Scaling Postgres with Kubernetes, guide on partitioning sharding and replication

i have written a guide on setting up high availability Postgres cluster with sharding, replication and partitioning. Hope you find this helpful. 🐘



https://blog.sagyamthapa.com.np/scaling-postgresql-with-kubernetes

https://redd.it/1kvdc66
@r_devops

Developer to Devops resume review

I'm a backend developer with over 2.5 years of experience, and I’m looking to transition into a DevOps role. In my resume, the Developer and DevOps roles are listed under the same company. I’ve been involved in DevOps tasks for the past year, but there wasn’t much to learn beyond the tools I’ve already mentioned. That’s why I worked on personal projects to gain a deeper understanding.

Most of the DevOps skills I’ve acquired have been through these personal projects.

I’ve currently separated the Developer and DevOps roles into two parts on my resume, as I wasn’t sure how to present the experience correctly.

I would appreciate your guidance while keeping these points in mind. I’m open to omitting anything unnecessary and willing to add whatever is needed.

My resume below..
kindly review
https://i.postimg.cc/4x1BFCXw/IMG-20250523-225607.jpg

https://redd.it/1kviy4n
@r_devops

cheaper datadog alternative for APM?

Our datadog bill is starting to get eye watering for web APM purposes. We use datadog for web APM because we need insight into site code for a couple of python and nodejs services, and well.. they were the safe choice. But our data volume has gone up quite a bit over the past 4 months so i'm now tasked to evaluate other options.

We already use elastic for an internal service and we're happy with that, so that could be an option for logging. I'm open to ideas, Honeycomb, Sentry, Sumo Logic, Splunk, New Relic, Dynatrace, Grafana, Groundcover, whatever works. Cloud Metrics are cool but that's not what we use DD for. So if it can't do traces it's automatically a non-starter. Preferably no deep dev integration (or code change would be great).. we just don't have the resource got other fire fights to deal with. Open to database APM feature, good over postgresql work loads and then tying web apm traces to db traces.

Advice / input appreciated.

https://redd.it/1kvlssd
@r_devops

How I Blocked 95% of Web Attacks Using AWS WAF Blog


I recently wrote a blog post about securing web apps using AWS WAF, and how you can block up to 95% of common attacks (like SQL injection, XSS, bot traffic, and even basic DDoS) with just a few clicks in the AWS Console.

If you’re on AWS and haven’t tried WAF yet (or find it intimidating), this guide breaks it down step by step:

https://blog.prateekjain.dev/how-to-block-up-to-95-of-attacks-using-aws-waf-e2223efc1f55?sk=cc74156befaab48297655a00f352f4e6

https://redd.it/1kvm4gp
@r_devops

Best books/Courses to transition from Developper to Devops

Hello everyone,
i am a fullstack developper with 4 years of experience. I use Angular/Typescript for frontend and SpringBoot/Java for the backend.

I also have basic knowledge of Docker, basic knowledge of Jenkins (using the pipeline and writing basic templates), i also have Kubernetes Developer Certification and some knowledge in cloud (AWS basic services , and have azure fundamentals), and some linux basics.

I would like to transition from developer to Devops but i am a bit lost in what path to follow. So i would like some recommendation for couple of books or courses to help me transition to Devops.



PS: I know it depends, and maybe a bit subjective but any guide would help me understand.

Thank you!


https://redd.it/1kvoyoz
@r_devops

Build an incident response workflow with n8n + Prometheus

Hey guys,

I’m working on a monitoring setup that automates basic incident resolutions.

This is the visualization of the flow:

https://drive.google.com/file/d/1HiobPj50VZp1VylyqLTXLAeqDoJtrG\_x/view

I’m using Prometheus - Grafana for monitoring, Alertmanager to send alerts, and n8n to orchestrate a workflow, then an AWS Lambda function to restart the services. “Restart services” is a kind of demo action, you can customize it for your needs.

How does it work?

Prometheus: I configure some basic rules to alert when CPU/Memory exceeds a threshold. When the thresholds are exceeded, it will send a webhook to n8n system.
N8n flow: Get information, analyze the metrics, calculate the business hours or incident duration, and send alerts to Discord or escalate to PagerDuty.
AI agent (in n8n): I define a prompt to check for the input. I will consider the metrics and current contexts to decide whether to restart the services or not.
Lambda function: Receive the commands from AI agent and process if necessary. Currently, I grant it to restart an EC2 instance to make the service available again when the system overloaded.

I hope this helps you to apply an automated stack in your team. I’ve shared the example materials in those repositories:

One-click to set up Prometheus - Alert Manager - Grafana at

[https://github.com/Bubobot-Team/monitoring-stack/tree/main/stacks/prometheus-stack](https://github.com/Bubobot-Team/monitoring-stack/tree/main/stacks/prometheus-stack)

N8n workflow in JSON format (just copy into your n8n dashboard): https://github.com/Bubobot-Team/automation-workflow-monitoring

Btw, just wondering, what recovery actions would you automate? (e.g., disk cleanup, rollback deployments). I would like to hear your feedback to improve the current flow.

https://redd.it/1kvqdph
@r_devops

Container is instance of image like in coding an object is instance of class?

class Dog {
String name;
int age;

Dog(String name, int age) {
this.name = name;
this.age = age;
}
}

// Creating multiple instances with different values
Dog dog1 = new Dog("James", 3);
Dog dog2 = new Dog("Bella", 5);

Docker

docker run -d --name app1 -e NAME=James -e AGE=3 mydogimage
docker run -d --name app2 -e NAME=Bella -e AGE=5 mydogimage



Is this true or I misunderstand

https://redd.it/1kvvp25
@r_devops

Atlassian Bamboo

Any devops who are still using this?

I’m 3 months into my promotion as devops engineer and have been given the keys to the bamboo kingdom.

It’s legacy and deprecated I believe. Also, with it being on premise it’s not the easiest to lab.

Interested in finding out who still uses this and how they find it?

I’m currently implanting a snyk integration for our code.

Thanks and have a wonderful day!

https://redd.it/1kvx0mg
@r_devops

Migration from GCP to OCI instances

I have 10+ servers on GCP which I want to migrate to oci. Some are production instances with live traffic and some are dev/testing servers. What is the best approach to migrate along with all the data. Is there a possibility of transferring snapshots?
GCP instances are running on centOS while the oci will run the Oracle linux images.
Any lead will be helpful

https://redd.it/1kvy85p
@r_devops

Questions about the LFS258 Kubernetes Course – Worth It for CKA Prep?

Hi everyone,

I'm looking into taking the **LFS258 - Kubernetes Fundamentals** course from the Linux Foundation, and I have a few questions for those who have taken it:

* Is the course mostly pre-recorded video lectures?
* Does it include hands-on labs and troubleshooting practice?
* Is it beginner-friendly for someone with **no prior Kubernetes experience**?
* Is it enough on its own to prepare for the **CKA (Certified Kubernetes Administrator)** exam?
* Would you recommend buying **just the course**, or going for the **bundle with the exam voucher**?
* Are there any known **discount codes or promotions** for this course?
* Lastly, would you say this course is a good choice for someone coming from a **Cloud Engineering background** and looking to transition into **DevOps**?

Appreciate any insights or advice you can share – thank you!

https://redd.it/1kw1ner
@r_devops

I ruined a POC

Been a DevOps from 4.5 years. Started from Linux administrator and now I'm managing cloud, db and container orchestration. So my manager asked me to do a POC on traefik which is a reverse proxy just like nginix. I did well, explored the features but was unable to implement fail2ban plugin in it. When I was presenting the same to my manager, i forgot basic docker compose syntax and now I think my role is in jeopardy. Anyone else faced this? Motivate me please, I'm scared.

https://redd.it/1kw0o9g
@r_devops

What’s the best SSO solution for a +50 mid-sized company in 2025?

Curious to hear what the DevOps community is seeing work best today.

For companies with \~50–200 employees, minimal internal IT, and tools like GitHub, Gmail, Vault, AWS, and Graylog — what are your go-to SSO solutions?

Looking for feedback on:

Ease of integration (SAML/OIDC)
Multi-IDP support
Support for SCIM provisioning
Transparent, scalable pricing (no bloated enterprise overhead)
Good developer experience

Here’s a list I often see in conversations:

Azure AD (Entra ID)
[Keycloak](https://www.keycloak.org/)
Authentik
[WorkOS](https://workos.com/)
SSOJet

Would love to hear your experience with any of these or other favorites — especially across multi-tenant or external user auth use cases.

https://redd.it/1kw0uvh
@r_devops

Docker images works fine on local but not on gcp.

Hi everyone,

I’m running a Docker image with an old Ruby version on Debian. It works locally with Docker Compose, but fails with “Service Unavailable” on GCP Cloud Run. The issue seems to be incompatibility with the latest Ubuntu version used in the infra.

I can’t upgrade Ruby due to legacy constraints—we’re rewriting it in another language. Any suggestions for getting this to run on Cloud Run as-is?

Thanks!



https://redd.it/1kw0fpi
@r_devops

Multi-stage release pipeline, how to require one approval from each of two separate groups?

Hi all I am trying to implement a release pipeline using Azure DevOps and using yaml.

I have a requirement where two groups need to manually approve a release. At least one person per group must approve. So I deploy to an environment like `staging` or `prod`, but before deployment I want a manual approval gate where at least one person from `group a` and at least one person from `group b` need to manually approve.

I want to avoid using the Classic Release UI as I want the whole process to be code-defined in yaml.

I have tried looking at yaml definition but I did not get very far, to be honest if I could version control groups here that would be a really nice feature. Using ManualValidation@0 in yaml sounded interesting but given that anyone can approve and no concept of groups as far as I can tell so this is out of the question.

I have tried looking into `environments` with approval checks but Azure DevOps only supports assigning a single group to an environment’s approval gate. That doesn't seem to allow me to enforce the "one per group" logic.

I came across the idea of using two environments per stage eg `staging-group-a` and `staging-group-b`. I was also thinking to have two representatives for the workflow and let them defer approval if necessary. Both options sound clunky and I think I prefer the latter one the most.

Is there a simple way to solve this problem? It feels more complicated than it has to be.

https://redd.it/1kw5khg
@r_devops

AWS Native macOS App

I'm a huge infrastructure dev and love working in AWS. But I absolutely hate the UI, and I think it turns a lot of people off by making it seem to complicated.

I'm curious what folks think about a UI on top of AWS. I've been working on a project in the background and curious if others feel similarly or this is just me. Not sure the best way to share pics

I love native apps, so building it as a macOS app to start.

Edit: posted a Imgur link in the comments

https://redd.it/1kw7sk4
@r_devops

Can someone please show me a better way to find related resources in Kubernetes?

I know this problem is solved, I just don't want to go on google and try a few specific tools and I want to find a good tool that:


Allows me to link my deployments to github repositories and show me what services are connected to other services or resources (eg databases)

I want to know the tables of the database and the data models and contracts so I can focus on my features/testing rather than going through loads of microservice repositories

https://redd.it/1kw7s9o
@r_devops

Enterprise application requirements management?

Hi all,

My team manage over 100 applications and requirements management hasn't been a strong suit in the past.

What business-facing processes and systems would be considered best practice to manage current and in-development functional and non-functional requirements/stories in an Enterprise?

We can maintain product backlogs in a SDLC process, but for large initiatives/projects, we have PMs that often create new Azure DevOps or Jira projects and end up with a de-centralised list of requirements to link test cases to.

I want transparency and collaboration with the various product owners in our organisation to help maintain a central list of requirements that we can establish test cases against and refer to it when needed for root-cause analysis and change management.



https://redd.it/1kwa545
@r_devops

Thinking of transition into devops from QA .

Hi all, I'm currently working in QA with 5 years of experience and considering a transition into DevOps. Is DevOps a good long-term career option? Will I be treated as a fresher after switching? Also, is it possible to get DevOps roles at entry level with self-learning and certifications?"

https://redd.it/1kweawt
@r_devops

Confused and struggling on a project for learning

So I am studying about the DevOps and azure. And I want to make a project on 3 tier application deployment. And I wanted to use App gateway, app service, database. But I can't get my head around it. I learned these services, now it's time to connect them.

But I'm confused on application code, how they will deploy on each app service, what are best practices.

Somebody guide me in details so I can have confidence and create this project for better learning!

https://redd.it/1kwffpv
@r_devops

Building a SaaS for Generating CI/CD Pipelines for Legacy Enterprise Apps — Worth It?

Hi all,



I’m considering building a web-based SaaS that helps developers automatically generate CI/CD pipelines — specifically targeting legacy enterprise applications, like those built with J2EE.

The idea is to take a minimal project context (e.g., pom.xml/build.xml, framework type, deployment target), and generate a tailored GitHub Actions workflow (or other CI systems) that includes steps like building, testing, Dockerizing, and deploying the app.

While modern frameworks like Spring Boot and Quarkus get a lot of tooling love, J2EE and older enterprise stacks often get left behind. I’m wondering:

Is this a problem worth solving?
Would teams maintaining older Java systems actually pay for a tool like this?
How much CI/CD is still being written manually for legacy apps in 2025?
Should I broaden beyond J2EE to support more ecosystems from the start?

Happy to hear your thoughts, feedback, or if you’ve built something similar. Appreciate any input before I go too deep into MVP land.



Thanks!

https://redd.it/1kwf1de
@r_devops

Brief daily traffic spikes when downstream teams resist scaling

I have a pretty messy infrastructure. Every day at a specific time, we experience a traffic spike, and our service doesn't behave properly. More precisely, our downstream services aren't scaled well enough to handle that load. They're also reluctant to scale out, since doing so would mean being heavily over-scaled during the rest of the day. They are saying it's overkill to scale out just for a 1–2 minute spike in out service.

I see two possible solutions:

1. Push for scheduled scaling of the downstream services and ask them to scale out temporarily during our spike time to handle it. But the is a lot of bureaucracy in the company and provisioning new instances might require days of approval.
2. Add caching on our service level and cache responses from the downstream services, so we can use the cache as a fallback if those services are unavailable. But this feels like a hack to me as it introduces another failure point and just shifts the scaling issue from the downstream to the cache. Eventually, this will also hit a wall.

What do you think? Should I push for the first option or is the second good enough? Maybe there's a better way I’m not seeing? Queue is not an option as latency is very important for us

https://redd.it/1kwh0mg
@r_devops