What are the main benefits of setting up a vps for your project?

Want to learn more about vps in general and how I can benefit from setting one up.

https://redd.it/1j5ga1g
@r_devops

Seeking clients as a Devops Freelancer

I am working as a full time devops engineer but these days I don't have much project work and I want to take up freelancing projects side by side . What are the best ways I can do that ?

https://redd.it/1j5hkzy
@r_devops

s1h: ssh + scp + passwords manager unified in one simple CLI

Hello everyone, I use ssh a lot, and I have a mixture of passwords & private key, which is a pain to work with. To solve that pain point, I created this tool called s1h inspired from k9s:
https://github.com/noboruma/s1h
Hope you find it useful as well!

https://redd.it/1j5jlzo
@r_devops

Seeking feedback on my approach to building a container orchestrator (Uncloud)

Hey DevOps folks,

I'm reaching out for some honest feedback on a personal open source project that stemmed from my curiosity about simplifying the state of the art in container orchestration.

After spending years working with Kubernetes at a unicorn and for my home infra, I found myself increasingly frustrated by the operational overhead and complexity. I kept thinking: "Surely there must be a middle ground between simple Docker Compose and full-blown Kubernetes for small-medium scale? Can it work without Raft?" I wanted container orchestration to bring me joy again, the way Ansible did when I first tried it a decade ago, or Docker after that. Do you sometimes feel the same?

That frustration led me to start building Uncloud, intentionally focusing on core design principles that differ from traditional container orchestrators like Kubernetes, Docker Swarm, or Nomad:

No control plane: Fully decentralised design without quorum eliminates single points of failure and reduces operational overhead. Each machine maintains a synchronised copy of the cluster state through peer-to-peer communication, keeping cluster operations functional even if some machines go offline
Zero-config private network: Automatic WireGuard mesh with peer discovery and NAT traversal. Containers get unique IPs for direct cross-machine communication
Imperative over declarative: Favoring imperative operations over state reconciliation simplifies both the mental model and troubleshooting
Partition tolerant: Ability to function during network partitions at the cost of eventual consistency
Batteries included: Built-in service discovery using DNS, load balancing, ingress with HTTPS
Docker-like CLI: Familiar commands for managing both infrastructure and applications

I want well-designed building blocks that just work together. When a service needs high availability, I should be able to scale it across machines and know that if any machine goes down the remaining ones will continue serving traffic. I don’t need advanced auto-healing or auto-scaling magic that is easy to misconfigure. When I deploy, I want immediate feedback, not wondering whether the reconciliation loop will eventually catch up.

Please check out the GitHub page for more technical details and a Demo: https://github.com/psviderski/uncloud

I know this approach won't fit everyone's needs and by no means does it intend to replace K8s at scale. Always use what works best for your specific situation and don’t forget to have fun!

I’d really love to hear your feedback:

Am I alone in wanting something more powerful than Docker Compose but less complex than Kubernetes?
If you're dealing with similar challenges, what would you prioritise in a tool like this?

https://redd.it/1j5dxkr
@r_devops

CI/CD compliance audit

Have you ever conducted a compliance audit of CI/CD pipelines? By compliance, I mean ensuring that all CI/CD pipeline configurations comply with internal policies or external norms and frameworks (CIS Benchmark, NIST, NIS2, ISO 27001, etc.).

I'm super interested by feedbacks about it

https://redd.it/1j5kwo2
@r_devops

Understanding and mitigating Tail Latency by using request Hedging

Hi folks! 👋

I recently dove deep into latency mitigation strategies and wrote about request hedging, a technique I discovered while studying Grafana's distributed system toolkit. I thought this might be valuable for others working on distributed systems.

The article covers:
\- What tail latency is and why it matters
\- How request hedging works to combat latency spikes
\- Practical implementation example with some simulated numbers

Blog post: https://blog.alexoglou.com/posts/hedging

If you worked on tackling tail latency challenges in your systems I would love to know what you implemented and how it performed!

https://redd.it/1j5ld3g
@r_devops

Lighthouse and TTFB on azure

I have an azure Ubuntu server where I host a website that’s built using php (symfony), MySQL on an azure musql server, and node js. I’ve been trying to enhance the lighthouse performance score for the website. In general, I get 60-70 for performance and we aim to get to 90. I’ve looked into different aspects including caching, compression, using http2, and an azure cdn. The results are slightly better but not close to our target. One aspect I notice a lot is the TTFB values fluctuating all over the place from 60-1100 ms , which seems a lot. Has anybody tried any solutions to enhance that?

https://redd.it/1j5ng6w
@r_devops

Github actions, share custom actions

Hi everyone, I'm using Github Actions to build and deploy my applications.

I've already read that Github Actions has many shortcomings when it comes to advanced settings.

I'm using a private repo to share my custom actions: my-actions-repo.

When I need use a custom action in some job I need specify the complete syntax: my\_user\_name/my-actions-repo/actions/aws/aws-login@main, even though the workflow and actions are in the same repository.

name: "Workflow reusable"
on:
    workflow_call:
        inputs:
          image:
            description: "The Docker image to use"
            type: string
            required: true

jobs:

    job1:
        runs-on: ubuntu-latest
        container:
            image: ${{ inputs.image }}
        needs: build
        steps:
            - name: Checkout
              uses: actions/checkout@v3
            - name: AWS Login
              uses: my_user_name/my-actions-repo/actions/aws/aws-login@main
              with:
                region: "us-east-1"

How could I specify that the custom actions are within the actions repository (my-actions-repo), or what other options do I have since it is very dirty to indicate the entire syntax, I would like to only indicate: `./actions/aws/aws-login.`

If I just put "`/actions/aws/aws-login`", it tries to look for the actions in the repository where I'm calling my reusable workflow.

https://redd.it/1j5qrpv
@r_devops

Failed to get a junior DevOps job

Hello everyone,

For the past seven months, I have been studying and attending DevOps courses on Udemy. I also purchased TechWorld with Nana’s DevOps Bootcamp and have been learning all the essential tools that every DevOps engineer should know also I have a solid linux knowledge. However, I have not yet succeeded in securing a Junior DevOps position.

Currently, I am working as a Software Support Engineer, but I want to build a career in DevOps. What workflow should I follow to gain real-world DevOps experience until I get accepted for a Junior DevOps role?

https://redd.it/1j5q1lo
@r_devops

Argocd + naming convention for multi cluster deployments

Just curious how people handle naming their applications when using argocd?

I'm currently setting up an applicationset that I want to deploy to multiple clusters. The problem is I was wanting them all to have the same helm names inside the cluster

Ie. I want the helm chart in the cluster to be called {{name}}, not {{name}}-{{cluster}}, I don't care if the application inside ArgoCD is different but is there a way to reuse helm chart names?

https://redd.it/1j5vbpb
@r_devops

Managing Terminating Namespaces: Real-World Lessons in Kubernetes Cleanup

https://blog.abhimanyu-saharan.com/posts/managing-terminating-namespaces-real-world-lessons-in-kubernetes-cleanup

https://redd.it/1j5xhjn
@r_devops

Cloudflare Proxy + DO droplet

Hello,

I am pretty new in the devop world and I would like some help from those who are experienced 😛.

I am noticing in my Nginx error log a considerable number of requests made using the server IP instead of the hostname. I always used Cloudflare as proxy for this specific server.

I suspect this is maybe because DO droplet IP are public and attackers just scan for http/https ports on the various IP ranges?

I would like to whitelist all the public cloudflare IP in my nginx configuration and update them regularly (via a cron).

Is this something common? Do you have any recommendations?

My only concern is if Claudflare adds a new IP range in between my whitelist automatic update and nginx ends up refusing all cloudflare requests from the new IPs.

Thanks!



https://redd.it/1j5ww2h
@r_devops

Employers too hyper focused on specific tool(s) experience above all else when hiring?

So I've been out of a job since October and basically looking for any combination of Automation Engineer, DevOps Engineer, SRE, or Platform Engineer since there can be a lot of overlap. Without deep diving into my resume I have a lot of strong experience with Infrastructure-as-Code, Configuration-as-Code, programming, scripting, troubleshooting, research & development, and well rounded with a lot of previous ops experience too. Now just due to luck of the draw most of this wasn't with Terraform and Ansible. I've done some projects with these, like them, want to use them more, etc. They're far preferred over something like Azure ARM templates, Azure DSC (Desired State Configuration), or scripting from scratch to do deployments and configuration. In my opinion Terraform and Ansible are far easier too.

 

Now to the point of the title, it seems like I've lost out on multiple opportunities because I can't speak to extensive project experience with Terraform and/or Ansible. One recent one particularly irked me because I thought the interview went well, everyone was friendly, work culture seemed nice, good pay, etc. It was a local position (I've been working remote for years), and it was only me and one other candidate being interviewed. Ironically during the interview I thought maybe I was a little overqualified because the job sounded like mostly deploying and updating deployed (moslty) local infrastructure via Terraform. It didn't sound like there was any advanced configuration, pipeline creation (on that team), or much that was really going to push my limits. But hey, I need a paycheck, everything else sounded nice, and I could get more hands on experience with Terraform. I was very optimistic with the only real worry being if the other candidate happened to be stronger than me or not. When the external recruiter got back to me he told me the employer wasn't going with me or the other candidate because they didn't think either of us had the skill set they were looking for. The recruiter said at that point he told them their only option was probably going to be to look for someone not local. I was pretty dumbfounded.

 

I've also had similar experiences (that didn't make it as far) where they're just hyper focused on someone with extensive Terraform and/or Ansible experience with seemingly little regard to broader DevOps experience, even when I try to talk through some very impressive DevOps projects I've done. I'm beginning to wonder if most places are just terrible at hiring, I'm terrible at selling myself. or a combination of both.

https://redd.it/1j61mh7
@r_devops

Devops Days

Has anyone attended DevOps Days? Looking to go to the Chicago one.

Love to hear your thoughts / experience?

https://redd.it/1j62uwo
@r_devops

on prem containers?

I'm looking to hear from people who are running containers on prem? what is your setup?

https://redd.it/1j64mct
@r_devops

How creative can devops work get?

Unemployed right now, but at work I'm usually just on the "dev" side of things unless I have to push my code Github staging or FTP-ing some client's website to their web host. Yeah, I'm doing things old school. Generally I don't see the deployment and automation process to be "creative" stuff unlike application development where I get to figure out engineering problems that keep my mind stimulated.

I build standalone websites /binaries instead of putting them in containers (although I've played around with Docker a bit). Even so, this came at a great cost of job opportunities, where I might apply for a back end role but couldn't satisfactorily explain experience with certain DevOps tools.

Maybe it's more of a thing that solves organizational problems and not technical problems, which can explain a lot about my lack of exposure to DevOps. My dev experience is 95% contract jobs with small teams, for minor staff augmentation work.

I'm not looking for a dedicated role, but some ability of able to apply DevOps to personal work for skill building reasons would be nice. Something that is engaging enough to keep my attention in solo learning purposes.

https://redd.it/1j67eoi
@r_devops

Next Feature in My Opensource Debugging Tool? Would love feedback!

Hi r/devops,

I'm working on an opensource tool that leverages retrieval augmented generation (RAG) to help diagnose production issues faster (i'm a data scientist by trade so this is my bread and butter).

The tool currently stores Loki and Kubernetes data to a vector db which an LLM then processes to identify bugs and it's root cause - *cutting down debugging time significantly*.

I've found the tool super useful for my use case and I'm now at a stage where **I need input on what to build next** so it can benefit others too.

Here are a few ideas I'm considering:

* **Alerting**: Notify the user via email/slack a bug has appeared.
* **Workflows:** Automate common steps to debugging i.e. get pod health -> get pod logs -> get Loki logs...
* **More Integrations:** Prometheus, Dashboards, GitHub repos...

Which of these features/actions/tools do you already have in your workflow? Or is there something else that you feel would make debugging smoother?

I'd love to hear your thoughts! I'm super keen to take this tool to the next level, so happy to have a chat/demo if anyone’s interested in getting hands on.

Thanks in advance !

the tool: [https://github.com/dingus-technology/CHAT-WITH-LOGS](https://github.com/dingus-technology/CHAT-WITH-LOGS)

https://redd.it/1j6fw3n
@r_devops

How do you manage incidents beyond alerting?

At my startup, we've been using PagerDuty to get alerts for high-priority issues, but so far it's mostly just for notifying us. As we're growing, we're thinking of setting up a more structured way to track incidents and make it part of our workflow.

If you've used PagerDuty or any other tool for incident management, how do you approach it? Do you have any recommendations on managing incidents better? What would you say are the most important things to focus on as a company starts scaling?

https://redd.it/1j6gp7g
@r_devops

Learning sysadmin tools feels meaningless

I've had to deploy a MELT solution for a client so I was dealing with networking and devops for a few months. Had to learn a TON to get it to work. Networking, linux, TTYs, computing history etc.

By the end of that period I bought a NUC, and deployed using docker compose an entire stack using plex, radarr, sonarr and other things on it, and made it availalbe via a host domain via /etc/hosts. I was proud of myself. Felt like a sigma engineer.

It hasn't been less than three months ago (work has transitioned into building a fullstack webapp) and my plex server is unreachable. As i'm trying to get it working I figure I forgot like 90% of it all.

Do I use nmap or ip addr to find my NUCs IP? How do I make it have a static IP to add it to /etc/hosts? How again does the docker internal networking differ from localhost?

It all now feels meaningless as any attempts i'm going to make at re-learning how to do those things are going to evaporate whenever my work focus changes. Is this just a part of the work? Am I doing things wrong? WIll it get better with experience in the industry?

https://redd.it/1j6hy7r
@r_devops

Building AI agent for DevOps

I'm building an AI DevOps agent at LocalOps. Curious - what areas/workflows do you think I should automate out of the day to day toil a SRE has to go through otherwise. And why? Here to learn from your personal experiences.


I'm thinking about

\- IaC code gen and self-serve provisioning

\- Incident first response

\- Security scanning and patching


Please share your thoughts.

https://redd.it/1j6ii3g
@r_devops

How much of a programming are you expected to do as a SRE/Devops?

I checked couple of messages on this reddit - and it looks like there are companies that have a DevOps people that only write pipelines.

It is quite a surprise for me, in my experience it is always that you are expected to be a FULL-full stack engineer. Yes, I started as a software engineer and moved into DevOps because that was a pain point for that team. But even after I worked in small (4 people) and big (4000 people) companies - all the time it was NOT only DevOps, I had to work on back ends, frontends and infra code as well.


Am I really "unlucky" (and I put it in quotes because I still enjoyed all of them!) with my jobs or the opposite is actually quite rare?

https://redd.it/1j6kogf
@r_devops