I had an interviewer refer to AWS' DNS service as "Route 34"

I gave my best poker face and pretended not to notice... if you know you know.

https://redd.it/1kyk9g2
@r_devops

The terror of a "ZERO CVE" metric and how the bureaucrats lost.

Hey i recently worked at company with a 'Zero CVE' policy and i would like to share my story on my blog, feel free to ask any questions it was a lot of fun to write and i hope you guys like it as well.

The terror of a "ZERO CVE" metric and how the bureaucrats lost.

Please share me your best stories and especially metrics that the bureaucrats in your company made up. I'm fascinated in what silliness other companies invent.

I suppose the Goodhart Law is really fitting to this topic.

https://redd.it/1kykf9o
@r_devops

Scraping control plane metrics in Kubernetes… without exposing a single port. Yes, it’s possible.

“You can scrape etcd and kube-scheduler with binding to 0.0.0.0”

Opening etcd to [0.0.0.0](https://0.0.0.0/) so Prometheus can scrape it is like inviting the whole neighborhood into your bathroom because the plumber needs to check the pressure once per year.

kube-prometheus-stack is cool until tries to scrape control-plane components.

At that point, your options are:

* Edit static pod manifests (...)
* Bind etcd and scheduler to [0.0.0.0](https://0.0.0.0/) (lol)
* Deploy a HAProxy just to forward localhost (???)
* Accept that everything is DOWN and move on (sexy)

No thanks.

I just dropped a Helm chart that integrates cleanly with kube-prometheus-stack:

* A Prometheus Agent DaemonSet runs only on control-plane nodes
* It scrapes etcd / scheduler / controller-manager / kube-proxy on [127.0.0.1](https://127.0.0.1/)
* It pushes metrics via "remote\_write" to your main Prometheus
* Zero services, ports, or hacks
* No need to expose critical components to the world just to get metrics.

Add it alongside your main kube-prometheus-stack and you’re done.

GitHub → [https://github.com/adrghph/kps-zeroexposure](https://github.com/adrghph/kps-zeroexposure)

Inspired by all cursed threads like [https://github.com/prometheus-community/helm-charts/issues/1704](https://github.com/prometheus-community/helm-charts/issues/1704) and [https://github.com/prometheus-community/helm-charts/issues/204](https://github.com/prometheus-community/helm-charts/issues/204)

bye!

https://redd.it/1kym1qu
@r_devops

Helping DevOps with Automation! - Import Postman & Swagger, collections & instantly create API's!

I created a website that streamlines API creation by letting you import Postman or Swagger collections.

Instead of manually setting up endpoints, just upload your collection and let my website generate your API and responses automatically.

Then simply click run to make the API's accessable!

Just trying to make Dev's lives easier 😊

https://redd.it/1kyqdr8
@r_devops

Scripts and tools to diagnose and find issues with your database?

Do you guys have things you can run as queries or tools you can use that connects to the db to see if there are things you can optimize or improve? Things like the SQL script that detects every long queries that need to be rewritten.

https://redd.it/1kyrjb2
@r_devops

I don't understand high-level languages for scripting/automation

Title basically sums it up- how do people get things done efficiently without Bash? I'm a year and a half into my first Devops role (first role out of college as well) and I do not understand how to interact with machines without using bash.


For example, say I want to write a script that stops a few systemd services, does something, then starts them.

```bash

\#!/bin/bash

systemctl stop X Y Z
...
systemctl start X Y Z

```

What is the python equivalent for this? Most of the examples I find interact with the DBus API, which I don't find particularly intuitive. As well as that, if I need to write a script to interact with a *different* system utility, none of my newfound DBus logic applies.

Do people use higher-level languages like python for automation because they are interacting with web APIs rather than system utilites?

https://redd.it/1kyu0xf
@r_devops

Handling Secrets with Deployments via github

Hey Folks,

I am using argocd for my k3s cluster and komo.do for my docker deployments. Both selfhosted.

Ever since i have the problem with handling secrets for my deployments.

I read about hashicorp vault, but cant find much information about setting it up.

Do you know any good tutorials, how i can set up and utilize hashicorp? An alternative would also fit for me.

Thanks

https://redd.it/1kyvltl
@r_devops

Bohr Model of Atom Animations Using HTML, CSS and JavaScript (Free Source Code)

Bohr Model of Atom Animations: Science is enjoyable when you get to see how different things operate. The Bohr model explains how atoms are built. What if you could observe atoms moving and spinning in your web browser?

In this article, we will design Bohr model animations using HTML, CSS, and JavaScript. They are user-friendly, quick to respond, and ideal for students, teachers, and science fans.

You will also receive the source code for every atom.

# Bohr Model of Atom Animations

1. Bohr Model of Hydrogen
2. Bohr Model of Helium
3. Bohr Model of Lithium
4. Bohr Model of Beryllium
5. Bohr Model of Boron
6. Bohr Model of Carbon
7. Bohr Model of Nitrogen
8. Bohr Model of Oxygen
9. Bohr Model of Fluorine
10. Bohr Model of Neon
11. Bohr Model of Sodium
12. Bohr Model of Magnesium
13. Bohr Model of Aluminium
14. Bohr Model of Silicon
15. Bohr Model of Phosphorus
16. Bohr Model of Sulfur
17. Bohr Model of Chlorine
18. Bohr Model of Argon
19. Bohr Model of Potassium
20. Bohr Model of Calcium
21. Bohr Model of Scandium
22. Bohr Model of Titanium
23. Bohr Model of Vanadium
24. Bohr Model of Chromium
25. Bohr Model of Manganese
26. Bohr Model of Iron
27. Bohr Model of Cobalt
28. Bohr Model of Nickel
29. Bohr Model of Copper
30. Bohr Model of Zinc

You can download the codes and share them with your friends.

Let’s make atoms come alive!

Stay tuned for more science animations!

Would you like me to generate HTML demo code or download buttons for these elements as well?

https://redd.it/1kywunl
@r_devops

Switching From Flutter to DevOps ?? Need some assistance or guidance

I've been working as flutter developer for around 2 yrs and built several projects including my personal project available on playstore built using flutter, nodejs and managing my own server by hostinger. After managing my own app and my freelance project I found my interest is more towards scaling and managing products rather than development. And for that reason switching my role obviously for higher pay as well.

I've covered ansible, kubernetes, aws, CI/CD basic without jenkins, Coolify, Nginx and learning more and started applying for similar roles..

Can anyone help me guide whether I'm on a right path or not ?? And What approaches should I follow to be the best ? I already have hands on vps and more.

Also looking to purchase kodekloud subscription once my interview will get clear so that I can have more hands on practice during my current company notice period..

Please Guide...

https://redd.it/1kyyksn
@r_devops

Charity Majors: "I feel like we’re in the twilight of the DevOps movement”

Thoughts?

Said in an interview with LeadDev today: https://leaddev.com/technical-direction/ai-code-sabotaging-own-roi-case

https://redd.it/1kyznsz
@r_devops

I want to work with professionals .. for once

Hey guys,

I've been working in IT for about 12 years now. The first 6 years as Linux/RHEL Admin with focus on monitoring and automation and now the last 6 years as a DevOps Engineer in different IT companies (in Germany btw.)

From my point of view, it's the same everywhere. I sit in meetings from morning to night and have to listen to some nonsense. I have the feeling that stupid people ask stupid questions and get even stupider answers from even stupider people - it's a never-ending cycle because no one with the right knowledge ever intervenes and stops the whole thing. Every time I do this there is a lot of political talk afterwards.

I would like to have a company (whether as a freelancer or as an employee) where I have a maximum of 1-3 meetings per week (max. 1 hour) and where I just briefly share my status and then continue working on my things. I can work very well independently and I always achieve my goals by the set deadlines and if not then I usually have to wait for something from someone.

Have you had similar experiences? What kind of company should I look for so that I no longer have these problems and can simply do my job without having to justify myself?

Are there any companies that work like this? I was thinking about maybe working at Kubernetes directly or maybe at Hashicorp or some other big “k8s vendor”. What do you think?

Or do I just have to get on with it and always think about the money when I have self-doubt? (thats the way my father teached me)

https://redd.it/1kyzsfg
@r_devops

For SonarQube gurus :)

Hi guys! I'm not very experienced with SonarQube so I need an advice. The scenario is like this: got an Enterprise license of SonarQube - I need to add scans for two teams (A and B). The most important thing is that A cannot see the code from B and vice versa. Both teams in the same company.What would it be the best practices?

https://redd.it/1kz1d3y
@r_devops

We built a list of 100+ SaaS tools that actually support SAML, OIDC, or SCIM

We got tired of digging through vendor docs just to figure out if a SaaS tool supports real enterprise SSO — SAML, OIDC, or SCIM — not just Google login.

So we pulled together a public directory of 100+ tools that actually support identity protocols like SAML, OIDC, or SCIM — grouped by category (DevOps, Security, AI, etc.).

🔗 https://ssojet.com/b2b-sso-directory/

Useful if you're handling SSO onboarding, compliance workflows, or just automating identity flows in your infra.

Open to feedback or additions — just trying to make this less painful for other teams.

https://redd.it/1kz0s78
@r_devops

What are the top problems you face with infrastructure tools, processes, and governance?

I’ve been researching real-world DevOps and CoE issues, and here’s what keeps popping up:

**TOOLING**

\- Too many disconnected tools (Terraform, Jenkins, Prometheus...)
\- Manual state handling
\- Too many DSLs to learn (HCL, YAML, ARM, etc.)

**PROCESSES**
\- Infra not version-controlled like code
\- Provisioning inconsistent and slow
\- CI/CD doesn’t reflect infra state

**GOVERNANCE**
\- Compliance is manual and reactive
\- No enforcement of policies
\- Cloud-specific lock-in by design

Curious to know:
\- Which of these resonates with your experience?
\- What would you add/remove?
\- How are you addressing these challenges in your team?

Genuinely interested in community feedback.

https://redd.it/1kyz3gr
@r_devops

What is your stance on the future of devops?

I am a software engineer (2 YOE) working at a small startup and I was thinking about switching to a devops as my next jump, granted there is a lot to learn and experience but I just want to know what everyone thinks about the future prospects of devops and if it's a field worth persuing at this moment for me

https://redd.it/1kz9o42
@r_devops

I never understood the hype around CI/CD—until I worked without it

One of my first freelance projects was a small web app. No pipelines, no automation, I was SSH-ing into the server and manually copying files like it was 2010.

It worked… until it didn’t.

One deploy overwrote the `.env` file
Another time I forgot to restart the service
Once I deployed code that wasn’t even tested locally 🤦

After that, I built a basic CI/CD setup with GitHub Actions:

Run tests on push
Deploy to staging automatically
Manual approval to deploy to prod

Nothing fancy.....but everything changed.

Now I get why people obsess over pipelines.
It’s not about speed.......it’s about safety and sanity.

Anyone else go through that “CI/CD awakening”?
What made it click for you?

https://redd.it/1kza6wj
@r_devops

SSH command fails in GitHub Actions but works locally – Exit code 255 with docker stack deploy


Hi everyone,

I'm working on a technical assessment that involves deploying a Dockerized web app to a Swarm cluster hosted on Play with Docker, using GitHub Actions for CI/CD.

Everything works except the final deployment step where I SSH into the PWD instance and run:

ssh -i mykey root@instanceip "docker stack deploy -c docker-compose.yml myapp"

This command works perfectly from my local machine, but fails in GitHub Actions with exit code 255. What's confusing is:

I can successfully connect with ssh if I don't include the docker stack deploy part.

I can use scp and sftp in the GitHub Actions workflow to upload the docker-compose.yml file to the PWD instance, no issues there.

I even tried running the same SSH command through a local GitHub Actions runner (on my own machine), but I got the same failure.

I also tested a pre-built GitHub SSH action which does work—but using it is not allowed in the context of this task.


I’ve double-checked file paths, permissions, shell syntax, and tried wrapping the deploy command in single quotes, escaping characters, etc. Still no luck.

Has anyone faced something similar? Any insights or ideas would be greatly appreciated. 🙏

Thanks in advance!

https://redd.it/1kzbzx5
@r_devops

Best cert to learn Kubernetes with? Company is going to try and use Kubernetes in the next year or so.

Hey guys, I was wondering what might be the best Cert to pursue with the goal of learning Kubernetes over the next 6 months+. My company is interested in using Kubernetes, and I none of us are experienced with using it yet.

I would like to be a benefit for my company for when we're ready to use it, but not really sure where to start. For reference I work as DevOps handling deployments, CI/CD pipelines, general ops work, etc with a little bit of development in C#/JavaScript/Golang.

I see a few like CKA, CKAD, stuff like that, but what would be the best one for educational purposes so that I can be a star player for my team in this scenario building a Kubernetes foundation from the ground up?

https://redd.it/1kzapxb
@r_devops

Kubernetes best practices

How does your kubernetes cluster handle health check and routing at container level , any best practices to ensure high availability?



https://redd.it/1kzm7ge
@r_devops

Beyond textbook networking! For Devops

what would you consider beyond textbook networking for devops? That actually build upon foundational computer science and engineering concepts?

I mean something beyond this syllabus:

https://www.ioenotes.edu.np/ioe-syllabus/computer-networks-and-security-cns-408

I am getting done with my syllabus and wanted to look into something deeper. I only see specialization which I don't really want to (stuffs like pfsense firewall, or learning application layer protocols like SSH, Openssl in more depth....I want it to be generic but specific at the same time. Something good enough to be put on resume that can bring some brownie points in interview and knowledge hunting process as well.

https://redd.it/1kzn6s2
@r_devops

Anyone else having issues with JFrog?

Getting 504 errors https://statusgator.com/services/jfrog

https://redd.it/1kzdlqa
@r_devops