Do companies hire DevOps freshers?

Hey everyone

I’ve been learning DevOps tools like Docker, CI/CD, Kubernetes, Terraform, and cloud basics. I also have some experience with backend development using Node.js.

But I’m confused — do companies actually hire DevOps freshers, or do I need to first work as a backend developer (or some other role) and then switch to DevOps after getting experience?

If anyone here started their career directly in DevOps, I’d love to hear how you did it — was it through internships, projects, certifications, or something else?

Any advice would be really helpful

https://redd.it/1oroiqp
@r_devops

Kubernetes operator for declarative IDP management

Since 1 year, I've been developing a Kubernetes Operator for Kanidm identity provider.

From the release notes:
Kaniop is now available as an official release! After extensive beta cycles, this marks our first supported version for real-world use.

Key capabilities include:

Identity Resources: Declaratively manage persons, groups, OAuth2 clients, and service accounts
GitOps Ready: Full integration with Git-based workflows for infrastructure-as-code
Kubernetes Native: Built using Custom Resources and standard Kubernetes patterns
Production Ready: Comprehensive testing, monitoring, and observability features

If this sounds interesting to you, I’d really appreciate your thoughts or feedback — and contributions are always welcome.

Links:
repository: https://github.com/pando85/kaniop/
website: https://pando85.github.io/

https://redd.it/1orq23c
@r_devops

VSCode multiple ssh tunnels

Hi All. Hoping this is a good place for this question.
I currently work heavily in devcontainer based environments often using GitHub Codespace. Our local systems are heavily locked down so even getting simple cli tools installed is a pain. A platform we use is setting up the ability to run code through the remote ssh extension capabilities. Ideally allowing us to use VSCode while leveraging the remote execution environment.
However it seems like I can't use that while connected to a codespace since uses the tunnel. I looked into using a local docker image on wsl but again that uses the tunnel.
Anything you can think of to keep the devcontainer backed environment but then still be able to tunnel to the execution environment?

https://redd.it/1orqufh
@r_devops

I created a cool uhmegle extension

I created this useful extension for Uhmegle called ChillTools. It shows you the other person’s IP address and approximate location while you chat. It also keeps a log of the last 30 people you’ve talked to, saving their IP and a screenshot so you can look back later. it have also a country filter a block people system and custom personaliziation with ccs The extension is completely free, open source, and transparent no hidden code or anything suspicious. You can download it from here .gg/FBsPkXDche. If you use Uhmegle often, this might be helpful

https://redd.it/1ortiuo
@r_devops

Created a minimal pipeline with github connection , codebuild. Succeeds when created but no subsequent pushes create builds/triggers. No event bridge rules created

Here is the cloudformation

Removed some parts as it's too long.

But the core logic is to trigger a build on a repo/branch using am existing connection.

Will this create event bridge rules?
None have been created .
Or do I need to add the event triggers for any push to this repo/branch.
Llm says they will be created automatic and there is some issues creating them. Thank you in advance.


AWSTemplateFormatVersion: '2010-09-09'
Denoscription: Minimal CodePipeline with CodeStar Connection (GitHub) Trigger & CodeBuild

Parameters:
PipelineName:
Type: String
Default: TestCodeStarPipeline

GitHubOwner:
Type: String
Denoscription: GitHub user or org name (e.g. octocat)
GitHubRepo:
Type: String
Denoscription: GitHub repository name (e.g. Hello-World)
GitHubBranch:
Type: String
Default: main
Denoscription: Branch to track (e.g. main)

CodeStarConnectionArn:
Type: String
Denoscription: ARN of your AWS CodeStar connection to GitHub

Resources:
ArtifactBucket:
Type: AWS::S3::Bucket
Properties:
VersioningConfiguration:
Status: Enabled

PipelineRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal: { Service: codepipeline.amazonaws.com }
Action: sts:AssumeRole
Path: /
Policies:
- PolicyName: ArtifactS3Access
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- s3:GetObject
- s3:PutObject
- s3:ListBucket
Resource:
- !Sub '${ArtifactBucket.Arn}'
- !Sub '${ArtifactBucket.Arn}/*'
- Effect: Allow
Action: codestar-connections:UseConnection
Resource: !Ref CodeStarConnectionArn
- Effect: Allow
Action:
- codebuild:StartBuild
- codebuild:BatchGetBuilds
Resource: '*'

BuildRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal: { Service: codebuild.amazonaws.com }
Action: sts:AssumeRole
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
- arn:aws:iam::aws:policy/CloudWatchLogsFullAccess

CodeBuildProject:
Type: AWS::CodeBuild::Project
Properties:
Name: !Sub '${PipelineName}-build'
ServiceRole: !GetAtt BuildRole.Arn
Artifacts:
Type: CODEPIPELINE
Environment:
ComputeType: BUILD_GENERAL1_SMALL
Image: aws/codebuild/amazonlinux2-x86_64-standard:5.0
Type: LINUX_CONTAINER
Source:
Type: CODEPIPELINE
BuildSpec: |
version: 0.2
phases:
build:
commands:
- echo "Hello World from CodeBuild"
artifacts:
files:
- '**/*'

Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: !Ref PipelineName
RoleArn: !GetAtt PipelineRole.Arn
ArtifactStore:
Type: S3
Location: !Ref ArtifactBucket
Stages:
- Name: Source
Actions:
- Name: Source
ActionTypeId:
Category: Source
Owner: AWS
Provider: CodeStarSourceConnection
Version: '1'
Configuration:
ConnectionArn: !Ref CodeStarConnectionArn
FullRepositoryId: !Sub "${GitHubOwner}/${GitHubRepo}"
BranchName: !Ref GitHubBranch
OutputArtifactFormat: CODE_ZIP
OutputArtifacts:
- Name: SourceArtifact
RunOrder: 1
- Name: Build

Actions:
- Name: Build
ActionTypeId:
Category: Build
Owner: AWS
Provider: CodeBuild
Version: '1'
Configuration:
ProjectName: !Ref CodeBuildProject
InputArtifacts:
- Name: SourceArtifact
OutputArtifacts:
- Name: BuildOutput
RunOrder: 1

Outputs:
PipelineName:
Value: !Ref PipelineName
Denoscription: Name of the CodePipeline
ArtifactBucket:
Value: !Ref ArtifactBucket
Denoscription: Name of the S3 bucket used for pipeline artifacts

https://redd.it/1orue5c
@r_devops

How to create a curated repository in Nexus?

I would like to create a repository in Nexus that has only selected packages that I download from Maven Central. This repository should have only the packages and versions that I have selected. The aim is to prevent developers in my organization from downloading any random package and work with a standardised set.

Based on the documentation at https://help.sonatype.com/en/repository-types.html I see that a repo can be a proxy or hosted.

Is there a way to create a curated repository?

https://redd.it/1orvv1g
@r_devops

Do you separate template browsing from deployment in your internal IaC tooling?

I’m working on an internal platform for our teams to deploy infrastructure using templates (Terraform mostly). Right now we have two flows:

A “catalog” view where users can see available templates (as cards or list), but can’t do much beyond launching from there
A “deployment” flow where they select where the new env will live (e.g., workflow group/project), and inside that flow, they select the template (usually a dropdown or embedded step)

I’m debating whether to kill the catalog view and just make people launch everything through the deployment flow. which would mean template selection happens inside the stepper (no more dedicated browse view).

Would love to hear how this works in your org or with tools like Spacelift, env0, or similar.


TL;DR:
Trying to decide whether to keep a separate template catalog view or just let users select templates inside the deploy wizard. Curious how others handle this do you browse templates separately or pick them during deployment? Looking for examples from tools like env0, Spacelift, or your own internal setups.

https://redd.it/1os3byi
@r_devops

Need guidance to deep dive.

So I was able to secure a job as a Devops Engineer in a fintech app. I have a very good understanding of Linux System administration and networking as my previous job was purely Linux administration. Here, I am part of 7 members team which are looking after 4 different on-premises Openshift prod clusters. This is my first job where I got my hands on technologies like kubernetes, Jenkins, gitlab etc. I quickly got the idea of pipelines since I was good with bash. Furthermore, I spent first 4 months learning about kuberenetes from Kodekloud CKA prep course and quickly got the idea of kubernetes and its importance. However, I just don't want to be a person who just clicks the deployment buttons or run few oc apply commands. I want to learn ins and outs of Devops from architectural perspective. ( planning, installation, configuration, troubleshooting) etc. I am overwhelmed with most of the stuff and need a clear learning path. All sort of help is appreciated.

https://redd.it/1os4j8n
@r_devops

I built Haloy, a open source tool for zero-downtime Docker deploys on your own servers.

Hey, r/devops!

I run a lot of projects on my own servers, but I was missing a simple way to deploy app with zero downtime without complicated setups.

So, I built Haloy. It's an open-source tool written in Go that deploys dockerized apps with a simple config and a single haloy deploy command.

Here's an example config in its simplest form:

name: my-app
server: haloy.yourserver.com
domains:
- domain: my-app.com
aliases:
- www.my-app.com

It's still in beta, so I'd love to get some feedback from the community.

You can check out the source code and a quick-start guide on GitHub: https://github.com/haloydev/haloy

Thanks!

https://redd.it/1os2mig
@r_devops

Has anyone integrated AI tools into their PR or code review workflow?

We’ve been looking for ways to speed up our review cycles without cutting corners on quality. Lately, our team has been testing a few AI assistants for code reviews, mainly Coderabbit and Cubic, to handle repetitive or low-level feedback before a human gets involved.

So far they’ve been useful for small stuff like style issues and missed edge cases, but I’m still not sure how well they scale when multiple reviewers or services are involved.

I’m curious if anyone here has built these tools into their CI/CD process or used them alongside automation pipelines. Are they actually improving turnaround time, or just adding another step to maintain?

https://redd.it/1os7j08
@r_devops

OpenTelemetry Collector Contrib v0.139.0 Released — new features, bug fixes, and a small project helping us keep up

OpenTelemetry moves fast — and keeping track of what’s new is getting harder each release.

I’ve been working on something called **Relnx** — a site that tracks and summarizes releases for tools we use every day in observability and cloud-native work.

Here’s the latest breakdown for OpenTelemetry Collector Contrib v0.139.0 👇
🔗 https://www.relnx.io/releases/opentelemetry-collector-contrib-v0.139.0

Would love feedback or ideas on what other tools you’d like to stay up to date with.

\#OpenTelemetry #Observability #DevOps #SRE #CloudNative

https://redd.it/1ose1kf
@r_devops

How to find companies with good work life balance and modern stack?

I'd love to hear your recommendations or advice. My last job was SRE in startup. Total mess, toxic people and constant firefighting. Thought to move from SRE to DevOps for some calm.

Now I'm looking for a place:
• no 24/7 on-call rotations, high-pressure "hustle" culture, finishing work at the same time everyday etc.
• at the same time working with modern tech stack like K8s, AWS, Docker, Grafana, Terraform etc...

Easy to filter by stack. But how do I filter out the companies that give me the highest probability of the culture being as I described above?

I worked for a bank before and boredom there was killing me. Also old stack... I need some autonomy.
At the same time startups seem a bit too chaotic. My best bet would be a mid size scale ups? Places with good documentation, async communication, and work-life balance. How about consulting agencies?

Is it also random which project I will land in?
I'd love to hear from people who've found teams like that:
• Which companies (in Europe or remote-first) have that kind of environment?
• What kind of questions should I ask during interviews to detect toxic culture or hidden on-call stress?
• Are there specific industries (fintech, SaaS, analytics, medtech, etc.) that tend to have calmer DevOps roles?

Thank you so much!

https://redd.it/1osf31s
@r_devops

Migrating a large complex Azure environment from Bicep to Terraform

I recently inherited an Azure environment with one main tenant and a couple other smaller ones. It's only partially managed by Bicep as a lot was already in place by the time someone tried to put Bicep in and more things have been created and configured outside of Bicep since.



While I know some Terraform, I'm finding the lack of documentation around Bicep is making things difficult. I'm also concerned that there are comparatively few jobs for someone with Bicep experience.



I would like people's opinions on my options:

1. Get as much in Bicep as possible using the 'existing' keyword (this will take some time).

2. Start with Terraform. There will still be a lot of HCL to write but I may at least be able to use the new bulk import functionality so I don't have to individually import hundreds of resource IDs.


Most terraform tutorials and resources assume you're starting from scratch with a new environment, has anyone tried doing anything like this?

https://redd.it/1osfy48
@r_devops

🛑 Why does my PSCP keep failing on GCP VM after fixing permissions? (FATAL ERROR: No supported authentication methods available / permission denied)

I'm hitting a wall trying to deploy files to my GCP Debian VM using pscp from my local Windows machine. I've tried multiple fixes, including changing ownership, but the file transfer fails with different errors every time. I need a robust method to get these files over using pscp only.

💻 My Setup & Goal

* **Local Machine:** Windows 11 (using PowerShell, as shown by the `PS D:\...` prompt).
* **Remote VM:** GCP `catalog-vm` (Debian GNU/Linux).
* **User:** `yagrawal_pro` (the correct user on the VM).
* **External IP:** [`34.93.200.244`](http://34.93.200.244) (Confirmed from `gcloud compute instances list`).
* **Key File:** `D:\catalog-ssh.ppk` (PuTTY Private Key format).
* **Target Directory:** `/home/yagrawal_pro/catalog` (Ownership fixed to `yagrawal_pro` using `chown`).
* **Goal:** Successfully transfer the contents of `D:\Readit\catalog\publish\*` to the VM.

🚨 The Three Persistent Errors I See

My latest attempts are failing due to a mix of three issues. I think I'm confusing the user, key, and IP address.

# 1. Connection/IP Error

This happens when I use a previous, incorrect IP address:

PS D:\Readit\catalog\publish> pscp -r -i D:\catalog-ssh.ppk * yagrawal_pro@34.180.50.245:/home/yagrawal_pro/catalog
FATAL ERROR: Network error: Connection timed out
# The correct IP is 34.93.200.244, but I want to make sure I don't confuse them.

# 2. Authentication Error (Key Issue)

This happens even when using the correct IP (`34.93.200.244`) and the correct user (`yagrawal_pro`):

PS D:\Readit\catalog\publish> pscp -r -i D:\catalog-ssh.ppk * yagrawal_pro@34.93.200.244:/home/yagrawal_pro/catalog
Server refused our key
FATAL ERROR: No supported authentication methods available (server sent: publickey)
# Why is my key, which is used for the previous gcloud SSH session, being rejected by pscp?

# 3. User Misspelling / Permissions Error

This happens when I accidentally misspell the user as [`yagrawal.pro`](http://yagrawal.pro) (with a dot instead of an underscore) or if the permissions fix didn't fully take:

PS D:\Readit\catalog\publish> pscp -r -i D:\catalog-ssh.ppk * yagrawal.pro@34.93.200.244:/home/yagrawal_pro/catalog
pscp: unable to open /home/yagrawal_pro/catalog/appsettings.Development.json: permission denied
# This implies the user 'yagrawal.pro' exists but can't write to yagrawal_pro's directory.

# ❓ My Question: What is the Simplest, Complete pscp Command?

I need a final, bulletproof set of steps to ensure my `pscp` command works without errors 2 and 3.

**Can someone detail the steps to ensure my** `D:\catalog-ssh.ppk` **key is correctly authorized for** `pscp`\*\*?\*\*

# Example of the Final Command I want to Run:

pscp -r -i D:\catalog-ssh.ppk D:\Readit\catalog\publish\* yagrawal_pro@34.93.200.244:/home/yagrawal_pro/catalog

# What I've already done (and confirmed):

* I logged in as `yagrawal_pro` via `gcloud compute ssh`.
* I ran `sudo -i` and successfully got a root shell.
* I ran `chown -R yagrawal_pro:yagrawal_pro /home/yagrawal_pro/catalog` to fix the permissions.

*Thanks in advance for any troubleshooting help!*

https://redd.it/1osffvc
@r_devops

What were your first tasks as a cloud engineer?

DevOps is such a wide term that incorporates so many tools. But i wondered when you got your first AWS/Azure gig what tasks did you start out with?

https://redd.it/1osj16j
@r_devops

Datadog Agent v7.72.1 released — minor update with 4 critical bug fixes

Heads up, Datadog users — v7.72.1 is out!
It’s a minor release but includes 4 critical bug fixes worth noting if you’re running the agent in production.

You can check out a clear summary here 👉
🔗 https://www.relnx.io/releases/datadog%20agent-v7.72.1

I’ve been using Relnx to stay on top of fast-moving releases across tools like Datadog, OpenTelemetry, and ArgoCD — makes it much easier to know what’s changing and why it matters.

\#Datadog #Observability #SRE #DevOps #Relnx

https://redd.it/1oskcl3
@r_devops

Server-Side Includes (SSI) Injection: The 90s Attack That Still Works 🕰️

https://instatunnel.my/blog/server-side-includes-ssi-injection-the-90s-attack-that-still-works

https://redd.it/1oskztf
@r_devops

Just realized our "AI-powered" incident tool is literally just calling ChatGPT API

we use this incident management platform that heavily marketed their ai root cause analysis feature. leadership was excited about it during the sales process.

had a major outage last week. database connection pool maxed out. their ai analysis suggested we "check database connectivity" and "verify application logs."

like no shit. thanks ai.

got curious and checked their docs. found references to openai api calls. asked their support about it. they basically admitted the ai feature sends our incident context to gpt-4 with some prompts and returns the response.

we're paying extra for an ai tier that's just chatgpt with extra steps. i could literally paste the same context into claude and get better answers for free.

the actual incident management stuff works fine. channels, timelines, postmortems are solid. just annoyed we're paying a premium for "ai" that's a thin wrapper around openai.

anyone else discovering their "ai-powered" tools are just api calls to openai with markup?

https://redd.it/1osnkcu
@r_devops

"The Art of War" in DevOps

This very old list of [10 must-read DevOps resources\](https://opensource.com/article/17/12/10-must-read-devops-books) includes Sun Tzu's The Art of War. I don't understand why people recommend this book so much in so many different circumstances. Is it really that broadly applicable? I've never read it myself. Maybe it's amazing! I've definitely read The Phoenix Project and The DevOps Handbook, though, and can't recommend them enough.

https://redd.it/1osq2ba
@r_devops

HIRING Web Designers / Developers (Hybrids preferred)

We build 10–15 websites every month and want people who can deliver fast, clean, high-quality work.

Best case: You can do BOTH Figma + Development

WordPress (Elementor/Blocksy) OR Next.js works — but design skill is a big plus

Requirements

Strong Elementor + Blocksy OR Next.js experience
Figma skills appreciated (big advantage)
Multiple real, published websites (mandatory)
You must prove the sites are your work (admin screenshots, commits, files, etc.)
Fast, responsive, accessible builds
Good English & reliable communication

Budget

$100–$600 per site, for junior or CMS development.

$100-1200 per site, for senior UI/UX frontend engineer.

(We also handle high-budget work.)

Apply With

Your country
Live URLs to multiple real, published websites
Proof the sites are your work
Your WhatsApp number
Answer: Can you make this for under $400?
https://www.behance.net/gallery/235441295/Le-CAMP?tracking\_source=curated\_galleries\_ui-ux

No live sites = automatic rejection

No proof = automatic rejection

https://redd.it/1ostidz
@r_devops