DevOps security architecture

Here is an example of how a secure DevOps architecture diagram can look like when integrating the right tools and following the principles that optimize DevOps implementation into your infrastructures

https://www.clickittech.com/devops/devops-architecture/#h-devops-architecture-diagram-example



https://redd.it/1jeirc3
@r_devops

Mobile app for phone-sized screen for viewing traces?

Is there a mobile app for "small screens" (phone sized) for viewing traces?

I have been using OTel tracing in all of my recent projects and don't even need logging anymore - because traces have richer semantics and are easier to "navigate".

I would love to be able to check things "on the go". I already send OTel traces to GCP's Cloud Tracing, and to AWS X-ray. So, if there is a mobile-first frontend for Cloud Tracing or X-ray that would work. A mobile-friendly frontend for any other tracing backend are welcome too!

Something like https://github.com/ymtdzzz/otel-tui but for mobile would work as well - I can self-host the backend part.



Thanks!

https://redd.it/1jemv6l
@r_devops

[CFP] Call for Papers – IEEE JCC 2025

Dear Researchers,

We are pleased to announce the **16th** **IEEE International Conference on Cloud Computing and Services (JCC 2025)**, which will be held from **July 21-24, 2025**, in **Tucson, Arizona, United States**.

IEEE JCC 2025 is a leading conference focused on the latest developments in cloud computing and services. This conference offers an excellent platform for researchers, practitioners, and industry experts to exchange ideas and share innovative research on cloud technologies, cloud-based applications, and services. We invite high-quality paper submissions on the following topics (but not limited to):

* AI/ML in joint-cloud environments
* AI/ML for Distributed Systems
* Cloud Service Models and Architectures
* Cloud Security and Privacy
* Cloud-based Internet of Things (IoT)
* Data Analytics and Machine Learning in the Cloud
* Cloud Infrastructure and Virtualization
* Cloud Management and Automation
* Cloud Computing for Edge Computing and 5G
* Industry Applications and Case Studies in Cloud Computing

**Paper Submission:**
Please submit your papers via the following link: [https://easychair.org/conferences/?conf=jcc2025](https://easychair.org/conferences/?conf=jcc2025)

**Important Dates:**

* **Paper Submission Deadline:** March 21, 2025
* **Author Notification:** May 8, 2025
* **Final Paper Submission (Camera-ready):** May 18, 2025

For additional details, visit the conference website: [https://conf.researchr.org/track/cisose-2025/jcc-2025](https://conf.researchr.org/track/cisose-2025/jcc-2025)

We look forward to your submissions and valuable contributions to the field of cloud computing and services.

Best regards,
Steering Committee, CISOSE 2025



https://redd.it/1jem54t
@r_devops

Call for Papers – IEEE SOSE 2025

Dear Researchers,

I am pleased to invite you to submit your research to the **19th IEEE International Conference on Service-Oriented System Engineering (SOSE 2025)**, to be held from **July 21-24, 2025**, in **Tucson, Arizona, United States**.

IEEE SOSE 2025 provides a leading international forum for researchers, practitioners, and industry experts to present and discuss cutting-edge research on service-oriented system engineering, microservices, AI-driven services, and cloud computing. The conference aims to advance the development of service-oriented computing, architectures, and applications in various domains.

# Topics of Interest Include (but are not limited to):

* Service-Oriented Architectures (SOA) & Microservices
* AI-Driven Service Computing
* Service Engineering for Cloud, Edge, and IoT
* Blockchain for Service Computing
* Security, Privacy, and Trust in Service-Oriented Systems
* DevOps & Continuous Deployment in SOSE
* Digital Twins & Cyber-Physical Systems
* Industry Applications and Real-World Case Studies

# Paper Submission: [https://easychair.org/conferences/?conf=sose2025](https://easychair.org/conferences/?conf=sose2025)

# Important Dates:

* **Paper Submission Deadline:** **April 15, 2025**
* **Author Notification:** **May 15, 2025**
* **Final Paper Submission (Camera-ready):** **May 22, 2025**

For more details, visit the conference website:
[https://conf.researchr.org/track/cisose-2025/sose-2025](https://conf.researchr.org/track/cisose-2025/sose-2025)

We look forward to your contributions and participation in IEEE SOSE 2025!

Best regards,
Steering Committee, CISOSE 2025

https://redd.it/1jeoqaq
@r_devops

🤹‍♀️ multipr - Make the same change in many GitHub repos!

Announcing multipr; create pull requests ”en masse” 🚀🚀🚀

https://github.com/fredrikaverpil/multipr

https://redd.it/1jepw74
@r_devops

GCP DevOps [REMOTE] [INDIA] [FULL TIME]

# Cloud Engineer

Experience: 2 to 4 years of experience

**Requirements**

* Extensive Linux experience, comfortable between Debian and Redhat.

* Experience architecting, deploying/developing software, or internet scale production-grade cloud solutions in virtualized environments, such as Google Cloud Platform or other public clouds.
* Experience refactoring monolithic applications to microservices, APIs, and/or serverless models.
* Good Understanding of OSS and managed SQL and NoSQL Databases.
* Coding knowledge in one or more scripting languages - Python, NodeJS, bash etc and 1 programming language preferably Go.
* Experience in containerisation technology - Kubernetes, Docker
* Experience in the following or similar technologies-  GKE, API Management tools like API Gateway, Service Mesh technologies like Istio,  Serverless technologies like Cloud Run, Cloud functions, Lambda etc.
* Build pipeline (CI) tools experience; both design and implementation preferably using Google Cloud build but open to other tools like Circle CI, Gitlab and Jenkins
* Experience in any of  the Continuous Delivery tools (CD)  preferably Google Cloud Deploy but open to other tools like ArgoCD, Spinnaker.
* Automation  experience using  any of the IaC tools  preferably Terraform with Google Provider.
* Expertise in Monitoring & Logging tools preferably Google Cloud Monitoring & Logging but open to other tools like Prometheus/Grafana, Datadog, NewRelic
* Consult with clients in  automation and migration strategy and execution
* Must have experience working with version control tools such as Bitbucket, Github/Gitlab
* Must have good communication skills
* Strongly goal oriented individual with a continuous drive to learn and grow
* Emanates ownership, accountability and integrity



**Responsibilities**

* Support seniors on at least 2 to 3 customer projects, able to handle customer communication with the coordination of products owners and project managers.
* Support seniors on creating well-informed, in-depth cloud strategy and  manage its adaptation process.
* Initiative to create solutions, always find improvements and offer assistance when needed without being asked.
* Takes ownership of projects, processes, domain and people and holds themselves accountable to achieve successful results.
* Understands their area of work and shares their knowledge frequently with their teammates.
* Given an introduction to the context in which a task fits, design and complete a medium to large sized task independently.
* Perform the tasks review of their colleagues and ensure it conforms to the task requirements and best practices.
* Troubleshoot incidents, identify root cause, fix and document problems, and implement preventive measures and solve issues before they affect business productivity.
* Ensure application performance, uptime, and scale, maintaining high standards of code quality and thoughtful design.
* Managing cloud environments in accordance with company security guidelines.
* Define and document best practices and strategies regarding application deployment and infrastructure maintenance.

https://redd.it/1jept2e
@r_devops

Salary inquiry

Hello folks,

I am currently searching for opportunities for devops profile, i have over 3 years of experience. I am seeing a few openings at EPAM for devops engineer A2 level. I just wanted what salary can i expect from this profile in india.

https://redd.it/1jeqtg2
@r_devops

Configurable deployment targets

How to deploy an app to multiple environments so that each env can run a different version of the application?

Here’s a short list of requirements:

1) app has to be deployed, meaning it's either a web app, or e.g. a backend service like an API

2) ut should be possible to deploy the app to multiple different environments/targets (like staging, production, test, etc.)

3) every environment can run a different version of the app

I’ve brainstormed several options here: https://www.toolongautomated.com/posts/2024/one-branch-to-rule-them-all-1.html#req-3-4-configurable-deployment-targets but would be grateful for more perspectives. Is anything I mentioned your go-to option, or maybe you think the listed ones are a strong no-go? If so, please share why you think so and that you’d do instead.



https://redd.it/1jettb5
@r_devops

Transition To DevOps

Hi fam, I am a data analyst with a work exp of 2 years, I am planning and trying to transition into DevOps domain. What are the challenges i will face when trying for full time jobs as i have my prior experience from a different domain.

PS. I am in indian job market

Please feel free to drop your suggestion or tips that might help me.

Thank you so much:)

https://redd.it/1jetkdz
@r_devops

JFrog Artifactory alternatives on 2025

HI,

i saw this question a few times in the group, but i. guess it will be interesting to now new ideas in 2025.

So i see that licensing of artifactory pro X is going to increase around 50%. i dont really like negotiating with them. I actually pay same price for a test instance than a prod instance.(i need to have a test intance for regulations, but it is actuallty doing anything and holding some Gb of test artifacts).

If i want to have HA design, i need to move to Enterprise, 3 servers in each environment. That´s actually a crazy idea.

My needs (and mostly the majority) are binary registry, proxy registry, containers, oci, etc. And RBAC with SAML/OIDC

I have been checking into Nexus and a new tool called proget. i could also get a cheap of OSS tool for binaries and harbour (im more concern of HA in containers).



https://redd.it/1jeuuo9
@r_devops

CloudFormation template validation in NeoVim

I write a lot of CloudFormation at my job (press `F` to pay respects) and I use NeoVim (btw).

While the YAML language server and my Schema Store integration does a great job of letting me know if I've totally botched something, I really like knowing that my template will validate, and I really hate how long the AWS CLI command to do so is. So I wrote a `:Validate` user command and figured I'd share in case anybody else was in the same boat.

vim.api.nvim_create_user_command("Validate", function()
local file = vim.fn.expand("%") -- Get the current file path
if file == "" then
vim.notify("No file name detected.", vim.log.levels.ERROR)
return
end
vim.cmd("!" .. "aws cloudformation validate-template --template-body file://" .. file)
end, { desc = "Use the AWS CLI to validate the current buffer as a CloudFormation Template" })

As I write this, it occurs to me that a `pre-commit` Git hook would also be a good idea.

I hope somebody else finds this helpful/useful.

https://redd.it/1jez6eg
@r_devops

Staging database - What is the best approach?

I have a staging environment and production environment. I want to populate the staging environment with data, but I am uncertain what data to use, also regarding security/privacy best practices.

Regarding staging, I came across answers, such as this, stating that a staging enviroment shall essentially mirror a production environment, including the database.

>[...\] You should also make sure the complete environments are as similar as possible, and stay that way. This obviously includes the DB. I normally setup a sync either daily or hourly (depending on how often I am building the site or app) to maintain the DB, and will often run this as part of the build process.

From my understanding, this person implies they copy their production database to staging. I've seen answers how to copy a production database to staging, but what confuses me is that none of the answers raise questions about security. When I looked elsewhere, I saw entire threads concerned about data masking and anonymization.

>(Person A) I am getting old. But there used to be these guys called DBAs. They will clone the prod DB and run SQL scripts that they maintain to mask/sanitise/transpose data, even cut down size by deleting data (e.g. 10m rows to 10k rows) and then instantiate a new non-prod DB.

>(Person B) Back in the days, DBA team dumped production data, into the qa or stage and then CorpSec ran some kind of tool (don't remember the name but was an Oracle one) that anonymized the data. [...\]

However, there're also replies that imply one shouldn't use production data to begin with.

>(Person C) Use/create synthetic datasets.

>(Person D) Totally agree, production data is production data, and truly anonymizing it or randomizing it is hard. It only takes one slip-up to get into problems.

>(Person E) Well it's quite simple, really. Production PII data should never leave the production account.

So, it seems like there are the following approaches.

1. 1:1 copy production to staging without anonymization.
2. 1:1 copy production to staging with anonymization.
3. Create synthetical data to populate your staging database.

Since I store sensitive data, such as account data (e-mail, hashed password) and personal information that isn't accessible to other users, I assume option 3 is best for me to avoid any issues I may encounter in the future (?).

What option would you consider best, assuming you were to host a service which stores sensitive information and allows users to spend real money on it? And what approach do established companies usually use?

https://redd.it/1jezs2f
@r_devops

For those of you who left the tech industry, what do you do for work now?

Why did you make the change?
Are you less or more stressed?
How did it change your financial situation?
Do you regret leaving?


https://redd.it/1jf01yg
@r_devops

Kubernetes command line extras

I have a few kubectl scripts set up. I have "kubectl-ns", which switches the namespace:

printf '%s\n' "kubectl config set-context --current --namespace=\"$1\""
kubectl config set-context --current --namespace="$1"
printf '%s: %s\n' 'Current namespace is' "$(kubectl config view -o json | jq '."current-context" as $currentcontext|.contexts[]|select(.name==$currentcontext)|.context.namespace')"

and "kubectl-events", which just lists events sorted by ".metadata.creationTimestamp", which... why was that not built in from the start??

It'd be nice also if there was a command to give you an overview of what's happening in the namespace that you're in. Kind of like "kubectl get all", but formatted a little nicer, with the pods listed under the deployment and indented a little. Maybe some kind of info output about something. Kind of like "oc status", if you're familiar with that.

And today I just hit upon a command line that was useful to me:

kubectl get pods | rg -v '1/1\s+Running'

Whenever I restart deployments I watch the pods come up. But of course if I just do "kubectl get pods" there's a whole bunch in there that are running fine and they all get mixed up together. In the past I've grepped the output for ' 0/1 '. Doing it this way, however, has the minor benefit of still showing the header line. It's a little nicer.

https://redd.it/1jf11ox
@r_devops

Suggestions around Hosting Jenkins on Kubernetes

I work in startup with lot of things we are managing on our own. Current Jenkins setup we have EC2 machines- Literally created manually with manual configurations. And as a nodes we have another set of Ec2 machines which are also used for some other things. Developers keep logging to that machines.

Has anyone Hosted on Kubernetes , So something like Jenkins Server on Kubernetes, and Nodes of Separate Kubernetes Clusters [Multiple Cluster in Multiple Accounts\].

Why jenkins only ? Lot of pipelines are built by devs so i don't want new tools. Its just hosting part as that is in my control. But there are problems are in scaling , Long Jenkins Queue. Whatever and what not.



https://redd.it/1jeyeis
@r_devops

Can I opt for Certified Kubernetes Security free retake immediately after failing ?

My CKS exam voucher is nearing expiry, so I wish to know that if i give my CKS exam today and i fail in it so can i retake it tommorow or maybe day after or there is some time frame after which only I can retake it ?

https://redd.it/1jf3es6
@r_devops

I just canceled a technical interview because of the "assignment". Can someone reassure me that I'm not wrong?



I was talking with a startup in Northern Europe. They needed someone to handle their migration to Kubernetes and be responsible for the entire platform, from code to production.

This is something I already have experience in, so it looked like a good opportunity. The first interview went well. I spoke with the CTO, who I would be reporting to. The company seems advanced and has a good product.

Then came the technical interview invitation. They want me to design their company's "golden path" from code to production and give a 40-minute presentation about it.

At first, I was suspicious because I felt the topic was like "get a consultant for free". And when I started to calculate how much time it would take me to research, design, and create this presentation, I stopped completely.

I asked them if a 10-minute presentation would work. Their response was, roughly, "No, but we can give you more time to prepare if you want."

I told them, "No, thank you," and canceled the interview. To me, this seems unethical and completely disrespectful of my time. Are companies really asking for all this time from applicants these days?

https://redd.it/1jf7tve
@r_devops

Here's a quick summary of my job search and the offer I received - Software Developer with 20+ years of experience

\-To paint a clear picture, I'm an older developer (56 years old), I don't have a college degree, and I haven't worked at FAANG. I started 24 years ago. The salary I was looking for was 160k to 170k, and fully remote work.

\-Started looking for a job: December 2nd

\-Applications/resumes sent: Around 40

\-Number of interviews: 2 (4 with the company that hired me, and 1 with another company. This second company is the one that contacted me).

\-Accepted the offer: January 10th. (Meaning only one month of searching, but the company that hired me started the process after the first week of searching)

\-I only used LinkedIn.

\-I only applied to jobs where my skills were a very strong match. Sometimes I made exceptions for opportunities in areas where I have extensive experience (usually in e-commerce or education). The company that hired me was a combination of a good technological fit and vertical experience (related to education).

\-I focused on companies in my NYC area so I could sell the advantage of being able to meet them in the company if they needed to. But none of them responded to me, even though it seemed like a good plan.

\-I ignored job postings that were older than a few days, and focused on the brand new ones that had less than 150 applicants.

\-I tailored my resume for each posting by removing any technology that was completely unrelated to the requirements.

\-I excluded all years of experience except for the last 15 years to avoid age discrimination and outdated technology.

\-I studied Leetcode problems.

\-using AI tools like chatGpt or interviewhammer

https://redd.it/1jf7zqm
@r_devops

Runs-on vs. terraform-aws-github-runner

Hey guys 👋

I’m planning on implementing both solution for POC and comparison for my client soon, anything I should be aware of / known issues?
How was your experience with either solution and why did you end up selecting one over the other?

Runs-on fairly new, and require licensing both offer greater flexibility (resource requests are made in the workflow manifest)

terraform-aws-github-runner is and enhanced version of Phillips’ original solution, well known and popular.

This is NOT an ARC (github k8s controller), I won’t spin up a cluster and maintain it just for that. Doesn’t fit my client needs.

https://redd.it/1jf593d
@r_devops

What are available career pathways for me to take as a junior DevOps?

So for record, I have 2 years of Software Engineering experience working on Fullstack web apps, and I am currently in a Junior DevOps position.

I am curious if anyone has any advice for me with my credentials on where I could potentially advance in my skillset. I am most likely going to do an Azure Certification, possibly both AZ-204 and AZ-104.

I am possibly interested in security as well. But I was wondering what are my options for advancing my skill set and what career pathways there are for me?

https://redd.it/1jfbi1u
@r_devops

Thinking of moving from New Relic to Datadog or Observe

My company is thinking of moving from NR to either DD or Observe. Wondering if anyone has done this change and how it went?

If so, how much of a lift was it to move from NR to DD or Observe?

I’m a bit concerned about how much time and effort it may take to move over & get everything configured - especially with alerts.

Any advice would be greatly appreciated !

https://redd.it/1jfbmly
@r_devops