Stuck on the Java 8 / Spring Boot 2 upgrade. Do you need a "Map" or a "Driver"?

We are currently debating how to handle a massive legacy migration (Java/Spring) that has been postponing for years. The team is paralyzed because nobody knows the blast radius or the exact effort involved.

We are trying to validate what would actually unblock teams in this situation.

The Hypothetical Solution:
Imagine a "Risk Intelligence Service" where you grant read-access to the repo, and you get back a comprehensive Upgrade Strategy Report.
It identifies exactly what breaks, where the test gaps are, and provides a step-by-step migration plan (e.g., "Fix these 3 libs first, then upgrade module X").

My question to Engineering Managers / Tech Leads:
If you had budget ($3k-$10k range) to solve this headache, which option would you actually buy?
- Option A (The Map): "Just give us the deep-dive analysis and the plan. We have the devs, we just need to know exactly what to do so we don't waste weeks on research."
- Option B (The Driver): "I don't want a report. I want you to come in, do the grunt work (refactoring/upgrading), and hand me a clean PR."
- Option C (Status Quo): "We wouldn't pay for either. We just accept the pain and do it manually in-house."

Trying to figure out if the bottleneck is knowledge (risk assessment) or capacity (doing the work).

https://redd.it/1q07zt7
@r_devops

The cognitive overhead of cloud infra choices feels under-discussed


Curious how people here think about this from an ops perspective.

We started on AWS (like most teams), and functionally it does everything we need. That said, once you move past basic usage, the combination of IAM complexity, cost attribution, and compliance-related questions adds a non-trivial amount of cognitive overhead. For context, our requirements are fairly standard: VMs, networking, backups, and some basic automation,,, nothing particularly exotic.

Because we’re EU-focused, I’ve been benchmarking a few non-hyperscaler setups in parallel, mostly as a sanity check to understand tradeoffs rather than as a migration plan. One of the environments I tested was a Swiss-based IaaS (Xelon), primarily to look at API completeness, snapshot semantics, and what day-2 operations actually feel like compared to AWS.

The experience was mixed in predictable ways: fewer abstractions and less surface area, but also a smaller ecosystem and less polish overall. It did, however, make it easier to reason about certain operational behaviors.

Idk what the “right” long-term answer is, but I’m interested in how others approach this in practice: Do you default to hyperscalers until scale demands otherwise, or do you intentionally optimize for simplicity earlier on?


https://redd.it/1q07j39
@r_devops

How did you get into DevOps and what actually mattered early on?

I’m learning DevOps right now and trying to be smart about where I spend my time.

For people already working in DevOps:

- What actually helped you get your first role?

- What did you stress about early on that didn’t really matter later?

- When did you personally feel “ready” for a job versus just learning tools?

One thing I keep thinking about is commands. I understand concepts pretty well, but I don’t always remember exact syntax. In real work, do you mostly rely on memory, or is it normal to lean on docs, old noscripts, and Google as long as you understand what you’re doing?
I’m more interested in real experiences than generic advice. Would love to hear how it was for you.

https://redd.it/1q09vxa
@r_devops

Reflections on DevOps over the past year

This is more of a thinking-out-loud post than a hot take.

Looking back over the past year, I can’t shake the feeling that DevOps has gotten both more powerful and more fragile at the same time.

We have better tooling than ever:
- managed services everywhere
- more automation
- more abstraction
- AI creeping into workflows
- dashboards, alerts, pipelines for everything

And yet… a lot of the incidents I’ve seen still come down to the same old things.

Misconfigurations (still rampant at my company).
Shared failure domains that nobody realized were shared.
Deployments that technically “worked” but took the system down anyway (thinking of the AWS one specifically)
Observability that only told us what happened after users noticed.

It feels like we keep adding layers on top of systems without always revisiting the fundamentals underneath them.

I’ve been part of incidents where:
- redundancy existed on paper, but not in reality
- CI/CD pipelines became a bigger risk than the code changes themselves (felt this personally since our team took control of the cloud pipelines at my company)
- costs exploded quietly until someone finally asked “why is this so expensive?”
- security issues weren’t exotic attacks — just permissions that were too broad

None of this is new. But it feels more frequent, or at least more visible.

I’m genuinely curious how others see it:
- Do you feel like the DevOps role is shifting?
- Are we actually solving different problems now, or just re-solving the same ones with new tools?
- Has the push toward speed and abstraction made things easier… or just harder to reason about?

Not looking for definitive answers — just interested in how others experienced this past year.

https://redd.it/1q0cvl1
@r_devops

How do you track your LLM/API costs per user?

Building a SaaS with multiple LLMs (OpenAI, Anthropic, Mistral) + various APIs (Supabase, etc).

My problem: I have zero visibility on costs.

* How much does each user cost me?
* Which feature burns the most tokens?
* When should I rate-limit a user?

Right now I'm basically flying blind until the invoice hits.

Tried looking at Helicone/LangFuse but not sure I want a proxy sitting between me and my LLM calls.

How do you guys handle this? Any simple solutions?

https://redd.it/1q0ecii
@r_devops

I have been working on a self-hosted GitHub Actions runner orchestrator

Hey folks,

I have been working on CIHub, an open-source project that lets you run self-hosted GitHub Actions runner on your own metal servers using firecracker. Each job runs in its own isolated VM for better security.

It integrates directly with standard GitHub Actions workflows allowing you to specify runner resources (e.g. adding label runs-on: cihub-2cpu-4gb-amd64) and includes a server + agent setup for scaling across machines.

The project is still early and under active development, and I'd really appreciate any feedback or ideas !

GitHub: https://github.com/getcihub/cihub

https://redd.it/1q0gh41
@r_devops

How Meta evolved the DevOps toolchain for eBPF

Every server at Meta runs eBPF, 50% over 180 programs. They needed to rethink their CI/CD pipeline to handle challenges like attaching programs to multiple attach points and dealing with over 100 kernel variants to deploy programs


Talk: https://www.youtube.com/watch?v=wXuykaYSFCQ&t=818s

Slides: https://static.sched.com/hosted\_files/kccncna2025/68/BPF%20CICD%20KubeCon%20Talk.pdf?\_gl=1\*usbsj8\*\_gcl\_au\*MjExMTAzMDkxNi4xNzY3MDQ0NDcy\*FPAU\*MjExMTAzMDkxNi4xNzY3MDQ0NDcy

https://redd.it/1q0huye
@r_devops

Boss conflict with Scrum Relations during Christmas (Xmas-Nondenominational winter-solstice festivities) Holiday Season - PSU Course Focus

Hi all, hope you're enjoying Christmas (Xmas-Nondenominational winter-solstice festivities). Wanted to hear your thoughts on this situation. My boss and I were passive aggressively arguing during the latest sprint meeting about new operation methodologies leading into Q1 of 2026. Background, as a scrum master of my sector, we currently operate with a 70% interest towards improving ART (Agile Release Train) performance with a 25% interest in current burndown navigation rounds, a 3.8% (t.l.d.r this is calculated by total story points over a averaged period of time over three to four quarters divided by total confidence metric), and a 1.3% interest in handling "team issues" (story point assignment, workplace relationships, failed deadlines, simple stuff like that). My boss believes we should average out the interest relationship for at 5% (t.l.d.r this is calculated by total story points over a averaged period of time over three to four quarters divided by total confidence metric) rather than 3.8%. The internet is telling me this is due to a knowledge deficit caused by my non-acquisition of USUX scrum focus within the PSU scrum course (I will admit, I was watching the newest marvel movie (Fantastic four anyone???) and planning my Disney vacation while taking that part of the course, I tried getting my partner to screen record, but they was getting the new booster vaccine).



Has anyone ran into something similar in regard to priority assignments? Why specifically at the end of the year (for Gregorian calendar users) and not the end of the fiscal year (for American taxpayers). Also, what scrum cert would you recommend for a 15 year old child who has interests in turning his startup into a fully functioning scrum environment.

https://redd.it/1q0iwlm
@r_devops

why does metric high cardinality break things

Wrote a post where I have seen people struggle with high cardinality and what things can be done to avoid such scenarios. any other tips you folks have seen that work well? https://last9.io/blog/why-high-cardinality-metrics-break/

https://redd.it/1q0kaqi
@r_devops

On-call / Ops folks: what actually happens when a deployment breaks at 2 AM?

Hi everyone,
I’m doing research to better understand real on-call / operations workflows, especially around deployments, rollbacks, and incident handling.
This is not a product pitch and I’m not selling anything.
I’m trying to learn from people who actually handle production responsibility.
If you’re involved in:
- deployments
- rollbacks
- uptime monitoring
- on-call rotations
I’d really appreciate your input.
You can reply publicly or DM if you prefer.




❓ Questions
1. What happens when a deployment goes wrong in production?
(Step by step — alerts, decisions, actions)
2. Who usually decides to rollback, and how fast does that happen?
3. What tools are you actively using during an incident?
(CI/CD, monitoring, logs, noscripts, manual steps)
4. What part of this process is the most stressful or error-prone?
5. What happens if the main on-call person is unavailable?
6. Is there anything you wish was automated — but currently isn’t? Why?
7. What would you never trust automation to do?
8. (Optional) How often does a bad deploy cause customer impact?




Thanks in advance — I’m genuinely trying to understand how this works in the real world.

https://redd.it/1q0lkb4
@r_devops

How do you prove Incident response works?

We have an incident response plan, on call rotations, alerts and postmortems. Now that customers are asking about how we test incident response, I realized we’ve never really treated it as something that needed evidence.
We handle incidents and we do have evidence like log files/hives/history etc but I want to know how to collect them faster and on a daily basis so they can be more presentable.
What do I show besides screenshots and does the more the merrier go for this type of topic?

Any input helps ty!

https://redd.it/1q0nrdy
@r_devops

PostHog vs BetterStack

I'm moving off Sentry. Just underwhelmed with the value.

I'm an indie dev.

Post Hog and Better Stack seem to be two of the best options under $50/mo.

Anyone tried both or either of them and have any insight they can share?

https://redd.it/1q0spin
@r_devops

Best DevOps roadmaps for 2025/26?

I’m a student who has been trying to get into DevOps for the past year or so, but I’m having a hard time picking up a start.

I’ve worked on a lot of projects with .NET mainly for school and whatnot, I’ve also had to learn some React and Flutter throughout my journey.

I’ve really liked the concept of DevOps for a while now, and usually I’ve learned a lot of the stuff I know about software engineering in general through courses, roadmaps and personal projects.

There is a really popular roadmap site which I like to browse through sometimes (not sure if mentioning it will be considered ad so I’ll best avoid it), but it doesn’t feel complete.

I tried youtube tutorials, but most of them feel very forced in their way of teaching and are probably sponsored by a course provider anyway.

So my question the community - is there a proven and tested source of an optimal DevOps roadmap in 2025 (heading into 2026)? So far I’ve peeped into Docker and I got comfortable with using Linux, but it’s not so easy for me to do project based learning, since you need some general knowledge of what the problems are in DevOps. I don’t struggle with finding projects on technology I already know because I know what it can do and what it can’t do. But I’m barely touching the tip of the iceberg here! DevOps seems like such a huge rabbit hole, but it seems very interesting and I do want to learn more about it.

All help is much appreciated!

https://redd.it/1q0u9fg
@r_devops

Defensive CI/CD & IaC pre-commit scanner (Bash) — seeking abuse-case feedback

I built a defensive pre-commit security scanner in Bash focused on overlooked attack surfaces (static sites, IaC, CI/CD). Looking for threat-model and abuse-case review—not validation or promotion.


Zimara\_v0.49.5

https://redd.it/1q0xtjr
@r_devops

Intermediate DevOps Project Ideas looking for Suggestions to Tie My Skills Together (AWS, Docker, Jenkins, etc.)

Hey r/devops,

I've been diving deeper into DevOps over the past year and feel like I've got a solid grasp on a bunch of tools, but now I want to put them into a real-ish project to solidify everything and have something cool for my portfolio/learning.

Here's what I've learned/practiced so far:

- AWS: EC2, ECS (Fargate mostly), S3, IAM, RDS, VPC
- Linux shell noscripting
- Docker (containerizing apps)
- Jenkins (pipelines, plugins)
- SonarQube (code quality)
- Trivy (image scanning)
- GitLab (repos, basic CI)
- Ansible (playbooks, config management)

I haven't touched Terraform or Kubernetes yet (planning to start Terraform soon), so ideally something that doesn't require those.

I'm thinking something like a full CI/CD pipeline for a simple web app (maybe a Flask/Node todo app with RDS backend): GitLab -> Jenkins build/scan/push to ECR -> Ansible to deploy/update ECS service, with proper IAM/VPC security, etc.

But I'm open to better/more realistic ideas! What projects have helped you level up at this stage? Bonus if it's something that mimics real-world workflows without being too basic (no just "hello world" deploy).

Appreciate any suggestions, resources, or even "don't do X because Y" advice. Thanks in advance!

https://redd.it/1q0zd6v
@r_devops

Built a CLI that auto-fixes CI build failures - is this useful?

I've been working on a side project and need a reality check from people who actually deal with CI/CD pipelines daily.



The idea: A build wrapper that automatically diagnoses failures, applies fixes, and retries - without human intervention.



\# Instead of your CI failing at 2am and waiting for you:

$ cyxmake build

✗ SDL2 not found

→ Installing via apt... ✓

→ Retrying... ✓

✗ undefined reference to 'boost::filesystem'

→ Adding link flag... ✓

→ Retrying... ✓

Build successful. Fixed 2 errors automatically.



How it works:

\- 50+ hardcoded error patterns (missing deps, linker errors, CMake/npm/cargo issues)

\- Pattern match → generate fix → apply → retry loop

\- Optional LLM fallback for unknown errors

My honest concerns:

1. Is this solving a real problem? Or do most teams just fix CI configs once and move on?

2. Security implications - a tool that auto-installs packages in CI feels risky

3. Scope creep - every build system is different, am I just recreating Dependabot + build system plugins?



What I think the use case is:

\- New projects where CI breaks often during setup

\- Open source projects where contributors have different environments

\- That 3am pipeline failure that could self-heal instead of paging someone



What I'm NOT trying to do:

\- Replace proper CI config management

\- Be smarter than a human who knows the codebase



GitHub: https://github.com/CYXWIZ-Lab/cyxmake (Apache 2.0, written in C)



Honest questions:

\- Would you actually use this, or is it a solution looking for a problem?

\- What would make you trust it in a real pipeline?

\- Am I missing something obvious that makes this a bad idea?



Appreciate any feedback, even "this is pointless" - rather know now than after another 6 months.

https://redd.it/1q122so
@r_devops

FAANG/MAANG devops?

Hi guys,
Anybody here working as a devops engineer in FAANG/maang companies? If yes what's the interview look like ? What all rounds, questions they have? Is DSA necessary?

https://redd.it/1q11j0t
@r_devops

A year of cost optimization resulted 10% savings

This is mostly a venting post. It's my first year as a DevOps engineer at a medium sized b2b software company. I kind of took it upon myself to lower our cloud costs, even though no one else really cares that much. I turned it into a bit of a crusade (honestly, also thinking this was a low hanging fruit to show my worth and dedication, and also a learning experience). Even wrote here a few times about previous attempts.

After doing this for the better part of a year, got us to maybe 10% cost reduction. Rightsizing, killing idle capacity, requests/limits tuning, the usual janitorial work. After that every extra percent is a fight.

Our workloads are quite bursty, HPA driven, mostly stateless. Nothing exotic. Multiple instance types, multiple AZs, TTLs tuned, PDBs not insane, images pre pulled, startup times are reasonable.

We recently moved from Cluster Autoscaler to Karpenter and I really hoped this would finally let us drop baseline capacity.

Still doesn’t matter. We're not very well-utilized. Cluster utilization is mostly 20–50% CPU and memory Min replicas are pretty high. But no one wants to touch those as they are our safety net.

Most solutions work very well on steady workloads that are polite enough to rise slowly and at constant intervals. That's not really the case for most people I think.

That's it. I don't really have a question here. If anyone is feeling this, you're welcome to reply.

https://redd.it/1q13gbs
@r_devops

Looking for a structured, free, hands-on DevOps / DevSecOps learning path

Hi everyone,
I work in information security, mainly in penetration testing and secure application development (Secure SDLC).
I’m now looking to learn DevOps and especially DevSecOps in a deep and practical way.
I recently followed a DevOps course on LabEx, which worked very well for me because it was lab-based, step-by-step, and structured.
What I’m specifically looking for now is a free, structured, hands-on learning path,
not a collection of scattered tutorials or random resources.
Most lab-based DevOps / DevSecOps platforms I’ve found so far are paid, so I’d really appreciate recommendations for a clear, well-defined, free path that makes sense for someone with a security background.
Thanks in advance for any suggestions.

https://redd.it/1q14ux0
@r_devops

As a fresher

Hey guys I haven't graduated yet I am in 2nd year rn I am really thinking to do Devops and try for their roles as I hv done one internship in that domain or go blockchain web3 as I will graduate in 2028 what should I pick as I heard to learn Devops I have to spend money before to seriously learn it please exp devs in here guide me

https://redd.it/1q15hmg
@r_devops

Pivot to DevOps: Have the skills and projects, but the resume isn't working. What am I missing?

Hello,
I am looking for a sanity check on my job search strategy.
I am trying to break into DevOps. I have built several projects involving k8s and terraform to bridge the gap between my past experience in cybersecurity and this new role.
I have tailored my resume to match the ATS stands, but I am met with silence.

Prior to this I was in cybersecurity domain for 1.7 years and due to some family issues i has to drop out. And currently I am having 1.3 years career gap.

https://redd.it/1q0ybpk
@r_devops