What Are the DevOps Tools You Rely on Most This Year?

Hey Redditors, I’ve been reflecting on the ever-growing toolbox we use in DevOps. Are there any tools you swear by in 2025, ones that consistently help you out, no matter how tough the situation? Whether it’s for troubleshooting, automation, monitoring, or deployment.

For me, one tool that has consistently proven its value is Tailwind CSS. While it’s often mentioned for UI work, I’ve found its utility-first approach to bring design consistency and speed, helping me ship front-ends more efficiently, especially when paired with rapid automation and deployment cycles.

https://redd.it/1m2yhkg
@r_devops

I self-created Linkedin Job, Applied with 18 different resumes to see which resume format passes ATS, here it is.

Hi Folks,

During past few weeks I was experimenting with Linkedin, I created few of accounts with different setup to see what makes candidate to have higher chances to get a job or be rejected by Linkedin filters.

Out of 56 candidates only 18 appeared in my Inbox, for others I had to manually select "Not a Fit" section (spam folder) to see those candidates as they are hidden. They get a rejection letter 3 days after application. LinkedIn does this 3 day thing not to frustrate people, shitty thing if you ask me cuz you are hopeful for that time while in fact you are already rejected.

Before I go on, let me give a full disclosure, I'm sharing LaTeX formatted resume for TL;DR (latex is open source format for creating documents) also I'm adding UI Interface I did for those who just wanna use UI to drag and drop PDF, before you accuse me of something you should be aware that this app is free (with limitations) and doesn't require signup it basically takes your current resume and converts that to the very same LaTeX resume so you don't have to do it manually. You can use either, both will be equally fine, UI works only for pdf (no Word files) also it fails sometimes (1-2% of times), I have no plans of improving it, but you can.
Ok lets continue with Linkedin filters:

The very first and most Brutal filter is if your Country is not in same country where job was advertised.

If job is advertised as Hybrid or On-Site, and your location is way too far even in same country you have 50-50 chance of ending up in spam (auto-reject)

Another one is your Phone number's country code, don't use foreign numbers

Another big one is Resume format. Some PDF resume formats especially fancy ones are not parsed well by Linkedin and if they can't parse it they will rank you significantly lower. Keep it very simple in terms of styling.

Don't spam bunch of keywords e.g. comma separated/bullet list of technologies at the bottom of the page, this kind of tricks doesn't work anymore and will do more harm triggering spam filter, keywords should be naturally integrated in descriptions of what you did at your past jobs. If you need to highlight them for recruiters you can use bold text.

https://redd.it/1m2yzxj
@r_devops

Managing authorization for every identity with full visibility, consistent policy enforcement, and alignment with a Zero Trust strategy - solution my team and I have been working on for the past 4 years. What do you think about it?

Hey everyone! I thought it would make sense to share about a solution my team and I have been working on for the past 4 years, in this community. Would love to get your thoughts on it.

I think it’s especially relevant, since OWASP’s Top 10 top issue has been related to access control for several years now.

The back story is that permission management across applications is difficult, especially as the code base grows. You have 100+ users, multiple services, and several environments. And hardcoded access control rules tangled with business logic make every new role and permission change a hassle to write, test, and maintain. 

So, in order for the access rules to stay consistent across the entire code base & avoid security vulnerabilities - we built Cerbos. It’s an authorization layer that can evolve as your product grows. It enables our users to define context-aware access control in simple, intuitive, and testable policies. 

The part I'm most excited to share with you, is that over the last year we’ve spoken with hundreds of customers, which has helped shape four new use cases of Cerbos Hub :)

Fine-grained, tenant specific authorization. If you’re thinking “We need to let our customers define their own roles and rules without hardcoding every customization” - that can now be done with Cerbos Hub.
Dynamic policy management at scale. Users can automate the full lifecycle of their authz policies (Policy Stores enable programmatic creation, updates, and deployment of policies via API, triggered by any event or system in their stack)
Scalable NHI permission management. We’ve all heard about the incidents related to overprivileged NHIs…Cerbos’s NHI support gives teams centralized, policy-based authorization for every non-human identity.
Secure authorization for MCP servers. MCP-related breaches are popping up as well - Asana, Atlassian, and most recently - Supabase. Clearly, misconfigured agents can easily access more than they should. Cerbos Hub can control which agents can access which MCP tools, using policies evaluated per agent, per tool, and per session, outside your server logic. 

Here are more details, if you’re interested: https://www.cerbos.dev/blog/updated-cerbos-hub-complete-authorization-solution-for-your-identity-fabric

And if you'd prefer to watch a video on how it works, rather than read: https://youtu.be/JNiNV15WIr4



What do you think of the solution? ( Constructive criticism more than welcome as well :) )

Do you think it could be useful to you?

https://redd.it/1m2yzmm
@r_devops

I self-created Linkedin Job, Applied with 18 different resumes to see which resume format passes ATS, here it is.

During past few weeks I was experimenting with Linkedin, I created few of accounts with different setup to see what makes candidate to have higher chances to get a job or be rejected by Linkedin filters.

Out of 56 candidates only 18 appeared in my Inbox, for others I had to manually select "Not a Fit" section (spam folder) to see those candidates as they are hidden. They get a rejection letter 3 days after application. LinkedIn does this 3 day thing not to frustrate people, shitty thing if you ask me cuz you are hopeful for that time while in fact you are already rejected.

Before I go on, let me give a full disclosure, I'm sharing LaTeX formatted resume for TL;DR (latex is open source format for creating documents) also I'm adding UI Interface I did for those who just wanna use UI to drag and drop PDF, before you accuse me of something you should be aware that this app is free (with limitations) and doesn't require signup it basically takes your current resume and converts that to the very same LaTeX resume so you don't have to do it manually. You can use either, both will be equally fine, UI works only for pdf (no Word files) also it fails sometimes (1-2% of times), I have no plans of improving it, but you can.
Ok lets continue with Linkedin filters:

The very first and most Brutal filter is if your Country is not in same country where job was advertised.

If job is advertised as Hybrid or On-Site, and your location is way too far even in same country you have 50-50 chance of ending up in spam (auto-reject)

Another one is your Phone number's country code, don't use foreign numbers

Another big one is Resume format. Some PDF resume formats especially fancy ones are not parsed well by Linkedin and if they can't parse it they will rank you significantly lower. Keep it very simple in terms of styling.

Don't spam bunch of keywords e.g. comma separated/bullet list of technologies at the bottom of the page, this kind of tricks doesn't work anymore and will do more harm triggering spam filter, keywords should be naturally integrated in descriptions of what you did at your past jobs. If you need to highlight them for recruiters you can use bold text.

Here is the link to the site: interview10x.com

https://redd.it/1m310bz
@r_devops

Devops, CI/CD, Docker, etc. course

Hello,

I'm looking for a course that covers all DevOps concepts — both from a project-level perspective and, of course, the technical side like Docker, CI/CD, etc.


I found this course, which doesn’t seem bad:

https://www.coursera.org/professional-certificates/devops-and-software-engineering#courses

Plus, I could list an “IBM Certification” on LinkedIn.

What do you think?
Do you have any other course suggestions?

I’m also willing to pay, as long as it’s something well-structured and high quality.
Keep in mind that I work full time, so I don’t have time for 400,000-hour courses that explain things I’ll never use.

Thanks!

https://redd.it/1m333nw
@r_devops

How do you structure incident response in your team? Looking for real-world models

I recently wrote a blog post based on conversations with engineering leaders from Elastic, Amazon, Snyk, and others on how teams structure incident response as they scale.

We often hear about centralized vs. distributed models (ie., a dedicated incident command team vs. letting service teams handle their own outages). But in practice, most orgs blend the two, adopting hybrid models that vary based on:

* Severity of the incident
* Who owns coordination vs. fixing
* How mature or experienced teams are
* Who handles communication (devs vs. support/comms)

I'd love to hear from you:

**How is incident response handled on your team?**

* Do you have rotating incident commanders or just whoever’s on call?
* How do you avoid knowledge silos when distributed teams run their own incidents?
* Have you built internal tooling to handle escalation or severity transitions?

Would love to hear how other teams think about this.

\---

ps: here's the full post if you're curious about hybrid models: [https://rootly.com/blog/owning-reliability-at-scale-inside-the-hybrid-incident-models](https://rootly.com/blog/owning-reliability-at-scale-inside-the-hybrid-incident-models)

https://redd.it/1m2yqbu
@r_devops

auto reboot stuck on bios
https://www.reddit.com/gallery/1m2u4h5

https://redd.it/1m35kae
@r_devops

Spectral lint demo for APIs

Hey 👋

I’ve put together a GitHub repo that showcases Spectral linting, specifically for APIs.

It’s to demo how the Spectral tooling can help DevOps and Dev teams identify OWASP violations in your OpenAPI specs as well as show how it can help enforce your own organisational guardrail and governances for your APIs (operation naming conventions for example). The repo has a good and bad example you can run against to see how Spectral works.

Additionally, I’ve put together a GitHub Action that triggers on PR to show how it can be used as part of your PR gates, as well as how you can shift left locally in VS Code for example.

Hopefully helps those unaware of the tool or aspiring devops people looking for a real world demo, free, that they can run on their own machine to get to grips with it!

If you find it useful, feel free to star it!

https://github.com/riosengineer/spectral-demo



https://redd.it/1m329uc
@r_devops

Docker-BuildAgent: One Build Image for Node, Angular, .NET, and More!

I am having deja-vu...I thought I posted this, now I cannot find it.

Hey devs! I just released a major update to Docker-BuildAgent – a flexible, all-in-one Docker image and build system for modern CI/CD pipelines.

What is it?

A pre-configured Docker image and build orchestrator (built on NUKE) for Node.js, Angular, .NET, and PowerShell projects.
Designed for GitHub Actions, but works with any CI/CD.
Handles Docker builds, Node/Angular builds, artifact packaging, versioning, and even Discord/GitHub notifications.

Key Features:

🐳 Docker image builds, tagging, and registry push
🟢 Node.js/Angular/React support (auto-detects package manager)
📝 Customizable build scripts and artifact copying
🔁 Reusable build logic via NUKE targets
💬 Discord & GitHub integration for notifications/releases
🧪 Dry-run mode for safe testing
⚡ Pre-installed: Node, Angular CLI, .NET 8 SDK, Docker CLI, PowerShell, Git, GitVersion, Nuke, and more

How do I use it?

Mount your project as `/workspace` and run `docker-build` or `node-build` (see Quick Start)
Customize with .build.scripts, .build.copy, and env mapping files
Use the provided templates for Dockerfiles if you don’t have your own
Full CI/CD examples for GitHub Actions

Docs & More

Full Documentation
Customization options
Parameters & settings
Troubleshooting & FAQ

Why? I wanted a single, reproducible build environment for all my projects, with best practices and zero “works on my machine” issues. If you’re tired of maintaining separate build scripts and Dockerfiles for every stack, give it a try!

Feedback, questions, and PRs welcome! 🙌

https://github.com/The-Running-Dev/Docker-BuildAgent

https://redd.it/1m3e2qt
@r_devops

How would you deploy multiple clients in one k8s cluster using ArgoCD and kustomize?

I prefer kustomizations whenever possible, and I'm about to start using ArgoCD for the first time.

But how would you structure your Git repos in order to deploy multiple client instances of an application in k8s? Would you have one branch per client, one repo per client maybe? Other smart methods?

Let's say each client needs a tomcat instance and a database instance from mariadb operator. And will use some shared services like valkey for example.

https://redd.it/1m3fjb8
@r_devops

AI-driven burnout?

I left my desk today having accomplished a lot I guess, but working with AI tooling feels hollow for some reason. I’m still making technical design-related decisions and “writing” code if you can even call it that anymore. I ship a bit faster now and can get up to speed on new tools much faster. But it feels really mechanical. This could also be that I’ve been doing this job a decade and a half and maybe this is just natural burnout. I’m approaching 40, and have a ways to go in my career but I don’t think I can keep doing the same thing for another 20 years.

Building everything for, and with AI just has me questioning how useful is this work to society as a whole.

I’ve always loved computers and technology in and outside of work. But lately I’ve been really over it all.

https://redd.it/1m3nva7
@r_devops

My teenager son wants to learn devOps

Hello reddit! My teenager son wants to be a devops engineer and i need some tips or some resources. My background is mostly software development for the first decade and move up as architecture then lots of devops (mostly azure and gcp terraform and automation). Should I let him play with software development first then slowly into infra/devops like I do or let him do system networking/sysadmin stuff? My kid has some basic knowleged in coding from school and nothing else other than playing chess all day. 😁

https://redd.it/1m3p8h4
@r_devops

Is parallels desktop best option for devops on m1 mac?

Is parallels desktop best option for devops on m1 mac?

Any alternatives?

https://redd.it/1m3qr32
@r_devops

(Newbie Deployer) NGINX- Docker-Compose or K8s?

I am currently running 2 different docker-compose services on the same CVM (using different docker-compose files).

One is a .NET service running on .../8080, another is a FastAPI running on .../8000

(some of the FastAPI endpoints also call the .NET endpoints)

I'm looking to add NGINX because I need SSL for both services.

However, I don't know which is the better option:

1) Consolidate everything into a single Docker-Compose with NGINX in said docker compose
2) Setup K8s NGINX Ingress Controller, as well as use K8s pods to rout between the 2 different services based on outside traffic (?)

I'm not familiar with K8s at all (but I am interested to learn... just don't want to crash out because this project does have some sort of deadline).

Have only recently begun to feel a little teensy bit of confidence/familiarity with Docker.

Alternatively, are there any other options or progressions?

https://redd.it/1m3s0lp
@r_devops

How do you handle tagging repositories when it's time to release code?

One thing I've never really seen done, despite it always seeming like a good idea is tagging repositories for releases. Part of the reason I've never implemented it myself is that I don't know how to work around the following issues:

1. How do you actually tag the designated commit? Just through the git CLI? In the browser? Do you have a job for it?
2. How do you manage ancient tags and the associated job for releasing them? Admittedly this is biased by the CI/CD tools I've used, but all of them so far feature a build per branch, so in my experience, with nothing tidying old tags up, there'd be hundreds of build/release jobs? Is it usually a case of ignoring them and manually tidying them up?

For context, everywhere I've worked usually either does some nonsense sort of git flow (much more about giving the developers a feeling of safety rather than actually making anything safer), or just releasing from the top of main following the principle that commits pushes to main should already have been validated as safe. Great principle in my experience if you can get everyone to follow it.

If you're doing git tags for releases and you've solved these issues could you explain what you did? Could you also provide context for how often releases are performed and who actually does them?

https://redd.it/1m3rfgl
@r_devops

Can a container know the list of mounted volumes?

I have a an app that’s distributed as a Docker image and by default, it uses SQLite for simplicity. So the recommendation is to either use an external DB like Postgres, but if the user wants to keep it simple they can keep using SQLite.

The issue is that sometimes they forget to map the SQLite path to a host path, the container dies and the data is lost.

Any suggestions on how to alert the user (other than on documentation)?

https://redd.it/1m3taue
@r_devops

I analyzed 50k+ LinkedIn job posts to build job-focused DevOps Roadmaps

Hi Folks,

We've been working on roadmaps https://prepare.sh/roadmaps and figured we'd share it here to get some thoughts from the community.

All data is based on LinkedIn job postings (Jan 2025 - To Present). The main angle here is to land jobs or increase salary/total comp and imo the best way for this was to use recent job market data rather than listing every possible DevOps tool.

We built a trends system and analyzed tons of LinkedIn job posts based on what companies are actually hiring for (the system is live on our site too). Instead of one generic roadmap, we made separate ones for SRE, SysAdmin, MLOps, DevSecOps, Cloud Engineer, and classic DevOps. Each has actual courses linked to the topics.

The entire foundation courses are completely free. There's a small fee for advanced content to help cover server costs since they come with live environments - most are 1-click deployments of Kubernetes, Grafana, Prometheus, Postgres, Mongo, Kafka, Vault, etc.

Please lmk what you think!

https://redd.it/1m3vg3x
@r_devops

Can i work with devops?

I graduated last month and have an opportunity to study devops on an pretty good place. I know how to code using python and js (fullstack). What are your thoughts?

https://redd.it/1m3ya74
@r_devops

Suggestions for Observability & AIOps Projects Using OpenTelemetry and OSS Tools

Hey everyone,

I'm planning to build a portfolio of hands-on projects focused on Observability and AIOps, ideally using OpenTelemetry along with open source tools like Prometheus, Grafana, Loki, Jaeger, etc.

I'm looking for project ideas that range from basic to advanced and showcase real-world scenarios—things like anomaly detection, trace-based RCA, log correlation, SLO dashboards, etc.

Would love to hear what kind of projects you’ve built or seen that combine the above.

Any suggestions, repos, or patterns you've seen in the wild would be super helpful! 🙌

Happy to share back once I get some stuff built out!

https://redd.it/1m3xkwj
@r_devops

How to actually think as a DevOps and cloud engineer?

I'm new to this, 22 years old, graduated 2 weeks ago. I somehow managed to get my GCP Associate, AZ-104, SC-900, learned some tools and all, but I dunno... I still feel like I'm nothing.

I know you'll say "do projects and real things," but let's be honest , we all use AI or watch some tutorial from existing cloud architecture. Like, I dunno, I feel like I'm not a real engineer.

I want to actually think like a DevOps/cloud engineer but I'm struggling with imposter syndrome here. How do you move from just following tutorials to actually understanding and creating solutions and have that real thinking ?

https://redd.it/1m41z5q
@r_devops

multiple net interfaces handling

hi recently I was thinking about following case:

I have a linux destop machine that is plugged to network A via eth cable and has enabled wlan that connect to network B. both interfaces are up and runnig. How do I know what interface is currently used f.e. when I open the browser and enter a site or execute apt in terminal ?

https://redd.it/1m46ebk
@r_devops