what are you actually using for cloud security monitoring?
honest question because i feel like we've tried everything and it all kinda sucks in different ways.
been at a series b for about 2 years now and our security setup is a mess. we've got like 4 different tools that all claim to do "runtime protection" but mostly just spam us with alerts nobody looks at. last count was something like 15k alerts a month and maybe we action on like 1% of them. classic alert fatigue situation.
the problem is none of them actually understand context. they'll scream about a critical vulnerability in a container that's not even exposed to the internet, but miss the s3 bucket that's been misconfigured for weeks. it's all theoretical risk scoring with no concept of what actually matters in our environment.
we've been evaluating a few options:
wiz - seems solid, lot of companies use it. pretty comprehensive but honestly feels heavy and the pricing made our cfo cry
orca - agentless approach is nice, doesn't require deploying a million things. does decent posture management but still feels like it's missing the runtime context we need
upwind - this one's been interesting. they do runtime analysis that actually traces from code to cloud, so you see real attack paths instead of theoretical vulns. their demo found stuff our current stack completely missed and our devs don't hate it because alerts actually make sense
curious what everyone else is running though. are we just doing this wrong or does everyone have the alert fatigue problem? what's actually cutting through the noise for you?
https://redd.it/1o270sm
@r_devops
honest question because i feel like we've tried everything and it all kinda sucks in different ways.
been at a series b for about 2 years now and our security setup is a mess. we've got like 4 different tools that all claim to do "runtime protection" but mostly just spam us with alerts nobody looks at. last count was something like 15k alerts a month and maybe we action on like 1% of them. classic alert fatigue situation.
the problem is none of them actually understand context. they'll scream about a critical vulnerability in a container that's not even exposed to the internet, but miss the s3 bucket that's been misconfigured for weeks. it's all theoretical risk scoring with no concept of what actually matters in our environment.
we've been evaluating a few options:
wiz - seems solid, lot of companies use it. pretty comprehensive but honestly feels heavy and the pricing made our cfo cry
orca - agentless approach is nice, doesn't require deploying a million things. does decent posture management but still feels like it's missing the runtime context we need
upwind - this one's been interesting. they do runtime analysis that actually traces from code to cloud, so you see real attack paths instead of theoretical vulns. their demo found stuff our current stack completely missed and our devs don't hate it because alerts actually make sense
curious what everyone else is running though. are we just doing this wrong or does everyone have the alert fatigue problem? what's actually cutting through the noise for you?
https://redd.it/1o270sm
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Looking for a better workflow engine
I'm working to improve my daily tasks using an orchestration/workflow engine.
I have basically nightly batch that execute multiple steps. those steps are mainly calling an API ( with parameters and callback urls) once my process is done it calls back using the success or fail url and my workflow knows in which status to set the step and if it has to continue to the next one, fail the flow, raise an alert etc... I have a custom homemade develop tools but with basic functionnality develop with durable functions in azure. I would like to see if there is in an opensource solution that can handle that ( also with GIT integration , multi-tenancy if possible with rbac. clear UI tools with metrics ). there is the basic airflow . I also saw windmill but the free version has too many limitation ( no SSO and no git integration).
https://redd.it/1o282fl
@r_devops
I'm working to improve my daily tasks using an orchestration/workflow engine.
I have basically nightly batch that execute multiple steps. those steps are mainly calling an API ( with parameters and callback urls) once my process is done it calls back using the success or fail url and my workflow knows in which status to set the step and if it has to continue to the next one, fail the flow, raise an alert etc... I have a custom homemade develop tools but with basic functionnality develop with durable functions in azure. I would like to see if there is in an opensource solution that can handle that ( also with GIT integration , multi-tenancy if possible with rbac. clear UI tools with metrics ). there is the basic airflow . I also saw windmill but the free version has too many limitation ( no SSO and no git integration).
https://redd.it/1o282fl
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Slow (> 1.5second response time) for web services on AWS
We run a dozen web services behind an AWS NLB (3 AZs, us-west-2). According to my Grafana.com dashboard http probes (avg_over_time(probe_duration_seconds[1m\]) consistently return sub-500ms response time. Though on some occasions a few services peaked to 1.5 - 2 seconds, all within 10-15 minute window, at times during the night when the system was under lighter load.
https://redd.it/1o2coym
@r_devops
We run a dozen web services behind an AWS NLB (3 AZs, us-west-2). According to my Grafana.com dashboard http probes (avg_over_time(probe_duration_seconds[1m\]) consistently return sub-500ms response time. Though on some occasions a few services peaked to 1.5 - 2 seconds, all within 10-15 minute window, at times during the night when the system was under lighter load.
https://redd.it/1o2coym
@r_devops
Grafana Labs
Grafana: The open and composable observability platform | Grafana Labs
Grafana is the open source analytics & monitoring solution for every database.
DevOps in HPC, how does it look like? What tools are mostly used for Workload and scheduling?
I got started at a new place and they are all about HPC and workload scheduling that is typically not containerized. This is because the employer has specific hardware and has less to do with the cloud beyond x86 infrastructure.
I have heard of Slurm as an alternative to K8s in the world of HPC. I would like to obtain resources, blogs, repos, people to follow on how DevOps in HPC looks like
https://redd.it/1o2dfdh
@r_devops
I got started at a new place and they are all about HPC and workload scheduling that is typically not containerized. This is because the employer has specific hardware and has less to do with the cloud beyond x86 infrastructure.
I have heard of Slurm as an alternative to K8s in the world of HPC. I would like to obtain resources, blogs, repos, people to follow on how DevOps in HPC looks like
https://redd.it/1o2dfdh
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Love containers, hate securing them. Anyone else drowning in vuln noise?
I’ll be honest here: containers have changed the game for how we ship software, but securing them? That’s a whole different beast.
Between bloated base images, a constant CVE firehose, and dependency updates that never stop, it’s hard to know if we’re actually improving security or just burning cycles. Half the time, we’re chasing low‑risk while the real threats slip by unnoticed. Meanwhile, pipelines slow down, and devs start burning out.
So here’s what I ask: what’s your practical, tested approach to container security? How do you reduce vuln noise, keep pipelines moving, and avoid devs burning out?
https://redd.it/1o2gkt5
@r_devops
I’ll be honest here: containers have changed the game for how we ship software, but securing them? That’s a whole different beast.
Between bloated base images, a constant CVE firehose, and dependency updates that never stop, it’s hard to know if we’re actually improving security or just burning cycles. Half the time, we’re chasing low‑risk while the real threats slip by unnoticed. Meanwhile, pipelines slow down, and devs start burning out.
So here’s what I ask: what’s your practical, tested approach to container security? How do you reduce vuln noise, keep pipelines moving, and avoid devs burning out?
https://redd.it/1o2gkt5
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
How can i find a small freelance devops gig
So for context I have 2 years of experience in devops since the last year of high school and a year into college in a small startup my uncle started, where I got to work with a lot of experienced devops engineers.
I worked mostly with Jenkins and did complex CI/CD projects, but also got to try Gitlab CI(which i felt is usually easier).
I have a deep understanding in containers and all that basic devops stuff, like k8s(through openshift), ansible, python, linux, bash noscripting, and more.
Right now i dont have time anymore for the startup as they require me to work full time, and wanted to see if anyone has a tip on how to find a freelance devops job, where i can work maybe 3-4 Hours a day and maybe a full day a week.
I just dont have the slightest idea where to start.
What skills do you think i should work on so itll be easier to find a job?
Thanks for the help!
https://redd.it/1o2hh9e
@r_devops
So for context I have 2 years of experience in devops since the last year of high school and a year into college in a small startup my uncle started, where I got to work with a lot of experienced devops engineers.
I worked mostly with Jenkins and did complex CI/CD projects, but also got to try Gitlab CI(which i felt is usually easier).
I have a deep understanding in containers and all that basic devops stuff, like k8s(through openshift), ansible, python, linux, bash noscripting, and more.
Right now i dont have time anymore for the startup as they require me to work full time, and wanted to see if anyone has a tip on how to find a freelance devops job, where i can work maybe 3-4 Hours a day and maybe a full day a week.
I just dont have the slightest idea where to start.
What skills do you think i should work on so itll be easier to find a job?
Thanks for the help!
https://redd.it/1o2hh9e
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
So I lost out on my dream job today :(
It wasnt because there was someone better than me. It was because after 2 months of interviews, as its was awaiting a final offer/decline, the position was withdrawn entirely because the company decided they needed to hire for a more "senior" position.
The role was already pitched with senior level responsibilities and I apparently did great with the interview. But they took the job down and basically reposted it with senior in the noscript.
Yeah, I know there are other jobs out there. But this job was by far the closest large company to my home. I dont really want a remote job and every other large company near me is atleast 45 minutes away..
From what I can tell, I aced the interview. After they put up the senior position and took down the original position, I reapplied 😂 like the only questions I struggled with were about using Snyk.
5 years of managing an EKS cluster myself, along with Ceph and istio. Making custom helm charts to managed NGinx and modsecurity. Handling the build pipelines and supporting 100 websites. All while building and selling $100k+ websites. I can figure out Snyk in a week .-.
Its practically the same job denoscription..
I'm a bit pissed 😂
https://redd.it/1o2l8t4
@r_devops
It wasnt because there was someone better than me. It was because after 2 months of interviews, as its was awaiting a final offer/decline, the position was withdrawn entirely because the company decided they needed to hire for a more "senior" position.
The role was already pitched with senior level responsibilities and I apparently did great with the interview. But they took the job down and basically reposted it with senior in the noscript.
Yeah, I know there are other jobs out there. But this job was by far the closest large company to my home. I dont really want a remote job and every other large company near me is atleast 45 minutes away..
From what I can tell, I aced the interview. After they put up the senior position and took down the original position, I reapplied 😂 like the only questions I struggled with were about using Snyk.
5 years of managing an EKS cluster myself, along with Ceph and istio. Making custom helm charts to managed NGinx and modsecurity. Handling the build pipelines and supporting 100 websites. All while building and selling $100k+ websites. I can figure out Snyk in a week .-.
Its practically the same job denoscription..
I'm a bit pissed 😂
https://redd.it/1o2l8t4
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Does Microsoft not hire DevOps?
Hi all, this might seem weird but it's been my dream for a while to work at Microsoft but I have never seen a single DevOps Engineer job from them. I've checked in the UK and in Canada, the 2 countries I'm authorized to work in and there never seem to be any positions open. Does MS even hire DevOps Engineers at all? Do they disguise the role as something else? I HAVE checked for Platform Engineers or SRE, nada. I have found only one guy on Linkedin who works as a DevOps for MS in London and tried to message him but he just ignored me.
I need your advice, do I have any chance of ever getting a DevOps Engineer job at MS?
https://redd.it/1o2m8y2
@r_devops
Hi all, this might seem weird but it's been my dream for a while to work at Microsoft but I have never seen a single DevOps Engineer job from them. I've checked in the UK and in Canada, the 2 countries I'm authorized to work in and there never seem to be any positions open. Does MS even hire DevOps Engineers at all? Do they disguise the role as something else? I HAVE checked for Platform Engineers or SRE, nada. I have found only one guy on Linkedin who works as a DevOps for MS in London and tried to message him but he just ignored me.
I need your advice, do I have any chance of ever getting a DevOps Engineer job at MS?
https://redd.it/1o2m8y2
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
i built an unhinged AWS therapy bot to listen to your AWS costs problems
Frustrated with AWS? Astroturfing on Reddit? Need to vent?
I created a therapy troll bot that you can write to with all then made up $80k/month AWS cost problems you have: https://studio--arc-chat-clone.us-central1.hosted.app/
Here's an example conversation
https://imgur.com/UYWWJ1N
You get the picture. Go ahead and don't hold back, tell them how you left a job running and came back to 40k in spend. I specifically made this thing to be as snarky and butthurt as possible, so be mean back as well, and hopefully we can reduce the spam here at the same time.
https://redd.it/1o2m438
@r_devops
Frustrated with AWS? Astroturfing on Reddit? Need to vent?
I created a therapy troll bot that you can write to with all then made up $80k/month AWS cost problems you have: https://studio--arc-chat-clone.us-central1.hosted.app/
Here's an example conversation
https://imgur.com/UYWWJ1N
You get the picture. Go ahead and don't hold back, tell them how you left a job running and came back to 40k in spend. I specifically made this thing to be as snarky and butthurt as possible, so be mean back as well, and hopefully we can reduce the spam here at the same time.
https://redd.it/1o2m438
@r_devops
studio--arc-chat-clone.us-central1.hosted.app
AWS Therapist
A chat interface for your AWS Therapist.
Ok, what exactly are the risks of running docker builds with elevated privileges?
So I've always read how important it is to run the docker build part of your CI/CD pipeline with as low privilege as possible. However after wrestling with kaniko and buildkit and being driven absolutely mad... I'm just here to ask why. Obviously elevated privilege means more attack vectors, but what is the actually risk of damage? The host nodes are just EC2s in an ASG dedicated to the CI/CD, a privilege escalation to that host wouldnt given an attacker access to anything of value.
Just explain to me why I should keep fighting this fight, or if I'm just going crazy.
https://redd.it/1o2m6ew
@r_devops
So I've always read how important it is to run the docker build part of your CI/CD pipeline with as low privilege as possible. However after wrestling with kaniko and buildkit and being driven absolutely mad... I'm just here to ask why. Obviously elevated privilege means more attack vectors, but what is the actually risk of damage? The host nodes are just EC2s in an ASG dedicated to the CI/CD, a privilege escalation to that host wouldnt given an attacker access to anything of value.
Just explain to me why I should keep fighting this fight, or if I'm just going crazy.
https://redd.it/1o2m6ew
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
DevOps Documentary Videos
I’m wondering if anyone has any suggestions on some YouTube documentaries that revolve around technology and more specifically DevOps.
I just watched honeypot for kubernetes, python, and Prometheus and really enjoy them. Just hoping to find some more and see what people suggest for a tech nerd.
https://redd.it/1o2lua1
@r_devops
I’m wondering if anyone has any suggestions on some YouTube documentaries that revolve around technology and more specifically DevOps.
I just watched honeypot for kubernetes, python, and Prometheus and really enjoy them. Just hoping to find some more and see what people suggest for a tech nerd.
https://redd.it/1o2lua1
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Any CI/CP tools in the wind today?
I have been trying to finesse simple too for handling deployment based on git, and are not super happy with GitHub. It does the core tasks fine but want a dedicated tool.
Been testing coolify and that works fine, yet I feel it’s not direct aimed to CI and CD and more to be a portainer clone but I might be wrong
Anyone that can recommend some alternatives that support CI, CD and Test management?
I’m open with self hosted or paid (but not enterprise prices)
Should be GUI tools as I want it team friendly
https://redd.it/1o2q8wo
@r_devops
I have been trying to finesse simple too for handling deployment based on git, and are not super happy with GitHub. It does the core tasks fine but want a dedicated tool.
Been testing coolify and that works fine, yet I feel it’s not direct aimed to CI and CD and more to be a portainer clone but I might be wrong
Anyone that can recommend some alternatives that support CI, CD and Test management?
I’m open with self hosted or paid (but not enterprise prices)
Should be GUI tools as I want it team friendly
https://redd.it/1o2q8wo
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
How can we track PRs and merges efficiently with monday dev?
We integrated GitHub with monday dev to automatically update task status when PRs merge. How do other dev teams handle tracking PRs without switching between multiple tools?
https://redd.it/1o2tdzo
@r_devops
We integrated GitHub with monday dev to automatically update task status when PRs merge. How do other dev teams handle tracking PRs without switching between multiple tools?
https://redd.it/1o2tdzo
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Help with task tracking for development teams?
I’ve been using monday dev for about a month. It’s been great for our dev workflow, but I’d love to know if anyone has tips for better task tracking?
https://redd.it/1o2tnxp
@r_devops
I’ve been using monday dev for about a month. It’s been great for our dev workflow, but I’d love to know if anyone has tips for better task tracking?
https://redd.it/1o2tnxp
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
4600 Stars- the story about our open source Agent!
Hey devops 👋
I wanted to share the journey behind a wild couple of days building Droidrun, our open-source agent framework for automating real Android apps.
We started building Droidrun because we were frustrated: everything in automation and agent tech seemed stuck in the browser. But people live on their phones and apps are walled gardens. So we built an agent that could actually tap, scroll, and interact inside real mobile apps, like a human.
A few weeks ago, we posted a short demo no pitch, just an agent running a real Android UI. Within 48 hours:
We hit [4600+ GitHub Stars](https://github.com/droidrun/droidrun)
Got devs joining our Discord
Landed on the radar of investors
And closed a $2M+ funding round shortly after
What worked for us:
We led with a real demo, not a roadmap
Posted in the right communities, not product forums
Asked for feedback, not attention
And open-sourced from day one, which gave us credibility + momentum
We’re still in the early days, and there’s a ton to figure out. But the biggest lesson so far:
Don’t wait to polish. Ship the weird, broken, raw thing if the core is strong, people will get it.
If you’re working on something agentic, mobile, or just bold than I’d love to hear what you’re building too.
AMA if helpful!
https://redd.it/1o2urs8
@r_devops
Hey devops 👋
I wanted to share the journey behind a wild couple of days building Droidrun, our open-source agent framework for automating real Android apps.
We started building Droidrun because we were frustrated: everything in automation and agent tech seemed stuck in the browser. But people live on their phones and apps are walled gardens. So we built an agent that could actually tap, scroll, and interact inside real mobile apps, like a human.
A few weeks ago, we posted a short demo no pitch, just an agent running a real Android UI. Within 48 hours:
We hit [4600+ GitHub Stars](https://github.com/droidrun/droidrun)
Got devs joining our Discord
Landed on the radar of investors
And closed a $2M+ funding round shortly after
What worked for us:
We led with a real demo, not a roadmap
Posted in the right communities, not product forums
Asked for feedback, not attention
And open-sourced from day one, which gave us credibility + momentum
We’re still in the early days, and there’s a ton to figure out. But the biggest lesson so far:
Don’t wait to polish. Ship the weird, broken, raw thing if the core is strong, people will get it.
If you’re working on something agentic, mobile, or just bold than I’d love to hear what you’re building too.
AMA if helpful!
https://redd.it/1o2urs8
@r_devops
www.droidrun.ai
Droidrun - The First Native Mobile Agent
Give AI native control of mobile apps and phones. Automate mobile workflows and unlock data from any app
Best project management tools for developer teams?
We looked at Asana, Trello, and Monday dev’s for now. Monday Dev was more usable for dev teams than Trello, but I’m curious what others think. Any underrated free tools you’d recommend?
https://redd.it/1o2var6
@r_devops
We looked at Asana, Trello, and Monday dev’s for now. Monday Dev was more usable for dev teams than Trello, but I’m curious what others think. Any underrated free tools you’d recommend?
https://redd.it/1o2var6
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Self healing PRs: Bots and AI agents working together to deal with infosec toil
Keeping dependencies updated with bots like Renovate is a great practice but it can lead to lots of PRs to review and fix. What if this was done with AI coding agents?
We answered this question in my team by adding a build step to "fix the code" and the results were as positive and surprising. It led to a more general question: What if any Pull Requests in your repository could fix itself as part of the build pipeline?
This is the full story: https://www.elastic.co/search-labs/blog/ci-pipelines-claude-ai-agent
https://redd.it/1o2ths0
@r_devops
Keeping dependencies updated with bots like Renovate is a great practice but it can lead to lots of PRs to review and fix. What if this was done with AI coding agents?
We answered this question in my team by adding a build step to "fix the code" and the results were as positive and surprising. It led to a more general question: What if any Pull Requests in your repository could fix itself as part of the build pipeline?
This is the full story: https://www.elastic.co/search-labs/blog/ci-pipelines-claude-ai-agent
https://redd.it/1o2ths0
@r_devops
Elasticsearch Labs
CI/CD pipelines with agentic AI: How to create self-correcting monorepos - Elasticsearch Labs
How our team introduced GenAI into CI pipelines to create self-correcting pull requests, automizing the update of hundreds of dependencies in large monorepos
How can small dev teams reduce context switching using monday dev?
We consolidated GitHub, Slack, and email notifications in monday dev boards to reduce distractions. How do other teams keep workflows smooth without hopping between apps?
https://redd.it/1o2xbmm
@r_devops
We consolidated GitHub, Slack, and email notifications in monday dev boards to reduce distractions. How do other teams keep workflows smooth without hopping between apps?
https://redd.it/1o2xbmm
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
How are you validating backend performance before every deploy?
We started running custom load tests on our backend with every merge. If no tests exist, we generate them from OpenAPI and recent traffic logs. Our pipeline reports P95 latency and error rate and can hold rollout for approval if thresholds are breached. This helped cut failed production rollouts by 60 percent.
How are you gating backend releases or generating traffic scenarios for new services?
https://redd.it/1o33fyv
@r_devops
We started running custom load tests on our backend with every merge. If no tests exist, we generate them from OpenAPI and recent traffic logs. Our pipeline reports P95 latency and error rate and can hold rollout for approval if thresholds are breached. This helped cut failed production rollouts by 60 percent.
How are you gating backend releases or generating traffic scenarios for new services?
https://redd.it/1o33fyv
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
What should I focus on to switch to devops
Hi everyone,
I'm currently working as an SRE for a few months but it's just ops role in a large organisation when I am being siloed.
I also have a few years of experience as cloud sysadmin with a focus on AWS and other sysadmin and support roles but I feel like I lose my skillset in my current role.
So I'd like to ask for advice regarding tools, areas projects I could focus on to improve chances of having a shot at a devops role.
https://redd.it/1o367ou
@r_devops
Hi everyone,
I'm currently working as an SRE for a few months but it's just ops role in a large organisation when I am being siloed.
I also have a few years of experience as cloud sysadmin with a focus on AWS and other sysadmin and support roles but I feel like I lose my skillset in my current role.
So I'd like to ask for advice regarding tools, areas projects I could focus on to improve chances of having a shot at a devops role.
https://redd.it/1o367ou
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
I inherited a problem and need your advice
The company I work for has 6 custom websites that are hosted by a relatively small hosting company(\~10 employees). This company also serves as our Devops. They control everything after our Github account. This includes managing Cloudflare which is used to help with security and performance, particularly their firewall and cacheing.
A decision was made before I got involved that this vendor would own the Cloudflare account. I'm honestly not sure what the reason was, but our website's Cloudflare licenses are within their company-wide account. We've been told that we cannot have visibility into the account or share access for security reasons, partly because we would see the instances of their other clients, but also because it's a safety precaution to not allow devs to meddle in devops. Our devs have no interest in doing devops, but often need to look at logs to debug issues, which they can't do right now. I'm also concerned about portability if our relationship with this vendor sours.
So, I'm stepping into this situation thinking we should absolutely own and control the Cloudlfare account that contains the licenses that our websites depend on. We don't have control or visibility into this part of our stack. I'm looking for advice on whether I'm looking at this from the right perspective. I'm also interested in hearing what are industry best practices for a client/vendor relationship in terms of ownership, control, and visibility. Thank you
https://redd.it/1o37sv7
@r_devops
The company I work for has 6 custom websites that are hosted by a relatively small hosting company(\~10 employees). This company also serves as our Devops. They control everything after our Github account. This includes managing Cloudflare which is used to help with security and performance, particularly their firewall and cacheing.
A decision was made before I got involved that this vendor would own the Cloudflare account. I'm honestly not sure what the reason was, but our website's Cloudflare licenses are within their company-wide account. We've been told that we cannot have visibility into the account or share access for security reasons, partly because we would see the instances of their other clients, but also because it's a safety precaution to not allow devs to meddle in devops. Our devs have no interest in doing devops, but often need to look at logs to debug issues, which they can't do right now. I'm also concerned about portability if our relationship with this vendor sours.
So, I'm stepping into this situation thinking we should absolutely own and control the Cloudlfare account that contains the licenses that our websites depend on. We don't have control or visibility into this part of our stack. I'm looking for advice on whether I'm looking at this from the right perspective. I'm also interested in hearing what are industry best practices for a client/vendor relationship in terms of ownership, control, and visibility. Thank you
https://redd.it/1o37sv7
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community