Question about excessive liability clause in B2B contract

Hey everyone,

I'm soon to start my first freelance contract as DevOps. While reviewing the contract I noticed one clause that set off some alarm bells. I was wondering if this is something that is common, or rather a red flag that should make me think again.
It goes like this:

The Provider (me) agrees to indemnify and hold the Client harmless in full from and against all Losses arising from or in connection with:
...
...
5.3. any failure to provide the Services to the satisfaction of the Client and/or End User.

There are, of course, quite a few other more specific clauses in addition to 5.3 that refer to omission and infringement of whatever, which I can accept since they are specific, but a clause referring to unlimited liability related to 'satisfaction' seems to me a bit too much.

Many thanks for the advice.

PS: I do already have Professional Liability Insurance

https://redd.it/1k8oswp
@r_devops

How to find industry best practices for rightsizing cloud resources based on usage metrics?

Hi everyone,

I'm currently trying to better understand how to rightsize cloud resources across different types of services — not just compute instances (VMs, containers), but also databases, caches, storage services, networking components, API gateways, and other PaaS offerings.

The main challenge I'm facing is:

How to decide, based on real usage metrics (CPU, memory, network throughput, requests, connections, etc.), when it makes sense to recommend downsizing or optimization?
In other words: What thresholds or best practices should be applied across different resource types?

For example:

For a PostgreSQL database: if average CPU usage stays consistently below X%, and connection counts remain below Y, downsizing might be appropriate.
For a Redis cache: if memory and CPU utilization are low over time, a smaller SKU or plan could be justified.
For load balancers or API gateways: if request volume and network throughput are much lower than provisioned capacity, resizing or tier adjustment could be considered.
For storage services: if IO or access rates are minimal, moving to a lower-cost tier could make sense.

My Questions:

1. Are there any reliable standards, best practice frameworks, or internal methodologies that define rightsizing thresholds for cloud services?
2. How do you determine safe and reasonable criteria for optimization across different service types?
3. Are there common "rules of thumb" that you or your organization use (e.g., "CPU usage consistently under 60% over 30 days → recommend downgrade")?
4. (Bonus) If you have cloud-provider-specific insights (AWS, Azure, GCP), I'd love to hear those too!

I've seen tools like Azure Advisor, AWS Compute Optimizer, and GCP Recommender, but they seem to mostly focus on compute resources (VMs, autoscaling groups) rather than PaaS services like managed databases, caches, networking, etc.

Any experiences, whitepapers, blog posts, internal heuristics, or rules of thumb would be highly appreciated!

Thanks a lot in advance! 🙏

https://redd.it/1k8pk92
@r_devops

Did Buildkite remove their developer plan (aka free plan)?

My previous employer used Buildkite and I liked it so I setup some personal projects and used Buildkite to play around with things. They used to have a free "developer" plan that allowed like 3 pipelines.

I hadn't touched it in a while and went to test some things the other day and it wanted me to pay for a plan, it looks like they consolidated to just a "pro" plan at like $30/month and an enterprise plan.

Anyone have any details on this?

https://redd.it/1k8r1zk
@r_devops

Non-cliche AI takeover discussion.

Folks, So this evening I was scrolling reddit and saw bunch of negative post about AI risk for engineering jobs. Yes, you might think I’m the guy who sees the glass half empty instead of half full most of the time. No, I don’t. It’s just my brain always alarmed to be prepared for negative situations so I can handle them better once I face it. Kinda not to be caught unexpectedly. I root for every single person who is unemployed now and tries to get a job. So, I did small research, statistics to see what’s the probability of the AI threat (taking over out jobs) at least to have some time estimate, some prediction of how soon it might happen and the scale. So, with help of o3 model pulled out some stats, data and the result seems positive. Kinda want to encourage you guys who worried about it that it’s not as bad as everyone talks. That’s why real numbers matter.


So, dumping what I just pieced together from BLS data, LinkedIn/Lightcast, Gartner, McKinsey, Oxford, etc. None of these numbers are perfect, but they all point in the same direction:

• Around 790 k folks in the US have some flavor of “DevOps / platform / cloud infra” on their badge right now.
SRE titles are the smaller slice—call it 50-70 k.

• Open roles out-run the bench. Most weeks there are 11-33 k DevOps postings and 40-50 k SRE postings, while only ~24 k DevOps people are actively job-hunting (BLS puts comp-sci unemployment near 3 %). So demand > supply, even after the 2024-Q4 layoffs.

• Full replacement risk is tiny. Oxford’s automation model gives DevOps a 4 % “gone forever” chance. i.e. <1 in 20 odds your whole job vanishes.

• Task-level automation is already chewing away.

• McKinsey says 20-45 % of software-engineering hours are automatable right now.

• Gartner thinks 70 % of devs (that’s us) will be using AI tools daily by 2027.

• Real life: AI cranks out Terraform/YAML boilerplate, test harnesses, post-mortem drafts.

• Timeline: every study I read lands on “<5 % of jobs lost over the next decade.” It’s cheaper to augment humans than replace us outright.

• What the bots still suck at (aka how to stay valuable): system/failure-domain design, incident command when stuff’s on fire, FinOps/compliance sign-offs, and basic herding-cats across teams.

• If you’re skilling up right now: double down on SLI/SLO strategy, policy-as-code & SBOM pipelines, multi-cloud cost modeling, and learning how to steer AI copilots instead of panicking about them.

P.S. The Bottom line is yes, Gen-AI will eat a chunk of the boring scripts, but the odds of it killing off more than 5 % of DevOps/SRE gigs before 2035 look super slim. Curious if your on-the-ground experience lines up with these numbers.

https://redd.it/1k8vvnx
@r_devops

Does anyone here actually do Devops? (real Devops)

My last job was in a devops org, let me describe it.

We had a "pizza" sized team (5-8 people) with a range of skills. A who was good with AWS, T who was good at testing, C who was good at code, S who was good at scrum (and a few less experienced juniors).

But, if S was out, then C could run the standup. C actually understood the unit test framework we inherited better than T. Most of the work was coding so T, S and A spent most of their time writing code. And the juniors could chair a meeting, write code, tests or deploy to AWS (with supervision/code review). If there was a bug report, anyone would pick it up and if they needed, would ask someone. PR reviews would always include a "did you update the docs check?" (iirc the cicd would actually reject PRs that had changes in the API code but no docs change). We were responsible for our own product's security and used various tools to alert us to code/IaaC problems. Each PR would get its own test environment and we'd deploy changes multiple times a day.

And there were about 10 teams all doing the same in our business unit. And if we needed to interface with one of them we'd read their documentation and if they needed us, they'd read ours.

Every time I come to this sub, I seem to be reading a post from someone annoyed with either:

"devops" then describes one part of devops like it's all of devops (eg "I hate devops because \[test|CICD|security\] is hard")
"devs" describing them as a separate evil entity
"ops" describing them as a separate evil entity
"security" describing them as a separate evil entity

If you're in a "devops" team and are not developing, testing, securing, operating, improving your product: you're doing it wrong.

If you're in a "devops tools" team and not doing devops yourself: Why not? And by the way, providing the devops tools should not include providing CICD code for projects or defining monitoring or logging or responding to tickets.


So, do YOU do devops?

(As a consequence, I think "normal" dev with 2 years experience is starting to be not junior. But because devops includes so many disciplines, you can still be a junior devops with 5 years experience. Only with that amount of experience can you be expected to have useful amounts of experience of typescript, python, java, bash and sql and unit tests and investigate IAM, DNS, kernel, firewall and routing issues and respond to customer tickets and configuring Tekton/ArgoCD/Jenkins)

https://redd.it/1k8z23g
@r_devops

What's been your roughest dev environment setup or onboarding experience?

Hey everyone,

Curious to hear —

What’s the most frustrating dev onboarding you’ve personally gone through?

Took forever to set up the environment?
Outdated docs?
Missing dependencies?
"Works on my machine" nightmares?

I'm wondering what setups caused the most headaches for people when joining new teams or projects.

Would love to hear any horror stories if you're willing to share.

https://redd.it/1k91hfp
@r_devops

Total Kubernetes noob with KCNA voucher. How long will it take to prepare and pass?

Hi. Pls, how long do you recommend is sufficient to prepare for the KCNA exam? is 3 weeks or a month enough? 2 weeks?

https://redd.it/1k91pyk
@r_devops

What does/should a typical DevOps user story look like (e.g. in Jira)?

I have a feeling default “As a [persona\], I [want to\], [so that\].” doesn't quite fit here, especially the 'persona' component.

Also, I cannot imagine having Gherkin notation (given-when-then) as acceptance criteria.

Can you guys help with some examples? How do your POs do it?

https://redd.it/1k933xp
@r_devops

Show r/devops: TmuxAI - An AI assistant that lives inside your tmux sessions, observing your panes
https://www.reddit.com/gallery/1k96a2n

https://redd.it/1k96o4f
@r_devops

Calling Founders - Help validate an early stage idea

We’re working on a platform thats kind of like Stripe for AI APIs. You’ve fine-tuned a model. Maybe deployed it on Hugging Face or RunPod. But turning it into a usable, secure, and paid API? That’s the real struggle.

Wrap your model with a secure endpoint
Add metering, auth, rate limits
Set your pricing
We handle usage tracking, billing, and payouts

It takes weeks to go from fine-tuned model to monetization. We are trying to solve this.

We’re validating interest right now. Would love your input: https://forms.gle/GaSDYUh5p6C8QvXcA

Takes 60 seconds — early access if you want in.

We will not use the survey for commercial purposes. We are just trying to validate an idea. Thanks!

https://redd.it/1k9dh1d
@r_devops

What would you think of a lightweight desktop app to manage your VPS (Apache, Nginx, Docker, Cron...) easily?

Hey everyone,
I’m currently building (solo) a small desktop app called **Server Explorer**, and I’d love your feedback.

The idea is simple:
**Manage your remote servers** (VPS or dedicated, running Unix/Linux) through a clean desktop interface, without needing to open SSH or type commands manually.

With Server Explorer, you can:

* Start, stop, restart services like Apache, Nginx and list site
* Manager your Docker container (start, stop, view log)
* Manage your cron tab
* Manage files (edit, compress, delete, move)
* Stay in control without using the terminal for basic tasks

It's **not trying to replace full devops panels** like cPanel or Docker solutions.
Think of it as a **lightweight assistant** for developers who already manage VPS servers manually and just want to make their daily workflow faster and smoother.

**Would that be useful for you?**
If yes, what would you expect first from a tool like this?

Thanks for reading — feel free to drop thoughts, questions, or feedback 🚀

P.S. There’s a basic version already available, but I’m improving it step by step based on real user feedback 👀

https://redd.it/1k9fxgq
@r_devops

Will I be employable after completing Mumshad Mannambeth's CKA course on Udemy? Does it teach enough Kubernetes to make me job-ready? I got laid off recently and am searching for DevOps roles. Will I be able to crack Kubernetes-related questions after finishing that course?

.I have very limited time

https://redd.it/1k9h01i
@r_devops

Offering to do mock DevOps interviews

Hey folks,

I recently hit a weird personal milestone: I’ve now done over 1,000 interviews just for fun.

I started this 9 years ago as a hobby — applying to jobs I wasn’t necessarily interested in, just to see how far I could get and how many interviews I could pass. It became a personal challenge and honestly, a bit of an addiction.

Now, I want to give back a little.

If you’re preparing for DevOps roles and want to practice with someone who’s been on both sides of the table, I’d be happy to run a mock interview with you. I can simulate real interview scenarios or focus on specific areas you’re trying to improve (tech questions, system design, behavioral stuff, etc.).

Totally free — I’m just doing this because I genuinely enjoy it and want to help folks feel more confident going into interviews.

DM me or drop a comment if you're interested.

https://redd.it/1k9pvrw
@r_devops

What are the biggest red flags in a DevOps job interview?

I’ve been applying for DevOps roles and have a few interviews lined up. I wanted to ask—what are some major red flags you’ve noticed in DevOps job interviews?

For example, do certain vague job descriptions or interview questions signal that a company doesn’t really “get” DevOps? Or are there any warning signs that the role might be more of a traditional sysadmin gig disguised as DevOps?

https://redd.it/1k9pz2r
@r_devops

What’s your go-to tool for validating SAML flows in automated deployments?

While working on a multi-cloud SaaS deployment recently, we ran into some frustrating issues around SAML authentication during staging rollouts:

* X.509 certificate mismatches (formatting, fingerprint issues)
* XML signature validation errors
* Metadata incompatibility between service providers and IdPs
* Problems securely handling encrypted SAML responses

We realized debugging these manually was too fragile for CI/CD pipelines — especially when cert rotation and metadata updates were frequent.

To make it more reliable, I started building an internal toolkit that could validate and test SAML flows more easily — certificates, metadata, assertions, encryption — without needing a full stack deployment.

It eventually turned into a small free toolset that includes:

* Certificate generation, formatting, and fingerprinting utilities
* AuthNRequest and Response signing/validation
* XML encryption/decryption
* Metadata builders for SPs and IdPs
* Attribute extractors from SAML assertions

Curious — what tooling (free or otherwise) do you use to validate and debug SAML flows during deployments or auth integrations?

Happy to share the toolkit link too if anyone's interested — no signup needed.

https://redd.it/1k9sucd
@r_devops

Now that DevOps has become a buzzword, how long do you think before it becomes saturated?

Title

https://redd.it/1k9u7q5
@r_devops

I just want to practice my craft

Sometimes I joke that my ultimate goal is to make enough money as a software engineer to never touch a computer again. I daydream about traveling through Oklahoma and Texas, shoeing horses and running the largest alfalfa operation in the Midwest. Even the creator of Neofetch archived all his GitHub repos and left a simple note: he’s farming now. So I’m not alone.

But the impulse runs deeper. It’s about the need to practice a craft. Whether it’s farming or software, many of us crave the rhythm of doing real work—building, refining, improving. Instead, we often get buried in meetings, shifting priorities, and deadlines. The time to sit down, design, and build thoughtfully feels rare. And technical debt isn’t just messy code—it’s every shortcut we’re forced to take when the pressure to deliver outweighs the desire to build something solid.

How do we keep our edge while still serving the business? Over the last month, I’ve been carving out time each day to study best practices, sharpen my skills, and contribute back to the community in small but meaningful ways.

In 2025, my goal is simple: scratch the itch of craftsmanship and build better software. Will I succeed? We’ll see.

https://redd.it/1k9usei
@r_devops

Requesting Feedback on My Personal Portfolio Website

I recently build and published my personal portfolio website: https://zyrogx.github.io

I would really appreciate any feedback from you guys.

I am still early in my career (Ai Student), so any constructive criticism would be super helpful to improve before applying for internships.
Thank you




https://redd.it/1k9ujyn
@r_devops

What does DevOps looks for testing custom / embedded on-prem Hardware setups?

Since hardware is improving, many custom hardware / embedded devices are now able to use benefits of CI/CD pipelining / Containerization / Cloud-Native style infrastructure to perform testing and deployments.

I have seen cases where the infrastructure to test specific hardware is often times accomodated with a "control" device with linux on it to "trigger" test workloads on the device-under-tests. Sometimes custom embedded linux distros with containerization enabled are also used to test workloads.

Does someone work in "hardware" specific DevOps tools? If you can you shed some tools that may be worth looking into?

I do think similarities to clustering logic e.g. categorization based on peripherals (GPIO, PCIe, etc.) or Chips / SoCs feel similar to k8s nodes labels etc. Is this something people do daily or is it far-fetched?

https://redd.it/1k9xtbe
@r_devops

Requesting resume review and comments on my trajectory

I have not beein getting calls, but besides that lol
just judge the work i've done. It is trimmed so an outside perspective might help me know if its impressive or just words flying around even for techies.

https://imgur.com/a/bJdStTX



https://redd.it/1k9xov8
@r_devops

firecracker vm production question: How to not "boot into root shell"

I've been playing around with firecracker vms and have studied (and somewhat understood) their docs at [github\](https://github.com/firecracker-microvm/firecracker/tree/main/docs)

But one question remains: I am using their default ubuntu rootfs and it boots into a root shell. But my linux expertise fails on me, on how to proceed from here.

I have no issues preparing an ext4 filesystem based on the original ubuntu.squashfs from the AWS team. I can add my application into it, I can create a permission-less user, I can manually run the app inside the jailed firecracker instance, do the complicated network-namespaced setup, etc.

But what I don't get is:

How do I actually modify the file system to start with my specific task(like my.sh) on boot and also not tty as root?

I mean I could patch the tty override.conf:

$CHROOT/etc/systemd/system/[email protected]/override.conf

This is the file that autolog root. But I am pretty sure I am missing something important here.

So any advice on how to run a task as non-root on firecracker vm's boot would be much appreciated. 👍

To be clear: After I firecracker is up, I do not want to use the API or SSH to send commands to this machine. The goal is that the boot process results in my application being loaded and running as a rootless user.

https://redd.it/1k9zf1h
@r_devops