" People don’t quit because of bad products they quit because of bad loading times "

I used to think my SaaS had a " value prop problem " Visitors weren’t converting, So I blamed pricing, copy, features - all the usual suspects. I tweaked everything and Nothing worked.

Then I ran a speed test. Turns out my landing page was taking nearly 5 seconds on mobile. Literally FIVE. SECONDS. That’s an eternity online. Basically, People weren’t leaving because they hated the product - they were leaving because they never even got to see it.

After fixing the basics ( Images, Scripts, Caching ), Bounce Rates dropped instantly. Signups actually started climbing without me changing a single word of copy.

It was one of those " Holy Crap " moments that completely reframed how I look at growth. Sometimes the biggest barrier isn’t price or features. It’s just the fact that people don’t want to wait.

Makes me wonder how many companies are wasting money on ads, design, or funnels, when the real problem is just that their page takes too long to load.

What do you think do businesses underestimate performance, Or do they just ignore it because it feels " too technical " ?

https://redd.it/1nxjsv3
@r_devops

" I thought my SaaS problem was pricing and copy turned out it was just speed. "

For months, I kept blaming my low trial signups on all the " Usual Suspects " - Pricing, CTA buttons, Copywriting. I even redesigned the landing page twice. Nothing worked. Out of frustration, I ran a speed test. And wow my homepage was taking nearly 5 seconds to load on mobile. That was the real issue. People weren’t rejecting the product. They weren’t even waiting long enough to see it.

Here’s what happened after I fixed performance -

Bounce rate dropped almost immediately.

Signups started climbing, with no other changes.

Google rewarded the faster site better ad scores and cheaper clicks.

SEO improved because of Core Web Vitals.

It was one of those " duh " moments. We spend so much time chasing growth hacks - new funnels, viral tricks, A/B testing CTAs. But sometimes the simplest fix moves the needle more than all of that.

That’s actually why I started working on Website Speedy. It basically strips away the junk that slows down sites - render-blocking noscripts, bloated code, uncompressed assets and makes pages load fast, even on older devices. It saved me a lot of trial-and-error pain. I’m not here to hard-sell it (mods hate that, I get it). But honestly, fixing speed was the single best " Growth Hack ". I stumbled into.

Curious - How do you all think about performance? Do you treat speed as part of growth/marketing, or Do you leave it buried in the dev backlog until customers start complaining?

https://redd.it/1nxmcc8
@r_devops

Final Year Project on Cloud & DevOps - Need a real-world problem to solve

Hey everyone, I’m a CS student heading into my final year and I want my project to be more than just something for grades. My focus is on **Cloud & DevOps** (AWS, Kubernetes, CI/CD, monitoring, automation), and I’ve got a whole year to dedicate.

I don’t want a toy demo - I want to build something that:

* Solves a **real daily-life problem**.
* Runs on a **scalable, cloud-native setup**.
* Can be a **solid portfolio piece** to prove I can design, build, and deploy end-to-end.

I have some directions in mind, but I’d really value outside perspective.
If you were in my place, what **everyday problem** would you try solving with tech?

https://redd.it/1nxnqra
@r_devops

Platform Engineer Intern. Is ansible worth learning?

I will be having an interview somewhere next week for a platform engineer internship role. The technologies that will be touched on include VMs, Python, bash, and Ansible.

I have always been wanting to break into devops and have studied many of the different technologies required in Kodekloud(k8, docker, CICD etc)

Have seen a lot of comments where people say Ansible is not used often because of K8 and containerization etc. So just wondering, will this internship still be useful if i want to pursue a career in devops?

https://redd.it/1nxqx8u
@r_devops

Migrating Domains from AWS Route 53 to GCP DNS (with SSL) – Step by Step Guide

Hey everyone,

I recently wrote a step-by-step walkthrough on how I migrated domains from AWS Route 53 to Google Cloud DNS, and also set up SSL along the way. I tried to make it practical, with screenshots and explanations, so that anyone attempting the same can follow along without much hassle.

If you’re interested in cloud infra, DNS management, or just want a quick guide for moving domains between AWS and GCP, I’d really appreciate it if you could give it a read and share your thoughts/feedback:

Read here: Migrating Domains from AWS Route 53 to GCP DNS (Step-by-Step with SSL Setup)

Would love to hear if you’ve done something similar, and if there are optimizations or gotchas I might have missed!

https://redd.it/1nxr8bx
@r_devops

Little desperate looking for help

I think I maybe website domain under attack but clueless on what to do
i have another site hosted on same place with no issues

My website cant render or show visuals in the USA only.

\- i can access the site in canada and uk from a vpn
\- the site was deindexed but now is index via GSC
\- i ran a google live test and saw no visuals but did see indexing
\- pagespeedinsights renders the site
\- i found no dmca or blacklisting of site on lumen
\- geopeeking only shows site rendering in singpore

Has anyone seem something like this?

I asked the domains register if they saw a issue and no.
Hosting was render, i swapped ton netlify and same issue

before the issue started the outbound bandwidth spiked to 324mb for .07mb

I cant ping the site by domain name but testing tools can reach it

https://redd.it/1nxqlmq
@r_devops

❓ Help Debugging .NET services that already run inside Docker (with Redis, SQL, S3, etc.)

Hi all,

We have a microservices setup where each service is a .sln with multiple projects (WebAPI, Data, Console, Tests, etc). Everything is spun up in Docker along with dependencies like Redis, SQL, S3 (LocalStack), Queues, etc. The infra comes up via Makefiles + Docker configs.

Here’s my setup:

Code is cloned inside WSL (Ubuntu).

I want to open a service solution in an IDE (Visual Studio / VS Code / JetBrains Rider).

My goal is to debug that service line by line while the rest of the infra keeps running in Docker.

I want to hit endpoints from Postman and trigger breakpoints in my IDE.


The doubts I have:

Since services run only in Docker (not easily runnable directly in IDE), should I attach a debugger into the running container (via vsdbg or equivalent)?

What’s the easiest repeatable way to do this without heavily modifying Dockerfiles? (e.g., install debugger manually in container vs. volume-mount it)

Each service has two env files: docker.env and .env. I’m not sure if one of them is designed for local debugging — how do people usually handle this?

Is there a standard workflow to open code locally in an IDE, but debug the actual process that’s running inside Docker?


Has anyone solved this kind of setup? Looking for best practices / clean workflow ideas.

Thanks 🙏

https://redd.it/1nxwsmo
@r_devops

Low-cost, open source MQTT brokers with cluster/HA mode?

We have a mix of MQTT deployments for our IOT infrastructure, Mosquitto and older EMQX in single node mode (before they changed the license). We're looking to retire Mosquitto services and expand EMQX to cluster mode. MQTT V5 support and high availability are our main requirements.

EMQX and HiveMQ both requires expensive enterprise licenses for self-hosting. RabitMQ and VerneMQ seem like viable alternatives. Do you have experience with them in cluster mode? What are my options here? Many thanks!

https://redd.it/1ny1hw6
@r_devops

Your favourite Freelance marketplace for $100+/hr projects

Hello fellow colleagues! I need your help if you are freelancing in DevOps/SRE/Platform Engineering/Cloud world.

I was a full-time Freelancer on Toptal a couple of years ago and getting good clients then due to my favourable rate & service. But I had to completely stop my freelance activities due to moving to another country and complying with visa then.

Now I can start again on Toptal and have talked to one of their coaches to adjust my rate to $100/hr. They advised me to start with $70/hr initially which is even lower than my current full-time job. At that rate, I would rather continue my current job and read books on my leisure time.

However, I want to ask about your favourite "Freelance Marketplace" for projects worth $100+/hr nowadays that I can try to join. Thanks for your support!

https://redd.it/1ny2iu1
@r_devops

Trying to re-architect our Laravel API from PHP-FPM to Swoole

Hey folks,

I’m in the middle of migrating our Laravel API from PHP-FPM to Swoole (Octane) to cut down on overhead and improve response times.

But I’m kinda stuck on the OPcache + Octane + PHP memory limit part.
Not sure what values I should start with or how they affect each other once Swoole takes over the request lifecycle.

So my questions:
What are good starting points for OPcache settings?
What’s a safe PHP memory_limit when running Octane?
And for Kubernetes, what would you set as requests/limits per pod?

For context:
We’re currently serving around 1M–1.5M users, running between 128–256 pods, each with 4 CPU / 8 GB RAM. Even after a ton of tuning on PHP-FPM (pool size, pm dynamic/static, etc.), resource usage is still crazy high.

Anyone here running Laravel Octane with Swoole at scale on K8s? Would love to see how you guys tuned it memory, workers, and caching setup.

https://redd.it/1ny4rvb
@r_devops

I made PyPIPlus.com — a faster way to see all dependencies of any Python package

Hey folks 👋

I built a small tool called PyPIPlus.com that helps you quickly see all dependencies for any Python package on PyPI.

It started because I got tired of manually checking dependencies when installing packages on servers with limited or no internet access. We all know that pain trying to figure out what else you need to download by digging through package metadata or pip responses. 😩

With PyPIPlus, you just type the package name and instantly get a clean list of all its dependencies (and their dependencies). No installation, no login, no ads — just fast info.

💡 Why it’s useful:
• Makes offline installs a lot easier (especially for isolated servers)
• Saves time
• Great for auditing or just understanding what a package actually pulls in

Would love to hear your thoughts — bugs, ideas, or anything you think would make it better. It’s still early and I’m open to improving it. 🙌

🔗 https://pypiplus.com

https://redd.it/1ny6xdu
@r_devops

HELP AWS Secret Manager Client Error in Node JS

Hello, I am really new to DevOps and for a portfolio/test project, i have an aws lambda running on Node 22 that is trying to retrieve a secret but I am getting this weird error. The lambda is in a private subnet which has an interface endpoint for Secret Manager which allows in-traffic from addresses within the vpc which includes the lambda, and the lambda also has permission to get the secret value and the secret name is correct as well. But for some reasons these are the logs which includes the error which was caught by the function which called the one I will include after the logs.

If you have any ideas how I could fix this error I would greatly appreciate it. If anything needs to be done in the infra, I can also share my terraform IaC.

 
INFO
{
    "level": "info",
    "msg": "Sending Get Secret Command ",
    "secretName": "db-config",
    "command": {
        "middlewareStack": {},
        "input": {
            "SecretId": "db-config"
        }
    },
    "client": {
        "apiVersion": "2017-10-17",
        "disableHostPrefix": false,
        "extensions": [],
        "httpAuthSchemes": [
            {
                "schemeId": "aws.auth#sigv4",
                "signer": {}
            }
        ],
        "logger": {},
        "serviceId": "Secrets Manager",
        "runtime": "node",
        "requestHandler": {
            "configProvider": {},
            "socketWarningTimestamp": 0,
            "metadata": {
                "handlerProtocol": "http/1.1"
            }
        },
        "defaultSigningName": "secretsmanager",
        "tls": true,
        "isCustomEndpoint": false,
        "systemClockOffset": 0,
        "signingEscapePath": true
    }
}

WARN An error was encountered in a non-retryable streaming request.

ERROR {
    "level": "error",
    "msg": "Pipeline Failed",
    "message": "Invalid value \"undefined\" for header \"x-amz-decoded-content-length\"",
    "name": "TypeError",
    "stack": "TypeError [ERR_HTTP_INVALID_HEADER_VALUE]: Invalid value \"undefined\" for header \"x-amz-decoded-content-length\"\n    at ClientRequest.setHeader (node:_http_outgoing:703:3)\n    at new ClientRequest (node:_http_client:302:14)\n    at request (node:https:381:10)\n    at /var/task/node_modules/@smithy/node-http-handler/dist-cjs/index.js:301:25\n    at new Promise (<anonymous>)\n    at NodeHttpHandler.handle (/var/task/node_modules/@smithy/node-http-handler/dist-cjs/index.js:242:16)\n    at /var/task/node_modules/@smithy/smithy-client/dist-cjs/index.js:113:58\n    at /var/task/node_modules/@aws-sdk/middleware-flexible-checksums/dist-cjs/index.js:456:24\n    at /var/task/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:543:24\n    at /var/task/node_modules/@smithy/middleware-serde/dist-cjs/index.js:6:32",
    "code": "ERR_HTTP_INVALID_HEADER_VALUE"
}

 js
import { SecretsManagerClient, GetSecretValueCommand } from "@aws-sdk/client-secrets-manager";
import type { DBCredentials } from "../../types/DBCredentials.js";
import { logger } from "../../utils/logger.js";

const client = new SecretsManagerClient({region: process.env.REGION || 'us-east-1'});

export async function getDbCredentials(): Promise<DBCredentials> {
    const secretName = process.env.DB_SECRET;

    if(!secretName) throw new Error('Environment Variable `DB_SECRET` is missing')

    const command = new GetSecretValueCommand({ SecretId: secretName });

    logger.info("Sending Get Secret Command ", {secretName, command, client: client.config});
    const response = await client.send(command);
    logger.info("Secret Response Acquired");

    if(!response.SecretString) throw new Error('Secret String Empty');

    const secret = JSON.parse(response.SecretString);

    return {
        username: secret.user,
        password: secret.password,
        host: secret.host,
        port: secret.port,
        database: secret.name
    }
}

https://redd.it/1ny8174
@r_devops

An aspiring DevOp / DevOps Architect

I'm a UI designer and I work in web hosting provider. Recently, I was thinking of developing a new career trajectory in DevOps Architect, so I looked up in web and I found out the essential competencies to qualify is that in mastering the following: terraform, k8s, docker, jenkins, AWS and python. How accurate is this? does a single programming language suffice? (except the configuration languages HCL and YAML). Finally, what is the logical order to learn those tools?

https://redd.it/1ny67ng
@r_devops

How’s the DevOps job market looking for senior folks lately?

Hey everyone,

Curious if others are noticing this too — I’ve hardly been getting any recruiter calls or messages lately. A few years back, there used to be a steady stream of them, but now it feels completely dry.

For context, I’m a DevOps Architect with around 13 years of experience, currently in a hands-on role (lots of IaC, pipelines, infra automation, etc.). I’m starting to wonder — is this slowdown specific to DevOps/SRE-type roles, or is it something affecting senior engineering positions across the board?

Would love to hear how things are looking from your side — are recruiters still reaching out, or has the market just cooled off overall?

https://redd.it/1nyejnb
@r_devops

How do professionals handle huge monorepos locally without lag?

So after our last discussion about monorepos, I was digging deeper (this thread for context: Why monorepos?) — and I’ve been trying to open some big ones like PostHog or Twenty.

Even when I follow their local setup guides exactly, my system starts to crawl.
Specs aren’t bad: 12 GB RAM, 8-core CPU, RTX 3050 GPU. Still, once the monorepo spins up (Docker, npm install, builds, etc.), it lags hard — especially the IDE and containers.

So I’m curious: how do experienced engineers handle massive monorepos locally?
Do you use remote dev environments, partial clones, special IDE settings, or just monster hardware?
Would love to hear how you all deal with this in your daily workflow.

https://redd.it/1nyfan9
@r_devops

How can teams ensure data integrity and privacy when everything is stored or processed across multiple chains?

Cross-chain systems are powerful but messy — keeping data accurate and private feels like a huge challenge. Any real solutions out there?

https://redd.it/1nyhg0c
@r_devops

Share Terraform noscripts with low-skilled tech

In our company we have built a Terraform noscript in order to spin up VMs and configure them for air-gap/factory environment.

Everything works as epxected but the main issues come from technicians (especially the one in 50+ years old) that push back on noscripting and ask for "visual tool".

Anyone faced something similar and how to adress it ?

https://redd.it/1nyi2cg
@r_devops

Kubernetes monitoring that tells you what broke, not why

I’ve been helping teams set up kube-prometheus-stack lately. Prometheus and Grafana are great for metrics and dashboards, but they always stop short of real observability.

You get alerts like “CPU spike” or “pod restart.” Cool, something broke. But you still have no idea why.

A few things that actually helped:

keep Prometheus lean, too many labels means cardinality pain
trim noisy default alerts, nobody reads 50 Slack pings
add Loki and Tempo to get logs and traces next to metrics
stop chasing pretty dashboards, chase context

I wrote a post about the observability gap with kube-prometheus-stack and how to bridge it.
It’s the first part of a Kubernetes observability series, and the next one will cover OpenTelemetry.

Curious what others are using for observability beyond Prometheus and Grafana.

https://redd.it/1nyjdlt
@r_devops

CVE-2025-6724: Chef Automate SQL Injection Vulnerability (CVSS score of 8.8)

Overview

In this article, we are going to delve into the details of an identified vulnerability in Progress Chef Automate, CVE-2025-6724. This vulnerability affects versions earlier than 4.13.295 and is specific to Linux x86 platform. It is of significant concern as an authenticated attacker can gain access to restricted functionality in multiple Chef Automate services. This is achieved via improperly neutralized inputs that are used in an SQL command, potentially leading to system compromise or data leakage. In an era where data security is paramount, understanding and mitigating such vulnerabilities is crucial for maintaining the integrity of our systems.

Vulnerability Summary

CVE ID: CVE-2025-6724
Severity: High (8.8 CVSS Score)
Attack Vector: Network
Privileges Required: Low (Authenticated User)
User Interaction: None
Impact: System compromise or data leakage

Affected Products

Progress Chef Automate | Versions earlier than 4.13.295

How the Exploit Works

The vulnerability stems from the usage of improperly neutralized user inputs that are utilized in SQL commands. This means that the application does not adequately sanitize user-supplied input, potentially leading to SQL injection. An attacker, who is authenticated, can therefore manipulate the SQL query to gain unauthorized access to the system’s database, potentially compromising the system or causing data leakage.

Conceptual Example Code

This example represents a potential SQL injection attack, where the “malicious_payload” might be an SQL statement designed to manipulate the database. Note that this is a hypothetical scenario only, created to illustrate the nature of the vulnerability, and does not represent an actual exploit.

POST /vulnerable/endpoint HTTP/1.1
Host: target.example.com
Content-Type: application/json
{ "maliciouspayload": "'; DROP TABLE users; --" }

In this example, if the application does not properly sanitize the input, the SQL statement embedded in the “malicious\payload” would be executed, potentially leading to severe consequences such as deletion of the users table in this case.

Mitigation

To mitigate this vulnerability, users are advised to apply the vendor patch as soon as possible. If the patch cannot be applied immediately, using a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) can serve as a temporary mitigation measure. These can help to prevent SQL injection attempts by blocking suspicious SQL queries. It is also recommended to always follow best practices for SQL queries, such as using parameterized queries or prepared statements, to prevent SQL injection vulnerabilities.

If you like this type of post please join us at r/ameeba

Disclaimer:

The information and code presented in this article are provided for educational and defensive cybersecurity purposes only. Any conceptual or pseudocode examples are simplified representations intended to raise awareness and promote secure development and system configuration practices.

Do not use this information to attempt unauthorized access or exploit vulnerabilities on systems that you do not own or have explicit permission to test.

Ameeba and its authors do not endorse or condone malicious behavior and are not responsible for misuse of the content. Always follow ethical hacking guidelines, responsible disclosure practices, and local laws.

https://redd.it/1nyh9sm
@r_devops

The DevOps role is splitting into different roles and it is confusing me

I have been interested in devops or other related roles for only 3 years now. Now I see people telling me the pure devops role now isn’t really lasting and it’s being desperate into proper roles like platform engineer, infra & cloud engineer, SRE, and any other role name, but when I search, each seem to encapsulate a small task from the previous devops role, but when I say this, people think I am offending them.

A lot are claiming that SRE is the natural climb from devops and requires engineering and will last, others saying platform engineer is the next devops, or how infra & cloud will be the only left due to AI automating everything. I simply want to know what is happening and where is this going?

Before someone attacks me for not searching on these roles, I did, but each company employs alittle differently and everyone on the internet gives the simplest and most basic task for the role, which makes it sound like a joke.

https://redd.it/1nymplh
@r_devops

What feature you always miss in a cli http client?

Nowadays we have a plenty of cli http clients, but I would like to ask: Is there anything you miss in a cli http client for daily devops tasks?

https://redd.it/1nyq2a0
@r_devops