content types, including articles and products
- Allow adding new content types
- Support comments

### Non-functional requirements

- Performance
- Availability
- Elasticity

### Why Document Store is Better Here

As we have no critical transaction like in the previous example but are only interested in performance, availability and elasticity, document stores are a great choice. Considering that various content types is a requirement, our life is easier with document stores as they are schema-less.

### Data Model

```json
// Article document
{
"id": "article123",
"type": "article",
"title": "Understanding NoSQL",
"author": {
"id": "user456",
"name": "Jane Smith",
"email": "[email protected]"
},
"content": "Lorem ipsum dolor sit amet...",
"tags": ["database", "nosql", "tutorial"],
"published": true,
"publishedDate": "2025-05-01T10:30:00Z",
"comments": [
{
"id": "comment789",
"userId": "user101",
"userName": "Bob Johnson",
"text": "Great article!",
"timestamp": "2025-05-02T14:20:00Z",
"replies": [
{
"id": "reply456",
"userId": "user456",
"userName": "Jane Smith",
"text": "Thanks Bob!",
"timestamp": "2025-05-02T15:45:00Z"
}
]
}
],
"metadata": {
"viewCount": 1250,
"likeCount": 42,
"featuredImage": "/images/nosql-header.jpg",
"estimatedReadTime": 8
}
}

// Product document (completely different structure)
{
"id": "product789",
"type": "product",
"name": "Premium Ergonomic Chair",
"price": 299.99,
"categories": ["furniture", "office", "ergonomic"],
"variants": [
{
"color": "black",
"sku": "EC-BLK-001",
"inStock": 23
},
{
"color": "gray",
"sku": "EC-GRY-001",
"inStock": 14
}
],
"specifications": {
"weight": "15kg",
"dimensions": "65x70x120cm",
"material": "Mesh and aluminum"
}
}
```

### Spring Boot Implementation with MongoDB

```java
@Document(collection = "content")
public class ContentItem {
@Id
private String id;
private String type;
private Map<String, Object> data;

// Common fields can be explicit
private boolean published;
private Date createdAt;
private Date updatedAt;

// The rest can be dynamic
@DBRef(lazy = true)
private User author;

private List<Comment> comments;

// Basic getters and setters
}

// MongoDB Repository
public interface ContentRepository extends MongoRepository<ContentItem, String> {
List<ContentItem> findByType(String type);
List<ContentItem> findByTypeAndPublishedTrue(String type);
List<ContentItem> findByData_TagsContaining(String tag);
}

// Service for content management
@Service
public class ContentService {
private final ContentRepository contentRepository;

@Autowired
public ContentService(ContentRepository contentRepository) {
this.contentRepository = contentRepository;
}

public ContentItem createContent(String type, Map<String, Object> data, User author) {
ContentItem content = new ContentItem();
content.setType(type);
content.setData(data);
content.setAuthor(author);
content.setCreatedAt(new Date());
content.setUpdatedAt(new Date());
content.setPublished(false);

return contentRepository.save(content);
}

public ContentItem addComment(String contentId, Comment comment) {
ContentItem content = contentRepository.findById(contentId)
.orElseThrow(() -> new ContentNotFoundException("Content not found"));

if (content.getComments() == null) {
content.setComments(new ArrayList<>());
}

content.getComments().add(comment);
content.setUpdatedAt(new Date());

return contentRepository.save(content);
}

// Easily add new fields without migrations
public ContentItem addMetadata(String contentId, String key, Object value) {
ContentItem content = contentRepository.findById(contentId)

.orElseThrow(() -> new ContentNotFoundException("Content not found"));

Map<String, Object> data = content.getData();
if (data == null) {
data = new HashMap<>();
}

// Just update the field, no schema changes needed
data.put(key, value);
content.setData(data);

return contentRepository.save(content);
}
}
```

## Brief History of RDBs vs NoSQL

- Edgar Codd published a paper in 1970 proposing RDBs
- RDBs became the leader of DBs, mainly due to their reliability
- NoSQL emerged around 2009, companies like Facebook & Google developed custom solutions to handle their unprecedented scale. They published papers on their internal database systems, inspiring open-source alternatives like MongoDB, Cassandra, and Couchbase.

- The term itself came from a Twitter hashtag actually

The main reasons for a _'NoSQL wish'_ were:

- Need for horizontal scalability
- More flexible data models
- Performance optimization
- Lower operational costs

However, as mentioned already, nowadays RDBs support these things as well, so the clear distinctions between RDBs and document stores are becoming more and more blurry. Most modern databases incorporate features from both.



https://redd.it/1kph1lf
@r_devops

🌐 Open Source ThousandEyes Alternative — Feedback Wanted on My Network Observability Platform (v1)

### 🌐 Built an Open Source ThousandEyes Alternative — Feedback Wanted on My Network Observability Platform

Hey everyone 👋

I’ve been working on an open source Network Observability Platform, inspired by ThousandEyes, and I’m looking for community feedback, issues, and suggestions before releasing version 3.

🔗 GitHub (v1): https://github.com/shankar0123/network-observability-platform

---

### 🧰 What It Does

This platform provides distributed synthetic monitoring from multiple Points of Presence (POPs), using:

✅ ICMP Ping
✅ DNS resolution
✅ HTTP(S) checks
🔜 Traceroute / MTR (Planned)
✅ Passive BGP analysis via pybgpstream

Data is streamed via Kafka, processed into Prometheus, and visualized using Grafana. Everything is containerized with Docker Compose for local testing.

---

### 💡 Why I Built This

I needed a flexible, self-hostable way to:

- Test DNS/HTTP/ICMP reachability from globally distributed agents
- Correlate it with BGP route visibility
- Catch outages, DNS failures, or hijacks before customers feel them
- Deploy across edge POPs, laptops, VMs, or physical nodes

---

### ⚙️ Current Stack

- Canaries (ICMP/DNS/HTTP) in Python
- Kafka for decoupled message brokering
- Kafka Consumer → Prometheus metrics
- BGP Analyzer using pybgpstream
- Prometheus + Grafana + Alertmanager for visualization & alerting

---

### 🔄 Roadmap for v3 (In Progress)

I’m currently working on:

- 🚫 Replacing Docker with systemd + cron for long-running, stable canaries
- 📦 Integrating InfluxDB for lightweight edge metrics
- 🌍 Adding MTR/Traceroute support (using native tools or scamper)
- 🗺️ Building Grafana geo-maps and global views
- 🔐 Adding Kafka security, auth, TLS, hardened Grafana
- 🚨 Configurable alerting (high latency, BGP withdrawals, DNS failures)
- 🧱 Using Terraform for scalable POP provisioning
- 🛠️ Using Ansible to deploy and maintain canaries across multiple POPs

---

### 💬 Would Love Feedback On

- Is the v1 architecture solid for local/dev usage?
- Any design flaws or anti-patterns I should fix before pushing v3?
- Has anyone tried building something similar — what worked, what didn’t?
- Would anyone be interested in using or contributing?

---

This is a labor of love — for infra nerds, DDoS mitigation engineers, homelabbers, and folks who care about observability, reachability, and route visibility.

If you hit any snags getting it running or have suggestions, I’m all ears!

Thanks so much for checking it out!

https://redd.it/1kpjml4
@r_devops

First HomeLab Setup

Yeah I'm just about to try and install my Mikrotek router I'm not wanting to make a high availability cluster... yet.

My main aim is to ensure the long standing elements of my network are hosted on the Router itself. DHCP & DNS management, firewall and network admin.

RouterOS 7 has support for docker, so I'm aiming to make all the homelab docker containers be there or on a high speed flash drive.

I'm new to networking this seems intuative to me but most people seem to host their network management on their PC's docker hosts. Is there a reason for that? Is it better to be on a seperate machine

I'm hoping to:

1. Get a public IP from my ISP
2. Bridge mode my Plusnet hub
3. Install all network management apps on the Router itself
4. Router OS has docker support I would likely want to host my Portainer/Rancher on there along with my Keycloak, HeadScale, Home Assistant and Traefik.

This seems to be the logical thing so that no matter what OS or machine I have as a computer for media or other needs I can point to the Router for all network management. However I never see people doing this. Most have their network management on a second machine. Is there a reason for this?

Do people have recommendations on why NOT to have all the HomeLab admin on the Router/Firewall?

Secondly I'm wanting to have all the Docker containerised apps on a local network available network.

https://redd.it/1kpnkqa
@r_devops

What’s one thing you wish you’d done earlier in your cloud career?

Looking back, I really wish I’d taken the time to actually read the AWS documentation.

I wasted so much time trying to patch things together without understanding what was really going on. Once I slowed down and started building small, deliberate projects—everything clicked faster.

It got me thinking:
Everyone seems to have that one "a-ha" moment or regret about how they approached learning cloud or DevOps.

What’s yours?
If you could start again from day one, what would you do differently?

https://redd.it/1kpoyl3
@r_devops

First HomeLab Setup

Yeah I'm just about to try and install my Mikrotek router I'm not wanting to make a high availability cluster... yet.

My main aim is to ensure the long standing elements of my network are hosted on the Router itself. DHCP & DNS management, firewall and network admin.

RouterOS 7 has support for docker, so I'm aiming to make all the homelab docker containers be there or on a high speed flash drive.

I'm new to networking this seems intuative to me but most people seem to host their network management on their PC's docker hosts. Is there a reason for that? Is it better to be on a seperate machine

I'm hoping to:

1. Get a public IP from my ISP
2. Bridge mode my Plusnet hub
3. Install all network management apps on the Router itself
4. Router OS has docker support I would likely want to host my Portainer/Rancher on there along with my Keycloak, HeadScale, Home Assistant and Traefik.

This seems to be the logical thing so that no matter what OS or machine I have as a computer for media or other needs I can point to the Router for all network management. However I never see people doing this. Most have their network management on a second machine. Is there a reason for this?

Do people have recommendations on why NOT to have all the HomeLab admin on the Router/Firewall?

Secondly I'm wanting to have all the Docker containerised apps on a local network available network.

https://redd.it/1kpnjpy
@r_devops

When did Docker finally click for you?

For me, the moment I cloned a repo, ran docker compose up, and had a full app with a DB, cache, and frontend running, without installing anything locally, it finally made sense. What was your moment?

https://redd.it/1kproue
@r_devops

Discussion: Devops prep for AI invasion

Devops/Platform engineer with ~4 yrs of exp (5 if you count internships) and I’m wondering how y’all are prepping for the”AI” wave. I know this is a loaded term that has been used as marketing tool and an excuse for “organizational realignment” for companies trying to thin the herd of development. While a lot of us in the “ops” space have been saf(er) than run of the mill app developers, even still, how are you preparing for AI to inevitably branch off into our territory? I use it daily, primarily as an upskill tool to help bridge some gaps in my knowledge, especially since my org uses all of the big 3 cloud providers, and k8s in each one. I have found that while AI is great for the basics of script writing, pipeline/helm templating and whatnot, it really struggles with the SRE side of things. Usually our bugs require a human touch to solve. I imagine this will go away as AI gets more intuitive and orgs allow more internal AI access to logging, metrics and architecture patterns.

My question is, how do we stay relevant among all this? I’ve considered re-classing as a net engineer since AI cant plug in cables (yet) but I’m wondering if anyone else has ideas or options for safe places to go from here. I’ve resigned myself to the fact that my CS degree has become all but worthless in this economy, and I’m trying to figure out where to go from here to keep all the hard work I’ve invested from going to waste flipping burgers.

TL;DR
Ops seems saf(er) from the AI takeover for now.. how are y’all preparing for the inevitable?


Edit:
Saf(er) meaning for those who are currently employed.. for those who are hunting in this market.. my deepest sympathies. You are all great, under appreciated and deserve better.

https://redd.it/1kpunic
@r_devops

I created a video giving an overview of how to manage secrets using sops, a tool that allows you to commit encrypted secrets to a repo and conveniently decrypt and pass them to an application

Video link: https://www.youtube.com/watch?v=OQyKFhewX\_k

Sops: https://getsops.io

I've used sops in a day job before and it was great, and I've really enjoyed discovering all the little features I didn't know about while researching this video. Hopefully it'll be useful information to someone.

https://redd.it/1kpv8l3
@r_devops

Is DevOps even a junior-level job?

I’ve been thinking about this a lot. Is DevOps really something a junior should do straight out of school or bootcamp?

Wouldn’t it make more sense to spend 3 to 5 years as either a pure sysadmin or pure developer first? DevOps touches so many areas:
Infrastructure, CI/CD, security, monitoring, automation, and without a solid foundation, it feels like you’re constantly drowning.

Unless you have a strong mentor guiding you, things can spiral quickly. Without that support, it’s less of a job and more of a daily panic. Curious how others see this. Should DevOps even be offered as a junior role, or is it something you grow into later?

https://redd.it/1kpx6t0
@r_devops

Is it possible and/or likely?

Hello all, I am pursuing an associates degree in software engineering in my local community college. I’m making this post to ask if it’s gonna be possible or if it’s even likely to get hired with just an associates degree and maybe if I put some extra time in to making a good portfolio and/or website to display projects and games that I will create? Also any tips for this would be welcomed and much appreciated. Thank you all so much!

https://redd.it/1kpx196
@r_devops

Found 3 production systems this week with DB connections in plain text zero SSL, zero cert validation. Still common in 2025.

I’ve been doing cloud security reviews lately and I keep running into the same scary pattern:
• Apps calling PostgreSQL or MySQL with no SSL
• Connection strings missing sslmode=require or verify-full
• No cert validation. Nothing.

This is internal traffic in production.

Most teams don’t realize this opens them to:
• Credential theft
• Data interception
• MITM attacks
• Compliance nightmares (GDPR, HIPAA, etc.)

What’s worse? This stuff rarely logs. You only find out after something weird happens.

I’m curious how does your team handle DB connection security internally?

Do you enforce SSL by policy? Use IAM auth? Rotate DB creds regularly?


Would love to hear how others are approaching this always looking to learn (and maybe help).


https://redd.it/1kpz5zu
@r_devops

Monolith vs. Microservices – Need Advice for My App Architecture

Hi all,

Im in the early stages of planning the architecture for my app, and Im torn between going with a monolithic or microservices approach. I could use some insight from people who’ve worked with either (or both).

# Context:

The entire app would be made in go with 2 postgres databases and one backup for the main data that my app uses. If the app was microservice based then the ipc would be handled via grpc with a rest gateway all written in go.

My app has two main features for now:

Scheduling feature – low intensity
Analytics feature – CPU intensive. most of it is handled in go but a small ML part of it is handled in python.

Im planning to add more features later on, depending on user feedback and demand.

# What i would like to have in an ideal scenario:

Easy scalability as the app grows
Ability to update features without having to redeploying the entire app
Clean codebase that new developers can easily contribute to
Cost efficiency (hosting on GCP)

I don’t expect a lot of users at first (maybe 5 initially), so I was considering starting small with a low-core VPS and hosting the backend there. It’s a side project, so there's no strict timeline to finish. if i were to choose the grpc microservice approach id just put the entire app in the same vps using docker compose

# My Questions:

What are the pros and cons of monolithic vs. microservices in this kind of setup?
Based on what I’ve shared, which approach would you recommend and why?

Thanks in advance to anyone who shares their experience or thoughts

https://redd.it/1kq154z
@r_devops

DevOps Engineer- can solve a lot of problems, can read but can't write code

I've worked with many tools and technologies in Cloud/ DevOps, OAC, CICD, Containes, K8S, and whenever I need to write code I just find it or asking AI to write then I modify as I need but problem is that I can't even write simple loop in bash or python, I have network/system admin background but most of my time I've been working as IT support before movong to DevOps, I've learned bash/python many times but as I don't use it every day I simple forget syntax, I see in US companies often require to write code on DevOps interviews, I dont want to spend time with bash/python tutorials becaise even if I remmember syntax there is still a big chanse that I will fail with the task, what the hell should I do?

https://redd.it/1kq3mbw
@r_devops

source code management for aws instances

hello i'm a junior backend developer, and i joined company. my task until now just update db, and create api for mobile. now i'm trying to learn how to manage source code for prod development and uat server that has been stored on aws instances, i tried to read about version control system using git, but i'm still dont have clear visual how to do it, i asked ai and stuff but still have missing point related with scm on aws instances. is anyone have documentation relate with it, or any experience with this?

thank you so much

https://redd.it/1kq3nu1
@r_devops

Tracking your AI Agents

We built AgentWatch, an open-source tool to track and understand AI agents.

It logs agents' actions and interactions and gives you a clear view of their behavior. It works across different platforms and frameworks. It's useful if you're building or testing agents and want visibility.

https://github.com/cyberark/agentwatch

Everyone can use it.

https://redd.it/1kq6iju
@r_devops

I have a question about DNS configuration

I deployed my web app using Render. I am using Name Bright for my domain name. I usually just deal with name servers, but Render gave me A and CNAME.

My DNS configuration is below and I deleted the default Name Bright name servers. That was last night, and DNS Checker still shows it’s not propagated. Is my configuration correct, assuming that it’s what Render gave?

Configuration:
A: subdomain = @ | ip address = 216.24.57.1
CNAME: subdomain = www | CNAME = trendy-wqzi.onrender.com

https://redd.it/1kq86ld
@r_devops

Is DORA Enough? What We Learned After Building Full-Stack Continuous Delivery

Whats your northstar as a DevOps?

Has anyone here built out full-stack continuous delivery and started measuring more than just DORA metrics? Does this matter to you? If not this then how do you make sure you align to what the business needs?

We’ve been deep in this space, trying to solve the real delivery pain: fragmented pipelines, duplicated logic across tools, and constant drift between environments. So we built a platform, not to replace CI/CD, but to make it actually work end to end. It covers everything from infrastructure provisioning to Kubernetes-native application deployment, with tooling and observability wired in automatically. I believe the key point here is to have a CD that works without changes to local development on a dev laptop as it does to our huge cloud Kubernetes clusters.

The flow starts with GitLab CI triggering a call to our platform’s API. That API handles a global spec for the environment, selects the appropriate delivery path, and renders validated Helm values for the workload. It then hands it off to ArgoCD, which manages the sync into Kubernetes. From there, everything lands in a unified state: infrastructure, core tools, and apps deployed and monitored together.

All tools are deployed Kubernetes-first, using native patterns: Helm charts, CRDs, secrets via External Secrets, persistent volumes via CSI, and Git-based configuration. The environment comes up with everything pre-integrated, nothing glued together post-deploy.

Our base platform includes OpenTelemetry for tracing, OpenSearch for logs, PostgreSQL instances pre-wired into services, Sentry for error monitoring, and NATS as an internal event bus for inter-service communication and platform signaling. Debugging is no longer jumping across five tools—our platform gives full visibility across deployment layers, from Helm history to K8s runtime status to distributed traces.

The biggest shift has been in reliability. Before, we’d see around five broken deployments per feature branch, mostly due to differences between staging and prod. Now, with delivery flows and environments standardized, we’re down to about one failed deployment in every fifty commits—and most of those are app logic issues, not infrastructure or delivery bugs.

We still track DORA, lead time, deployment frequency, failure rate, time to restore—but those metrics alone aren’t cutting it anymore. They don’t reflect time lost in debugging pipelines, investigating drift, or recovering from partial failures when infra and app deploys go out of sync.

Curious if others here are building similar full-stack delivery systems, or tracking alternative metrics that get closer to real delivery friction.
How are you quantifying the quality of delivery?

Is DORA enough, or are there better ways to measure what's actually slowing us down?

https://redd.it/1kq7m3p
@r_devops

How do you manage hybrid clouds?

If you have some servers in cloud and some in your local infra. How do you manage the connections between them?

Im thinking using vpn but im sure i can do something better with google cloud

https://redd.it/1kq9e4k
@r_devops

Bohr Model of Atom Animations Using HTML, CSS and JavaScript - JV Codes 2025

Bohr Model of Atom Animations: Science is enjoyable when you get to see how different things operate. The Bohr model explains how atoms are built. What if you could observe atoms moving and spinning in your web browser?

In this article, we will design Bohr model animations using HTML, CSS, and JavaScript. They are user-friendly, quick to respond, and ideal for students, teachers, and science fans.

You will also receive the source code for every atom.

# Bohr Model of Atom Animations

# Bohr Model of Hydrogen

1. Bohr Model of Hydrogen
2. Bohr Model of Helium
3. Bohr Model of Lithium
4. Bohr Model of Beryllium
5. Bohr Model of Boron
6. Bohr Model of Carbon
7. Bohr Model of Nitrogen
8. Bohr Model of Oxygen
9. Bohr Model of Fluorine
10. Bohr Model of Neon
11. Bohr Model of Sodium

You can download the codes and share them with your friends.

Let’s make atoms come alive!

Stay tuned for more science animations!

Would you like me to generate HTML demo code or download buttons for these elements as well?

https://redd.it/1kqcqhf
@r_devops

After 24 years in IT, I'm done.

I don't want to debug another fucking YAML file.

This is not how I foresee spending my life.

Thank you.



https://redd.it/1kqe912
@r_devops