what should i know before deployment full stack system

i am talented at building spring boot java and angular/react systems with a database (relational/nonrealtional) but my problem is i dont have the skills or knowledge to deploy the systems for real use by users in addition i have dockerized systems before i know that helps


now i want to know how to deploy please help me what should i look for and know before deployment

https://redd.it/1m5dxxo
@r_devops

Project Idea Is there value in an AI (RAG)-powered deployment platform that provisions AWS/Azure infra automatically?

Hello, I am currently in grad school majoring in cs, wanted to work with rag systems and deployment services like aws infra, ci/cd pipelines, would this project solve some of your issues, if I build one would you be willing to use it?
Elaborate idea: An application where you give your repo, or github link or github authorization, and using its rag system it reads context from the repo, and answers your questions like to write a dockerfile, tells you why your deployment failed from logs, even helps with infra, like "solve this problem and push the pr to github" and it does that.
Your feedback would really help me out, otherwise i'll look for some other project to work on.
Thanks

https://redd.it/1m5fzhz
@r_devops

Need your help for my cloud learning journey and help me decide on a instructor ?

Hello Everyone,

Hope you are having a great day and enjoying the sunny days :)
I have recently started my journey into AWS Cloud and would love to know which course should I move forward with ?

I've have 4 popular instructors ->

Neal Davis (Digital Cloud Training)
Stephane Maarek (Udemy)
Adrian Cantrill
GPS (Learn to cloud)

Questions:

1. How do these instructors compare in terms of theoretical knowledge gained vs applied knowledge (any other factor that I may have missed) ?
2. Is it worth combining two of them ? If so, which one ?
3. Any underrated resources I should be considering ?

I don't want to run behind certifications I would like to develop a fundamental understanding in the cloud domain.

Your advice and experience would help me during my cloud learning journey !

https://redd.it/1m5gpo8
@r_devops

Helm charts


I’m a Senior Software Engineer and have recently earned my CKAD certification. Now, I’m looking to deepen my expertise in Helm, as I believe it’s one of the best tools for organizing and managing Kubernetes manifest files efficiently.

Would you recommend investing time in mastering Helm further? Is it truly valuable in real-world environments?

If so, I’d appreciate any guidance on where to start in order to build solid, hands-on experience. Any advice or learning path you can share would be greatly appreciated.

https://redd.it/1m5homt
@r_devops

Livy alternartives

Hi we are deploying apache spark and wondered what altervatives people are using to Livy.



https://redd.it/1m5l9ss
@r_devops

Anyone from big tech companies??

I need some guidance on how to crack into the big tech companies as a cloud and devops Engineer... Can anyone help me.?

https://redd.it/1m5nb63
@r_devops

Struggle with the fundamentals?

I joined as a graduate at one of the FAANGs and immediately started working on projects. I have worked as a DevOps engineer for 4 years but I feel I still struggle with the fundamentals. For e.g. I did an interview recently and they asked me about how ssl certificates work, no biggie but I struggled with an answer since I had forgotten the theory. I really want to get to a stage on where I don’t have to struggle with the fundamentals and theory anymore. I have been advised to be able to crack interviews better, you need to be good at the fundamentals and I really want to get to that stage!

https://redd.it/1m5p1ga
@r_devops

Just finished setting up automated deployment - lots of things learned. Was yours different?

For last few years I have been part of a team maintaining AWS infra, however we are at the early stages of learning and development. So far we have been running terraform appllies manually.

Now finally I have had time and desire to setup my first automatic pipeline, just out of the rabbit hole. It was not that easy, here is what I had to do...

My task was harder because I have set these requirements to myself: no AWS credentials, use instance profile + IAM, should work cross-accounts. so need cross-account assume role grants.

1. First thing I learned that our superadmin access to AWS is very different from non admin access. It has all the permissions under the sun. But for the CI/CD , I have setup a separate IAM role, and had to grant all the necessary IAM policies, execution roles, all fine grained. I could have just given admin permissions, bu I only needed stuff for docker repository and microservices.
2. WTF is PassRole? ChatGPT kept convincing me that I need it, even AWS docs said that I need it. I could not understand what it is. Finally, I did not need it in my case.
3. Additional IAM hell, like granting assume roles, configs split between various environments.
4. We use internal git repositories, and gitlab/github practice is to use ssh. Easier was to flip to using `git::https...` in terraform modules sources, with token authentication, but had to do git config changes to use ".insteadOf" for rewriting git URLs
5. if that was not enough, our security team slapped us with HTTP proxy instead of NAT gateways.

Maybe there was something else along the way, I cant remember in the spaghetti of the code and issues I had to fix. But it feels like it was supposed to be easier, or maybe I just did it wrong?

The only way I think it would have been easier, and maybe it should have been to some extent, if I was:

a) using AWS access id/key, I could just store them in git repository, and use per environment where I need to deploy. CI/CD needs to run in pre-prod? use pre-prod AWS keys to run directly in that account.

b) store IAM config in the same repository, run terraform manually, because it needs to be done once or rarely.

c) give wider permissions to the CI/CD pipeline, so that I do not discover what IAM policy is needed for each small thing.

Learned a lot, happy it is working, will do it again.

https://redd.it/1m5lzgz
@r_devops

Are the titles merging?

Hey folks,

Trying to get my head around the titles we are given vs what we do.

Although I’m a Cloud Engineer by title, I’m completely in control of the CICD, software release and deployments.

I’ve also been tasked with the secure code pipelines. This is outside of my day to day AWS operations, cost analysis etc etc.

When does Cloud Engineer become SRE / DevOps / Platform engineer and so on?

https://redd.it/1m5rndc
@r_devops

Job Opening

Potential job opening for a seasoned devops engineer in the dmv area. Contract to hire. Must reside locally.

https://redd.it/1m5sfje
@r_devops

How do you handle security tool spam without ignoring real threats?

Our security people just dumped another 5000 "critical" findings on us. Half of them are like "S3 bucket allows public read access" for our fucking marketing site that's literally supposed to be public.
Meanwhile last month we had an actual data leak from a misconfigured RDS instance that somehow wasn't flagged as important.
I get that they need to cover their ass but jesus christ, when everything is critical nothing is critical. Anyone else dealing with this? How do you separate signal from noise without just ignoring security completely?
Starting to think we need something that actually looks at what's running vs just scanning every possible config issue.

https://redd.it/1m5uezj
@r_devops

Joining in as the first "DevOps guy" at a startup. Any ideas on how I could create good impact?

I've worked as a DevOps Engineer at a big company for 3 years. I'm joining a startup now so I'll be expected to hit the ground running. Where do you think I should start from to enforce DevOps principles?

https://redd.it/1m5wofb
@r_devops

SecretSpec: Declarative Secrets Management

We've recently released secretspec.dev, I wonder what's the opinion of the folks here on a tool that unifies the interface between secrets providers and applications? See the announcement post at https://devenv.sh/blog/2025/07/21/announcing-secretspec-declarative-secrets-management/

https://redd.it/1m5shwf
@r_devops

Built a tool to stop wasting hours debugging Kubernetes config issues

Spent way too many late nights debugging "mysterious" K8s issues that turned out to be:

* Typos in resource references
* Missing ConfigMaps/Secrets
* Broken service selectors
* Security misconfigurations
* Docker images that don't exist or have wrong architecture

Built Kogaro to catch these **before** they cause incidents. It's like a linter for your running cluster.

**Key insight**: Most validation tools focus on policy compliance. Kogaro focuses on operational reality - what actually breaks in production.

Features:

* 60+ validation types for common failure patterns
* Docker image validation (registry existence, architecture compatibility)
* CI/CD integration with scoped validation (file-only mode)
* Structured error codes (KOGARO-XXX-YYY) for automated handling
* Prometheus metrics for monitoring trends
* Production-ready (HA, leader election, etc.)

**NEW in v0.4.4**: Pre-deployment validation for CI/CD pipelines. Validate your config files before deployment with `--scope=file-only` \- shows only errors for YOUR resources, not the entire cluster.

Takes 5 minutes to deploy, immediately starts catching issues.

Latest release v0.4.4: [https://github.com/topiaruss/kogaro](https://github.com/topiaruss/kogaro)
Website: [https://kogaro.com](https://kogaro.com)

What's your most annoying "silent failure" pattern in K8s?

https://redd.it/1m5ro6l
@r_devops

Looking for Advice (Please reply don't skip)

Hi
Everyone,

I have 3.5 years of experience in SEO, however I want to switch it into devops because of various reasons including personal, finance and professional reasons.

My education background is from commerce.

I chose tech because i already interact with websites, so I know little about technicalities.
And, I felt I may be good for more tech instead of marketing.

That's why I started preparing for the same since March month.

I completed:
Basic overview of theory concepts
Linux commands
Git and GitHub
Python (from Hello world to oops and then python scripting)
Bash scripting
CI and CD pipeline (GitHub actions)
And , Just started AWS.


And, all this I did through my friend course instead of purchasing my own.

But, from a job perspective i needed a certificate, that's why thinking of purchasing a devops course from PW skills (same purchased by my friend).


So, what are your thoughts on this
Am I going on the right path
Or, any mistakes or suggestions?

Note: i know devops is not for entry level and also I don't have a tech degree like btech. That's why It will be difficult for me to get a job. But, i will give my best because I have back up (my current job).
So, please give me just realistic and practice advice in a positive manner.

https://redd.it/1m6465g
@r_devops

Gartner thoughts?

Just curious how do you feel the comments and analysis of gartner and other analysis firms take on platform engineering and ai- automation of Devops..

Have seen the leaders and managers take the gartner suggested tools seriously

https://redd.it/1m668tl
@r_devops

Certificate stuck in “pending” state using cert-manager + Let’s Encrypt on Kubernetes with Cloudflare

Hi all,
I'm running into an issue with cert-manager on Kubernetes when trying to issue a TLS certificate using Let’s Encrypt and Cloudflare (DNS-01 challenge). The certificate just hangs in a "pending" state and never becomes Ready.

Ready: False
Issuer: letsencrypt-prod
Requestor: system:serviceaccount:cert-manager
Status: Waiting on certificate issuance from order flux-system/flux-webhook-cert-xxxxx-xxxxxxxxx: "pending"

My setup:

Cert-manager installed via Helm
ClusterIssuer uses the DNS-01 challenge with Cloudflare
Cloudflare API token is stored in a secret with correct permissions
Using Kong as the Ingress controller

Here’s the relevant Ingress manifest:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: webhook-receiver
namespace: flux-system
annotations:
kubernetes.io/ingress.class: kong
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts:
- flux-webhook.-domain
secretName: flux-webhook-cert
rules:
- host: flux-webhook.-domain
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: webhook-receiver
port:
number: 80

Anyone know what might be missing here or how to troubleshoot further?

Thanks!

https://redd.it/1m5kn6b
@r_devops

How Did You Become a Real Cloud Engineer? I'm on the Path — Would Love to Hear Your Journey

Hey everyone,

I’m currently studying to become a Cloud Engineer and wanted to reach out to this amazing community for some inspiration and perspective.

So far, I’ve built a solid foundation:

* I'm comfortable with **AWS core services** (EC2, S3, IAM, VPC, CLI, etc.)
* I’ve spent a lot of time learning **Linux** and working with the **command line**
* I understand **networking fundamentals**
* I've learned **Python** to use it as an automation tool

But even with all of this, I sometimes feel stuck. Not because I’m not learning, but because I wonder *what comes next?* I’m grinding daily after work, doing my best to stay focused, but I still don’t know what the leap into the first real cloud job looks like.

That’s why I’m reaching out.

**How did** ***you*** **actually become a Cloud Engineer?**

* What was your first break into the field?
* Did you build projects, take internships, or get lucky with a mentor?
* Were there specific skills or habits that made all the difference?

I’m not looking for shortcuts. Just real stories — the honest, sometimes messy, journeys that took you from learning to actually *doing* the job.

If you’re willing to share even a piece of your story, it would mean a lot. Someone out there (maybe me) really needs to read it today.

One last question: Can **Cloud Engineering** be a globally remote job or not?

Thank you so much. 🙏
—A cloud engineer in the making

https://redd.it/1m699u8
@r_devops

Our AWS bill just gave me a heart attack, how do you guys keep it under control?

Seriously, every time I think we’ve optimized, the damn AWS bill shows up like, Surprise you forgot something

We’ve got dev environments, staging, random test instances all running like it’s a 24/7 party. And don’t even get me started on RDS and cache services that no one remembers launching.

I’ve been thinking there has to be a smarter way to schedule things like turning stuff off after hours, resizing machines on weekends, maybe even rebooting stuff regularly to clear memory bloat. But building it all with scripts feels like a second job.

Curious how are you all tackling this without losing your sanity (or your job)? Is there a setup that actually works for real world teams?

https://redd.it/1m6a920
@r_devops

Broadcom rug pull,.. Can we as community afford to fork Bitnami?

Hey folks,

If you are using Bitnami Helm Charts, they will likely break after August 28th, 2025, unless you take action.

They will first migrate then delete their legacy charts, and you have to subscribe (pay) to them to use their hardened charts.

Question - where do we go from here given this rug pull from Broadcom? Can we afford to fork AND, more importantly, maintain them?

EDIT: source: https://github.com/bitnami/charts/issues/35164

https://redd.it/1m6atam
@r_devops

Making system design diagrams less painful.

Hi everyone!

After years of pain of designing system design diagram by hand, I have decided to try and make the whole process smoother and faster.

I developed RapidChart, a free technical diagram generator that lets you design your system architecture much faster!

I’d love for you to try it out and let me know what you think.

Best, Sami

https://redd.it/1m6aclv
@r_devops