Looking for a structured, free, hands-on DevOps / DevSecOps learning path
Hi everyone,
I work in information security, mainly in penetration testing and secure application development (Secure SDLC).
I’m now looking to learn DevOps and especially DevSecOps in a deep and practical way.
I recently followed a DevOps course on LabEx, which worked very well for me because it was lab-based, step-by-step, and structured.
What I’m specifically looking for now is a free, structured, hands-on learning path,
not a collection of scattered tutorials or random resources.
Most lab-based DevOps / DevSecOps platforms I’ve found so far are paid, so I’d really appreciate recommendations for a clear, well-defined, free path that makes sense for someone with a security background.
Thanks in advance for any suggestions.
https://redd.it/1q14ux0
@r_devops
Hi everyone,
I work in information security, mainly in penetration testing and secure application development (Secure SDLC).
I’m now looking to learn DevOps and especially DevSecOps in a deep and practical way.
I recently followed a DevOps course on LabEx, which worked very well for me because it was lab-based, step-by-step, and structured.
What I’m specifically looking for now is a free, structured, hands-on learning path,
not a collection of scattered tutorials or random resources.
Most lab-based DevOps / DevSecOps platforms I’ve found so far are paid, so I’d really appreciate recommendations for a clear, well-defined, free path that makes sense for someone with a security background.
Thanks in advance for any suggestions.
https://redd.it/1q14ux0
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
As a fresher
Hey guys I haven't graduated yet I am in 2nd year rn I am really thinking to do Devops and try for their roles as I hv done one internship in that domain or go blockchain web3 as I will graduate in 2028 what should I pick as I heard to learn Devops I have to spend money before to seriously learn it please exp devs in here guide me
https://redd.it/1q15hmg
@r_devops
Hey guys I haven't graduated yet I am in 2nd year rn I am really thinking to do Devops and try for their roles as I hv done one internship in that domain or go blockchain web3 as I will graduate in 2028 what should I pick as I heard to learn Devops I have to spend money before to seriously learn it please exp devs in here guide me
https://redd.it/1q15hmg
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Pivot to DevOps: Have the skills and projects, but the resume isn't working. What am I missing?
Hello,
I am looking for a sanity check on my job search strategy.
I am trying to break into DevOps. I have built several projects involving k8s and terraform to bridge the gap between my past experience in cybersecurity and this new role.
I have tailored my resume to match the ATS stands, but I am met with silence.
Prior to this I was in cybersecurity domain for 1.7 years and due to some family issues i has to drop out. And currently I am having 1.3 years career gap.
https://redd.it/1q0ybpk
@r_devops
Hello,
I am looking for a sanity check on my job search strategy.
I am trying to break into DevOps. I have built several projects involving k8s and terraform to bridge the gap between my past experience in cybersecurity and this new role.
I have tailored my resume to match the ATS stands, but I am met with silence.
Prior to this I was in cybersecurity domain for 1.7 years and due to some family issues i has to drop out. And currently I am having 1.3 years career gap.
https://redd.it/1q0ybpk
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
AWS Support → DevOps Engineer (Product/Startup) – Need Guidance
Hi all,
I’m working in an AWS cloud support role in India and preparing for the AWS Solutions Architect Associate exam.
My goal is to move into a DevOps Engineer role (product/startup, not support) by 2026.
I’m a complete beginner in DevOps and need realistic advice
If I start now, how long does it realistically take to become job-ready for DevOps?
Which skills matter most for product/startup companies?
Should I focus more on hands-on projects or certifications after SAA?
Any honest guidance or roadmap would really help.
Thanks 🙏
https://redd.it/1q1asx0
@r_devops
Hi all,
I’m working in an AWS cloud support role in India and preparing for the AWS Solutions Architect Associate exam.
My goal is to move into a DevOps Engineer role (product/startup, not support) by 2026.
I’m a complete beginner in DevOps and need realistic advice
If I start now, how long does it realistically take to become job-ready for DevOps?
Which skills matter most for product/startup companies?
Should I focus more on hands-on projects or certifications after SAA?
Any honest guidance or roadmap would really help.
Thanks 🙏
https://redd.it/1q1asx0
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
The 8 Fallacies of Distributed Computing: All You Need To Know + Why It’s Still Relevant In 2026
https://lukasniessen.medium.com/the-8-fallacies-of-distributed-computing-all-you-need-to-know-why-its-still-relevant-in-2026-078b4d8a98f1
https://redd.it/1q1chjj
@r_devops
https://lukasniessen.medium.com/the-8-fallacies-of-distributed-computing-all-you-need-to-know-why-its-still-relevant-in-2026-078b4d8a98f1
https://redd.it/1q1chjj
@r_devops
Medium
The 8 Fallacies of Distributed Computing: All You Need To Know + Why It’s Still Relevant In 2026
Back in 1994, Peter Deutsch at Sun Microsystems wrote down something that every distributed systems engineer eventually learns the hard…
Orion-Belt – Open-source SSH/SCP Bastion with Reverse Tunnels & ReBAC (Seeking Early Contributors)
Hey everyone,
I’ve spent the last few months building **Orion-Belt**, a secure SSH/SCP bastion system for teams that need to manage infrastructure **without opening a single inbound firewall port**.
The problem I wanted to solve: Traditional bastions are either too simple (no auditing) or too complex/expensive (enterprise PAM tools).
**How it works:**
* Your servers (behind firewalls) establish **Reverse SSH Tunnels** to the Orion-Belt gateway.
* Clients connect via `osh` (SSH) or `ocp` (SCP), and the gateway routes traffic through those tunnels.
* Everything is audited, controlled, and time-bound.
**Key Features:**
* **ReBAC** – Relationship-Based Access Control (fine-grained permissions, no “all-or-nothing”).
* **Session Recording** – Every keystroke is captured for audit and replay.
* **Temporary Access** – Request/approve workflow with automatic expiration.
* **No Inbound Rules** – Works in locked-down VPCs, home labs, or private networks.
It’s currently in **Alpha** (APIs and internals may change) and written in Go. I’m looking for **early adopters and contributors** to break it, give feedback, and help shape the architecture.
GitHub: [https://github.com/zrougamed/orion-belt](https://github.com/zrougamed/orion-belt)
I’d love to hear your thoughts on the approach and how you handle privileged access in your environments!
If this resonates, consider forking the repo, testing it in your setup, and sharing feedback or PRs — your input could directly shape Orion-Belt’s design and feature set!
https://redd.it/1q1dl3q
@r_devops
Hey everyone,
I’ve spent the last few months building **Orion-Belt**, a secure SSH/SCP bastion system for teams that need to manage infrastructure **without opening a single inbound firewall port**.
The problem I wanted to solve: Traditional bastions are either too simple (no auditing) or too complex/expensive (enterprise PAM tools).
**How it works:**
* Your servers (behind firewalls) establish **Reverse SSH Tunnels** to the Orion-Belt gateway.
* Clients connect via `osh` (SSH) or `ocp` (SCP), and the gateway routes traffic through those tunnels.
* Everything is audited, controlled, and time-bound.
**Key Features:**
* **ReBAC** – Relationship-Based Access Control (fine-grained permissions, no “all-or-nothing”).
* **Session Recording** – Every keystroke is captured for audit and replay.
* **Temporary Access** – Request/approve workflow with automatic expiration.
* **No Inbound Rules** – Works in locked-down VPCs, home labs, or private networks.
It’s currently in **Alpha** (APIs and internals may change) and written in Go. I’m looking for **early adopters and contributors** to break it, give feedback, and help shape the architecture.
GitHub: [https://github.com/zrougamed/orion-belt](https://github.com/zrougamed/orion-belt)
I’d love to hear your thoughts on the approach and how you handle privileged access in your environments!
If this resonates, consider forking the repo, testing it in your setup, and sharing feedback or PRs — your input could directly shape Orion-Belt’s design and feature set!
https://redd.it/1q1dl3q
@r_devops
GitHub
GitHub - zrougamed/orion-belt: Secure SSH/SCP bastion with ReBAC, reverse tunnels, session recording, and temporary access workflow
Secure SSH/SCP bastion with ReBAC, reverse tunnels, session recording, and temporary access workflow - zrougamed/orion-belt
Securing a small production VPS by actually watching SSH and HTTP logs
I run a small production VPS (Docker, reverse proxy, SSH keys). Traffic is low, but after looking at the logs I saw constant SSH brute force and HTTP probing for .env, credentials, and random paths.
Nothing was compromised, but it made it clear I wasn’t really watching.
I documented how I approached this using log-based detection, temporary bans, and automation. CrowdSec wasn’t an obvious fit at first (especially with Kamal and container logs), but I got it working after some trial and error.
Article:
https://muthuishere.medium.com/securing-a-production-vps-in-practice-e3feaa9545af
Code / automation:
https://github.com/muthuishere/automated-crowdsec-kamal
Would be interested to hear how others handle this on small production servers.
https://redd.it/1q1d8lf
@r_devops
I run a small production VPS (Docker, reverse proxy, SSH keys). Traffic is low, but after looking at the logs I saw constant SSH brute force and HTTP probing for .env, credentials, and random paths.
Nothing was compromised, but it made it clear I wasn’t really watching.
I documented how I approached this using log-based detection, temporary bans, and automation. CrowdSec wasn’t an obvious fit at first (especially with Kamal and container logs), but I got it working after some trial and error.
Article:
https://muthuishere.medium.com/securing-a-production-vps-in-practice-e3feaa9545af
Code / automation:
https://github.com/muthuishere/automated-crowdsec-kamal
Would be interested to hear how others handle this on small production servers.
https://redd.it/1q1d8lf
@r_devops
Medium
Securing a Production VPS in Practice
Let’s start with a simple assumption.
Need help picking a devops/engineering professional development rig…
I am working on my professional development as an Embedded Systems Engineer. My education was in electrical engineering so my focus is mainly on CS and DevOps stuff.
I am wanting a professional development setup. I want to run a local instance of gitlab-ce likely in a docker container, I want to have a gitlab-runner on the desktop. I want gitlab to be constantly running. I am wanting the computer to be able to easily handle IDEs like keil or visual studio. I also want to be able to run PCB design software Altium and do moderate 3D modeling (without interrupting the gitlab work). I want it to be good enough to expand for future work so I want some breathing room as far as processing power/memory etc if that makes sense. And of course money is a factor. I basically have a $1600 budget for this.
My initial thought is this 64 GB asus nuc on Amazon, but my friend says I should look into getting two rigs, one to run docker and gitlab headlessly and then another running the ide/design software. I don’t know how to get two rigs to meet these requirements while keeping the budget intact…
“ASUS NUC 14 Pro Mini Desktop, Intel 16-Core Ultra 7 155H, 64GB DDR5, 2TB SSD, Wi-Fi 6E, Support 4-Display 4K, Thunderbolt 4, HDMI, Bluetooth, Windows 11 Pro, Black, AI PC for Home/Business/Gaming”
https://a.co/d/8KsO3QK
Does that nuc look like it would be a good choice? Would you recommend another setup?
https://redd.it/1q1gxxm
@r_devops
I am working on my professional development as an Embedded Systems Engineer. My education was in electrical engineering so my focus is mainly on CS and DevOps stuff.
I am wanting a professional development setup. I want to run a local instance of gitlab-ce likely in a docker container, I want to have a gitlab-runner on the desktop. I want gitlab to be constantly running. I am wanting the computer to be able to easily handle IDEs like keil or visual studio. I also want to be able to run PCB design software Altium and do moderate 3D modeling (without interrupting the gitlab work). I want it to be good enough to expand for future work so I want some breathing room as far as processing power/memory etc if that makes sense. And of course money is a factor. I basically have a $1600 budget for this.
My initial thought is this 64 GB asus nuc on Amazon, but my friend says I should look into getting two rigs, one to run docker and gitlab headlessly and then another running the ide/design software. I don’t know how to get two rigs to meet these requirements while keeping the budget intact…
“ASUS NUC 14 Pro Mini Desktop, Intel 16-Core Ultra 7 155H, 64GB DDR5, 2TB SSD, Wi-Fi 6E, Support 4-Display 4K, Thunderbolt 4, HDMI, Bluetooth, Windows 11 Pro, Black, AI PC for Home/Business/Gaming”
https://a.co/d/8KsO3QK
Does that nuc look like it would be a good choice? Would you recommend another setup?
https://redd.it/1q1gxxm
@r_devops
1.7 YOE in SOC | 1.3 Year Career Gap | Pivot to DevOps. Friends say "Fake it," but I want a sanity check.
Hi everyone,
I am looking for a sanity check on my job search strategy because I am hitting a wall.
My Story:
I originally came from a MERN stack development background. When I started my career, the market was rough, so I took the first role I could get: SOC Analyst (Cybersecurity Compliance). I worked there for 1.7 years, but deep down, I knew compliance wasn't for me.
Toward the end of that job, I collaborated with the infra team and found my passion in DevOps. Unfortunately, due to a personal family emergency, I had to drop out of the workforce entirely. I currently have a career gap of 1.3 years.
The Upskill:
During this gap, I haven't been idle. I’ve been aggressively learning and have built several end-to-end projects involving:
Infrastructure: Terraform, Kubernetes (EKS), Docker.
CI/CD: Jenkins, Ansible, ArgoCD.
DevSecOps: Implementing SonarQube and Trivy (leveraging my security background).
Architecture: Serverless and Microservices.
The Dilemma:
I have tailored my resume for ATS, listing my SOC experience honestly and my DevOps work under "Projects." I am getting zero calls.
My friends are suggesting that I merge the two: Claim I did these DevOps projects at my previous company and explain the 1.3-year gap as "Freelance DevOps work" to fill the void.
My Questions:
1. Is the 1.3-year gap the main reason for the silence?
2. Is "embellishing" my past experience the only way to bypass HR filters in this market?
3. Can I honestly pivot to a DevSecOps role given my SOC background, or am I considered a "fresher" again?
Any advice is appreciated.
https://redd.it/1q18400
@r_devops
Hi everyone,
I am looking for a sanity check on my job search strategy because I am hitting a wall.
My Story:
I originally came from a MERN stack development background. When I started my career, the market was rough, so I took the first role I could get: SOC Analyst (Cybersecurity Compliance). I worked there for 1.7 years, but deep down, I knew compliance wasn't for me.
Toward the end of that job, I collaborated with the infra team and found my passion in DevOps. Unfortunately, due to a personal family emergency, I had to drop out of the workforce entirely. I currently have a career gap of 1.3 years.
The Upskill:
During this gap, I haven't been idle. I’ve been aggressively learning and have built several end-to-end projects involving:
Infrastructure: Terraform, Kubernetes (EKS), Docker.
CI/CD: Jenkins, Ansible, ArgoCD.
DevSecOps: Implementing SonarQube and Trivy (leveraging my security background).
Architecture: Serverless and Microservices.
The Dilemma:
I have tailored my resume for ATS, listing my SOC experience honestly and my DevOps work under "Projects." I am getting zero calls.
My friends are suggesting that I merge the two: Claim I did these DevOps projects at my previous company and explain the 1.3-year gap as "Freelance DevOps work" to fill the void.
My Questions:
1. Is the 1.3-year gap the main reason for the silence?
2. Is "embellishing" my past experience the only way to bypass HR filters in this market?
3. Can I honestly pivot to a DevSecOps role given my SOC background, or am I considered a "fresher" again?
Any advice is appreciated.
https://redd.it/1q18400
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Every uptime monitor wants me to configure through a UI
After using Uptime Kuma I realized how annoying configuring everything through the UI actually is. I have a backup of the DB but the setup takes too long. I want to configure stuff with IAC so I can spin it up anywhere without caring too much.
Config is ultra simple yaml:
hosts:
API:
target: 'https://myapi.com'
port: 443
expect: 200
interval: 30
Website:
target: 'https://mywebsite.com'
port: 443
expect: 200
interval: 30
So I built a simple monitoring tool. Running it in my homelab, thinking about adding alerting and maintenance windows to the config too. Does something like this already exist? I have a GitHub repo and on push a GitHub Action publishes the changes.
https://redd.it/1q1jag5
@r_devops
After using Uptime Kuma I realized how annoying configuring everything through the UI actually is. I have a backup of the DB but the setup takes too long. I want to configure stuff with IAC so I can spin it up anywhere without caring too much.
Config is ultra simple yaml:
hosts:
API:
target: 'https://myapi.com'
port: 443
expect: 200
interval: 30
Website:
target: 'https://mywebsite.com'
port: 443
expect: 200
interval: 30
So I built a simple monitoring tool. Running it in my homelab, thinking about adding alerting and maintenance windows to the config too. Does something like this already exist? I have a GitHub repo and on push a GitHub Action publishes the changes.
https://redd.it/1q1jag5
@r_devops
ServiceRadar is seeking early contributors!
We are building an Open Source network management, asset tracking, and observability platform in Elixir and are looking for contributors. Our stack is Elixir/Phoenix LiveView built around ERTS technology, powered by Postgres + extensions. We also use golang and rust for various services, and our stack runs mostly on docker or kubernetes. We also have a very robust CICD system built on bazel, github ARC, and more. This is a great opportunity to learn cutting edge devops systems and patterns and help build the future of network management systems.
If you are passionate about network management and building cloud native software we would love to connect.
https://github.com/carverauto/serviceradar
https://redd.it/1q1jji1
@r_devops
We are building an Open Source network management, asset tracking, and observability platform in Elixir and are looking for contributors. Our stack is Elixir/Phoenix LiveView built around ERTS technology, powered by Postgres + extensions. We also use golang and rust for various services, and our stack runs mostly on docker or kubernetes. We also have a very robust CICD system built on bazel, github ARC, and more. This is a great opportunity to learn cutting edge devops systems and patterns and help build the future of network management systems.
If you are passionate about network management and building cloud native software we would love to connect.
https://github.com/carverauto/serviceradar
https://redd.it/1q1jji1
@r_devops
GitHub
GitHub - carverauto/serviceradar: opensource network management and observability platform
opensource network management and observability platform - carverauto/serviceradar
How do you enforce data contracts end-to-end across microservices → warehouse?
Hey folks,
We ingest events from microservices into a warehouse. A producer shipped a “small” schema change, and our ingestion kept running but started failing decoding/validation downstream. Nobody noticed for a while → we effectively lost data until someone spotted a gap.
We’re a pretty large org, which makes me feel we’re missing something basic or doing something wrong. This isn’t strictly in my responsibility, but I’m wondering: is this also common on your side? If you’ve solved it, what guardrails actually work to catch this fast?
https://redd.it/1q1bk6l
@r_devops
Hey folks,
We ingest events from microservices into a warehouse. A producer shipped a “small” schema change, and our ingestion kept running but started failing decoding/validation downstream. Nobody noticed for a while → we effectively lost data until someone spotted a gap.
We’re a pretty large org, which makes me feel we’re missing something basic or doing something wrong. This isn’t strictly in my responsibility, but I’m wondering: is this also common on your side? If you’ve solved it, what guardrails actually work to catch this fast?
https://redd.it/1q1bk6l
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community