CKS - Take K8S Security Essentials Course from LF

I am prepping for CKS. Should I take K8S Security Essentials from LF? Is it worth to spend money on it?

https://redd.it/1kojvoo
@r_devops

Meta: Solution to all the AI posts

There is an increasing amount of AI related posts that aren't too popular here, as someone that is a little bit more hopeful of what AI can do in devops I though we could create somewhere else to discuss these topics r/vibeops

https://redd.it/1kofpu9
@r_devops

Got hired as a DevOps Intern

Hey guys, fresh out of college, I am now hired at a startup, and they have decided to put me in the DevOps team. I don't really have any clue about DevOps. I have a week before my job starts, what are the things I can do in this one week to really get familiar with DevOps?

https://redd.it/1kondxu
@r_devops

future of Tech.

Hi Folks,

The title is a little bit bold but nevertheless it is what is concerning me and many others for a while. I love this community, this is where I started using Reddit so it's the place imo I should discuss this.

I'm ~~founder~~ engineer and janitor of prepare sh, you probably seen it being discussed here, but today I want to talk about something else. Never in my life I thought I'd be thinking "shall I quit tech?", "is it a viable career?", "is there a future in Tech?"

I see daily posts of desperation from young folks, applying for 300-400 jobs in a short matter of time to be ghosted, rejected, disrespected by companies sending AI interviewers showing how invaluable engineers are that they don't even assign a real person to conduct an interview.

I believe STEM path requires certain aptitude and resilience, and those people could have easily become something else like Doctors, Mechanics, etc. and wouldn't witness (not to this degree) never ending vicious cycle of upskilling, ageism, and layoffs.

I'm not saying doctors, and other professions have it easy, but there are many specialties such as dentistry etc that pay very well, are extremely stable and simply can never be outsourced. You go through some shit to get there but once you're there by say 35 or so, you're pretty much set for life. And with more experience you only become more valuable, unlike tech where you're on the hamster wheel of constant upskilling just to not fall behind. And even if you manage to stay relevant and up-to-date you'll still get shit from people once you're 40+ as ageism starts to hit you.

We've been lied to continuously by media, government, and big tech about shortage of talent in tech. They had their agenda to destroy tech salaries and boost their revenues and if you ask me they've achieved it successfully. Sure there is a shortage when someone is offering very low salary and requiring years of experience, but I've yet to witness shortage where adequate compensation is offered.

So the question is where do we go from here? Do we continue riding this increasingly unstable roller coaster, constantly fighting to stay relevant in an industry that seems designed to burn us out and replace us? Or do we start seriously considering alternatives that offer more stability and respect for experience? I'm genuinely curious what others in this community think, especially those who've been in tech for 10+ years. Are these concerns overblown, or are we witnessing the slow collapse of what was once considered the most promising career path of our generation?

https://redd.it/1koovoq
@r_devops

Debug & Chill 3 - Weird Authentication Issue

Excited to share the latest episode of my Debug & Chill series! 🚀

In this installment, we're exploring a mysterious authentication issue in Harbor, the popular open-source container registry.

Unlike my usual networking-focused adventures, this time we tackle the problem using a black-box approach, troubleshooting a third-party application without direct visibility into its internals.Through this debugging journey, I made several assumptions and mistakes—each one teaching valuable lessons. Curious to learn how minor time discrepancies caused major headaches?

Check out Debug & Chill #3 here: https://royreznik.substack.com/p/debug-and-chill-3-weird-authentication

I'd love to hear your thoughts, experiences, or similar stories in the comments below. Let's debug together! 🛠️☕

https://redd.it/1kopwd5
@r_devops

AWS IaC best option

Hi, I’m wondering about what tool for IaC do you think is the best option for managing infra, managed and serverless services, etc.
I know that you can choice tools owned by AWS (cloudformation, sam, cdk) and vendor independent such terraform.
I have expirience managing IaC with terraform in Azure and GCP. In the Azure case i could choice arm template and biceps but i think it is hard to find people use those option in azure.
In the other hand, I have seen several offers for DevOps with AWS skills where it seems that they prefer to use the AWS tools.
Could you share your expiriences managing IaC in AWS please?

https://redd.it/1koqsku
@r_devops

Crossplane IaC adoption

I've seen that Crossplane is CNCF incubating since 2021 while Terraform and Pulumi aren't. But most companies I know use Terraform/Pulumi over Crossplane.

Did I miss something here? We're thinking about consolidating our IaC tooling (we use Pulumi and Terraform, depending on the team) and I stumbled upon Crossplane a while ago, loved the concept and thought about it as a third alternative. But there's far fewer resources out there on Crossplane than there is on Terraform and now I'm asking myself if it can even be a viable candidate.

What's your experience with Crossplane? Any pitfalls I'm not aware of? Because at first glance, selling yaml based K8s resources to teams that are used to Python (for Pulumi) or HCL seems like less of a struggle than making them adopt the other team's tooling, especially since not all of them are programmers.

https://redd.it/1korgsv
@r_devops

Feature Flags for the Win

I’ve found that implementing Feature Flags consistently results in interesting debates. People either love them, hate them or have no idea how to start using them.

I think feature flags can be very valuable if done well.

The pain points of mismanagement are real, but I’ve had many times when I wished there was a feature flag but wasn’t and never regretted creating one.

Recently, I’ve been advocating feature flags with a new group I’m working with. I thought I’d share my thoughts via a series of posts that, hopefully, this community will also find helpful.

- Decoupling Code Deployments from Launching Features: https://medium.com/itnext/feature-flags-for-the-win-decoupling-code-deployments-from-launching-727b7aea63be

This post is about how feature flags can be used to deploy new code “turned off” and where it makes sense to follow this approach.

- Implementing Feature Flags the Right Way: https://medium.com/itnext/implementing-feature-flags-the-right-way-74e9b1f31423

This post jumps into the implementation and a bit of a lifecycle of feature flags. The TL;DR is to create a constant that is turned off, add a dynamic flag that you can turn on, and set the constant to on once it's stable to make it semi-permanent. Then, come back and refactor it all away.

- System vs. User Flags and When to Use Them: https://medium.com/itnext/system-vs-user-flags-and-when-to-use-them-b7fa0ace2315

I always see folks lump feature flags that change user behavior and flags that change system behavior together. But I firmly believe these are two things that must be managed differently.


https://redd.it/1kosqb8
@r_devops

Deploy Angular or React apps to Cloudflare Pages using GitHub Actions

I just published a quick guide that walks through deploying a front-end app (Angular or React) to Cloudflare Pages using GitHub Actions for CI/CD.

If you're looking for a simpler alternative to S3 + CloudFront or want to set up blazing-fast, globally distributed static hosting, this might help.

Read the blog here: https://blog.prateekjain.dev/deploy-angular-react-apps-on-cloudflare-pages-9212e91a55d5?sk=b5c890d3632842c6c474b8d4ec7f70ad

https://redd.it/1kovl32
@r_devops

Sustainable Development Requires Investing in Quality (Reflection Article)

Hey everyone,

I just shared an article that might resonate with many here. It's about how Lean and XP practices focused on quality — like test automation, trunk-based development, and fast feedback — enable sustainable speed in delivery.

It’s part of a broader series about applying Lean Software Development in the real world, especially across platform and product teams.

Would love to hear how others in DevOps or Platform roles are approaching sustainable speed.

🔗 Quality as the Foundation of Sustainable Development

📚 Full series overview: Lean Software Development in Practice

https://redd.it/1kovc28
@r_devops

What API Management issues do you have?

I am a product manager working on an API Management Solution (API Platform). I want to collect feedback from APIM users about their pain points and frustrations while managing their API lifecycle and working with existing APIMs. I would appreciate any feedback you can give me.

https://redd.it/1kox7bz
@r_devops

Ever hit a point where you’re just... burned out?

Some days, I genuinely love working in cloud—building stuff and learning new services.

Other days, it’s like:

17 tabs open
IAM policies mocking me
Terraform yelling about some tiny diff
And I'm questioning every career choice I've made

It’s wild how something so exciting can also feel so mentally exhausting.

Do you ever hit that wall where your brain says “no more YAML today”?
What do you do to reset when cloud fatigue hits?

https://redd.it/1koysm9
@r_devops

kubectl 1.33 now allows setting up kubectl aliases and default parameters natively

The Kubernetes 1.33 introduces an alpha feature`kuberc`, a feature for managing `kubectl` client-side configurations. This allows for a dedicated file (e.g., `~/.kube/kuberc`) to define user preferences such as aliases and default command flags, distinct from the primary `kubeconfig` file used for cluster authentication.

This can be useful for configurations like:

* Creating aliases, for example, `klogs` for `kubectl logs --follow --tail=50`.
* Ensuring `kubectl apply` defaults to using `--server-side`.
* Setting `kubectl delete` to operate in interactive mode by default.

For those interested in exploring this new functionality, a guide detailing the enabling process and providing configuration examples is available here: [https://cloudfleet.ai/blog/cloud-native-how-to/2025-05-customizing-kubectl-with-kuberc/](https://cloudfleet.ai/blog/cloud-native-how-to/2025-05-customizing-kubectl-with-kuberc/)

What are your initial thoughts on the `kuberc` feature? Which aliases or default overrides would you find most beneficial for your workflows?

https://redd.it/1koxo4a
@r_devops

How hard it will be to find a devops role in EU

Hey! I am working in Cyprus in a reputable company as a DevOps engineer with 3 YEO and several AWS certs. I need to be sponsored by the company to be able to work in the EU as am not an EU passport holder. Is it that hard to find DevOps roles in the EU whether its hybrid or onsite or fully remote?

https://redd.it/1kozteh
@r_devops

Gitlab Duo Workflow - Thoughts?

Anyone trying the beta? Seems pretty interesting alternative to other tools out there for an existing Gitlab customer vs paying for Cursor etc. I really like the ability for automation throughout the CI/CD pipeline which is much more value add than just code suggestion.

https://redd.it/1koz6ph
@r_devops

What’s the most innovative tasks you have implemented in your job

I would love to hear from your experiences.
For me, one of the most impactful things I did was integrating Atlantis with terraform. We configured it so that changes only get applied after MR approval, which tightened our infra change process.

P.S I know above task might seem straightforward, want to learn from others

https://redd.it/1kp86pq
@r_devops

Python Preparation for Devops role

I have an upcoming interview for a product based company (non-maang) for the role of devops.

They are expecting good scripting skills in python. What are the programs i should practice like palindrome, APIs of docker, kubernete, getting api response from servers.

https://redd.it/1kpd07w
@r_devops

How are you handling lightweight, visual workflow automation for microservice post-deploy tasks?

Hey folks,

I’ve been managing microservice deployments and keep hitting this familiar snag: after a deploy, there’s usually a chain of tasks like restarting services, running smoke tests, sending Slack alerts, or creating tickets if something fails.

Right now, I’m cobbling together bash scripts, GitHub Actions, or Jenkins jobs, but it feels brittle and hard to maintain. I’ve checked out Argo Workflows, Temporal, and n8n — but either they seem too heavy, too complex, or not quite a fit for this kind of “glue logic” between different tools and services.

So, I’m curious — does anyone here have a neat, preferably visual way to create and manage these kinds of internal workflows? Something lightweight, ideally self-hosted, that lets you drag and drop or configure these steps without writing tons of custom code?

Is this a problem others are facing, or is scripting still the easiest way? Would love to hear what approaches work in the wild and if there’s a middle ground I’m missing.

Thanks!

https://redd.it/1kpdptc
@r_devops

Any Salesforce Devops professionals here? What’s your tech stack like?

Also please mention any Salesforce certifications or tool specific certifications you guys have or need !!

https://redd.it/1kpe2gp
@r_devops

Relational vs Document-Oriented Database for Software Architecture

This is the repo with the full examples: https://github.com/LukasNiessen/relational-db-vs-document-store

# Relational vs Document-Oriented Database for Software Architecture

What I go through in here is:

1. Super quick refresher of what these two are
2. Key differences
3. Strengths and weaknesses
4. System design examples (+ Spring Java code)
5. Brief history

In the examples, I choose a relational DB in the first, and a document-oriented DB in the other. The focus is on why did I make that choice. I also provide some example code for both.

In the strengths and weaknesses part, I discuss both what used to be a strength/weakness and how it looks nowadays.

## Super short summary

The two most common types of DBs are:

- Relational database (RDB): PostgreSQL, MySQL, MSSQL, Oracle DB, ...
- Document-oriented database (document store): MongoDB, DynamoDB, CouchDB...

### RDB

The key idea is: fit the data into a big table. The columns are properties and the rows are the values. By doing this, we have our data in a very structured way. So we have much power for querying the data (using SQL). That is, we can do all sorts of filters, joints etc. The way we arrange the data into the table is called the database schema.

#### Example table

+----+---------+---------------------+-----+
| ID | Name    | Email               | Age |
+----+---------+---------------------+-----+
| 1  | Alice   | [email protected]   | 30  |
| 2  | Bob     | [email protected]     | 25  |
| 3  | Charlie | [email protected] | 28  |
+----+---------+---------------------+-----+

A database can have many tables.

### Document stores

The key idea is: just store the data as it is. Suppose we have an object. We just convert it to a JSON and store it as it is. We call this data a document. It's not limited to JSON though, it can also be BSON (binary JSON) or XML for example.

#### Example document

{
  "user_id": 123,
  "name": "Alice",
  "email": "[email protected]",
  "orders": [
    {"id": 1, "item": "Book", "price": 12.99},
    {"id": 2, "item": "Pen", "price": 1.50}
  ]
}

Each document is saved under a unique ID. This ID can be a path, for example in Google Cloud Firestore, but doesn't have to be.

Many documents 'in the same bucket' is called a collection. We can have many collections.

## Differences

#### Schema

- RDBs have a fixed schema. Every row 'has the same schema'.
- Document stores don't have schemas. Each document can 'have a different schema'.

#### Data Structure

- RDBs break data into normalized tables with relationships through foreign keys
- Document stores nest related data directly within documents as embedded objects or arrays

#### Query Language

- RDBs use SQL, a standardized declarative language
- Document stores typically have their own query APIs
- Nowadays, the common document stores support SQL-like queries too

#### Scaling Approach

- RDBs traditionally scale vertically (bigger/better machines)
- Nowadays, the most common RDBs offer horizontal scaling as well (eg. PostgeSQL)
- Document stores are great for horizontal scaling (more machines)

#### Transaction Support

ACID = availability, consistency, isolation, durability

- RDBs have mature ACID transaction support
- Document stores traditionally sacrificed ACID guarantees in favor of performance and availability
- The most common document stores nowadays support ACID though (eg. MongoDB)

## Strengths, weaknesses

### Relational Databases

I want to repeat a few things here again that have changed. As noted, nowadays, most document stores support SQL and ACID. Likewise, most RDBs nowadays support horizontal scaling.

However, let's look at ACID for example. While document stores support it, it's much more mature in RDBs. So if your app puts super high relevance on ACID, then probably RDBs are better. But if your app just needs basic ACID, both works well and this shouldn't be the deciding factor.

For this reason, I have put these points,

that are supported in both, in parentheses.

Strengths:

- Data Integrity: Strong schema enforcement ensures data consistency
- (Complex Querying: Great for complex joins and aggregations across multiple tables)
- (ACID)

Weaknesses:

- Schema: While the schema was listed as a strength, it also is a weakness. Changing the schema requires migrations which can be painful
- Object-Relational Impedance Mismatch: Translating between application objects and relational tables adds complexity. Hibernate and other Object-relational mapping (ORM) frameworks help though.
- (Horizontal Scaling: Supported but sharding is more complex as compared to document stores)
- Initial Dev Speed: Setting up schemas etc takes some time

### Document-Oriented Databases

Strengths:

- Schema Flexibility: Better for heterogeneous data structures
- Throughput: Supports high throughput, especially write throughput
- (Horizontal Scaling: Horizontal scaling is easier, you can shard document-wise (document 1-1000 on computer A and 1000-2000 on computer B))
- Performance for Document-Based Access: Retrieving or updating an entire document is very efficient
- One-to-Many Relationships: Superior in this regard. You don't need joins or other operations.
- Locality: See below
- Initial Dev Speed: Getting started is quicker due to the flexibility

Weaknesses:

- Complex Relationships: Many-to-one and many-to-many relationships are difficult and often require denormalization or application-level joins
- Data Consistency: More responsibility falls on application code to maintain data integrity
- Query Optimization: Less mature optimization engines compared to relational systems
- Storage Efficiency: Potential data duplication increases storage requirements
- Locality: See below

### Locality

I have listed locality as a strength and a weakness of document stores. Here is what I mean with this.

In document stores, cocuments are typically stored as a single, continuous string, encoded in formats like JSON, XML, or binary variants such as MongoDB's BSON. This structure provides a locality advantage when applications need to access entire documents. Storing related data together minimizes disk seeks, unlike relational databases (RDBs) where data split across multiple tables - this requires multiple index lookups, increasing retrieval time.

However, it's only a benefit when we need (almost) the entire document at once. Document stores typically load the entire document, even if only a small part is accessed. This is inefficient for large documents. Similarly, updates often require rewriting the entire document. So to keep these downsides small, make sure your documents are small.

Last note: Locality isn't exclusive to document stores. For example Google Spanner or Oracle achieve a similar locality in a relational model.

## System Design Examples

Note that I limit the examples to the minimum so the article is not totally bloated. The code is incomplete on purpose. You can find the complete code in the examples folder of the repo.

The examples folder contains two complete applications:

1. financial-transaction-system - A Spring Boot and React application using a relational database (H2)
2. content-management-system - A Spring Boot and React application using a document-oriented database (MongoDB)

Each example has its own README file with instructions for running the applications.

## Example 1: Financial Transaction System

### Requirements

#### Functional requirements

- Process payments and transfers
- Maintain accurate account balances
- Store audit trails for all operations

#### Non-functional requirements

- Reliability (!!)
- Data consistency (!!)

#### Why Relational is Better Here

We want reliability and data consistency. Though document stores support this too (ACID for example), they are less mature in this regard. The benefits of document stores are not interesting for us, so we go with an RDB.

Note: If we would expand this example and add things