I built a tower defense game that teaches cloud architecture (but does anyone actually want this?)

A couple weeks ago, I was once again explaining to a junior dev why his API was crashing under load. I drew diagrams, showed him charts, talked about load balancers and scaling... And I saw that familiar emptiness in his eyes. He was nodding, but I knew he wasn't really feeling the problem.

Then it hit me - what if I made a game where you actually see your architecture collapse in real-time?

What I built

Server Survival is basically tower defense for DevOps. You build cloud infrastructure from blocks (WAF, Load Balancer, EC2, RDS, S3), connect them with arrows, and then watch your creation try to survive waves of incoming traffic.

Full disclosure: this is a rough MVP

I'll be honest - right now this is a prototype hacked together on my knee. I intentionally made the simplest version possible just to validate the idea. There are tons of simplifications, some things don't work exactly like real AWS, the load balancing is sometimes wonky.

But! That's exactly why I'm releasing this open source. I want to understand - is this even interesting to anyone?

I have a ton of ideas for what could be added - different cloud providers (AWS/Azure/GCP), more realistic mechanics, auto-scaling groups, availability zones, monitoring dashboards, multiplayer mode, real-world incident scenarios like Black Friday or security breaches... But before I sink more time into this, I really need to know: does anyone actually need this?

GitHub: https://github.com/pshenok/server-survival

Let me know what you think

https://redd.it/1p3bxnx
@r_devops

Help restructuring a terraform monorepo.

Hello all!

My heads spinning a bit and I need some insights here.

For context: Two years ago I was contracted to architect and implement the cloud systems for an application working on a POC that needed a fast turnaround. At the time the application was very small, basic networking, one RDS instance, one API gateway etc you get it simple. So I put it all in a monorepo and implemented fairly basic gha CI/CD and branch based envs coupled with workspaces as everything was to be setup in one AWS account.

Fast forward to today I was called back to lend a hand as things have grown. They now have the same networking more or less but API gateway -> LoadBalancer -> Multiple Containerized APIs in ECS. Multiple DB's etc etc everything has grown exponentially, still in the monorepo and one state file they also want to shift to a multi account/env setup (music to my ears)

I really do not want to spark the debate of Multi vs Mono repos. But they have a small team of 3-4 devs that are in charge of the infra and deployment of applications so they've opted to leave it as a monorepo. Worth noting the application logic is broken out but at least the first image is deployed with terraform.

The question is now, how do you break up a jumbo sized root state file that everything is using and isolate state so that "services" like the ecs based api containers can be modified and deployed independently. Also graduate to prod without affecting prod when changes are made to a service. Target multiple accounts and avoid drift all from a mono repo...

My current plan is to switch to the tried and true Dir per env. Breakout each service as a "module" and parametrize their inputs. Stitch the CI/CD so that there's a staged deployment and granular deployment for isolated updates. So each service has it's own root level state and can be updated independently within the repo without a massive plan and deploy.

Graduating to prod and keeping them in sync seems difficult in a scenario like this as tagging service modules is pretty much out in a mono. So it'd have to lean more towards trunk based and semi manual deployments to the prod env after approval.

Hopefully that all makes sense. Any thoughts here would be greatly appreciated as I usually lean towards multi repo.

Cheers.




https://redd.it/1p3afkm
@r_devops

Symlink Attacks: When File Operations Betray Your Trust

https://instatunnel.my/blog/symlink-attacks-when-file-operations-betray-your-trust

https://redd.it/1p3j3hw
@r_devops

DevOps internship questions

Hey everyone! I'm a university student in CS. I have an interview for a DevOps internship next week. Looking forward to it, but wanna make sure I'm preparing properly. Here's what I've done so far:
\- I have looked at the interviewers' LinkedIns and checked out what they do or have done at the company
\- Reviewed all the technologies, languages and tools listed in the job posting. For the ones I already know or have on my resume, I refreshed my memory and did a deep dive into it. For the ones I wasn’t familiar with, I did a quick overview
\- Wrote down specific details about the projects and experience listed on my resume so I’m ready for questions like “what was your role?”/“why did you do it this way?”/“can you explain this in more detail?" and so on.
\- Prepped for some behavioural questions

I'm also thinking about preparing a few questions to ask them, some out of curiosity, some just to keep the interview flowing nicely.

What else should I focus on? I don't get nervous when it comes to stuff like this, so I should be able to hold my nerves and have a nice interview. Also, since it's an intern position, my guess is that they won't be expecting good technical skills or expertise, so if I'm right, they're looking for someone who is competent, willing to learn and shows some level of enthusiasm and drive. And my job is to leave a good impression on them to help me stand out.

Any advice and tips are much appreciated.
Also the job is in Canada, and the company is an enterprise level company.

https://redd.it/1p3n5k0
@r_devops

CEO "helps" with terraform, rewrites entire product into an unmaintainable frankenstein, now wants to migrate everything

Not my story, thankfully, it was shared /w me - just wanted to share the insanety that's going on rn:

"A customer recently asked us to help them with some terraform to install our app. My CEO casually remarked “hey I’m pretty good with terraform let me take this over”

Now he has a completely re-architected version of our product that only works for that one customer, he added a bunch of new services like Istio, ArgoCd, Vault, rewrote all our cicd in dagger, and ripped out a bunch more required services. It barely works. Nobody is trained on half of this. Some of our core functionality is completely missing. He vibe coded this over two months in a vacuum, and thinks of himself as some kind of genius he can’t even explain half the shit.

He is asking me to migrate everything over to his bullshit over the next couple weeks"

https://redd.it/1p3p7pv
@r_devops

What’s enough for a Junior?

I’m about to start applying for a Junior devops and my portfolio is as follows:

- all terraform natless eks cluster with an ALB ingress and kyverno admission based on a kms key sig and an attestation for an image(i also made a gitlab pipeline that signs an image with cosign and attests it with trivy and then pushes it into my private ecr).

- all terraform eks monitoring stack with kube-prometheus.

- Custom runtime with OCI image extraction, custom networking supporting multiple containers, NAT and port forwarding (i actually ran a monitoring stack on this using prometheus and a node exporter) all written in GO.

- Now i’m about to do an ebpf firewall and after this i’ll just start applying.

I have no reference point in terms of how a junior application pool actually looks like in terms of skill level and since i originally wanted to do cybersecurity my idea of a typical junior is about exactly as what i have right now.

Is there anybody who works in the industry and has an idea of the junior skill level and whether that’s enough to land a global remote position?


https://redd.it/1p3qvjf
@r_devops

How long does it typically take you to prepare a fully configured cloud environment (staging or production)? (Including networking, security, logging, access controls, etc.)

💡 Vote and comment: what slows down the process the most?

View Poll

https://redd.it/1p3rkc7
@r_devops

what's working to automate the code review process in your ci/cd pipeline?

trying to add automated code review to our pipeline but running into issues, we use github actions for everything else and want to keep it there instead of adding another tool.

Our current setup is pretty basic: lint, unit tests, security scan with snyk. All good but they don't catch logic issues or code quality problems,  our seniors still have to manually review everything which takes forever.

I’ve looked into a few options but most seem to either be too expensive for what they do or require a ton of setup, we Need something that just works with minimal config, we don't have time to babysit another tool.

What's actually working for people in production? Bonus points if it integrates nicely with github actions and doesn't slow down our builds, they already take 8 minutes which is too long.

https://redd.it/1p3tg5p
@r_devops

Thinking of Switching from C++ Dev to DevOps After 9 Years — Is It Realistic? How Do I Start Upskilling?

Short background:
I’m a C++ developer with about 9+ years of experience. I’m not some tech wizard — just an average guy who’s been grinding through it. But honestly, I don’t think I can keep up with this constant coding frenzy anymore. It doesn’t come naturally to me, and it’s starting to drain me.

I’ve been thinking about shifting into DevOps. I know it’s a huge field and could take a year or more of consistent learning, but I’d rather spend that time building a career I can actually enjoy instead of banging my head against the wall.

For those who have made a similar transition or know the space well:
How do I realistically upskill for DevOps? And is this career shift even feasible after 9 years in development?

https://redd.it/1p3v616
@r_devops

Customer Success Architect

What does a Customer Success Architect do? I mean, I read a job listing for it, and I get that they talk to customers, hype the product, etc. But what's the job like? Does it pay well? Are you still technical at all?

https://redd.it/1p3wn5s
@r_devops

Pc to start dev ops

Hello everyone, I’m about to start studying dev ops totally on my own, taking courses and reading books about it.
Having no computer science base I would start from scratch and by zero I mean that I would need the PC to start everything.
I had in mind to buy an inexpensive PC, and then in the future change it with something more powerful.

And I had thought of this: HP 15-FD0057NL, Intel Core I3 N305. RAM 8 GB, 256 Gb SSD (€349).

Do you think it’s a good choice? Or if you have something to advise me let me know. Thank you

https://redd.it/1p3utib
@r_devops

Devops being split into more roles?

I have noticed comments here and there that DevOps is getting split and get more specialized people.
Have you seen a split into several roles like Platform Engineers and Cloud Engineers happening at your place or with coworkers?

https://redd.it/1p48za8
@r_devops

Practical "Path" for DevOps Home Learning?

Hi All, so currently I'm working as an SDET for the past few years. Recently I got a chance to do some devops stuff on AWS. Basically setting up s3 storage state (with terraform) and deploying a .NET app to Beanstalk via Gitlab CI/CD. Also just some other beginner terraform stuff.

I've found it pretty interesting and I do recognize it's beginner stuff but i've often had to learn some of the pipeline stuff as an SDET and honestly it's became more interesting.

I have previously spent a lot of time learning devops stuff on KodeKloud (Which works great) however if you don't use it you sorta lose it. However I now have a chance to start actually working with it at work.

Something I wanted to think of is sort of a practical "path" I can do something with at home (with an AWS free account) and on my Proxmox mini pc's.

In my head it would look maybe something like:

1. Use a sample (something simple like a todo app) and deploy it to EC2/Beanstalk (.net probably) via Gitlab (sorta have already done this)
2. Connect RDS w/ Beanstalk to get a handle with that.
3. Set up those resources in Terraform
4. Dockerize the app
5. I guess also Dockerize the Database
6. Deploy to EKS as a container?
7. ???? (Maybe get Cloud practitioner cert for AWS? I heard it was pretty simple)

I don't think we will be using EKS for awhile at work (Since we just moved to AWS from other cloud providers). I also know Kubernetes is pretty complicated.

Any missing steps or things you would add?

https://redd.it/1p4acia
@r_devops

mariadb vs mysql

We run both of these, seemingly at random depending on who set each one up for each application. We need to standardize and pick one. Which do you run and why?

https://redd.it/1p4bvbh
@r_devops

Analysing the cloudflare outage!

I made a quick small video explaining the cloudflare outage. I went through the RCA and added some bits to it. I've been part of a similar global outage at scale where a buggy code deployed on the edge servers brought the entire service down for hours.

It's really really tough to recover from issues where your edge servers get impacted with high CPU or Memory utilisation.

https://www.youtube.com/watch?v=ObAn4hQc370

Go through the video and let me know if you found it useful.


https://redd.it/1p4d802
@r_devops

Kinda niche question, but anyone have a second phone for on-call/work? What plan/provider struck a good balance for your needs?

Hey y'all, we get a phone credit (laughably small) and were recently told certain company-related apps would start to require MDM on devices they're installed on, meaning the company could wipe the devices at their discretion like if the device is lost/stolen.

I'm thinking I'd rather just have a work phone, and I do have a spare phone lying around so toying with the idea.

Anyone doing this? I imagine a plan with tethering is a good idea, but obviously everyone's job/on-call is a bit different. Wondering if any of y'all found something that struck a good cost balance.

Thanks in advance!

https://redd.it/1p4a1u6
@r_devops

HTTP/2 Desync: Request Smuggling's Stealthy Evolution

https://instatunnel.my/blog/http2-desync-request-smugglings-stealthy-evolution

https://redd.it/1p4cmxs
@r_devops

DevOpsProjects Idea.

I have to create Devops Project.. Can someone give me some project idea. So i can make Project in Devops Field. I learnt Pyhon, Docker, Kubernetes, Git, Github Action and some basic knowledge of AWS. If anyone have any idea about my these skills so please tell me which type of projects i will create for my resume .

https://redd.it/1p4hsfl
@r_devops

NocturneNotes — Secure Rust + GTK4 note‑taking with AES‑256‑GCM

I’ve built NocturneNotes, a secure note‑taking app written in Rust with GTK4.

🔐 Features:

AES‑256‑GCM encryption for all notes

Argon2 password‑based key derivation

Clean GTK4 interface

Reproducible Debian packaging for easy install

It’s designed for all you devs who want a privacy‑first notebook without the bloat.

Repo: https://github.com/globalcve/NocturneNotes

https://redd.it/1p4jw7v
@r_devops

I don’t mind people in devops not knowing how to code. I do mind people in devops who do not have a curious mind.

I don’t think this is solely a devops thing. I think its a general “it operations” problem, in that I will often encounter at least 1 or more people on a team who do not even know how to create a bash noscript, nor do they care to learn how. Its mind-boggling to me that in today’s day and age in IT there are still people who have zero curiosity when it comes to automation. Also, the amount of times I’ve been in a call sussing with people who have over 5 years of experience each in this industry a problem and I am somehow the only person who Googled, found a stackoverflow page and wrote up an automation solution is so fucking depressing. This is why AI is taking jobs. If you can’t think a layer of abstraction above “I click this thing and something happens”, you are going to be replaced by AI.

https://redd.it/1p4la79
@r_devops

Should we bother with the “cover letter” when applying?

I’m pretty sure no one ever reads this on the first filtration. Or perhaps ever. Because you want to assess a person by interview. Not by how much he boasts on himself.

Yes. I could say I have a “can do” attitude. And that because I work in a very small startup, and one employee got out for a few months because of child birth, I have become a devops and a backend coder. Developed working api’s and new models that don’t break the current code. Etc etc.
And many more example I think it’s too boastful to present??

It can also be used against me.

Like the FE guy was way too busy. So I had myself build a friggin angular without ever knowing what angular is with 2 tunnels ti simulate BE and FE until the endpoint worked to satisfaction locally.


So the employer can be - is this guy a devops or a coder what gives? But no. I’m a devops first ist. And for the company even more. So whatever it takes. If it’s needed. If I’m in a big corporation, guessing I would never ever do that.

https://redd.it/1p4m5de
@r_devops