Is there demand in Europe for a tool that scans Kubernetes clusters for security and inefficiency?

I'm an engineer working on an idea for a new tool aimed at European companies running Kubernetes.

The goal is to automatically surface both security issues and inefficiencies in clusters. Things like overly permissive RBAC, missing network policies, or unsafe pod configurations. But also unused configmaps, idle workloads, or resource waste from overprovisioning.

Most of the tools I see today are US-based, which in the current light of day can feel uneasy for european companies. E.g., looking at what happened with Microsoft banning accounts. What I have in mind is something you can self-host or run in a European cloud, with more focus on actionable findings and EU Privacy Laws.

I’m curious:
\- What do you currently use to monitor this?
\- Is this even a real problem in your day-to-day?
\- Would you consider paying for something like this, or do you prefer building these checks in-house?

Happy to hear any and all feedback. Especially if you think this is already solved. That’s valuable input too.

https://redd.it/1krc7w5
@r_devops

What tools do you use for adhoc remote execution?

Question mainly concerned with cloud native deployments but could extend to onprem. For context, we have thousands of k8s and compute instances running in all public clouds, but this concerns orgs of any nontrivial scale.

Often in the course of automated or manual incident response, we'll want to run some (potentially distributed) operation, e.g.:

all clusters running workloadA --> execute shell command in a chosen pod, and potentially do something with the output (think lightweight dag workflow)
in all k8s where cluster name matches some pattern --> rollout restart sts in namespaceY
instances where cpu > 90% --> generate diagnostics and push to s3
list configmaps in aws us-east-1 with updated >= 7d

TLDR: query engine + workflow engine for cloud environments.

What tool(s) are you using to solve this? If vendored (Datadog Workflow Automation, PD Runbook Automation), is your team happy with it?

https://redd.it/1krdlb9
@r_devops

Discussion: On running Cypress tests when code is currently split into multiple repos (frontend and backend) & also for each pull request from those repos

Hello,

I am trying to fulfill a technical design requirement and I think I have a way but want to ask here (hoping I can find better options):

Current setup: I have a frowned and backend repos and the code gets deployed on k8s cluster and then we update Cypress with the Ingress URL (post frontend and backend with ingress) for running the tests.

We use GitHub Action Workflows as our CI (And ArgoCD as CD, which is not a topic in this conversation)

Ask: We need ephemeral env's where for each PR (from either repos), we want the cypress to run. But, in order for cypress to run it needs a working both frontend and backend (with ingress) to run in order to run the end-to-end tests.

What I came up with here is:

* For each PR (for example frontend PR), I can label with the {pr\_name} and deploy a copy of the backend deployment and pass the payload to cypress and vice-versa.
* But with this approach, I need to add the kustomize yaml files of both frontend and backend into my GitHub Action workflows in the Cypress tests.
* Is this the best approach? Can I make it better than this approach?



**On the side (I also):**

I also have a working CI/CD integration with these separate repos, where when there is a PR created, I have a CI in those repos to handover the build docker sha to the kustomize modules repo and in that repo, I have an argocd Pull Request Generator waiting for it to consume it and deploy a new namespace based on the PR\_LABEL that I abreast set.



I am all ears on how the community approached this design setups 🙋🏻‍♂️🙋🏻‍♂️

Cheers!!

https://redd.it/1krf463
@r_devops

Need feedback on "Fantastic Job Finder 2000"

Hey r/devops,

I've been looking for work for almost a year now, and out of utter boredom, hacked together a tiny open-source "tool" (if you could call it that):

Parses a YAML profile → searches boards, google etc. → asks ChatGPT to re-order a résumé for each posting
Keeps facts honest by only re-phrasing what’s in the YAML,
Spits out an ATS-friendly Markdown/PDF.
Digs up any dirt it can find on a company and advises of it. Layoffs, high turnover, displeasure with management, etc.

Repo: **https://github.com/vsysio-bgould/jobhunt**

I’d love eyes on the prompt design / YAML schema.

What’s missing for a DevOps résumé?
Too opinionated on cloud separation? Would I even be considered for an Azure role, seeing as I only know AWS?
Ideas to slap a UI on this thing?
YAML make sense for this prompt?

Since I've been using it, my response rate has gone up ten-fold. I've had 3 interviews this week already. I was lucky to get one a month before.

And yeah, I know the name is cheesy. I'm bad with names.

Has anybody tried this approach before for their job search? Any suggestions to improve it?

Also, does it make sense for me to keep excluding US jobs, since I'm Canadian? Since all this tariffs nonsense began, I've had exactly 0 US employers or recruiters reach out to me, despite representing about 300+ applications.

https://redd.it/1krfws2
@r_devops

Advantages of running own Kubernetes cluster on a rented server?

My organization is pushing for renting servers and installing and maintaining our own kubernetes cluster instead of paying for a managed kubernetes cluster. I simply don't see the point in installing and maintaining it ourselves, anyone?

https://redd.it/1krdpit
@r_devops

What does devops/ cloud infrastructure look like in the finance sector?

Curious as I’ve always wanted to work for a bank/ fintech

https://redd.it/1kri1t6
@r_devops

Collective Consciousness Simulator

Collective Consciousness Simulator

The following Google Colab Node Book contains the first Collective Consciousness Simulator. It can be used, distributed, improved, and expanded collectively in any way.

The collective expansion of this simulator could achieve a level of significance comparable to that of ChatGPT. But it is very hard to start the prozess so please follow the link and leave me a comant

Link: https://colab.research.google.com/drive/1t4GkKnlD3U43Hu0pwCderOVAEwz25hnn?usp=sharing

https://redd.it/1krny6f
@r_devops

Docker Command Tips & Tricks for Everyday DevOps Work!

Hey everyone 👋

If you're working with containers regularly and want to boost your Docker command-line game, I put together a collection of **handy Docker tricks** that can save time and reduce headaches.

🔹 What’s inside:

* 🔁 Re-run previous containers quickly
* 🧹 Clean up dangling images and volumes
* 🧪 Run one-off commands without writing Dockerfiles
* 📂 Copy files in/out of running containers
* 🚀 Performance tips for faster image builds

Whether you're a beginner or a seasoned DevOps engineer, I’m sure you’ll find at least one command that makes your workflow smoother.

📘 Check it out:
👉 [https://devopshunter.blogspot.com/2022/07/docker-command-tricks-tips.html](https://devopshunter.blogspot.com/2022/07/docker-command-tricks-tips.html)

Would love to hear what tricks you use that aren’t as well-known!

https://redd.it/1kropbg
@r_devops

Configuration Variables

All my companies applications are configuration driven. At the moment we use Azure DevOps for CICD.

However, the library groups are awful and have no auditing and has grown out of hand. What are your methods for handling mass configuration? My idea was having a configuration repo which the applications can pull in and use.

If any advice, please share!

https://redd.it/1krpa76
@r_devops

Elasticsearch Labs

Hi all, can someone point me to the right direction so i can prepare my self for some interview that wants elasticsearch experience? platforms like kodekloud doesn't have labs for it unfortunately, thanks!

https://redd.it/1krqzg4
@r_devops

Ms teams chat bot

Hi guys,
We’re investigating if it’s possible to build a bot which communicates certain kubernetes actions from teams to a private aks cluster.

In our current situation we have a golang bot running in an azure container app which is connected to slack, this works perfect. The communication works via websocket which makes it quite easy to arrange this. But to my understanding ms teams does not support this. My knowledge with teams is quite basic so I’m kind of wondering if it’s even possible to rewrite this for teams.

Slack is being replaced by teams in my organisation (unfortunately) so hence the use case. I’m curious if someone has done this before and what their experience was like.

Thanks guys!

https://redd.it/1krr2qd
@r_devops

Vibe Coding is great until its not... How are you tackling this challenege personally or in your team?

I promise I’m not turning into a “back in my day” rant, but things just working is becoming rare.. only 3–4 years ago things where basic but bugs where rare to expierence. Yesterday, I was drafting an email in Gmail when suddenly the Send, BBC and Discard buttons just wouldn’t click, and entire lines of text duplicated themselves out of nowhere.

With the pace of software updates, shrinking dev cycles, and now this thing folks call “vibe coding,” it feels like on-call nightmares are staging a comeback.... only this time, nobody truly knows what they’re on call for 😭. Vibe coding can crank out features fast, but pushing it live without understanding its quirks (or owning up when something breaks) strikes me as downright reckless.

Back in the day, on-call meant a team of engineers who knew every corner of the codebase. Now? It feels like handing the keys to a car nobody’s test-driven. Sure, 100% unit test coverage looks great on paper, but it’s not the same as real world, black-box, user-centered validation.

So I’m curious: how are you folks testing or validating “vibe code” in your shops? Have you seen similar random tech gremlins, or is it just my luck? Let’s compare war stories—maybe there’s a better way to keep our digital lives from glitching into chaos.

https://redd.it/1krt8bo
@r_devops

I really hate working in tech but can't do anything else

I've been a Dev for over 20 years with some exposure to DevOps. I really hate everything about it - the people, the "culture", AI. I've gotten to the point where I can barely make myself go into work or even feign the slightest bit of interest / effort each day. Just doing the bare minimum to pass myself.

Anyone else feel like this? What are other potential careers where someone with a tech background can look to switch to? Literally anything would be better than this grey blandness.

https://redd.it/1krtx2h
@r_devops

I applied to 10,000 DevOps jobs

No, I’m not unemployed. And no, I’m not desperate.

I just wanted to stress test the DevOps job market in 2025, across regions and industries, using automation where DevOps shines: pipelines, scripts, and APIs.

Profile used:

Degree: MSc in CS , graduated with honors
Experience: 5 years, from infra-heavy Quantitative Analyst roles to full-on DevOps/SRE
Past employers: internal DevOps/data platforms team
Languages: Python, Bash, C++, basic Go
Tech stack:
Infra: Docker, Kubernetes, Terraform, Ansible, GitOps
CI/CD: GitHub Actions, GitLab CI, Jenkins
Cloud: AWS (EC2, S3, Lambda, EKS), some GCP
Monitoring/Logging: Prometheus, Grafana, ELK, Sentry
Security: IAM, Vault, secrets mgmt, RBAC
Extras: FastAPI for internal tooling, self-hosted runners, feature flag systems

# I didn’t just spray resumes.

I built a pipeline using:

**hiring.cafe** to scrape relevant jobs
OpenAI API to tailor resume & cover letter
**Laboro.co** to autoapply jobs

Every. Single. Application. Was unique, just not done by hand.

# Here’s what happened:

|Country|Applications|Human Interviews|AI Interviews|Assessments|Rejected|Ghosted|
|:-|:-|:-|:-|:-|:-|:-|
|USA|2,037|18|26|50|788|1,155|
|UK|1,503|9|18|52|500|924|
|Canada|1,025|7|14|30|392|582|
|Germany|935|5|12|16|358|544|
|France|822|4|10|22|254|532|
|India|748|3|9|18|298|420|
|Australia|630|3|10|12|243|362|
|Netherlands|536|4|8|12|206|306|
|Spain|416|3|5|10|178|220|
|Sweden|327|3|4|6|152|162|
|Remote|2,446|13|34|60|1,033|1,306|

# Key takeaways:

Remote DevOps roles are abundant, but have the highest ghosting rate.
AI screenings and coding tests are becoming more frequent, especially in enterprise/cloud-heavy roles.
European countries seem more balanced in feedback rate vs. applications sent.

# Why I did this:

I wanted to measure hiring friction, not just read Reddit threads.
I wanted real market signals, not opinions.
And let’s be real, building the automation to do this was the most DevOps part of the whole thing.

# Happy to answer:

How I built the application pipeline
How effective the resume tailoring was
How DevOps hiring differs by region or sector
Or just share scripts/templates if folks are curious

https://redd.it/1krwg92
@r_devops

What's the use of tools like Azure Key Vault, AWS Secrets Manager etc.?

Don't use .env files use Azure Key Vault!

To connect to AzureKV - you need to store client id/secret in .env which can be used to get those secrets.

If I have the .env file, I can get the secrets.

What I'm missing here? I don't understand...



https://redd.it/1krxppi
@r_devops

How do you standardize dev environments across multiple teams and projects?

Curious how others are tackling this — especially in fast-moving teams with lots of microservices or side repos.

I keep running into the same friction:

* Inconsistent or outdated setup instructions
* Missing `.env.example` files
* Dockerfiles that break on fresh machines
* GitHub workflows that are unclear or undocumented
* Onboarding that relies on tribal knowledge or Slack archaeology

It becomes a game of “ping the last person who touched this,” and it doesn’t scale.

I've started working on a tool that reads the structure of a GitHub repo and **auto-generates all the key onboarding and setup files** — like `README`, `.env.example`, Dockerfile, GitHub Actions, etc.

Not pushing it here — just wondering:
**What strategies, templates or tools have you found effective to reduce this chaos?**
Are there standards in your team for onboarding-ready repos?

Would love to hear what’s worked (or failed) for others.

https://redd.it/1krwa4y
@r_devops

What happened to DevOps Paradox podcast?

No new episodes for ~3 months, any ideas about what happened to Darin and Victor?

https://redd.it/1krzwqh
@r_devops

Want to pivot into DevOps

I am a senior technical support engineer with 20 years of I.T. experience. I have been around the block, road hard and put away wet... I want to pivot into DevOps as this seems to be where my career path is taking me. My skillset is strong with Networking, Linux, Docker, Azure, any Cisco crap along with Palo Alto crap, some programming like SQL and very little python and just super strong troubleshooting skills just from being in the field for so long. I really hate certifications but I do have AZ900 and Sec+ but I do not think they matter for me with my experience and also degree.

I am a very good interviewer and can sell myself well and answer any technical question thrown at me. My question is what skills should I learn and master to add to my skilltree? More Python? Do I have to start at the bottom with junior DevOps roles? I should be able to look into more senior roles with my experience in IT?

https://redd.it/1ks28g8
@r_devops

Are we heading toward a new era for incidents?

Microsoft and Google report that 30% of their codebase is written by AI. When YC said that their last cohort of startups had [95% of their codebases generated by AI](https://leaddev.com/hiring/95-ai-written-code-unpacking-the-y-combinator-ceos-developer-jobs-bombshell). While many here are sceptical of this vibe-coding trend, it's the future of programming. But little is discussed about what it means for operation folks supporting this code.

Here is my theory:

* Developers can write more code, faster. Statistically, this means more production incidents.
* Batch size increase, making the troubleshooting harder
* Developers become helpless during an incident because they don’t know their codebase well
* The number of domain experts is shrinking, developers become generalists who spend their time reviewing LLM suggestions
* SRE team sizes are shrinking, due to AI: do more with less

Do you see this scenario playing out? How do you think SRE teams should prepare for this future?

Wrote about the topic in an article for LeadDev [https://leaddev.com/software-quality/ai-assisted-coding-incident-magnet](https://leaddev.com/software-quality/ai-assisted-coding-incident-magnet) – very curious to hear from y'all on the topic.


https://redd.it/1kry990
@r_devops

Cannot get GitHub Actions build to work with protoc

I've got a Rust build that needs access to protoc (the Protobuf compiler). I set it up like this:

  build-test-deploy:
    runs-on: ubuntu-latest

...

      - name: Install protoc
        run: sudo apt-get update && sudo apt-get install -y protobuf-compiler

      - name: Test
        run: |
          which protoc
          export PROTOC=/usr/bin/protoc

In addition, env has

env:
  AWS_REGION: "us-east-2"
  ...
  PROTOC: "/usr/bin/protoc"

'which protoc' outputs as expected: /usr/bin/protoc

Yet the build fails with this:

  Error: Custom { kind: NotFound, error: "Could not find `protoc`. If `protoc` is installed, try setting the `PROTOC` environment variable to the path of the `protoc` binary. To install it on Debian, run `apt-get install protobuf-compiler`. It is also available at https://github.com/protocolbuffers/protobuf/releases  For more information: https://docs.rs/prost-build/#sourcing-protoc" }

I'm kind of at a loss...

https://redd.it/1ks3i2a
@r_devops

Can Gitlab’s native ‘Dependency Proxy for packages’ feature replace the need for Sonatype Nexus?

Based on a developer's feedback, there's a clear need for an internal binary repository within our network to serve as a secure, controlled intermediary for external dependencies. We currently have the following issues:

1. Manual downloading, scanning, and internal placement of dependencies is time-consuming.

2. Current development workflows are being hindered by lack of streamlined access to dependencies.

3. We have no way to externally source NPM packages and NuGet packages into our environment without going through a tedious manual process.

I was looking at Gitlab’s documentation for the Dependency Proxy feature but there is no clear example of a user proxying the flavor of packages I am interested in the way you would during a build if you had Nexus or JFrog. YouTube videos around this feature are YEARS old by the way with no examples for doing this. I think we need Nexus so we can scan the proxied packages for vulnerabilities, but I would like to save cost using any workarounds in Gitlab (what we have) if that is possible.

This is apart of an ongoing effort to modernize multiple applications (running them as containers in a VKS cluster), but it doesn’t make sense to move on to this step if we have no central space for storing container images (I am aware each project in Gitlab can store container images at the project level), binaries, externally sourced dependencies that are scanned and other artifacts.

https://redd.it/1ks8718
@r_devops