How much is your pride worth?

Bit of an inflammatory title, but it fits my current situation.

I work at a company that is almost quite literally hell-bent on killing me. I work anywhere from 14 to 16 hours a day almost every day of the week. If I try to only work 8 hours a day or not work weekends, projects go to shit because I'm not able to keep the US, UK, and India teams on the same page after a couple of weeks. It's a very disorganized company where the left hand never knows what the right is doing, teams are uncoordinated, etc.

Honestly, from this perspective, it sucks. However, I lead a team of 7 people tackling a crazy amount of cool projects across the organization. I have built a ton of respect, confidence, and trust from upper management and across teams. At this company, I've touched about everything you can touch when it comes to cloud providers, version control systems, tech stacks in general, etc. To the point from when I interview, it borderline sounds like I'm lying.

But again, I'm working too much and missing too much of my family's life and my own. Now for the dilemma.

I just got an offer from another company. I originally interviewed for one of their most senior devops positions but lost out to someone else. The recruiter, team, and management wanted to keep me in mind for future openings blah blah we've all heard it before. Maybe I'll hear back from them in a year, ya know? However, I recently got a call from them that they had a backfill opportunity, and while its not what they wanted to offer me, its a position they had open and want me to join the team. All the promises of advancement and promotion opportunities, etc.. were made on the call. Essentially, it's a less senior title with less senior responsibilities. And that's my issue.

So I feel that I'm stuck in this weird place. The potential employer sounds like an awesome place to work. They have a robust and well-built devops team, modern app and tech stack, well coordinated teams, and just general good work-life balance. But I wouldn't be leading a team anymore, making the decisions, working with upper management and the team(s) on solutions, etc.. but instead delegated work and given marching orders.

Career wise and even just general work type(?) I feel like I'm taking a hit to my pride. In my head, it makes absolutely no sense to say no but I'm also jaded about employer promises (literally never seen one follow through) and trust a company about as far as I can throw it. Where I'm at now, I'm the guy that solves issues, makes the calls, smooths over issues, and gets projects or things in general moving to where they need to be. And that feels great, but again, it's killing me, practically literally. The bags I have under my eyes are crazy.

So, I'm asking the community here. How much is your pride worth? Comp in this offer is fine in both salary and bonus, and there's an offer of equity (not a lot but not quite a little), but it's super crazy out of this world. If anyone feels like I'm just being an obtuse ass, call me out on it. That's pretty much what I'm asking for.

Edit: After typing all of this out and re-reading it. I realize I'm being an idiot. So I'm going to accept the job. I'll leave the post up rather than delete it for anyone who wants to call me an idiot. I think I just needed to just put it all out there to get my head on straight.

https://redd.it/1lwzhft
@r_devops

Can I get your honest thoughts on our Serpent DevOps tool website?

Hey everyone,

We've just launched the website for Serpent, our Salesforce DevOps automation tool, built to simplify releases, sync environments, and tackle all those familiar, recurring scripting challenges you face daily with Salesforce deployments.

 

Before we go into full promo mode, we'd genuinely appreciate your honest feedback on the website itself. Your insights are invaluable as we refine both the product and its messaging.

Is Serpent's functionality clear? (i.e., what it does, how it works, and how it helps?)
Does the site make you want to start the free trial?
Is anything unclear, unsettling, or missing?
For DevOps engineers: What factors would motivate you to use a tool like Serpent in your workflow and encourage you to sign up after visiting our website?

This is the link to our site: https://tekunda.com/serpent and If you have 2-3 minutes, we appreciate sharing more via our short survey: https://tally.so/r/3jqkya

 

We're still actively shaping Serpent. Getting real thoughts from the Salesforce and DevOps community means a lot. Our goal is a product that not only looks good but truly feels right in daily use.

 

Thanks in advance. Happy to swap feedback on your projects, too!

https://redd.it/1lx25sa
@r_devops

basic question about a backend + database setup for local development

Hello everyone,

I am not exactly great at architecturing and deploying software that has multiple modules, and therefore I have a quick/basic question about a project I am doing.

I am basically using Go Fiber as a backend and PostgreSQL as a database. For the sake of this project/exercise, I would like to try the following:

1) Use a monorepo

2) Have a docker compose that can run everything in one command.

Therefore, I thought of the following directory structure:

app/

├── backend/ # Go Fiber app

│ ├── main.go

│ ├── go.mod

│ └── ... (handlers, routes, etc.)

│

├── db/ # DB schema and seed scripts

│ ├── init.sql # Full init script (schema + seed)

│ └── migrations/ # Versioned SQL migrations

│ └── 001createtables.sql

│

├── docker/ # Docker-related setup

│ ├── backend.Dockerfile

│ └── db-init-check.sh # Entrypoint to initialize DB if empty

│

├── .env # Environment variables

├── docker-compose.yml

└── README.md


With this structure, I just have a few questions regarding running everything vs. local development:

1) If I am developing locally, do I just run everything manually or do I use the docker compose? I know that I will be using the docker compose to run and test everything, but what about actual development? Maybe I should just run everything manually?

2) The .env file holds PostgreSQL information for my Go server to access my database. Should it reside in the project root or in the /backend subdirectory? If it resides in the project root, it's easy to reference the .env file for the docker-compose. However, it's then more difficult to locally run, modify and test the Go server because that means that I will have to have the /app root folder open in my IDE instead of the /backend.

Thanks in advance for any help, this is indeed a bit confusing in the beginning!

https://redd.it/1lx227m
@r_devops

WIP DevOps-AI-Lab: Local GitOps playground with LLM-powered CI/CD automation and AI observability

Hi everyone,
I'm building a local lab to explore how LLMs can assist DevOps workflows. It’s called DevOps-AI-Lab, and it runs fully on a local Kubernetes cluster (Kind) with Jenkins, ArgoCD, and modular AI microservices.

The idea is to simulate modern CI/CD + GitOps setups where agents (via LangChain) help diagnose pipeline failures, validate Helm charts, generate Jenkinsfiles, and track reasoning via audit trails.

github.com/dorado-ai-devops/devops-ai-lab

# Key components:

`ai-log-analyzer`: log analysis for Jenkins/K8s with LLMs
ai-helm-linter: Helm chart validation (Chart.yaml, templates, values)
`ai-pipeline-gen`: Jenkinsfile generation from natural language specs
ai-gateway: Flask adapter that routes requests to AI microservices
`ai-ollama`: LLM server (e.g. LLaMA3, Phi-3) running locally
ai-mcp-server: FastAPI server to store MCP-style audit traces
`streamlit-dashboard`: WIP UI to visualize prompts, responses, and agent decisions

# Infra setup:

Kind + Helm + ArgoCD
Jenkins for CI
GitOps structure per service
LangChain agent + OpenAI fallback
Secrets managed via Kubernetes
SQLite used for trace persistence

Each service has its own Helm chart and Jenkins test pipeline (e.g. test a log input, validate Helm chart, etc.).

I’m looking for feedback, ideas, or references on:

LLM agent reliability in DevOps
AI observability best practices
Self-hosted LangChain use in ops

Happy to chat if someone else is exploring similar ideas!

https://redd.it/1lx2lc9
@r_devops

what could I improve about my resume to land a devops job?

Hey everyone,


I'm working on transitioning into a DevOps Engineer role and would really appreciate it if any of you could take a look at my resume. I'd love to hear your feedback—both critiques and suggestions—as well as your honest take on how likely you think I am to land a position in DevOps based on my current experience.

Just to note: I only put this resume together over the past few days and started applying with it yesterday, so I don’t have a sense yet of how it’s performing.

Thanks in advance :)

https://redd.it/1lx82ax
@r_devops

I've finally met my match... time to move on to a new job. (RANT)

Senior Developers that:

* Will not change..even when they agree that what you've shown them is a better way.
* Beaten attitudes.. "I'm here to fix bugs and adjust to regulatory changes... not fix this crappy code and make my job easier"
* Defer thinking to 'authorities'. I'm in a meeting now where a developer thinks that .NET Aspire is equivalent to Terraform, I keep trying to explain the difference and he'll say "yeah but it's the Microsoft way to deploy .NET applications in the cloud".. conveniently ignoring everything not .NET \*and\* that engineering has already decided TF is our goto IaC tool.

Director (my direct report) who:

* Actively moves me back to IC coding duties on legacy apps even though I'm the only engineer with IT/Cybersec/Devops experience (BS in Cybersecurity, CSSLP.. could be using those skills better)
* Ignores root problems when presented, "we don't have budget for that"... but we somehow have budget to waste on 30 engineering jobs that wouldn't exist if tech debt was cleaned up and software actually designed properly.
* Avoids inclusion of IT/Cybersec when discussing work they need to be involved in. He seems to be hoping engineering can push past IT/Cybersec which is maybe possible because we have no risk management and policy is not enforced in any case (not sure how they manage SOC audits).

VP (skip)

* Comes to me for advice on these and related subjects every few weeks, agrees with my assessment and ignores advice.
* Is a pushover... mostly due to very little technical knowledge, he's an accountant... and knows it.

I've come to the conclusion that these systemic problems are driven by our parent company. They in turn are owned by a huge capital firm (many many billions in assets). The parent is taking all profit and using that to convince the ownership that "everything is just fine.. see all this money coming in" while the technical debt and beaten down employees just shuffle along oblivious.

A couple of weeks ago I felt myself starting to give up, that was it for me. I'm not going to let my generally optimistic outlook be burned by this place.

I've got a new job in the pipeline (4th round on Monday). I've spent months researching the company and I know many current employees. As best I can tell (outside looking in always fuzzy) it'll be a much much better place, in any case it's time for change.

I know that a lot of people in this industry and related burn out, see posts about that pretty often. Try to recognize the signs early and start looking for a new job as soon as you can. Even better, don't stop looking for new opportunities at all, keep your resume up to date and put it out there. You never know what may happen.

https://redd.it/1lxak0g
@r_devops

Built an open-source tool with a weird trick to SSH through any firewall (legally)

**WS-Terminal: Remote Terminal Access That Actually Works Through Corporate Firewalls**

**TL;DR:** Built a WebSocket-based remote terminal that bypasses all the usual networking headaches. No port forwarding, works through NAT/firewalls, and you can even access it from a browser.

**The Problem We've All Faced:**

* SSH blocked by corporate firewalls
* Can't open inbound ports on your home server
* VPN setup is overkill for just terminal access
* Need to access servers behind multiple NAT layers

**My Solution: WS-Terminal**

Instead of fighting against firewalls, work WITH them. Everything uses outbound WebSocket connections that firewalls love.

**What makes it different:**

* **Zero inbound ports** \- everything connects outbound
* **Three connection methods** \- direct, reverse, or relay server
* **Browser compatible** \- access terminals from any device
* **Docker ready** \- one command deployment
* **Multi-channel** \- connect to multiple servers simultaneously

**Real-world use cases I've tested:**

* Access home lab from corporate network
* Emergency server access from mobile
* CI/CD pipeline debugging
* Helping friends troubleshoot their servers

**Security benefits:**

* No attack surface from open inbound ports
* All connections are outbound and encrypted (WSS)
* You control the relay server (self-hostable)
* Standard WebSocket security applies

**🔗 Links:**

* **GitHub:** [https://github.com/uditrajput03/ws-terminal](https://github.com/uditrajput03/ws-terminal)
* **Relay Server:** [https://github.com/uditrajput03/ws-relay](https://github.com/uditrajput03/ws-relay) (self-hostable)

**Why I built this:** Triggering point was to debug my CI/CD but there are many reasons like ISP not allow port forwarding also for quick and emergency access and i don't want to open ports in my main server, I feel safer while using a relay server or even quickly use reverse shell access method 2 in the repo this is the best thing i have found.

**Looking for:**

* Feedback from the community
* Ideas for additional features
* Contributors welcome!
* Give star to my repo if you like it

https://redd.it/1lxbv3u
@r_devops

new job. dealing with a lead who is creating a reactive culture and responding to his vision. he doesn't communicate what he does and instead expects us to know from when something breaks - and it is exhausting. how can i make the most of being here and not lose my mind?

i recently started a new gig and it was going along pretty well, until i realized that one of the highest leads keeps pushing changes into our prod pipeline without consulting us first to do the required changes.

i voiced my concerns, and it appears that the lead is resisting by accelerating even more changes into our system and telling others leads (including my own team) to also do the same.

as a result, because my team lead is following the highest lead, everyone in my team of 4 are all working in a silo.

our devops team has pretty much become a support on call. i barely have any time to develop tools because i am just spending time remoting into our machines and cleaning the drives.

Any measures/scripts I've built to prevent issues from happening again, it seems like they're quick to change something on an architectural level that either circumvents this or it requires me to throw away my implementation.

I introduced the concept of production/staging, setup pipelines so that they can first test their changes in staging before pushing to prod and they've essentially ignored that and just kept pushing to prod, breaking shit that could have been prevented if it had been tested in staging first.

every fucking morning i wake up to seeing dozens of emails/slack messages of "HELLO THIS BROKE" and I spend morning fixing shit and I can't even have time to write up a tickets. My work here is essentially measured by how fast i respond to people.

After voicing my concerns, I'm told that that's not how modern development is anymore and that it is about "moving fast and break things" (??) and that I should embrace change. It is so demoralizing because there's essentially no accountability on their end and it all falls on my team to fix fires. I'm seeing most people in my team are also demoralized and my team lead is now following the top lead instead of listening to our concerns.

I've realized that I cannot change anything there.

in my circumstance, i can't leave this job and I'm just trying to figure out what I can do to keep my sanity.

https://redd.it/1lxcvki
@r_devops

Has anyone tried both zap and burp enterprise?

What’s the difference between the two? I was on a call with a sales rep and they swore the two were very different. They couldn’t really explain the difference. It was strange.

https://redd.it/1lxfz1t
@r_devops

terraform 101 tutorial

hey there, im a devops engineer and working much with terraform.


i will cover many important topics regarding terraform in my blog:


https://medium.com/@devopsenqineer/terraform-101-tutorial-1d6f4a993ec8


or on my own blog: https://salad1n.dev/2025-07-11/terraform-101



https://redd.it/1lxgm0o
@r_devops

Shared a technical walkthrough on creating and deploying .dxt MCP extensions for Claude Desktop—minimal config, local runtime, cross-platform.

https://glama.ai/blog/2025-07-11-getting-started-with-mcp-desktop-extensions-dxt-in-claude-desktop

https://redd.it/1lxhtg9
@r_devops

getting into devops with this resume?

Hello!

I’m currently looking to land a DevOps engineering role and would really appreciate it if anyone could take a look at my resume.

I wrote this cv over the last few days and only started applying to devops positions since yesterday, so I still have no clue as to how it'll perform.

I'd appreciate any feedback! I obviously know it's extremely challenging to break in to the field but I'm extremely motivated and willing to continue working dilligently to achieve that goal.

Thanks in advance

https://redd.it/1lxfqhi
@r_devops

Where do you draw the line of how much developers can manage their own infrastructure?

For context, I'm a developer who's been tasked with helping our very tiny devops team rectify our code to infrastructure pipeline to make soc2 compliance happen. We don't currently have anyone accountable for defining or implementing policy so we're just trying to figure it out as we go. It's not going well and we keep going round-and-round on what "principal of least privilege" means and how IAM binding actually works.

We're in GCP, if that matters.

Today, as configured before I started at this company, a single GCP service account has god priviledges to deploy every project to every environment. Local terraform development happens via impersonation of this god service account. Gitlab impersonates the same SA to deploy to all environments. As you can imagine, we've had several production outages caused by developers doing something unintentionally with local terraform development against what they thought was a dev environment resource and ended up having global ramifications. We of course have CICD and code reviews - we just don't have a great way to create infrastructure. And the nature of what we're building ends up being infrastructure heavy as we're rolling our own PKI infrastructure for an IoT fleet.

The devops lead and I have sat at the negotiation table litigating the solution to this to death. I can't look to a policy maker to arbitrate so I'm looking for outside advice.

Do you air-gap environments so that no single service account can cross environment boundaries?

Do you allow developers to deploy to dev/sandbox/test environments? Do you have break-glass capability for prod in the event that terraform state gets wonked up from an intermittent API fault?

Can developers administer service accounts / iam permissions on dev environments? How about global resources like buckets?

How do you provision access for their project pipelines to do what they need to without risking the pipeline escalating its own privileges to break other infrastructure?

If Service A needs Resource Alpha running as Service Account Alphonso, how do you let the their pipeline create A, Alpha, and Alphonso without permitting read/mutation/deletion of service B, resource Beta, and account Brit? Is that even a real issue? What about Shared Resource Gamma? Or do you take away rights to deploy any infrastructure and only allow pipelines to revision deployed code?

Are these just squishy details and ideas that don't really matter so long as there's a point person who's accountable for policy?

https://redd.it/1lxl2m3
@r_devops

Best free courses for learning devops.

Which are the best free courses to learn devops as a student?

https://redd.it/1lxp5r4
@r_devops

My solution to collecting bug reports (no more duplicates, lackluster reports or user-error)

I've been drowning in bug reports lately. Players submit super vague reports through Discord and it turns into this endless back-and-forth just to get basic info. "The game is broken" → "What's broken?" → "It doesn't work" → you get the idea. It was becoming really time-consuming.

I looked into Sentry and Highlight io but they're great for crashes and API errors, not so much for the weird UI bugs or behavioral stuff that only humans notice.

So I had this idea - what if I made a bug report form that uses AI to actually be useful? It checks my GitHub issues for duplicates, asks follow-up questions when details are missing, and filters out the "this is user error" reports.

I also made it customizable so you can add your own prompts to "teach" it about your specific app and what kinds of reports to reject.

If anyone else is dealing with this kind of chaos, I put it up at bugspot.dev. It's free for small projects and the code's on GitHub if you want to self-host. Only thing you need to do is to look at the env example and get API keys for OpenRouter, GitHub and configure some Svelte variables :-)

https://redd.it/1lxm7n9
@r_devops

Programming languages in devops

I am a cybersecurity student who has been learning cloud and DevOps for the past 3–4 months.

As a cybersecurity major I haven’t focused heavily on coding, I have an intermediate-level understanding of Python and am comfortable with advanced scripting(bash and powershell). I also know that I need to learn Infrastructure as Code (IaC), YAML, and JSON.

So will this be enough for devops and cloud in programming aspect or I need to learn any other programming language.

https://redd.it/1lxsubv
@r_devops

Still maintaining GAE apps using Legacy Bundled Services?"

Anyone here still running or supporting apps built on the old Google App Engine bundled services stack (Java version)? Or know teams/companies that still do?

I’m referring to the original GAE model where everything was baked in—Datastore, Blobstore, Task Queues, Cron, the whole platform-as-a-service bundle. You basically just deployed your app and GAE handled the rest. No need to wire separate services or manage infra manually.

Just wondering if there are still people out there maintaining or modernizing systems built on this stack.

I still think the GAE API model is underrated—especially for fast app prototyping or even internal tools. There are a couple of open source efforts that tried to replicate the platform:

AppScale

https://github.com/AppScale/gts

A full reimplementation of GAE (in Python, but with Java support too). I used this a few times years ago. It gave a very GAE-like experience: CLI tooling, dashboards, even scaling knobs. Sadly, abandoned now. I tried standing up their Docker setup recently but something broke, I didn’t get the chance to dig into it. Back then, support was excellent even for free users. Props to the engineers who built it.

CapeDwarf

https://github.com/capedwarf

From the JBoss folks. Basically WildFly 8 with GAE API compatibility sprinkled in. It still runs today if you keep things on Java 8. What’s wild is how they pulled this off using Infinispan as the Datastore backend. It worked surprisingly well. The lead dev (Ales) mentioned he started by reimplementing Datastore, and the rest followed. I think modernizing it would be tricky now since Infinispan doesn’t support embedded mode anymore (correct me if I’m wrong). But it’s still impressive—GAE-style apps from 10+ years ago can still be hosted today, just self-managed.

Anyone else maintaining legacy GAE stuff, or trying to rebuild a similar internal PaaS? Curious what others are doing in this space.

https://redd.it/1lxu1l8
@r_devops

Anyone familiar with utho.com?

I’m stuck doing devops for a startup in India as an MLE and exploring cheaper options - cheaper than AWS. This one came into my radar recently and wondering why/how they are able to offer it for so cheap. What’s the catch. I don’t think I understand how these cloud providers pricing strategies work - but I’m willing to learn it in depth.

Helpful comments are welcome. Thank you.

https://redd.it/1lxv61h
@r_devops

Job Market

Hey everyone! I'm a freelance web developer, and I'm starting to get into DevOps because it seems pretty cool. Before I go too deep, I'm curious about the job market. Is it solid? or is it kinda like web dev where it feels super saturated sometimes?
Any insights would be awesome!

https://redd.it/1ly2r7o
@r_devops

Can you run keycloak with postgres on aws free tier?

I tried running them through a docker compose file, but every time my ec2 instance hangs up and stops responding. I have to stop it and start it again.

https://redd.it/1ly24lz
@r_devops

need structured learning resources (send me links)

I am already 3 years in web development but I’m now interested in making DevOps my specialized skill as a software engineer. Someone who can manage infra and the whole development to deployment process, as our company also needs one. Not being forced to do so but I just have the urge to do it (and it looks cool to be a master in this space). I’ve already watched few videos in YouTube but I need it to know it from this community. I need y’all to recommend me links/courses where I can learn it all. Linux fundamentals, dockers, CI/CD, cloud providers, etc. you name it. It doesn’t matter if it’s paid or free just throw it here.

Thanks!

also can you vouch for this course: https://www.skool.com/kubecraft/about

https://redd.it/1ly5sic
@r_devops