Is Terraformer used out there?

So I have thought back of a project in my consulting carreer where we had the task make the existing system IaC with Terraform (and more tasks). So we did this:

For each service type, we listed the existing services (via aws cli or sometimes web console), and for each result we created an empty resource, like so:

resource "aws_s3_bucket" "mybucket" { }

Then we did terraform import aws_s3_bucket.mybucket real-bucket-name. Then we looked at the imported configs via terraform show and pasted the corresponding config into the created empty config.

And this for each listing, for each service. This took a long time and we had to still do a "clean up". So I just wondered:
1. How do you guys approach such a task?
2. Do you use tools such as Terraformer that supposedly make this much quicker? I've heard mixed things about them.

https://redd.it/1lsgr36
@r_devops

How often do you actually write scripts?

Context on me - work in tech consulting/professional services. I’m places out to clients by my employer on short-long range contracts/projects.

Primarily as a Senior Platform Engineer and DevOps Engineer.

95% of the time the past 4 years I’ve only wrote Terraform or YAML.

I think I maybe wrote 4 Python Scripts and 3 Bash Scripts.

Every job ad requires Python/Bash and more so Golang nowadays.

I try to do things outside or work for personal projects to keep up to date. But it’s difficult now as a parent. Every time it comes to write a script, I need to refresh myself on Python.

Am I the only one? My peers feel the same and the clients I’m at, some of their staff don’t even know how to code.

https://redd.it/1lsi7zi
@r_devops

here are some handy and free ebooks for troubleshooting Kubernetes and prepping for the CKA exam

If you’re gearing up for the CKA or just want some solid hands-on experience with real cluster issues, I stumbled upon a couple of ebooks that are filled with practical scenarios; think OOMKilled errors, readiness failures, DNS misconfigurations, and more.

If you’ve come across any other resources like this, I’d love to hear about them.

(Links in comments)

https://redd.it/1lsj3mh
@r_devops

Devops consulting

Hey buddies
I have been in the field for roughly 3+ years, and I hold 3 AWS certifications and the CKA, and have a solid experience with most of main devops tools.
I plan to start a consulting business, where I provide devops consulting and maybe some type of retainer support later.
Anyone who have some ideas in mind and can help me kick off this journey?

PS: We are two persons, my friend have a similar experience more or less

https://redd.it/1lsmz0b
@r_devops

What are your go-to tools/methods for reproducible, shareable, disposable dev/ops environments? (Nix, Docker, Devcontainer, etc.)

Hey all,

I’m curious—what tools or approaches do you use to create, share, and easily switch between different development or DevOps environments?
I’m looking for solutions that allow for reusable, disposable, and easily shareable environments (for onboarding, reproducibility, or just avoiding the dreaded “works on my machine” issues).

Some examples I’m considering:
• Nix / Nix Shell / Nix Flakes
• Dockerfiles for fully isolated, portable environments
• Devcontainers (VSCode, Codespaces)
• asdf, pyenv, venv, pipx
• Vagrant, Homebrew Bundle, NixOS
• Custom bootstrap scripts, dotfiles, etc.

What actually works for you?
• For what use cases? (dev, ops, CI/CD, data, etc.)
• Onboarding and ease of use (solo vs team)
• Limitations, gotchas, or workflow-specific experiences?
• Favorite combos, clever tricks, “must-have” automation?

I’d love to hear your real-world experiences, best practices, and recommended tools or setups for reproducible, isolated, and shareable environments.

Thanks in advance for any advice, horror stories, or setup ideas 🚀

https://redd.it/1lswzls
@r_devops

Is Judge0 the right way to run user code for a hobby site?

I’m making a website where i need to let untrusted user code hit public APIs during execution while blocking everything else (internal IPs, metadata endpoints, crypto mining pools, blah blah blah….). Looking for proven patterns / tools.

Best thing I've found online that’s open-source is Judge0, so i was wondering. Have any if you have used it, or anything similar?

I’d really appreciate pointers to blog posts, GitHub examples, or your own configs. Trying to ship publicly soonish without waking up to a surprise AWS bill or a CVE headline, because someone has tried to mine crypto on my servers.

https://redd.it/1lsxdkf
@r_devops

is learning devops a good ideal for data science and llm engineering?

i was first thinking of learning mlops, but if we gonna learn ops, why not learn it all, I think a lot of llm and data science project would need some type of deployment and maintaining it, that's why I am thinking about it

https://redd.it/1lt0jjq
@r_devops

Maybe humans don't need to write documentation for humans anymore?

With tools like Devin wiki starting to generate human-readable documentation from code, shouldn't we shift our focus? Instead of humans writing docs for other humans, we could have AI generate those on-demand when needed.

What humans should focus on is creating documentation for AI - the stuff that can't be extracted from GitHub repos alone. Things like design rationale, decision-making processes, considerations that were explored, task contexts, etc. We should be building environments where humans can effectively pass this kind of contextual knowledge to AI systems.

Thoughts?

https://redd.it/1lt2g73
@r_devops

Self Hosted Artifactory Alternative for Large Repositories?

Hi,

We recently upgraded our self hosted Artifactory instance and it has become woefully unstable. Support has been a massive miss for us. Of the 12 people assigned to our case over the course of the month only one of them have been helpful. Likewise, during outages Jfrog support was not able to fulfill our live support requests (we pay for the highest tier of support). We got strung along with "a support engineer will be with you in about 30 minutes" until we figured the problem out ourselves. Additionally, once we were in a support call, the support rep would try everything they could to "move the conversation offline" and have us send logs, enable secret logging, increase resources, send more logs, and continue in this cycle. Our instance is so over-provisioned at this point that it is taking up egregious amounts of compute/memory that is not being utilized. This also seemingly has no affect with our stability.

Our Artifact Registry is large around 40tb+ of data. Likewise, due to regulatory constraints some of the data must be kept on-prem. Are there any alternatives that are not Jfrog or Sonatype? We need a registry that is type agnostic (put a .zip file in a maven repo etc) and that can work efficiently while being quite large. It also must support remote registries.

https://redd.it/1lt295z
@r_devops

GitOps with ArgoCD Introduction

Hey, I wrote an introduction about GitOps with ArgoCD. Take a look if you are interested in. What is your deployment process? Are you writing CI/CD pipelines with GitHub Actions or something similar?




If you have a medium account:

https://medium.com/@erwinschleier/gitops-introduction-with-argo-cd-51f81302e013


Personal blog:

https://erwin-schleier.com/2025/07/04/gitops-introduction-with-argo-cd/

https://redd.it/1lt053g
@r_devops

Unlock the Truth Behind Kubernetes Production Topologies

When it comes to production-ready Kubernetes, most blogs offer superficial guidance. But this 40+ page guide dives into what actually matters, cloud provider behavior under failure, real-world availability tradeoffs, and the architectural consequences of choosing zonal vs regional vs multi-cluster setups.

Whether you're using EKS, GKE, AKS or Self hosted you’ll walk away with clarity on:

Which control plane models are truly fault-tolerant
Why your node pool topology is silently sabotaging uptime
How pricing tiers map (or don’t) to SLA guarantees
What “high availability” really means across AWS, GCP, and Azure
How to scale safely — without overengineering or overspending

This is not a beginner’s overview. It’s a decision framework for platform engineers, SREs, and cloud architects who want to build resilient, production-grade infrastructure and stop relying on vendor defaults.

👉 If your team is running Kubernetes in production or planning to, this is essential reading.

# Table of Contents

Introduction: Choosing the Right Topology for Production
Control Plane Architectures
Amazon EKS
Google GKE
Azure AKS
Worker Node Deployment Models
AWS EKS: Node Groups and Multi-AZ Strategy
Google GKE: Zonal, Multi-Zonal and Regional Node Pools
Azure AKS: Node Pool Zoning and Placement Flexibility
Summary: Comparing Node Deployment Models Across Providers
Designing for High Availability Within a Region
AWS EKS
Google GKE
Azure AKS
Summary: Regional HA Comparison
Upgrade and Maintenance Strategy
AWS EKS: Upgrade Mechanics and Control
Google GKE: Automated Channels and Controlled Upgrades
Azure AKS: Scheduled Windows and Tier-Aware Resilience
Summary: Upgrade Strategy Comparison
Multi-Region Topologies (and Limitations)
AWS EKS: Multi-Cluster Resilience via Global Services
Google GKE: Regional Isolation and Federation via Anthos
Azure AKS: Cross-Region Resilience Through Paired Clusters
Summary: Multi-Region Kubernetes Strategy Comparison
Availability, Fault Tolerance, and SLA Considerations
AWS EKS: SLA Commitments and Fault Domain Strategies
Google GKE: Tiered SLAs and Built-In Regional Redundancy
Azure AKS: Availability by Tier and Zone Awareness
Summary: Platform SLAs and Real-World Resilience
Managed vs User-Configured Topology Options
AWS EKS: Operations Freedom with Opt-In Management
Google GKE: Operational Modes from Manual to Fully Managed
Azure AKS: Gradual Abstraction and Tiered Node Management
Summary: Choosing the Right Topology Ownership Model
For Self-Hosted Kubernetes – Provisioning Tools and Topology Models
kubeadm: The Foundation for Custom Clusters
kOps: Opinionated HA Clusters for AWS and Beyond
Kubespray: Flexible, Ansible-Based Multi-Environment Provisioning
Cluster API: Declarative Lifecycle Management Across Environments
Summary: Choosing a Self-Hosted Tool Based on Environment and Control

Free Copy: https://www.patreon.com/posts/chapter-1-guide-131966208

Paid Guide: https://www.patreon.com/posts/unlock-truth-133516014

https://redd.it/1lt61ec
@r_devops

Do you guys use pure C anywhere?

Wondering if you guys use C anywhere, or just bash,python,go. Or is C only for Systems Performance and Linux books

https://redd.it/1lt9w5g
@r_devops

Resume Review - Recent Grad with an MSCS

As the title goes, I'm a recent Master's graduate with an MS in CS. I haven't had any luck getting interviews with the last one coming 3 months ago, thanks to a recruiter I had established a connection with. I would love some extremely honest, brutal feedback. Also, I have applied to over 500-600 jobs at least since, and have not had any interviews.

Here's my resume - https://at-d.tiiny.site

https://redd.it/1ltcaen
@r_devops

I got slammed with a $3,200 AWS bill because of a misconfigured Lambda, how are you all catching these before they hit?

I was building a simple ingestion pipeline with Lambda + S3.

Somewhere along the way, I accidentally created an event loop, each Lambda wrote to S3, which triggered the Lambda again. It ran for 3 days.

No alerts. No thresholds. Just a $3,200 surprise when I opened the billing dashboard.

AWS support forgave some of it, but I realized we had **zero guardrails** to catch this kind of thing early.

My question to the community:

* How do *you* monitor for unexpected infra costs?
* Do you treat cost anomalies like real incidents?
* Is this an SRE/DevOps responsibility or something you push to engineers or managers?

https://redd.it/1ltdt4q
@r_devops

What issues do you usually have with splunk or other alerting platforms?

Yo software developer here wanted to know what kind of issues people might have with splunk are there any pain points you are facing? One issue my team is having is not being able to get alerts on time due to our internal splunk team limiting alerts to a 15 minute delay. Doesn't seem like much but our production support team flips out every time it happens

https://redd.it/1lteuuf
@r_devops

DevOps Azure Checkbox Custom Field

I feel I am losing my nut...

I want to add Custom Fields to my Bug Tickets & User Story tickets, but I want them to be checkboxes. The only option I have found is this one:
https://stackoverflow.com/questions/74994552/azure-devops-work-item-custom-field-as-checkbox

But it has really odd behaviour that is outside of simply checkboxes.

The reason I do not want toggles is because I do not want an "Off" or "False" state as a visible option, I want users to update the checkbox to be checked if the option is applicable.

Surely there is a way to have a simple checkbox custom field on a work type item?

I am sure this has likely been asked a billion times, but my googling skills are letting me down, as I either get the same responses, or irrelevant responses.

Cheers

https://redd.it/1ltdg2p
@r_devops

Advice for CI/CD with Relational DBs

Hey there folks!

Most of the the Dbs I've worked with in the past have been either non relational or laughably small PG DBs. I'm starting on a project that's going to be reliant on a much heavier PG db in AWS. I don't think my current approaches are really viable for a big boy relational setup.

So if any of you could shed some light on how you approach handling your DB's I'd very much appreciate it.

Currently I use Prisma, which works but I don't think is optimal. I'd like to move away from ORMs. I've been eying Liquibase.

https://redd.it/1ltcylo
@r_devops

Separate pipeline for application configuration? Or all in IaC?

I'm working in the AWS world, and using CloudFormation + SAM Templates, and have API endpoints, Lambda functions, S3 Buckets and configuration all in the one big template.



Initially was working with a configuration file in DEV and now want to move these parameters over to Param Store in AWS, but the thought of adding these + tagging (required in our company) for about 30 parameters just makes me feel like I'm catastrophically flooding the template with my configuration.



The configuration may change semi regularly, outside of the code or any other infra, and would be pushed through the pipeline to release.



Is anyone out there running a configuration pipeline to release config changes? On one side it feels like overkill, on the other side it makes sense to me.



What's your opinions please brains trust?

https://redd.it/1ltjqmz
@r_devops

Canary Deployment Strategy with Third-Party Webhooks

We're setting up canary deployments in our multi-tenant architecture and looking for advice.

Our current understanding is that we deploy a v2 of our code and route some portion of traffic to it. Since we're multi-tenant, our initial plan was to route entire tenants' traffic to the v2 deployment.

However, we have a challenge: third-party tools send webhooks to our Azure function apps, which then create jobs in Redis that are processed by our workers. Since we can't keep changing the webhook endpoints at the third-party services, this creates a problem for our canary strategy.

Our architecture looks like:

* Third-party services → Webhooks → Azure Function Apps → Redis jobs → Worker processing

How do you handle canary deployments when you have external webhook dependencies? Any strategies for ensuring both v1 and v2 can properly process these incoming webhook events?Canary Deployment Strategy with Third-Party Webhooks

Thanks for any insights or experiences you can share!

https://redd.it/1ltmjre
@r_devops

Can lambda inside a vpc get internet access without nat gateway?

Guys, I have a doubt in devops.
Can a lambda inside a vpc get internet access without nat gateway
Note:I need to connect my private rds and I can't make it public and I can't use nat instance as well

https://redd.it/1ltpqvu
@r_devops

Struggling to put two instances in targetid for alb module?

Do i need to create a different albtargetgroupattachment resource block associating it with the alb module?

https://redd.it/1ltssey
@r_devops