How did you start your career in DevOps?

I graduated this May with a bachelor’s in computer engineering and a CS minor. I originally planned to go into software engineering, mostly web development, but I was pretty passive during undergrad and waited too long to look for internships. By the time I started applying for SWE jobs after graduation, I was way behind my classmates in experience and could not even get an interview.

Fortunately, my dad is the IT director at his company and had been struggling to fill an IT specialist role. He got me hired in June, and while it was not the career path I had in mind, I have ended up liking it more than I expected. I started with basic help desk tasks, onboarding and offboarding, and simple O365 and Active Directory work. The job was pretty boring at first and I had a lot of downtime, so I kept asking for more things to do. Now I am doing a fair amount of sysadmin work like GPO configuration, server management, and email administration.

In my downtime I've been learning PowerShell and automating pretty much everything I can get my hands on. A couple months ago finished a full onboarding automation system that integrates with Jira's API, and I learned a lot from it. Our CIO happened to notice all of the microsoft graph apps I have been making, so he created a repo in our company's Azure DevOps for me to push all my automation stuff to (I had previously been using my personal Github).

Since then I’ve built a few small projects in my down time. One was a simple web app that shows password expiry info for our AD users. I wrote the backend logic, threw together a basic frontend, and packaged it in Docker so I could deploy it on one of our servers. Working through that whole build, containerize, deploy workflow made me realize I actually really enjoy the DevOps side of things. I still have a lot to learn, but all this has gotten me thinking about a potential career in this field.

For others already in the field: how did you get started, especially if you came from help desk or sysadmin work? And what should I be doing if my goal is to eventually move into a DevOps role?

TL:DR: Currently working in IT with a mix of sysadmin responsibilities, wondering how others got into DevOps now that I am interested in the field.

https://redd.it/1ow7yu3
@r_devops

Snyk is not finding the same base image vulnerabilities as jfrog

Short version: We scan our docker images using snyk. We have a customer than scans then using jfrog. We got a report from the customer that shows medium and low base image vulnerabilities from their jfrog scan that our snyk scan doesn't show.

Medium and low are outside of our SLA but in principle I don't like this. I don't like not having all the info.

I've been playing with snyk settings but I can't reproduce the jfrog results. Does anyone know any nice little snyk tricks to fix this? We are using the default security policy.

https://redd.it/1ow80sn
@r_devops

How is devops in New Zealand?

I'm looking to immigrate, working with a firm and currently applying to positions, but I've only just started my search. I've been in DevOps orgs for over 14 years mostly jumping around from SRE, Platform engineering, and "DevOps Engineer", but have spent some time as a SWE as well. Are things super competitive in the senior/principal/staff positions? Are companies generally pretty decent to employees? Anyone looking to hire an immigrant, lol?

https://redd.it/1owbvkn
@r_devops

Automating Jira releases from my CI/CD Pipeline

Hi!

I want to know if I'm on the right track with my idea. Here is my problem/status quo:

* BitBucket and Jira
* Software repo pipeline builds container images and updates GitOps repo with new image tags
* GitOps repo deploys container images to different production environments
* Software repo is integrated with Jira and development information is visible in Jira work items
* I have no information in Jira work items about the actual deployments
* Releases/Versions in Jira are created manually and someone has to set that version on the work items
* DORA metrics are wrong (especially change lead time)


My plan:

* Run semantic-release in my software repo pipeline
* Build container images and tag them with the version from semantic-release
* Run a noscript to create an unreleased version in Jira and update all work items with that version (fixVersions field) using the work item reference in the commit message
* Trigger a deployment pipeline in my GitOps repo that runs a noscript that:
* Get all work items for that release from the Jira API
* Use the [Jira Deployments API](https://developer.atlassian.com/cloud/jira/software/rest/api-group-deployments/#api-group-deployments) to add deployment information on work items
* Set the release in Jira as 'released' with the correct release date
* Have correct DORA metrics
* No manual interaction
* Release management in Jira is driven by my git versions

Has anyone done something like this? Are there better ways to do this? Good tools?


Thanks for reading this mess 😘

https://redd.it/1owcuiv
@r_devops

How confident are you that your container images aren't compromised at build time?

I've been digging into our container supply chain and it's frankly terrifying. We pull base images from Docker Hub, npm packages from who knows where, and our build process has zero visibility into what's actually getting baked in.

Had a security audit last month and they asked for signed SBOMs. We had nothing. Asked about provenance attestation, we had none. Meanwhile we're shipping containers with 500+ CVEs because our base images are bloated with stuff we don't even use.

What's everyone doing beyond trust but don't verify? Are you signing everything? How do you even audit this mess at scale?



https://redd.it/1owfer2
@r_devops

Looking to design a better alerting system

Our company has an alerting system based on AWS Cloudwatch structured like so:
- Logs get ingested into an AWS Cloudwatch log group, a metric is defined on the group that looks for the keyword “ERROR”
- A Cloudwatch alarm is defined on the log metric, when the alarm is triggered, it triggers an SNS topic
- The SNS topic sends a request to a custom python endpoint
- The custom python endpoint scrapes through all logstreams within the log group for the “ERROR” keyword within a timeframe and posts it out to Slack


There are 2 problems with our setup:
1. Slack sends out the same ERRORs multiple times even though there’s one ERROR
- This happens if two ERRORs come in within the timeframe that our python noscript scrapes logs, our Cloudwatch alarm will trigger the SNS topic twice.
- Each SNS trigger will cause our python noscript to scrape and posts out both ERRORs twice to Slack


2. Not all ERRORs end up posting out to Slack
- This happens when multiple ERRORs come in while the Cloudwatch alarm is in triggered state so the SNS topic is not triggered for those ERRORs
- Some ERRORs are outside of the timeframe for the python scraper, so they don’t get pulled and posted to Slack
- Our Cloudwatch alarm is configured to evaluate a 10sec window, which is the lowest period AWS allows

Ideally, we would like for our setup to be extremely precise and granular: each ERROR in the log will trigger the Cloudwatch alarm which will trigger the SNS topic and our python endpoint will pull logs only for that ERROR.

What do people recommend we change in our setup? How are others alerting for keywords in their logs?

https://redd.it/1owge0h
@r_devops

Code review tooling

I've always been a massive proponent of code reviews. In Microsoft, there used to be an internal code review tool, which was basically just a diffing engine with some nifty integrations for the internal repos (pre-git).

Anyway - I've been building out something for myself, to improve my workflow (been using gitkraken for a looooong time now and used that for most of my personal reviews (my workflow include reviewing my own code first)

What kind of tooling do you use? If any.

https://redd.it/1owhoq7
@r_devops

what is best practices for deploying local changes to AWS ASG

i’m trying to move from a single EC2 instance to an Auto Scaling Group (ASG). Because each ASG has 2-3 instances, I need to create an image, a launch template, and then perform an instance refresh, which takes a long time. How do you guys deploy it?

https://redd.it/1owjulh
@r_devops

DevOps Eng Looking for Collaboration: Exchange High-Perf US-East Infra for Project Ideas

Hey y'all,
I know the pain of launching a project on cheap, distant infrastructure. I’ve currently got a high-spec, low-latency VPS with Cloudpanel in Ashburn, VA (US-East) that is sitting partially underutilized and screaming for a purpose.

I'm looking to partner with other engineers, developers, or product people who have solid Micro-SaaS or AI-powered app ideas but need a high-performance, cost-free environment to launch and test.

The Proposition: I provide the optimized infrastructure and ongoing maintenance/scaling; you provide the project concept and handle the development/marketing. We agree on a fair profit-split. Thinking specifically about projects where latency matters (e.g., real-time tools, high-traffic APIs).

If you have an idea that needs a rock-solid US-East foundation, hit me up!

https://redd.it/1owmfis
@r_devops

Memory Corruption in WebAssembly: Native Exploits in Your Browser 🧠

https://instatunnel.my/blog/memory-corruption-in-webassembly-native-exploits-in-your-browser

https://redd.it/1owm2x0
@r_devops

Introduction to Docker Image Optimization — practical steps and pitfalls for smaller, faster containers

Hi all — I recently wrote a blog post that walks through how to **optimize Docker container images**, focusing on common mistakes, layering strategies, build cache nuances, and how to reduce runtime footprint.

Some of the things covered:

* What makes a Docker image “bloated” and why that matters in CI/CD or production.
* Techniques like multi-stage builds, minimizing base images, proper layer ordering.
* Real-world trade-offs: speed vs size, security vs size, build complexity vs maintainability.
* A checklist you can apply in your next project (even if you’re already comfortable with Docker).

I’d love feedback from fellow devs/ops folks:

* Which techniques do you use that weren’t covered?
* Have you run into unexpected problems when trying to shrink images?
* In your environment (cloud, on-prem, edge) what did image size actually cost you (time, storage, cost)?

Here’s the link: [https://www.codetocrack.dev/introduction-to-docker-image-optimization](https://www.codetocrack.dev/introduction-to-docker-image-optimization)

I’m not just dropping a link — I’m here to discuss, clarify, expand on any bit you find interesting. Happy to walk through any part of the post in more depth if you like.

https://redd.it/1owq0t5
@r_devops

Hiring dev / cloud help

I'm trying to setup code in cloud, i'm doing it on azure and it doesn't load right, the website is blank and it shouldn't be. It might be code or setup issue I don't know. I've asked AI and it doesn't know what to do. I'll pay like $100 or more for the fix which should take like 2 hours. $50/h. And you'll look and tell me what's the issue and fix it. I want it done now so send me dm and let me know if you can do it.

https://redd.it/1owsoxk
@r_devops

Context aware AI optimization for Spark jobs

trying to optimize our Spark jobs using some AI suggestions, but it keeps recommending things that would break the job. The recommendations don't seem to take into account our actual data or cluster setup. How do you make sure the AI suggestions actually fit your environment? looking for ways to get more context-aware optimization that doesn't just break everything.

https://redd.it/1owthpv
@r_devops

Anyone in Europe getting more than 100K?

Hello all,

I'm looking for a job as the US client I'm currently working for didn't like I took paternity leave.

I'm wondering how difficult is to find a remote job where I can get more than 100K. Is this realistic?

Any advice for the ones who managed to do so? I've thought about creating a LLC in the US and then try to find clients over there but that's gonna be hard as hell plus the bureaucracy.

Another option I've thought is to go niche, taking into advantage I have a past in embedded software I have thought about going into eBPF or something like that. Any recommendations? There are many paths kubernetes development, AI, security, etc. so I'm a bit lost about this option.

For the ones interested in helping me in the right direction my CV is here https://www.swisstransfer.com/d/a438c72f-e4b3-4ee8-a114-09d177118015 feel free to connect on Linkedin.

Thank you in advance.

https://redd.it/1owt72p
@r_devops

Implementing a Telemetry Agent in 2025

If you were redesigning a telemetry agent (something like Fluent Bit) in 2025, what would you focus on?

https://redd.it/1owx9a3
@r_devops

Choosing dev products between GCP and Cloudflare

I'm considering using Google Cloud Platform and Firebase for my next SaaS project.

Since GCP doesn't offer domain registrar, I'm also looking at Cloudflare because they provide a lot of interesting products, not just domains, that I might want to use in the future.

Here's what I have so far:

Database — Google Cloud SQL (Postgres)
Compute — Google Cloud Run
Auth — Firebase Authentication
Domains — Cloudflare Registrar

And now I need to decide on:

Storage — Google Cloud Storage vs Cloudflare R2
Hosting — Firebase Hosting vs Cloudflare Pages

I initially wanted to keep everything within GCP, but Cloudflare R2 has lower pricing and no egress fees.

If you were in my shoes, what would you choose? Is there anything else I should consider?

https://redd.it/1owyt2d
@r_devops

Integrated AI for bug detection into our CI/CD and it's catching bugs but also creating new problems

Was skeptical about AI test tools but our manual QA process was becoming a bottleneck. Every deploy meant waiting 4-6 hours for the QA team to run through test cases and half the time they'd miss something anyway.

Added Spur to our pipeline last sprint. It runs through critical user flows automatically which is great, but we're still dealing with some false positives and figuring out how to write tests that don't break with every UI change.

Did catch a real bug yesterday in staging that would have taken down checkout in production. The AI noticed that a form validation change broke the submit button for users with certain browser extensions. Not something we would have tested manually.

Still figuring out the right balance between test coverage and build time. And writing effective test scenarios is more art than science. Anyone else integrating AI testing into their pipeline? What's your experience been?

https://redd.it/1owzo13
@r_devops

I built a free AWS certs practice platform – introducing CLOUD.VERSE

Earlier this year I shared here a simple single-file HTML quiz for AWS certifications. It worked, but it was very limited: one page, one flow, no real structure.

I’ve now rebuilt it from the ground up as CLOUD.VERSE, focused on a more realistic exam experience and better feedback for people seriously preparing for AWS certs.

Entirely done w/ CC and Codex in VS.

Link in the comments (free, no login required):

What’s inside (current version)

Certs covered
AWS Cloud Practitioner (CLF-C02)
AWS Solutions Architect Associate (SAA-C03)
AWS AI Practitioner (AIF-C01)
Practice modes
Quick mode: 35 questions / 40 minutes
Full mode: 65 questions / 130 minutes
Domain-focused practice
Review mode
Exam-like UX
Timer
Question grid navigation
“Mark for review”
Multi-select questions with required selection counts enforced
Feedback and scoring
Detailed explanations
“Why the other options are wrong”, not only which one is correct
AWS-style score range (100–1000)
Donut-style analytics by domain instead of just a final percentage
General experience
Questions filtered by certification, domains, tier, and seed
Responsive layout, fast navigation, and a UI designed to stay out of the way so you can focus on thinking
Optional Ko-fi support for anyone who wants to help, but no paywall on the practice itself

Why I built this (and why it’s free)

I’ve seen how much a single AWS certification can change someone’s career, and I’ve also seen how the price of courses and practice exams quietly excludes a lot of people.

CLOUD.VERSE is my attempt to lower that barrier: serious, exam-style practice that feels close to the real thing, but without locking access behind a payment page. The basic principle is simple: access first, funding second. Donations help with hosting/maintenance and keep me motivated, but they’re never required to study.

What I’d like from the community

Try a mode for the cert you’re studying (CLF-C02, SAA-C03, or AIF-C01)
Let me know:
If the difficulty feels close to your experience with the real exam
If the scoring and feedback are useful
What’s missing for this to be part of your regular study routine

I’d recommend using this alongside hands-on practice in AWS and the official docs/whitepapers, not as your only resource. But if you need structured, realistic questions to pressure-test your knowledge before exam day, CLOUD.VERSE is there to help.

https://redd.it/1ox2cdq
@r_devops

Open-source local (air-gapped) Claude-Code alternative for DevOps - seeking beta feedback

Been working on a small open-source project - a local Claude-Code-style assistant built with Ollama.

It runs entirely offline and uses a locally trained model optimised for speed, aimed at practical DevOps tasks: reading/writing files, running shell commands, checking env vars, etc.

Core points:

* Local model**:** Qwen3 1.7B via Ollama (\~1.1 GB RAM), small enough for CI/CD or air-gapped hosts
* Speed-optimised**:** after initial load, responses come in \~7–10 seconds (similar to ChatGPT or Claude.)
* No data leaking**:** no APIs, telemetry, or subnoscriptions — everything stays on your machine

The goal is a fast, transparent automation layer for DevOps teams, not a chat toy.

Repo: [github.com/ubermorgenland/devops-agent](https://github.com/ubermorgenland/devops-agent)

It’s early-stage but functional - would love a few beta testers to try it locally and share feedback or ideas for new integrations.

https://redd.it/1ox297t
@r_devops

Kubernetes just announced the retirement of the community Ingress-NGINX controller — here’s how to check if you’re affected

Kubernetes maintainers have officially announced that the *community* `ingress-nginx` controller is being retired.
After **March 2026**, there will be:

* no new releases
* no bug fixes
* no security patches

A lot of folks don’t realize this, but there are actually *two different* NGINX controllers with very confusing names:

1. **ingress-nginx** → community (this one is being retired)
2. **kubernetes-ingress (nginxinc)** → vendor-backed (not impacted)

If you installed ingress from the Kubernetes docs, you’re likely affected.
If you installed using the NGINX/F5 docs, you’re probably not.

I wrote a breakdown covering:

* how to check what your cluster is running
* the retirement timeline
* migration options (Gateway API, Traefik, Kong, vendor NGINX)
* a simple 4-week migration plan

Sharing it here in case it helps others avoid surprises:
👉 [https://deepakkumar2o.hashnode.dev/ingress-nginx-retirement-migrate-to-gateway-api](https://deepakkumar2o.hashnode.dev/ingress-nginx-retirement-migrate-to-gateway-api)

Not trying to self-promote — I just saw a lot of confusion in my team and thought this might help someone preparing for migration.

https://redd.it/1ox5wxx
@r_devops

Looking for resources to help with a NetDevOps automation project (books, articles, papers, projects)

Hey everyone,
I’m working on a NetDevOps project for my internship, and I’m looking for good resources to guide me. The project involves things like network automation, CI/CD for network configurations, traffic generation for testing, and possibly some AI for self-healing.

If you know any useful books, articles, research papers, GitHub projects, or even full learning paths, I’d appreciate your recommendations.

Thanks in advance!

https://redd.it/1ox44ov
@r_devops