Bootstrap you career in DevOps

Good morning aspiring DevOps!

This is my second message of this kind.

I can see many people looking to bootstrap their career and they form small groups of students like.

But, wouldn't it be better to work with a real company on a realistic project?

I have launched successfully a few months ago a mutual benefit collaboration in which some people joined some internal projects we are developing that could help you learn how to bring a software/system from development to production.

Some people have left because they got job offers, so looking for other potential candidates interested in this experience.

This is a completely free collaboration on both sides, on your side you commit to learn and try to complete the project, on my side I commit to giving you tutoring and support needed and guiding you on troubleshooting issues.

I have got 3 projects in mind:

1) Data Pipeline: there is a nice article on Medium on a data pipeline to ingest marketdata data using technologies like Spark, MongoDB, Postgres and other

2) LLMops framework. We want to train internal models on Kubeflow and we need a reliable way to install it and manage it.

3) Terraform OCI provisioning. Nowadays Oracle Cloud is getting traction. Why don't we build terraform modules for it?

I require some basic knowledge of technologies since those projects are not suitable for people who don't have any knowledge.

I want to help you make sense of the technology you already know and tell you how to apply it to a real case scenario rather than a simple Hello world one!

Also be mindful of the fact that I can not accept everyone since I will provide my personal time, obviously I can not scale like we want our deployments to......I am not a pod!

To apply please complete this form:

https://forms.office.com/e/3QDd5dMPmv

https://redd.it/1o75d7p
@r_devops

React Native iOS App Crashes Immediately on Launch After Successful Build in Azure Pipeline

**Problem:** I have a React Native app that builds successfully in my Azure DevOps pipeline (macOS-15, Xcode 16.4, Node 23.7.0, React Native), but the app crashes immediately upon launch on both Debug and Release configurations. The build completes without errors, the IPA is generated correctly, but the app won't run.

**Build Environment:**

* **CI/CD:** Azure DevOps Pipeline
* **macOS:** macOS-15
* **Xcode:** 16.4
* **Node.js:** 23.7.0
* **NPM:** 11.5.2
* **Yarn:** 1.22.22
* **Build Configuration:** Both Debug and Release crash

**What Works:**

* ✅ Pipeline completes successfully
* ✅ Archive builds without errors (`** ARCHIVE SUCCEEDED **`)
* ✅ Export succeeds (`** EXPORT SUCCEEDED **`)
* ✅ IPA file is generated
* ✅ CocoaPods installation succeeds
* ✅ JavaScript bundle is created

**What Fails:**

* ❌ App crashes immediately on launch (white screen/instant crash)
* ❌ Happens in both Debug and Release builds


**What I've Tried:**

* ✅ Clearing CocoaPods caches
* ✅ Removing and reinstalling pods
* ✅ Verifying JavaScript bundle is created and copied correctly
* ✅ Checking provisioning profiles and certificates (all valid)
* ✅ Using `NODE_OPTIONS='--openssl-legacy-provider'`




**Problem:** I have a React Native app that builds successfully in my Azure DevOps pipeline (macOS-15, Xcode 16.4, Node 23.7.0), but the app crashes immediately upon launch on both Debug and Release configurations. The build completes without errors and the IPA is generated correctly, but the app crashes with a fatal JavaScript exception.

**Crash Information:**

Exception Type: EXC_CRASH (SIGABRT)
Termination Reason: SIGNAL 6 Abort trap: 6

Last Exception Backtrace:
0 CoreFoundation __exceptionPreprocess
1 libobjc.A.dylib objc_exception_throw
2 iQ.Suite Clerk RCTFatal
3 iQ.Suite Clerk -[RCTExceptionsManager reportFatal:stack:exceptionId:extraDataAsJSON:]
4 iQ.Suite Clerk -[RCTExceptionsManager reportException:]

The crash occurs in `RCTExceptionsManager`, indicating a fatal JavaScript error is being thrown immediately on app launch.

**Build Environment:**

* **CI/CD:** Azure DevOps Pipeline
* **macOS:** macOS-15
* **Xcode:** 16.4
* **Node.js:** 23.7.0
* **NPM:** 11.5.2
* **Yarn:** 1.22.22
* **iOS Version:** 18.5
* **Hermes:** Enabled (visible in crash log)
* **Build Configuration:** Both Debug and Release crash

**What Works:**

* ✅ Pipeline completes successfully
* ✅ Archive builds without errors (`** ARCHIVE SUCCEEDED **`)
* ✅ Export succeeds (`** EXPORT SUCCEEDED **`)
* ✅ IPA file is generated and deploys to TestFlight
* ✅ CocoaPods installation succeeds
* ✅ JavaScript bundle is created and verified

**What Fails:**

* ❌ App crashes immediately on launch (instant crash)
* ❌ Happens in both Debug and Release builds
* ❌ Fatal exception occurs before app UI appears
* ❌ Crash originates from JavaScript layer (RCTExceptionsManager)

**Key Build Steps:**

1. JavaScript bundle creation:

bash

react-native bundle \
--entry-file index.js \
--platform ios \
--dev false \
--minify true \
--bundle-output ios/main.jsbundle \
--assets-dest ios

1. Bundle is copied to two locations and verified:
* `ios/main.jsbundle`
* `ios/Clerk_React/main.jsbundle`
2. CocoaPods installation with cache clearing
3. Xcode build with manual code signing (Release configuration)
4. Archive and export to IPA for App Store distribution

**Environment Variables:**

* `NODE_OPTIONS='--openssl-legacy-provider'` (for legacy OpenSSL support)

**What I've Tried:**

* ✅ Clearing CocoaPods caches completely
* ✅ Removing and reinstalling pods with `--repo-update`
* ✅ Verifying JavaScript bundle exists and has content (verified with `head -c 100`)
* ✅ Checking provisioning profiles and certificates (all valid)
* ✅ Building with both Debug and Release configurations
* ✅ Using Xcode 16.4 with proper SDK (iphoneos18.5)

**Questions:**

1. **Could this be related to the JavaScript bundle

not being found at runtime despite being verified during build?** Do I need to configure the bundle location in Info.plist?
2. **Is there a way to get the actual JavaScript error message** that's being reported to RCTExceptionsManager? The crash log doesn't show the JS stack trace.
3. **Could Hermes bytecode compilation be failing silently?** Should I disable Hermes or configure it differently for CI builds?
4. **Are there known issues with:**
* React Native + Xcode 16.4 + Node 23.7.0?
* Hermes + iOS 18.5?
* `NODE_OPTIONS='--openssl-legacy-provider'` affecting runtime bundle loading?

Any help would be greatly appreciated! Has anyone encountered `RCTExceptionsManager reportFatal` crashes immediately on launch in CI-built apps?



https://redd.it/1o7528t
@r_devops

How I get gigs(remote and onsite) using cold email outreach - working strategy

I am a fulltime coder who uses reddit, freelance sites etc but an underused tactic to get remote gigs is cold email outreach.

Posting on job seeker subreddits always seems like one is posting into a black hole; everyone who sees the job request posts are other job seekers.

A better and possibly more effective way is to use cold emailing targeting the niche you serve.

For instance, I am a coder and I target other coders and software development companies looking to outsource coding work.

I essentially buy or extract emails from the niche I work in and do outreach on them

I use it to get freelance projects and at times get to upsell my own products.

I have more work than I can handle so that I don't mind sharing the technique.

It is quite clear that this method can work for other industries as a well. The idea is to get a list in your niche and a list of products that respondents might want.

I'm open to discussing specifics [how I source email lists, products I pitch, email templates I use etc\] to anyone interested.







https://redd.it/1o76dwu
@r_devops

what tools do you use to manage your repos and ensure quality?

i’ve been trying to improve my commits and repo quality overall cause right now my repositories and commit history are a mess (I know that if I had done it right from the start I wouldn't have this problem right now)... curious what tools you guys actually use for this stuff? like commitizen, goodgit.dev, gitlint, linearb.io, etc or is it better to do it manually?

I guess that if you are good and disciplined at writing commits and managing the repo it is better than using automated tools, but I dont need crazy quality, just the basics to be able to do debugging and docs later.

https://redd.it/1o77pbw
@r_devops

LLM Agents for Infrastructure Management - Are There Secure, Deterministic Solutions?

Hey folks, curious about the state of LLM agents in infra management from a security and reliability perspective.

We're seeing approaches like installing Claude Code directly on staging and even prod hosts, which feels like a security nightmare - giving an AI shell access with your credentials is asking for trouble.

But I'm wondering: are there any tools out there that do this more safely?

Thinking along the lines of:

\- Gateway agents that review/test each action before execution

\- Sandboxed environments with approval workflows

\- Read-only analysis modes with human-in-the-loop for changes

\- Deterministic execution with rollback capabilities

\- Audit logging and change verification


Claude outputed these results:

Some tools are emerging that address these concerns:
MCP Gateway/MCPX offers ACL-based controls for agent tool access, Kong AI Gateway provides semantic prompt guards and PII sanitization, and Lasso Security has an open-source MCP security gateway. Red Hat is integrating Ansible + OPA (Open Policy Agent) for policy-enforced LLM automation.
However, these are all early-stage solutions—most focus on API-level controls rather than infrastructure-specific deterministic testing. The space is nascent but moving toward supervised, policy-driven approaches rather than direct shell access.

Has anyone found tools that strike the right balance between leveraging LLMs for infra work and maintaining security/reliability? Or is this still too early/risky across the board?

I'm personally a bit skeptical as the deterministic nature of infra collides with the undeterministic nature of LLMs, but I'm a developer at heart and genuinely curious if DevOps tasks around managing infra are headed toward automation/replacement or if the risk profile just doesn't make sense yet. 

Would love to hear what you're seeing in the wild or your thoughts on where this is heading.

https://redd.it/1o78ki5
@r_devops

Does your company run staging servers?

I'm curious to know how you guys work with staging servers in the real world.... (not my Hobbyist world). At work we have a mix between teams being small enough that testing locally is enough, or the opposite end of having a 64GB staging server on 24/7.

Do you share 1 staging server between teams (if your org is big enough for that)? Do you get per PR staging environments? Does your staging env run on a schedule? Do you have no staging server.... review code and deploy to prod!

Genuinely curious, thanks! Poll for if you don't want to put a comment :)

View Poll

https://redd.it/1o7a8eo
@r_devops

I created a DevOps newsletter/blog for solo developers to give back to the community

Hey everyone

I’m a DevOps engineer with over 7 years of experience, and I recently started working on a side project that combines two things I really enjoy — technical writing and giving back to the community.

Over the years I’ve received (and you did either) tons of questions from solo developers and small teams:

“Can you help me deploy this?”
“Why is infra so complicated ?”
"What is better AWS/GCP" "How to do this, how to do that"

After repeating the same explanations many times, I decided to turn it into something useful for more people, a blog/newsletter called **IndieDevOps**.

It’s all about practical DevOps. Simple, hands-on guides on how to deploy, monitor, and scale without the complexity of traditional infrastructure.

The project is still very new, so please don’t be too harsh if something doesn’t work perfectly 😅 . I’m still experimenting and finding the best format.

If you like the topic and want to follow along, you’re very welcome to subscribe or just check out.
https://indiedevops.com

Would love to hear your thoughts.

https://redd.it/1o7c1j7
@r_devops

[Guide] Implementing Zero Trust in Kubernetes with Istio Service Mesh - Production Experience

I wrote a comprehensive guide on implementing Zero Trust architecture in Kubernetes using Istio service mesh, based on managing production EKS clusters for regulated industries.

**TL;DR:**

* AKS clusters get attacked within 18 minutes of deployment
* Service mesh provides mTLS, fine-grained authorization, and observability
* Real code examples, cost analysis, and production pitfalls

**What's covered:**

✓ Step-by-step Istio installation on EKS

✓ mTLS configuration (strict mode)

✓ Authorization policies (deny-by-default)

✓ JWT validation for external APIs

✓ Egress control

✓ AWS IAM integration

✓ Observability stack (Prometheus, Grafana, Kiali)

✓ Performance considerations (1-3ms latency overhead)

✓ Cost analysis (\~$414/month for 100-pod cluster)

✓ Common pitfalls and migration strategies

Would love feedback from anyone implementing similar architectures!

Article is [here](https://medium.com/@heinancabouly/zero-trust-for-kubernetes-implementing-service-mesh-security-529adb66665a)

https://redd.it/1o7d35b
@r_devops

I created an external reporting tool for SonarQube Community Edition

Hello everyone!

As a frequent user of SonarQube Community Edition, both personally and professionally, I always have the problems of distributing the results of a scan due to the lack of reporting mechanisms.

Therefore, I created a tool called ReflectSonar. It reads the data via API and generates a PDF report for general metrics, issues, security hotspots and triggered rules.

I’d be more than happy to see your opinions, ideas and contributions! If you have any questions, please do not hesitate to contact me.

Here is the Github link: https://github.com/ataseren/reflectsonar
You can also use: pip install reflectsonar

https://redd.it/1o7cs35
@r_devops

Getting my feet wet with DevOps at my day job

Hi there!

I'm the tech lead at a startup and I'm looking to grow our DevOps practices and bring IaC to help scale our server infrastructure.


Currently, we have two envs (Dev and Prod). Dev is currently in one region only, with plans to add a second with this process to test things closer to prod. Prod is currently deployed to 3 geographic regions (Canada, US, and UK) with plans for more.


Our GO Microservices app(s) run in GCP Cloud run with a Postgres database.


I know running on a single DB defeats the purpose of microservices, but that's a whole other conversation of why I've chosen them.

I'm looking for feedback on project structure and tools I should be using.

We're very bootstrappy so I'm trying to keep to open source tooling. My trust on free tier corporations isn't high.


Current tool ideas:

\- OpenTofu

\- Atlantis

\- Github for PRs

I'm planning on deployinbg Atlantis in cloud run as well in it's own project.

Am I missing something critical?

As far as project structure, I'd love suggestions.

Thank you kinly!

https://redd.it/1o7gnxw
@r_devops

Creating Mongodb collection on azure using openshift pipeline

Any idea how to automate creating mongodb collection on azure cosmos db with specific RUs, selecting auto sacle option and indexes with ttl one week using pipeline on openshift ?

The reason is I have a pipeline that takes backup of collections and then drop the collections and upload the data on azure to store it for later retrieval and instead of recreating it manually I want to automate it.

https://redd.it/1o7ilvm
@r_devops

Is chainguard missing Ubuntu image?

Why don't I see chainguard Ubuntu image? Thought that was basic one, or we should not use Ubuntu at all

https://redd.it/1o7igaf
@r_devops

Open source CLI and template for local Kubernetes microservice stacks

Hey all, I created kstack, an open source CLI and reference template for spinning up local Kubernetes environments.

It sets up a kind or k3d cluster and installs Helm-based addons like Prometheus, Grafana, Kafka, Postgres, and an example app. The addons are examples you can replace or extend.

The goal is to have a single, reproducible local setup that feels close to a real environment without writing noscripts or stitching together Helmfiles every time. It’s built on top of kind and k3d rather than replacing them.

k3d support is still experimental, so if you try it and run into issues, please open a PR.

Would be interested to hear how others handle local Kubernetes stacks or what you’d want from a tool like this.

https://redd.it/1o7hrbt
@r_devops

Can a solo founder actually sell on cloud marketplaces (AWS, Azure, etc.)?

I’m 24, from Eastern Europe, with a few startup experiences but no enterprise background.

I’ve got some IaaS/SaaS tool ideas that could fit well on cloud marketplaces like AWS or Azure, but I’m wondering how realistic that is as a solo founder.

Most buyers there seem to be enterprise clients are they even open to buying from small indie vendors, or do they mostly stick with “big name” companies?

Basically: can one-person startups actually make money selling through these marketplaces, or is it too enterprise heavy to be worth it?

Would love to hear from anyone who’s tried it or seen it done successfully.

https://redd.it/1o7n613
@r_devops

senior sre who knew all our incident procedures just left now were screwed

had a p1 last night. database failover wasnt happening automatically. nobody knew the manual process. spent 45min digging through old slack messages trying to find the runbook

found a google doc from 2 years ago. half the commands dont work anymore. infrastructure changed but doc didnt. one step just says "you know what to do here"

finally got someone who worked with the senior sre on the phone at 11pm. they vaguely remembered the process but werent sure about order of operations. we got it working eventually but it took 3x longer than it should have

this person left 2 weeks ago and already we're lost. realized they were the only one who knew how to handle like 6 different critical scenarios

how do you actually capture tribal knowledge before people leave? documenting everything sounds great in theory but nobody maintains docs and they go stale immediately

https://redd.it/1o7p2bq
@r_devops

I’ve been offered a 50% pay hike to move from SRE to CSM. Should I switch or stay technical?

Hey guys,

I started working in tech in 2022 and have been doing mostly sre/devops work (Kubernetes, ansible, CI/CD, some bug fixes, and infra POCs). My current compensation is decent, but my team is going through reorgs and there’s talk of possible layoffs early next year.

I recently got an offer for a Customer Success Manager (it's a post-sales function) role with about a 50% hike. It’s not a hands-on technical role — more customer-facing and focused on account management.

Long term, I actually wanted to go deeper into SRE/Platform/DevOps, but I’m still early in my prep and not interview-ready yet. but this CSM offer seems tempting, especially considering the salary bump

I researched on it and the CS function does seem a bit less stable (twilio & snowflake axed their entire CS departments) but this company seems to be growing (just raised 200 mil), maybe it's possible to make something good out of it?



The big question:
Do I take the CSM offer (better pay, but not aligned with what I originally wanted, I'm happy to explore though)?

Or stay in my current track, prep for 3–6 months, and aim for devops/SRE roles?
Also curious — if anyone has gone the CSM route in tech, how does the career ladder and compensation growth look long term? Is it a smart pivot or a trap?



TL;DR: SRE → CSM offer with 50% pay bump. Should I take it or double down on tech?

View Poll

https://redd.it/1o7njof
@r_devops

One man dev, need nginx help

So i started coding some analytics stuff at work months ago. Ended up making a nice react app with a flask and node back end. Serve it from my desktop to like 20 users per day. I was provisioned a Linux dev server but being I’m a one man show, i don’t really get much help when i have an issue like trying to get my nginx to serve the app. It’s basically xyz.com/abc/ and i need to understand what the nginx config should look like because I’m lead to believe when i build the front end certain files have to be pointed to by nginx? Can anyone steer me in the right direction? Thanks!

https://redd.it/1o7qnu7
@r_devops

Arbitrary Labels Using Karpenter AWS

I'm migrating my current use of Managed Nodegroups to use Karpenter. With Managed Nodegroups, we used abitrary labels to ensure no interference. I'm having difficulty with this in Karpenter.

I've created the following Nodepool:

apiVersion: karpenter.sh/v1
kind: NodePool
metadata:
  name: trino
spec:
  disruption:
    budgets:
      - nodes: 10%
    consolidateAfter: 30s
    consolidationPolicy: WhenEmptyOrUnderutilized
  template:
    spec:
      expireAfter: 720h
      nodeClassRef:
        group: karpenter.k8s.aws
        kind: EC2NodeClass
        name: default
      requirements:
        - key: randomthing.io/dedicated
          operator: In
          values:
            - trino
        - key: kubernetes.io/arch
          operator: In
          values:
            - amd64
        - key: karpenter.k8s.aws/instance-category
          operator: In
          values:
            - m
        - key: karpenter.k8s.aws/instance-cpu
          operator: In
          values:
            - "8"
        - key: karpenter.k8s.aws/instance-memory
          operator: In
          values:
            - "16384"
      taints:
        - key: randomthing.io/dedicated
          value: trino
          effect: NoSchedule
      labels:
        provisioner: karpenter
        randomthing.io/dedicated: trino
  weight: 10

However, when I create a pod with the relevant tolerations and nodeselectors, I see: label \"randomthing.io/dedicated\" does not have known values". Is there something that I need to do to get this to work?


https://redd.it/1o7rg7s
@r_devops

Azure DevOps Pipeline Cost Analysis

Hey folks,

I’m looking for recommendations on open source tools (or partially open ones) to analyze the cost of Azure DevOps pipelines — both for builds and releases.

The goal is to give each vertical or team visibility into how much an implementation, build, or service deployment is costing. Ideally, something like OpenCost or any other tool that could help track usage and translate it into cost metrics.

Have any of you done this kind of analysis? What tools or approaches worked best for you?

https://redd.it/1o7qxi4
@r_devops

How do you keep knowledge from walking out the door with your senior SRE?

Our senior SRE left two weeks ago and we already felt the pain. Had a P1 last night, DB failover didn’t trigger, nobody knew the manual steps. Spent 45 minutes digging through Slack until we found a 2-year-old Google Doc full of broken commands and “you know what to do here” notes.

We eventually got it working after calling someone who used to work with them, but it took way longer than it should have.

Docs always sound good in theory, but they rot fast and no one maintains them.
So how do you actually capture this kind of tribal knowledge before people leave? What’s actually worked for your team in real life, not just “we should document better”?

https://redd.it/1o7vgi4
@r_devops