From C++ Terminal Tetris to Kubernetes and AI: My open source journey (60k+ stars total)

I have been writing code for many years. Recently, I looked back at my GitHub profile. The projects I led have accumulated over 60,000 stars.

I wanted to share my path and some thoughts.

The Journey

* In College: I started with C++. I wrote a Tetris game that runs entirely in the terminal. I had to handle cursor movement and color erasing manually. It was raw but fun. (Repo: `fanux/tetris`)
* Early Career: I switched to Go. I wrote lhttp, a websocket framework. (Repo: `fanux/lhttp`)
* Infrastructure Era: Later, I focused on Kubernetes. I built Sealos, a Kubernetes distribution. This was my first big project. (Repo: `labring/sealos`)
* Startup Founder: Then I started my own company. We built Laf (serverless) and FastGPT (AI knowledge base). (Repo: `labring/laf` and `labring/FastGPT`)
* Now: I am building Fulling, an AI coding tool. (Repo: `FullAgent/fulling`)

My Thoughts

Even though I am a CEO now, I still insist on doing open source. Here is what I learned:

1. The Drive: Open source is fun. Creating value for the developer community is my internal drive. It is the only reason I can keep doing this for so long.
2. The Challenge: Just pushing code to GitHub is meaningless. The hardest part is the start. You have to accumulate early users one by one. Promoting a project is a very long-term process.
3. No Shortcuts: After all these years, I still haven't found a shortcut. To make a project successful, I still have to do the "dumb" work: writing blogs, creating content, and explaining the value.

The Struggle

Honestly, it is sometimes painful. Every time I start a new project (like the current one), it feels like starting from zero. I often feel lonely because I have to do the promotion myself.

Writing code makes me happy and fulfilled. But writing code that no one uses makes me sad. So I have to force myself to do marketing, which I am not naturally good at. It is a conflict.

How do you balance the joy of coding with the pain of promotion?

https://redd.it/1poq7dn
@r_devops

MSP DevOps vs Product DevOps — I learned different things in each. How do you balance “new tech” and “deep domain”?

Hey folks,

I’m a Senior DevOps engineer and I’ve worked in both multinational managed services (MSP) companies and product-based companies. I’m not trying to start a war here 😄 — I’m genuinely curious how others handle this trade-off long term, especially if you’re thinking about business/networking in the future.

In MSPs:

I learned a lot fast (new tools, cloud stuff, CI/CD patterns, incident handling, “figure it out yesterday” mode).
Got certifications, touched many stacks, improved adaptability.
But the downsides were real: time zone work, pressure, and lots of context switching.
Projects were short or multiple projects at once, so I rarely got to learn the domain deeply. It was always “DevOps focus” more than understanding the business.

In a product company:

Much better work-life balance and personal time.
I work tasks end-to-end, and I’m finally learning the domain properly (what users need, why systems exist, how decisions affect business).
But I feel like I’m learning “new tech” slower because product teams don’t switch tools that often (which makes sense).

So I’m trying to balance:

1. staying current and sharp technically
2. building deep domain understanding
3. building relationships / networking (I want to do business in the future, and I think community matters)

Questions for you:

If you’ve done both MSP and product, did you feel the same trade-off?
How do you keep learning new tech without burning out or sacrificing family/personal time?
Any advice for networking in DevOps/infra in a genuine way (not “selling”)?

Would love to hear your experiences, especially from people who moved into consulting, freelancing, or started something on the side later.

https://redd.it/1popwk9
@r_devops

Why Kubernetes Ingress Confuses So Many Engineers (and the Mental Model That Finally Clicks)

Hi All,

I kept seeing the same confusion around Ingress:
“Is it a load balancer?”
“Is it a controller?”
“Why does it behave differently on every cluster?”

I put together a short breakdown focused on the mental model, not YAML.
It explains what Ingress really is, what it is not, and how traffic actually flows.

If this helps anyone, here’s the video: Kuberbetes Ingress Deep Dive

Cheers

https://redd.it/1pos498
@r_devops

I built a local formatting workflow to stay in control of my code

I built a local VS Code formatting and cleanup pack for my own workflow.

Over time, I realized that most formatting tools were either:

– too automatic

– too intrusive

– or hard to control once they were enabled

I wanted something explicit and predictable.

So I built a setup that works fully locally, without extensions,

and only runs when I decide to trigger it.

What it does:

– manual re-indentation (HTML, CSS, JS, JSON, Python)

– detection and cleanup of unnecessary margins (global / active file / custom selection)

– CRLF → LF normalization

– Python formatting on the active file only

– automatic timestamped backups on Ctrl+S

What it doesn’t do:

– no SaaS

– no background automation

– no forced formatting

– no Prettier or Black conflicts

– no external services

Everything runs locally through VS Code tasks and Python noscripts.

Each action is explicit, documented, and reversible.

I built this to spend less time fighting tooling

and more time actually writing code.

Sharing the result here.

https://redd.it/1pot7ti
@r_devops

Kubernetes v1.35 - full guide testing the best features with RC1 code

Since my 1.33/1.34 posts got decent feedback for the practical approach, so here's 1.35. (yeah I know it's on a vendor blog, but it's all about covering and testing the new features)

Tested on RC1. A few non-obvious gotchas:

\- Memory shrink doesn't OOM, it gets stuck. Resize from 4Gi to 2Gi while using 3Gi? Kubelet refuses to lower the limit. Spec says 2Gi, container runs at 4Gi, resize hangs forever. Use resizePolicy: RestartContainer for memory.

\- VPA silently ignores single-replica workloads. Default --min-replicas=2 means recommendations get calculated but never applied. No error. Add minReplicas: 1 to your VPA spec.

\- kubectl exec broken after upgrade? It's RBAC, not networking. WebSocket now needs create on pods/exec, not get.

Full writeup covers In-Place Resize GA, Gang Scheduling, cgroup v1 removal (hard fail, not warning), and more (including an upgrade checklist). Here's the link:

https://scaleops.com/blog/kubernetes-1-35-release-overview/

https://redd.it/1pou9ed
@r_devops

Windows LDAP DoS: The Integer Overflow Crashing Domain Controllers 💥

https://instatunnel.my/blog/windows-ldap-dos-the-integer-overflow-crashing-domain-controllers

https://redd.it/1pouwsr
@r_devops

Docker just made hardened container images free and open source

Hey folks,

Docker just made **Docker Hardened Images (DHI)** free and open source for everyone.
Blog: [https://www.docker.com/blog/a-safer-container-ecosystem-with-docker-free-docker-hardened-images/]()

Why this matters:

* Secure, minimal **production-ready base images**
* Built on **Alpine & Debian**
* **SBOM + SLSA Level 3 provenance**
* No hidden CVEs, fully transparent
* Apache 2.0, no licensing surprises

This means, that one can start with a hardened base image by default instead of rolling your own or trusting opaque vendor images. Paid tiers still exist for strict SLAs, FIPS/STIG, and long-term patching, but the core images are free for all devs.

Feels like a big step toward making **secure-by-default containers** the norm.

Anyone planning to switch their base images to DHI? Would love to know your opinions!

https://redd.it/1poxncf
@r_devops

Already 1.1 YOE in DevOps/SRE — Is Switching to SDE Worth It?

I have ~1.1 YOE as **DevOps/SRE** (first job). I didn’t “choose” it intentionally — this was the offer I got.
In college I did **web dev + some DSA**, but I’m not strongly inclined toward any single path.

My concern:

* How is **long-term growth for DevOps/SRE** in **top product-based companies**?
* I keep hearing that **DSA + coding rounds are still required** even for good DevoOps/SRE roles.
* Given that, does it make sense to **revisit development**, or is it **better to stay in DevOps/SRE**, prepare DSA, and target top PBC SRE roles?

I am planning to switch and start the journey of learning again , but I feel stuck to begin with Development path along with brushing up the DevOps skills or just stay in DevOps role and aim for top companies and career growth.

I’m not emotionally attached to SDE or DevOps/SRE — I just want **strong growth, good roles, and long-term optionality**.

Would love to hear from experienced folks who’ve been in SRE / DevOps / SDE roles.

https://redd.it/1povxbz
@r_devops

Blogs to read suggestions

Tell some blogs to read for working professionals as devops engineer on AWS ,K8s , and monitoring.. Also focused on troubleshooting and real production usecases

https://redd.it/1pozt7m
@r_devops

Pivoting from Legacy Telecom Ops (SIP/SMPP) to Cloud Native (Go/K8s). Does this roadmap scream "Mid-Level" to you?

Hello All,

I have 7 years of experience in Telecom Operations (troubleshooting SIP, SMPP, Network issues) while finishing my CS degree. I know exactly how systems break in production, but I'm tired of just fixing and monitoring all the time.

I am planning a hard pivot to Backend / SRE / DevOps roles. I want to escape "Ops Support" and leverage my domain knowledge.

My Transition Roadmap: I'm spending the next year bridging the gap between "Old School Telecom" and "Modern Cloud Native":

1. Legacy to Modern: Re-implementing basic Telecom engines (which I currently troubleshoot) using Go and gRPC.
2. Infrastructure: Moving from manual server configs to Kubernetes Operators and Terraform.
3. Observability: Instead of just reading logs, building the Prometheus/Grafana stacks myself.

The Question: Does the industry value a developer who understands low-level Telecom protocols (SIP/SMPP/TCP/UDP) but writes modern Go code? Can I market myself as a Mid-Level SRE/Backend Engineer with this mix, or does the lack of "professional software development experience" (despite 7 years in Ops) automatically reset me to Junior?

Any advice from folks who moved from Ops to Dev is appreciated.

https://redd.it/1pp1i0g
@r_devops

Alternatives for Github?

Hey, due to recent changes I want to move away from it with my projects and company.

But I'm not sure what else is there. I don't want to selfhost and I know that Codeberg main focus are open-source projects.

Do you have any recommendations?

https://redd.it/1pp33g9
@r_devops

Any recommendations?

Hi everyone. I'm recently found that I'm quite interested in DevOps (started as a homelabing). For now I use my old laptop as my sandbox. Specks: Ubuntu 24, CPU Intel Celeron 1005m, 16 Gb RAM, 500Gb HDD. What I've installed for now: Docker, Portainer, Watchtower, Jenkins and GiTea, Nginx and Immich. Now I'm about to install Prometheus+Grafana.

Well, my question is: should I create a separate directory for my Docker cantainers? Will it be fine without troubles? Or any recommendations for better ways to do this. For example Docker have /var/lib/docker, but I saw a video about installing Prometheus and Grafana (ik that reading documentation is better way, but nevertheless) looks like it works (I also did the same, but my separate "docker" folder doesn't appear time to time when I use "ls"). I'd like to add a screenshot of how it's on the video, but I can't add pictures for some reason.

https://redd.it/1pp1a0a
@r_devops

GCP quotas alerting

Hey all,
Is there a recommended way to configure proactive alerts when a GCP service is approaching its quota limit (e.g. 70–80%), instead of only finding out after the quota is exceeded?


I tried using Cloud Monitoring quota metrics, but it feels clunky, and I’m not confident it’ll catch things early enough. Why? We battle-tested it with a workload burst, and the alert reached us 10 minutes later. I am sure it can work for some use cases, but it would be great if there was something smarter that can almost "feel the trend", time it, and notify in advance, not after or right after.



Curious what others are doing in practice.

https://redd.it/1pp5n8m
@r_devops

How do I streamline the access update process in my org?

Dealing with a bunch of role changes at my company (project swaps, team changes, etc.) and access updates have been super messy. I've seen some people using HR-triggered workflows to try to automate this, but wondering if there are other things I should be looking into. I've been looking into Console to try to handle small permission tweaks that keep coming up. Would love to hear about how other ppl are handling this!

https://redd.it/1pp8kph
@r_devops

Colleague built a pretty neat tool for managing RabbitMQ DLQs

Hey all,

Just wanted to give a quick shoutout to a dev from my company who built a tool we’ve been using internally for a while now, it’s called Rabbit GUI (https://rabbitgui.com/), and it helps us manage RabbitMQ dead letter queues. We use it to read messages from the queue, search and filter, and republish only specific messages if needed.
We’ve had it in use for a couple months, and honestly, it’s been super handy. I definitely would not want to give it up.
Disclaimer, it’s a paid tool (lifetime license though, not a subnoscription), but I think the pricing’s fair for what it does.

Figured I’d help him get a bit more visibility since it’s actually been useful for us.
If anyone checks it out, I’d love to hear your thoughts, happy to pass along any feedback or questions to him!
Cheers

https://redd.it/1pp7fwq
@r_devops

Is SSL decryption still worth it for AI and SaaS visibility? Am a SecOps lead btw

Anyone still banking on SSL decryption for GenAI and SaaS app visibility? What's breaking in your environment: cert pinning, HSTS, user complaints?

Particularly curious about the network layer vs app layer debate. Seeing more teams pivot to browser-native controls but want to hear operational experiences. What's your take?

https://redd.it/1ppbi0c
@r_devops

Composable DXP in practice... flexibility win or long-term maintenance tax?

I’ve been seeing more teams move away from monolithic CMS platforms toward a composable DXP model with headless CMS, search, personalization, commerce, analytics, all loosely coupled and stitched together with APIs.

On paper it’s best-of-breed everything, faster iteration, and no vendor lock-in.

In practice though, it seems like the real tradeoff shows up later in:

\- Integration ownership and version drift

\- Observability across multiple vendors

\- Reliability when one service upstream sneezes

\- The ongoing cost of “keeping the stack composed”



For those running composable DXPs in production today:

\- Has it meaningfully improved delivery speed or experience quality?

\- Where did the complexity actually concentrate over time (build, ops, integration, governance)?

\- And if you’ve lived on both sides, would you still choose composable over a modern all-in-one today?

Less interested in vendor marketing... more in the lived operational reality.

https://redd.it/1ppa6d2
@r_devops

GitHub is "postponing" self-hosted GHA pricing change

https://x.com/github/status/2001372894882918548

The outcry won! (for now)

> We’re postponing the announced billing change for self-hosted GitHub Actions to take time to re-evaluate our approach.

https://redd.it/1ppe91p
@r_devops

Am I Junior Level at least?

So i'll preface by saying I work as an SDET mainly. But here lately we've been moving over from Azure to AWS. I was kinda the first person to start messing with things. And I guess I wanted to see if this is at least "junior level" based off what ive done. Also we are using gitlab pipelines for CI/CD for the first time.

So far I have:

* Setup CI/CD Pipelines in Gitlab (ci-yaml file)
* Get a working pipeline for Deploying to AWS (Beanstalk for now)
* Similarly set up a working pipeline to handle Terraform Apply/Plan
* E2E Automated Testing on Pipelines (this is less devops and more SDET though)
* Get a decent understand of Terraform modules. Set up IAM and S3 Terraform state Terraform modules
* Dockerize our reporting tool (Allure) and work from ECR
* Document and work with DevOps on Environments/Shared Resources/etc.. for moving to Gitlab fully as well as AWS.

It doesn't feel like a lot, and I have a ways to go but I find it interesting. Yeah I obviously used A.I. for some of the syntax/CLI commands but I feel like I have a decent idea of Architecture.

https://redd.it/1ppejw8
@r_devops

How do you compare CI/CD providers?

I've been exploring which CI/CD provider to focus on for my organization over the past few months. We've got some things in GitHub actions, and some in Azure DevOps, mostly because different groups of people set up different solutions.

But to be honest, I can't find a compelling reason to go with one or the other. Coin toss?

And then of course, there are other options out there.

What are the key differentiators that you have come across in exploring these tools?

https://redd.it/1pph1m7
@r_devops

This is the kind of work AI should be doing

​

I already knew what I needed to do. The problem wasn’t lack of knowledge, it was recall. I could’ve spent time poking around, trial and erroring, or Googling until something clicked. All of that would’ve pulled me out of the flow I was in.

Instead, I asked Cosine, got what I needed almost instantly, and kept going. No rabbit holes, no context switch, no wasted mental energy.

For me, that’s the right use of AI. Handle the small, forgettable details so I can stay focused on the parts that actually require thinking.

https://redd.it/1ppjq86
@r_devops