Azure CDN (Classic) deprecation

Had anyone else had just the worst experience with the CDN (Classic) migration?

To combat this migration, I had to update our ARM templates to deploy three different use cases tied to routing. First, a migrated custom domain, second a new CDN Custom domain and third, a CDN just using endpoints. I successfully did this and tested 20 different test cases before 08/15. I was blocked from Microsoft from using the built-in migration tool so we had to migrate after the cut off of new custom domain and CDN deployments.

Now that I've migrated our development environments, im facing a plethora of issues, inability to redeployment a custom domain, the profile itself (because it already exists or is in a region as opposed to global), and finally configuring routes.

The documentation seems so incomplete and support engineers don't seem capable of assisting with issues.

I'm using ARM templates because thats what works, but on the side, rebuilding everything with Terraform.

This whole thing has been a PITA and I've finally been able to get buy in from management to accept downtime so we can redeployment the profiles with new custom domains. It's been such a struggle. I cant way to be done with this.

Side Note: I keep receiving recruiter emails, specifically to work in the Azure Front Door department within the Networking team. How bad did they plan this?

https://redd.it/1nnwz80
@r_devops

Solo project making my head swim. What’s everybody working on?

I’d say I’m well in the weeds at this point. Got a backend VM running a Linux ISO and docker, frontend Electron app and client (browser) that all works immaculately in dev. My fun started when I tried to hoist it all centrally using Cloudflare and proxy the VM to the internet with cloudflared. Packer kept exploding so I’m just using vagrant to spare myself that headache for now.

Recently implemented OpenBao to try to get a CIDC and KMS going for a central auth. On top of CI/CD, of course. OpenBao persists locally on the VM and checks centrally, in theory, but keeps exploding at the moment. Separate repo made to manage those secrets. Now I’m working on a separate repo to manage all of this mess to just try and keep myself sane, while also managing the cert.pem and log distribution and health/telemetry.

I’ll figure it out but the whole “thinking” thing is giving me a mental blowout. What’s everyone else working on?

https://redd.it/1nnxn3n
@r_devops

🚀 Built a Multi-Container Todo App with Docker, Terraform, Ansible & GitHub Actions

Hey folks, I just finished a project from [roadmap.sh](https://roadmap.sh/projects/multi-container-service),

🐳 **Stack & Tools**

* Node.js + Express API
* MongoDB (Mongoose ODM)
* Docker & Docker Compose
* Terraform (provisioned VM on Google Cloud)
* Ansible (server setup + deployment)
* GitHub Actions (CI/CD pipeline)

📌 **What it does**
A simple unauthenticated **Todo API** with CRUD:

* `GET /todos` → list all
* `POST /todos` → create
* `GET /todos/:id` → read one
* `PUT /todos/:id` → update
* `DELETE /todos/:id` → delete

Todos are stored in MongoDB with persistent volumes.

🏗 **How I built it**

1. Started local with **Docker Compose** (API + MongoDB containers).
2. Used **Terraform** to spin up a VM on Google Cloud.
3. Automated setup with **Ansible** (Docker, Docker Compose, running containers).
4. Setup **CI/CD with GitHub Actions** → on push, build & push Docker image, redeploy via Ansible.
5. App accessible through the **external IP** of the VM in the browser.

✅ **Key takeaways**

* Learned how to connect multi-container apps with Docker Compose.
* Got comfortable with Terraform for infra provisioning.
* Automated repetitive tasks with Ansible.
* Built a working CI/CD pipeline from GitHub to cloud.

💡 **Next step / Bonus**
Planning to add **Nginx reverse proxy** \+ a custom domain instead of raw IP.

repo :https://github.com/yanou16/Multi-Container-Application


https://redd.it/1nnvgkp
@r_devops

SMS provider for system alerts + OTPs

I manage system notifications and OTP delivery for my company. Twilio has been our go-to, but latency and support have been issues. Looking for an alternative that gives fast delivery, solid logs, and predictable uptime.

https://redd.it/1no0amj
@r_devops

How would you handle copying prod databases to dev along with auth and other dependencies?

Our devs are requesting the ability to clone pod databases to a dev db for debugging and testing. Current dev environment shares a db and keycloak tenant with staging. I’m not sure the best way to satisfy this request.

Basically they want to be able to clone aspects of prod to a new dev db. They’re also requesting a separate keycloak for dev too. Where it gets challenging is our various integrations like Google and Xero. I don’t know how this could work and I’m not even sure what questions to ask.

Anyone have any thoughts here?

https://redd.it/1no58e6
@r_devops

Newbie Project

Hello All,

I am rather early into my own DevOps journey. A coworker gifted me a Lenovo Thinkcentre M75q-1. I plan to upgrade the RAM to 32gb DDR4.

I would like to use it to get hands-on experience. I was curious what might be some good first projects to try that I could iterate off of and grow it into more complex projects?

Thanks for any and all suggestions.

https://redd.it/1no6zgr
@r_devops

Stuck choosing between “too much responsibility” and “not enough growth”

I have two offers, and they feel completely different. I had a vague sense of this while preparing for the interviews. Although the noscript is the same, the actual work content and psychological pressure are very different.
At a startup, every conversation feels like a test to see if I can survive as the sole dev person. During my preparation, I constantly used leecode to review, practiced mock system design problems with beyz coding assistant, and even had gpt as my interview coach for mock interviews. cuz their information is very difficult to find online. Sure enough, they asked the same question: "If the cluster goes down and you're left alone, what would you do?"

At a large company, the atmosphere is different. Interviews focus on structured processes and teamwork. Even the interview question I found on the IQB interview question bank matched their question: "Tell me about a time you worked with a cross-functional team." Predictable, stable... but the opportunities for advancement seem slim.

So now I'm torn. Startups are unstable, but they can accelerate my learning process. Large companies won't suddenly collapse and go bankrupt. With mentors available, it can take years to master even a single part of devops. There's also the risk of layoffs. Any advice?

https://redd.it/1no8n27
@r_devops

Setting up fresh infra for my new freelancing work - is my strategy solid?

I’m setting up my new software development freelancing "company", and I’m currently in the planning phase. Would love some input from people who’ve done this before.

# Current Setup

I have two domains + two VPS/root servers:

|Domain|Server|Nickname|Usage|
|:-|:-|:-|:-|
||
|**myCompany.com**|4c AMD EPYC 9645, 8 GB DDR5 ECC, 256 GB NVMe SSD, 1 IPv4)|BaseFort01|Admin / Control / Company Website|
|**myCompany.cloud**|8c AMD EPYC 9645, 16 GB DDR5 ECC, 512 GB NVMe SSD, 1 IPv4)|BaseCamp01|Client SaaS platform|

I plan to add more BaseForts later (maybe 1 more, mainly for HA).
For BaseCamps, I’ll map subdomains for each client app. Some clients might have multiple apps, so scaling strategy is a question for me. Current subdomain strategy looks like this - app1.client1.mycompany.cloud, app2.client1.mycompany.cloud, app1.client2.mycompany.cloud etc..

# Planned Approach

1. BaseFort servers → Admin/control plane, company website, HA setup later.

2. BaseCamps → Client SaaS apps. Example:

>

# Questions

1. Does this sound like a reasonable starting strategy?
2. How would professionals approach this?
3. What all do I need to consider to use Dokploy?

Would really appreciate any pointers or criticism on my setup before I go too deep into it.

https://redd.it/1no9o7b
@r_devops

How do you manage ADO pull requests directly in VS Code?

Our team works with Azure DevOps Repos, and the constant context switching between the browser and VS Code for PR reviews is killing productivity. It feels clunky to review code in one UI while actually coding in another.

What would really help is being able to:
- Create new PRs right after pushing a branch
- List and checkout branches for review
- Block commits to restricted branches
- Approve/Reject/Request changes directly in-editor
- Add comments, reply, resolve threads
- Even make inline code suggestions with full IntelliSense and linter support

Basically, reviewing in VS Code itself instead of juggling tabs.

So my question is that Has anyone found a good way to handle PRs for Azure DevOps repos inside VS Code? Is there an extension, a noscript, or even a hacky workflow that makes this easier? Or is everyone just living with the browser workflow?

https://redd.it/1nobne3
@r_devops

Best self-managed Kubernetes distro on AWS

Hello fellas, I started working some months ago in a company that is full AWS, but that has seen many generations of Engineer pass and go, everyone started something and did not finish it. Now I took the quest to organise infra in a better way and consolidating the different generations of Terraform and ArgoCD laying around.

We are currently using EKS and we are facing a cost management issue, I am trying to tackle it optimizing the resources allocated to the different deployments and cronjobs, leveraging node groups and the usual stuff.

But I would really love to move away from EKS, it is expensive and, IMHO, really complicated to manage. I can see the point of using it when you have few mid level Engineers, but as I wish to raise the level of the team, that is not going to be an issue.

I already worked with different K8S distro on AWS: rancher, rke2, k3s, but I need something that "just works", with not much hassle. One of the "strong points" (if we can say so) that the company has in favour of EKS is that it is easy to upgrade (that's not true, it is easy to upgrade the control plane and the managed nodes, but then you have to remember to upgrade all the addons and the helm charts you deployed, and they, basically, didn't know about it /me facepalm).

I created, some time ago, a whole flow to use RKE2: packer to create the AMIs, terraform+ansible to run the upgrades, but it was still a bit fragile and an upgrade would require some days for each cluster.

Now I am looking at talos, although I did not manage to make it work as I wish on my home lab, in the past I took a look to kubespray and kubeadm.

In your opinion, what is the best option to bring up a K8S cluster on AWS, using ASGs for on demand instances and karpenter for spot, that is easy to upgrade?

https://redd.it/1nobwn0
@r_devops

Why should I invest time learning programming if I do not want to be a software engineer(but a devops engineer/modern sysadmin)?


I want to re-study(I already have a degree where I badly studied them) these subjects to an extent:

- data structures

- algorithms

- compiler design

- operating system

- database management system

But I am not getting a good reason to study these subjects as an aspiring DevOps engineer from Nepal. The time investment required to study all these in depth would be 3-6 months of full time study. I am currently unemployed. So the important question is, "Is my time better spent learning kubernetes and other Ops stuffs?"

https://redd.it/1noesbv
@r_devops

Connecitng Metrics ↔ Traces with Exemplars in OpenTelemetry

A hands-on guide to exemplars, how they connect metric points to the exact trace that caused them, why they matter for faster debugging and cost efficiency, and how to enable them end‑to‑end with OpenTelemetry (apps → collector → backend).

https://oneuptime.com/blog/post/2025-09-22-connecting-metrics-to-traces-with-exemplars/view




https://redd.it/1nofgc8
@r_devops

Cloud costs vs. security hardening

We have been tightening our security posture in the cloud. more monitoring, more logging, stricter configs. The problem is every step adds cost. More logs = higher bills and more controls = slower pipelines.

Management wants both secure by design and lean spend. Reality is, the two goals clash constantly. Im confused how other teams are managing this trade off. Are you cutting scope somewhere else?

https://redd.it/1nogxzx
@r_devops

Feeling stuck 2 months into new role — Cloud vs Full Stack vs Staying Put?

Hi everyone,

I’m a bit lost and hoping for advice from people who’ve been through similar situations.

Background:

-Graduated last year.

-Worked 1 year as a Frontend Developer, then resigned.(Bad management)

-Currently 2 months into a Software Developer trainee role. Most of my work is implementing and deploying customized billing solutions acting as a bridge between products, billing systems, payment gateways, and API integrations.


Where I’m struggling:

-I dont have a problem with my current work, but I find myself thinking sometimes if this kind of job would help me leverage my career and have a better salary in the next one or two years.

-I’m interested in Cloud but I’m worried salaries for entry-level cloud roles might be lower, and I really need to save money right now.

-I’ve also thought about Full Stack Development, but job posts usually require CI/CD pipelines, containerization, and other tools I haven’t touched yet — which feels overwhelming for me rn.


What I’ve done so far:

-AWS Cloud Practitioner certified.(Wanna take this to the next lvl and add AWS SAA, but unsure if this is gonna be smart or not)

-Built a few personal websites.

-Revamping my portfolio.


What I’m unsure about:

Should I stick to my current role for now and see how it goes?

Should I start building cloud skills even if it means a possible salary reset later?

Or should I pivot toward full stack and gradually learn DevOps-related tools as I go?

I just don’t want to waste time going down the wrong path or end up struggling financially.

Any advice from you guys would mean a lot.

https://redd.it/1nogf8y
@r_devops

🚀 Introducing: GitHub Workflow Dashboard



Hey everyone! 👋

I'm excited to share my latest project, the GitHub Workflow Dashboard, designed to help you monitor, filter, and visualize your GitHub Actions runs with a clean web interface.

What is it?

A simple, configurable dashboard that connects with your GitHub account using a Personal Access Token.
Instantly see the status of your workflow runs across selected repositories.
Filter, search, and sort workflows by repo, status, and run history.
No complex setup—just drop in your token, select repos, and you’re up and running!

Key Features:

Live run status: View your most recent Actions runs and get instant feedback on failures or successes.
Repo filtering: Focus on the repositories and workflows that matter most to you.
Lightweight & open source: Runs locally; no 3rd-party servers or analytics.
Responsive UI: Perfect for desktops, tablets, and mobile devices.

Why did I build this?
As someone who manages multiple projects and Actions pipelines, I needed a way to quickly check the “health” of all my repos without poking through each repo’s Actions tab. If you find GitHub's default UI a bit tedious for this, this project might help!

How to try it:

1. Visit the repo: github-workflow-dashboard
2. Grab your GitHub Personal Access Token (with repo access)
3. Run the app (see the README for install instructions)
4. Configure your dashboard and start tracking your workflows!

Feedback & Contributions
I’d love feedback, issue reports, and PRs from the community. Let me know if there are features or integrations you’d like to see!

https://redd.it/1noee2p
@r_devops

SSL fingerprinting in action

Hi community!

I wrote an article about SSL fingerprinting, specifically the JA3/JA4 hash. I want to provide the full context for the DevOps and security fellows, which is why this explanation is a bit lengthy and includes a lot of details.

https://arxignis.substack.com/p/943582c1-9927-466d-b5ee-e61001b4ede0

If you have any feedback or experience on how you use this technology, please share it here!

https://redd.it/1nok2n8
@r_devops

Best ops approach for AI reliability (routing fallbacks etc), cost, and compliance?

Internally deployed AI apps and model reliability (outages, fallbacks), unpredictable usage bills, and compliance questions all seem like headaches. Are folks here mostly tracking and reacting ad hoc, or are you implementing frameworks that can automatically enforce cost and governance rules?

https://redd.it/1nop7mj
@r_devops

Creating an API test suite

My team has an ASP.NET Core Web API. We are only two developers. The API is mature, and has hundreds of endpoints. We had to update our framework from .5 to .8, and now we have to test the API to make sure that migration doesn't break anything. We don't have any tests at the moment, so I am creating a test suite using Postman. Creating test noscripts for every endpoint is taking forever, and I've only just started. I've resorted to just creating a smoke test of sorts that is just checking valid inputs and successful status code, until I have more time. Any advice on what to test for a very lean team. Thanks

https://redd.it/1nopfpa
@r_devops

Here's my little gift to the devops community: sshPilot

I've been working on sshPilot, a free, opensource SSH connection manager/client for the past few weeks, and stable versions for Linux and macOS are now available.

This is meant for people who manage multiple servers and need a way to keep track of remote machines in one unified interface.

It uses your existing ~/.ssh/config as its configuration file so it's ready to use out of the box (unless you use sandboxed mode which won't touch .ssh/config)

sshPilot comes with a lot of features aimed at making life easier for a sysadmin/devops engineer including easy key generation and deployment, built-in SFTP file manager and terminal tabs.

Project page:
https://github.com/mfat/sshpilot

Downloads:
https://github.com/mfat/sshpilot/releases/latest

Flathub:
https://flathub.org/en/apps/io.github.mfat.sshpilot



https://redd.it/1notict
@r_devops

I got pulled off a Cybersecurity Management position and put on a DevSecOps position. Outside of managing Azure and using Terraform I am completely lost here because my entire 10 year career was stacked in Windows and Industrial Control Systems not AWS and Linux...need guidance

Certification stacks? Udemy Courses? They're willing to let me train and Terraform and managing IAM has been my saving grace so far. I don't even want to explain how this transition happened but it's a way to keep me employed after how a merger imploded in my companies face.

https://redd.it/1nouefh
@r_devops

Why aren't devs using proper branch names?!

A branch name isn’t just a placeholder, it’s a mini communication channel.

When someone sees feature/login-retry-limit vs. newbranch123, they instantly know what’s happening without clicking around.

We started treating branch names as little status updates for the team, and it made reviews and cross-team handoffs much smoother. Bonus points if you add your Ticket numbers to your branch names, like GK7485-release-notes. It’s one of those overlooked Git details that doubles as documentation.

Curious if other teams lean into this or just stick to “whatever works.”



https://redd.it/1novyn3
@r_devops