for our team members, when you're in the middle of something else.
I am planning to require Jira tasks for all requests to DevOps, so we can have visibility of the requests (no information hidden in DMs), and we can triage them so they turn from unplanned work to planned work.

2. Improve documentation
We will soon have a young new colleague on the team, and I want them to have clear documentation on processes, guidelines, and troubleshooting guides to refer to. This would also be beneficial for knowledge-sharing even among the experienced team members.

What else do you think can be done to make your life better professionally?

https://redd.it/1izlty0
@r_devops

Looking for a Free Tech/Cloud Course Available in Europe

Hey everyone! I'm searching for a free online course similar to Generation, but one that I can join from a European country. Unfortunately, Generation requires proof of residency, so I’m looking for alternatives that offer training in tech, cloud computing, or IT-related fields without strict location requirements.

If anyone knows of such programs—whether from companies, nonprofits, or government initiatives—please let me know! Any recommendations would be highly appreciated. Thanks in advance! 😊

https://redd.it/1izk8cl
@r_devops

Platform Engineering Fad?

Thoughts on platform engineering?

Specifically, has having a team empowered to build tooling working out? Or do you think its just a rebrand of DevOps? Has it paid off, or not so much?

If PE means having a team focused on improving developer experience and removing friction and toil from various DevOps tasks, then I'm a big believer.

( I work at Pulumi and am working on some platform engineering best practice documents, but looking for wider opinions. )

https://redd.it/1izpca1
@r_devops