Do you actually know where the name Ansible comes from?

I found out in a very natural way. While reading “The left hand of darkness” (1969!) by Ursula K. LeGuin I stumbled upon it and then researched where it comes from.

It is a rather important device in LeGuins “Hainish cycle”, used for intergalactic communication (and therefor stabilizing the vast expanse of the Hainish territory).

I love nerdom so much.

https://redd.it/1kbdgj9
@r_devops

Expose home server with Rathole tunnel and Traefik

I wrote a straightforward guide for everyone who wants to experiment with self-hosting websites from home but is unable to because of the lack of a public, static IP address. The reality is that most consumer-grade IPv4 addresses are behind CGNAT, and IPv6 is still not widely adopted.

Code is also included, you can run everything and have your home server available online in less than 30 minutes, whether it is a virtual machine, an LXC container in Proxmox, or a Raspberry Pi - anywhere you can run Docker.

I used Rathole for tunneling due to performance reasons and Docker for flexibility and reusability. Traefik runs on the local network, so your home server is tunnel-agnostic.

Here is the link to the article:

https://nemanjamitic.com/blog/2025-04-29-rathole-traefik-home-server

Have you done something similar yourself, did you take a different tools and approaches? I would love to hear your feedback.

https://redd.it/1kbfjws
@r_devops

Built a fun Java-based app with Blue-Green deployment strategy on kubernetes

I finished a fun Java app on EKS with full Blue-Green deployments that is automated end-to-end using Jenkins & Terraform, It feels like magic, but with more YAML and less sleep...

Code, Diagram, YAML, and deployment drama live here: GitHub Repo

Stack:

Infra: Terraform

CI/CD: Jenkins (Maven, SonarQube, Trivy, Docker, ECR)

Kubernetes: EKS + raw manifests

Deployment: Blue-Green with auto health checks & rollback

DB: MySQL (shared)

Security: SonarQube & Trivy scans

Traffic: LB with auto-switching

Logging: Not in this project yet


Pipeline runs all the way from Git to prod with zero manual steps. Super satisfying! :)

I'm eager to learn from your experiences and insights! Thanks in advance for your feedback :)



https://redd.it/1kbgihq
@r_devops

SST vs Pulumi for CGP + Python + React?

I'm traditionally a frontend dev but doing everything now I've joined a tiny startup. We're using GCP, Python and React.

I set everything up with Terraform. It's working but I only have my local dev environment and production. To do a release I have to manually build docker images, update the Terraform config and run `terraform apply`. 

I want to have PR branches built automatically when I push up changes, and production deployed when I merge to master. 

I'd also love code completion and type safety in my infrastructure as code. Even though the backend is Python I’d rather use TypeScript for this as I know it better. 

It seems like SST and Pulumi are the options for upgrading my set up? Is there a big difference between them? I know SST is built on Pulumi, but not sure how different the features / DX is?

https://redd.it/1kbiqay
@r_devops

What’s the value of kagent?

Read TLDR today and saw the part about the new kagent project: https://kagent.dev/docs/examples/documentation

I’ve written scripts to interrogate metrics before and do actions, what’s the actual value of this to us folks in dev/ops, and what would I actually need AI to know about my cluster that a script couldn’t already figure out itself?

https://redd.it/1kbk5vi
@r_devops

What networking questions should a fresher DevOps engineer expect in interviews?


Hey folks,
I'm preparing for DevOps engineer interviews as a fresher and want to get a solid grasp on the networking side of things. I understand that networking is a key skill for DevOps, but I’m not sure what kind of questions are commonly asked at the entry level.

Could anyone share the typical networking topics or specific questions that I should prepare for? Things like DNS, HTTP, ports, firewalls, etc.?
Any tips, resources, or personal interview experiences would be super helpful!



https://redd.it/1kbk2a2
@r_devops

Cut FAT/SAT Reporting Time by 95%: How GHS Accelerated Production with Skedler

Discover how Green Hydrogen Systems automated FAT/SAT reports from Grafana without coding, screenshots, or expensive upgrades.

Read More

https://redd.it/1kbmavc
@r_devops

Are there any services for AI-Agents to setup Webhooks?

I used low/no-Code platforms where I'd setup a webhook to trigger an agent, or for an agent to send something forward, but it's always me who has to set it up in the browser. Why not let the agent do that by itself as well? I haven't seen it much (maybe there is, I just haven't seen) which it is surprising since Mcp servers (which are just agent-focused APIs) are all the rage right now

https://redd.it/1kbnz7u
@r_devops

Calling all founders - Help validate an early stage idea - helping AI developers go from fine tuned AI model to product in minutes

We’re working on a platform thats kind of like Stripe for AI APIs. You’ve fine-tuned a model. Maybe deployed it on Hugging Face or RunPod.

But turning it into a usable, secure, and paid API? That’s the real struggle.

Wrap your model with a secure endpoint
Add metering, auth, rate limits
Set your pricing
We handle usage tracking, billing, and payouts

It takes weeks to go from fine-tuned model to monetization. We are trying to solve this.

We’re validating interest right now. Would love your input: **https://forms.gle/GaSDYUh5p6C8QvXcA**

Takes 60 seconds — early access if you want in.

We will not use the survey for commercial purposes. We are just trying to validate an idea. Thanks!

https://redd.it/1kbqa5b
@r_devops

Spinnaker in 2025

Views of people who are using it. Pros / cons

Open-source alternatives

Paid alternatives

TIA

https://redd.it/1kbq7yr
@r_devops

Security Tool (hardening) with Ansible remediation

Hello guys!

I work on Squirrel Servers Manager, the open-source monitoring & configuration management platform some of you might know from here or Github.

I am starting starting to build a lightweight security feature for self-hosted / on-prem Linux boxes.

The idea: scan your servers over SSH, spot common config issues or weak points (CIS-style stuff), and suggest ready-to-run Ansible playbooks to fix them. No agents, no magic — just faster, cleaner hardening. Think about it like a lightweight "Ansible Lockdown" with an UI.

Before I go too far and spend too many weekends on it :-), I’d love your input:

Biggest security frustrations/needs right now?
How do you handle server hardening today?
On hardening - what’s the most annoying part? Keeping track of benchmark? Writing fixes? Testing safely?
Would a workflow like this save you time or just add noise?ssh-key ➜ scan (CIS-ish checks + top CVEs) ➜ get a ranked list & matching Ansible/YAML snippets ➜ approve / tweak / run ➜ success/fail ping after 30 min

If you’re curious to try it early or have opinions, I’d love to hear from you here or by DM.

Thanks, and fire away with critique, war stories, or “this already exists, go look at X”! — Manu

https://redd.it/1kbjx53
@r_devops

How to SSH from RHEL6 to RHEL9?

It seems SHA-1 is no longer accepted by default in RHEL9 and RSA keys of any length are no longer accepted. I'm in the process of migrating some RHEL6 servers to RHEL9 and it seems the OpenSSH versions are too different for any ssh keys to be compatible. I've tried various key types and cant manage to make a connection. Cant find a common key/method.

It seems my options are to use a jump box which I'd rather not do or use a legacy option in RHEL9 and lower it's security.


Any other options?


https://redd.it/1kbwhdq
@r_devops

Saw lots of comments that Jenkins is not worth it. Why and if not then what??

I looking to enter devops and just completed jenkins. But iam worried looking at all those comments. And also what other helpful tip you would give. Thank you 🙏

https://redd.it/1kc0vvk
@r_devops

Switching to devops

I am a fronte end engineer with 3 year of experience wanting to switch into devops .What should I learn and how should I learn to transition smoothly into Devops.

https://redd.it/1kc2lco
@r_devops

DevOps vs Machine Learning (NOT A POST RE HOW TO GET A DEVOPS JOB)

hi

i am still an undergrad student having done a few internships in ml and 1 in devops. initially i was the most inclined towards building a career in ml, but i have noticed a sharp increase in the competition in ml jobs especially in the last year or so which made me rethink about my decision in going towards ml and rn im considering a shift to the devops side, considering how ml is an ever-expanding domain (devops is too but at least its not as much as ml because of the math behind everything imo)

whats your take on it? ive heard people saying theres less competition in devops, at least than in ml. correct me if im wrong, and any suggestions or a personal opinion is welcome, thanks

https://redd.it/1kc6rh4
@r_devops

I built a PagerDuty docs AI, LMK what you think!

Hi everyone,

I gave a custom LLM access to all PagerDuty dev center docs(https://developer.pagerduty.com/docs/introduction) to answer technical questions for people using PagerDuty: https://demo.kapa.ai/widget/pagerduty


Any other technical info you think would be helpful to add to the knowledge base?

Would love to hear your thoughts on it!

https://redd.it/1kc8o6c
@r_devops

Should you whitelist known cookies in the WAF?

So recently we had an outage due to a cookie value for a third party monitoring system falling foul of a WAF Rule.

This was tested in QA environment and it didn't trigger the WAF (cookie value was different in qa) so it never was raised as an issue.

This got me thinking that maybe we should whitelist all known cookies but obviously that opens the door to attack via the whitelisted cookie.

On the one hand it's unlikely that a random attacker would stumble upon the right cookie but what about the users? and also, it's not like we use obscure tech, so somebody might try some sort of drive by attack with known cookies.

It seems like a bad idea to whitelist, to say nothing that we were actually not aware of the change, so we wouldn't have been able to whitelist it (though we could put a process in place for to be notified)

So, do you whitelist known cookies in your WAF?

why?

why not?

How do you ensure that cookies do not trigger WAF rules in production?

https://redd.it/1kc8v1c
@r_devops

No job, no cloud..? Made this storage tool out of spite

Hey folks,

After not getting placed during the campus placement season, I was just sitting and messing around with some ideas I’d shelved earlier. Ended up building something over the past couple weekends — it’s called Sietch Vault.

Basically, it’s a decentralized file syncing tool that works without the internet — over LAN, USB drives. I made it mainly out of curiosity, and also frustration with how everything these days relies on cloud infra you don’t control.

It’s open source and still kinda rough, but would really appreciate thoughts from anyone here — whether it's useful, dumb, broken, or something worth polishing further.

Project link: https://sietch.nilaysharan.in
GitHub: https://github.com/SubstantialCattle5/Sietch

https://preview.redd.it/ev65386qs3ye1.png?width=2527&format=png&auto=webp&s=c93d19a789a7b989428507913e181d896dc05c56

Would love any kind of feedback — design, tech, or even just "bro why" 😅

https://redd.it/1kcbav4
@r_devops

A simple, self-hosted Sentry alternative you can install in 5 minutes (with just one command!)

Hey folks 👋

I got fed up with monthly bills and SaaS lock-in, and I needed a better way to track errors in my apps, so I built Telebugs. It’s an error tracker you pay for once, host yourself, and actually own. It took me 3.5 months of solo Rails work, and I’m really happy with the results.

It’s compatible with Sentry SDKs, so it probably supports your language or framework of choice.

It’s built for people who just want something that works without the headache. Setup is dead simple: one command and you’re rolling in 5 minutes. It automatically sets up your server with an SSL certificate. All you need to do is specify the domain you want it to run on.

It catches your errors, keeps everything on your machine, and doesn’t bug you with upsells or surprise fees.

**Tech stack:**

* Rails 8 + Hotwire + TailwindCSS
* SQLite (yep)
* Runs in a single Docker container
* Compatible with Sentry SDKs
* Push + email alerts (needs to be enabled explicitly)
* Rule-based data cleanup
* No analytics, no third-party calls

Happy to answer any questions here, or over email. Cheers!

[https://telebugs.com/](https://telebugs.com/)

https://redd.it/1kcc8qg
@r_devops

Running Virtual Desktops on AWS or Azure.

What are some options for running virtual desktops to test desktop applications on AWS?

This could potentially scale up to hundreds or thousands of virtual environments. The main use-case is to test our desktop application.

I know that AWS offers workspace and Azure has AVD.

What are some other potential solutions?

https://redd.it/1kce4yr
@r_devops

Meta: How do you all use AI? I'm totally not trying to find ideas for a startup

To not appear too suspicious, I'm going to start this post by talking a little bit about how I, too, am slightly suspect of AI, but that any "reasonable person" would at least give it a try. (And, we all want to be considered reasonable, right?) I've also clearly never searched for similar topics in this subreddit, and don't really have any interest in engaging with the subreddit community at all aside from making this post.

Then, I'll talk a little bit about how I want AI to do some "simple tasks" for me, like... well... literally all of my job. But the existing tools are a little bit piecemeal, leading me to...

...my super awesome tech demo that's just a wrapper for ChatGPT, and a totally coy call-for-action for people to try it out, along with a request for suggestions.

Oh, and I really like to sprinkle emojis into my post, like these: ✨💻🔎🙅‍♂️

\---------

/s

Seriously, can we get some moderation on this kind of nonsense? Our subreddit was already being invaded by people with 0 YOE who couldn't hack SWE interviews and thought that devops would be an "easy" alternative, and now it's being invaded by people who think they can AI-away everything and want to pitch their "one tool to rule them all" idea.

edit: the number of people thinking that I'm seriously asking how they use AI, rather than trying to point out the flood of AI-related spam we're getting, is somewhat bemusing.

https://redd.it/1kce06y
@r_devops