Huge e-commerce brands buckle under the pressure of high volume sales. Why?
Hello devops! So this past holiday season I had a job at a call center where we did customer service for a few worldwide beauty brands. Why I´m making this post is that their sites could not handle the load for Cyber Monday and Black Friday sales. Irate almost-customers called in to complain how the ordering system didn´t allow them to get through checkout. False order confirmations, items in their shopping cart not making it through to the backend ordering system, customers having their orders frozen at checkout... As customer service agents we all use Salesforce on the backend. How do huge companies like these have such crappy websites? Is it the fault of the developers for the sites themselves? Is it a problem in the backend between the website and the Salesforce ordering system? I welcome any and all opinions on the matter. You never see Amazon having trouble like this with their website. Why do these big brands (think Versace, Gap, etc.) have such sucky e-commerce system?
https://redd.it/1q8r9tz
@r_devops
Hello devops! So this past holiday season I had a job at a call center where we did customer service for a few worldwide beauty brands. Why I´m making this post is that their sites could not handle the load for Cyber Monday and Black Friday sales. Irate almost-customers called in to complain how the ordering system didn´t allow them to get through checkout. False order confirmations, items in their shopping cart not making it through to the backend ordering system, customers having their orders frozen at checkout... As customer service agents we all use Salesforce on the backend. How do huge companies like these have such crappy websites? Is it the fault of the developers for the sites themselves? Is it a problem in the backend between the website and the Salesforce ordering system? I welcome any and all opinions on the matter. You never see Amazon having trouble like this with their website. Why do these big brands (think Versace, Gap, etc.) have such sucky e-commerce system?
https://redd.it/1q8r9tz
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Planning a career transition, does my plan make sense? Pipeline TD ->DevOps -> MLops
I am currently a Senior Pipeline Technical Director (Pipe TD for short) at a VFX/CG studio in Vancouver, BC with 7 YOE. Lately I've been feeling like I'm stagnating both in terms of learning new skills and salary (getting close to the cap at the senior level). Also, the VFX industry is declining and it's hard to find a new pipe openings at other studios these days. I've been doing some research and found that DevOps role is similar to my current role. My current responsibilities:
\- manage the render farm for failing jobs/efficiency of renders, stuck frames etc
\- make sure the pipeline outputs clean data between different departments (layout/anim/lighting etc)
\-troubleshoot artists' broken anim/lighting scenes
\-patch bugs in code for artists tools
\-make plugins/noscripts to make artist's life easier
\-a lot of babysitting artists so that they can log off on time at 5pm and not having to worry about their things breaking
My plan to break into DevOps and eventually into MLops:
1. study and pass the AWS Certified Solutions Architect - Associate Certificate
2. learn about IOC (TerraForm)
3. learn Docker and Kubernetes
4. Apply for a devOps role (after 6-7 months of study and personal projects)
5. If I get accepted, learn as much as I can
6.While employed, go through https://github.com/DataTalksClub/mlops-zoomcamp and apply it to personal projects
7. Get MLOps related certs
8. start applying to MLOps roles when I have \~2 years of devOps experience
Is my plan feasible? are there are gaping holes?
https://redd.it/1q8pug6
@r_devops
I am currently a Senior Pipeline Technical Director (Pipe TD for short) at a VFX/CG studio in Vancouver, BC with 7 YOE. Lately I've been feeling like I'm stagnating both in terms of learning new skills and salary (getting close to the cap at the senior level). Also, the VFX industry is declining and it's hard to find a new pipe openings at other studios these days. I've been doing some research and found that DevOps role is similar to my current role. My current responsibilities:
\- manage the render farm for failing jobs/efficiency of renders, stuck frames etc
\- make sure the pipeline outputs clean data between different departments (layout/anim/lighting etc)
\-troubleshoot artists' broken anim/lighting scenes
\-patch bugs in code for artists tools
\-make plugins/noscripts to make artist's life easier
\-a lot of babysitting artists so that they can log off on time at 5pm and not having to worry about their things breaking
My plan to break into DevOps and eventually into MLops:
1. study and pass the AWS Certified Solutions Architect - Associate Certificate
2. learn about IOC (TerraForm)
3. learn Docker and Kubernetes
4. Apply for a devOps role (after 6-7 months of study and personal projects)
5. If I get accepted, learn as much as I can
6.While employed, go through https://github.com/DataTalksClub/mlops-zoomcamp and apply it to personal projects
7. Get MLOps related certs
8. start applying to MLOps roles when I have \~2 years of devOps experience
Is my plan feasible? are there are gaping holes?
https://redd.it/1q8pug6
@r_devops
GitHub
GitHub - DataTalksClub/mlops-zoomcamp: Free MLOps course from DataTalks.Club
Free MLOps course from DataTalks.Club. Contribute to DataTalksClub/mlops-zoomcamp development by creating an account on GitHub.
Community for DevOps/Cloud Jobs referral
Hi guys, I am planning to create a whatsapp group from long time for job referrals for the devops and cloud engineer roles and today is the day.
The aim of this community is to allow easy job referrals for our members.
Anyone who is interested, please comment interested and write down your mail for further communication.
I hope with this community we will be able to fullfill our dreams.
See you there hustlers🫡
https://redd.it/1q8u8ke
@r_devops
Hi guys, I am planning to create a whatsapp group from long time for job referrals for the devops and cloud engineer roles and today is the day.
The aim of this community is to allow easy job referrals for our members.
Anyone who is interested, please comment interested and write down your mail for further communication.
I hope with this community we will be able to fullfill our dreams.
See you there hustlers🫡
https://redd.it/1q8u8ke
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
What do you think about new emerging role: Forward Deployed Engineers?
What is your opinion on new emerging role: Forward Deployed engineers. Based on my reading and understanding , they are consultant/ sales engineers. I am seeing this word everywhere , companies are extensively hiring for them especially AI companies and it makes sense also because AI is complex and new. Now I want to know from the real people who are either FDE or making career transition to it or know someone closely who is into it. What is your opinion about this job- is it like a trend or will it stay for very long time? What is their day to day looks like? How are they making transition? How are they dealing with clients , managing multiple stakeholders ( the soft skills part)?
https://redd.it/1q8v5fr
@r_devops
What is your opinion on new emerging role: Forward Deployed engineers. Based on my reading and understanding , they are consultant/ sales engineers. I am seeing this word everywhere , companies are extensively hiring for them especially AI companies and it makes sense also because AI is complex and new. Now I want to know from the real people who are either FDE or making career transition to it or know someone closely who is into it. What is your opinion about this job- is it like a trend or will it stay for very long time? What is their day to day looks like? How are they making transition? How are they dealing with clients , managing multiple stakeholders ( the soft skills part)?
https://redd.it/1q8v5fr
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Can do freelancing
Can do freelancing on AWS and GCP DevOps.
* remote only.
getting bored with no activities after office hours and less pay.So thinking about taking freelancing Job on DevOps based on AWS or GCP.
any reference is highly appreciated.
already on fiver but not much helpful
https://redd.it/1q8w4ct
@r_devops
Can do freelancing on AWS and GCP DevOps.
* remote only.
getting bored with no activities after office hours and less pay.So thinking about taking freelancing Job on DevOps based on AWS or GCP.
any reference is highly appreciated.
already on fiver but not much helpful
https://redd.it/1q8w4ct
@r_devops
www.request.finance
Request Technologies - Crypto-to-Fiat API for global payments
With just a few lines of code, Request Technologies helps platforms unlock new revenue opportunities by enabling the conversion and global transfer of crypto and fiat.
AWS cost scanner - catches orphaned resources before they pile up (Python/open source)
Hey folks,
I've been learning AWS and kept forgetting to delete test resources.
My last bill had charges for 3 EBS volumes I'd completely forgotten about.
Built a Python noscript to help catch these before they accumulate:
* Scans all AWS regions
* Finds 6 types of common waste
* Shows exact costs and cleanup commands
It's free/open source. Still learning, it's not perfect but it works and so feedback is welcome!
GitHub: [AWS Waste Finder Tool](https://github.com/devopsjunctionn/AWS-WasteFinder)
Specifically checking for:
1. Orphaned EBS volumes
2. Unused Elastic IPs
3. Idle Load Balancers
4. Old snapshots
5. NAT Gateways
6. SageMaker notebooks
Has anyone else dealt with surprise AWS bills? What resources did
you forget about?
https://redd.it/1q8xh1e
@r_devops
Hey folks,
I've been learning AWS and kept forgetting to delete test resources.
My last bill had charges for 3 EBS volumes I'd completely forgotten about.
Built a Python noscript to help catch these before they accumulate:
* Scans all AWS regions
* Finds 6 types of common waste
* Shows exact costs and cleanup commands
It's free/open source. Still learning, it's not perfect but it works and so feedback is welcome!
GitHub: [AWS Waste Finder Tool](https://github.com/devopsjunctionn/AWS-WasteFinder)
Specifically checking for:
1. Orphaned EBS volumes
2. Unused Elastic IPs
3. Idle Load Balancers
4. Old snapshots
5. NAT Gateways
6. SageMaker notebooks
Has anyone else dealt with surprise AWS bills? What resources did
you forget about?
https://redd.it/1q8xh1e
@r_devops
GitHub
GitHub - devopsjunctionn/AWS-WasteFinder
Contribute to devopsjunctionn/AWS-WasteFinder development by creating an account on GitHub.
Career switch into cloud → DevOps: what actually matters in the first year?
I’m UK-based, mid-30s, researching a move into cloud with the intention of progressing into DevOps/platform work later.
Trying to sanity-check a few things with people actually doing the job:
• what skills genuinely separate juniors who get trusted vs those who don’t
• whether cloud roles are the cleanest entry point today
• what you’d focus on in the first 6–12 months if starting again
• what’s overhyped or unnecessary early on
Looking for practical answers rather than course recommendations.
https://redd.it/1q8u4fw
@r_devops
I’m UK-based, mid-30s, researching a move into cloud with the intention of progressing into DevOps/platform work later.
Trying to sanity-check a few things with people actually doing the job:
• what skills genuinely separate juniors who get trusted vs those who don’t
• whether cloud roles are the cleanest entry point today
• what you’d focus on in the first 6–12 months if starting again
• what’s overhyped or unnecessary early on
Looking for practical answers rather than course recommendations.
https://redd.it/1q8u4fw
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
“Is OAuth2/Keycloak justified for long-lived Kubernetes connector authentication?
I’m designing a system where a private Kubernetes cluster (no inbound access) runs a long-lived connector pod that communicates outbound to a central backend to execute kubectl commands. The flow is: a user calls /cluster/register, the backend generates a cluster_id and a secret, creates a Keycloak client (client_id = conn-<cluster_id>), and injects these into the connector manifest. The connector authenticates to Keycloak using OAuth2 client-credentials, receives a JWT, and uses it to authenticate to backend endpoints like /heartbeat and /callback, which the backend verifies via Keycloak JWKS. This works, but I’m questioning whether Keycloak is actually necessary if /cluster/register is protected (e.g., only trusted users can onboard clusters), since the backend is effectively minting and binding machine identities anyway. Keycloak provides centralized revocation and rotation, but I’m unsure whether it adds meaningful security value here versus a simpler backend-issued secret or mTLS/SPIFFE model. Looking for architectural feedback on whether this is a reasonable production auth approach for outbound-only connectors in private clusters, or unnecessary complexity.
Any suggestions would be appreciated, thanks.
https://redd.it/1q91siu
@r_devops
I’m designing a system where a private Kubernetes cluster (no inbound access) runs a long-lived connector pod that communicates outbound to a central backend to execute kubectl commands. The flow is: a user calls /cluster/register, the backend generates a cluster_id and a secret, creates a Keycloak client (client_id = conn-<cluster_id>), and injects these into the connector manifest. The connector authenticates to Keycloak using OAuth2 client-credentials, receives a JWT, and uses it to authenticate to backend endpoints like /heartbeat and /callback, which the backend verifies via Keycloak JWKS. This works, but I’m questioning whether Keycloak is actually necessary if /cluster/register is protected (e.g., only trusted users can onboard clusters), since the backend is effectively minting and binding machine identities anyway. Keycloak provides centralized revocation and rotation, but I’m unsure whether it adds meaningful security value here versus a simpler backend-issued secret or mTLS/SPIFFE model. Looking for architectural feedback on whether this is a reasonable production auth approach for outbound-only connectors in private clusters, or unnecessary complexity.
Any suggestions would be appreciated, thanks.
https://redd.it/1q91siu
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
What are your learning goals for 2026? How would you approach job switching?
Context:
This year, I will cross the five-year experience milestone in the IT industry. The majority of this time has been spent in a DevOps/SRE-type role, where I mainly worked on Azure Pipelines templates and Terraform (I feel quite confident in Terraform now, I've already fixed a couple of tricky deadlock situations) for our AWS infrastructure (nothing crazy, basic services like S3, EC2, Lambda, and API Gateway). I rarely coded smaller parts of .NET applications or helper applications, and I also often automated tasks using PowerShell and Bash.
Actual post:
I haven’t received my salary update yet, but I doubt it will be anything more than a 10% raise at best, plus one additional salary as a bonus. The past six months have been really rough due to deadlines, management chaos, and the AWS migration from legacy servers.
I am considering switching jobs this year, as I have been with this company for almost four years. I have a good manager (he gives me exceptional performance notes), and I have a chill remote setup, but at the same time, I can see that, theoretically, I could earn 2–2.5x my current salary at my level of experience (according to the offers I see on job boards - at least theoretically in my area, I am not US based). I know that the market is in very rough state currently, even in my country but somehow there are still job postings
The point is that I suck at interviewing. I hate doing live coding challenges, my brain always goes blank, and I forget how to even create a basic loop.
I also want to upskill a bit, but I’m not sure what to focus on with all the AI hype these days. I wanted to:
\- Read Linux Bible: I want to organize my Linux knowledge. I use WSL and Bash, but I mainly work in Windows Server environments, which kind of sucks.
\- Learn material for AWS certs: In the past, I’ve bought a couple of courses on Udemy but haven’t actually completed them. I think this could help me organize my AWS knowledge better, especially for the Solutions Architect Associate and CloudOps Associate certifications, and maybe later the DevOps Engineer Professional but that depends on how much time I have. (I don’t think I’ll actually take the exams, is it still worth it?)
\- AI coding/agents as my current company is pushing it really hard
\- Monitoring: I want to expand my knowledge in this area, but so far I only have experience with CloudWatch, which is a provider-locked solution. I’d like to learn other tools, but I don’t know where to start maybe OpenTelemetry, Grafana, or Prometheus? Could you suggest anything?
Final questions/thoughts:
What are your personal goals for 2026?
How would you approach it in my current position?
I feel like imposter syndrome is bigger than ever, especially with AI agents and recent revelations about their performance. Hard to chill, to be honest, I've even started considering weekend university courses in psychology because all of this (studies in my country are free or low fee)
https://redd.it/1q93ki6
@r_devops
Context:
This year, I will cross the five-year experience milestone in the IT industry. The majority of this time has been spent in a DevOps/SRE-type role, where I mainly worked on Azure Pipelines templates and Terraform (I feel quite confident in Terraform now, I've already fixed a couple of tricky deadlock situations) for our AWS infrastructure (nothing crazy, basic services like S3, EC2, Lambda, and API Gateway). I rarely coded smaller parts of .NET applications or helper applications, and I also often automated tasks using PowerShell and Bash.
Actual post:
I haven’t received my salary update yet, but I doubt it will be anything more than a 10% raise at best, plus one additional salary as a bonus. The past six months have been really rough due to deadlines, management chaos, and the AWS migration from legacy servers.
I am considering switching jobs this year, as I have been with this company for almost four years. I have a good manager (he gives me exceptional performance notes), and I have a chill remote setup, but at the same time, I can see that, theoretically, I could earn 2–2.5x my current salary at my level of experience (according to the offers I see on job boards - at least theoretically in my area, I am not US based). I know that the market is in very rough state currently, even in my country but somehow there are still job postings
The point is that I suck at interviewing. I hate doing live coding challenges, my brain always goes blank, and I forget how to even create a basic loop.
I also want to upskill a bit, but I’m not sure what to focus on with all the AI hype these days. I wanted to:
\- Read Linux Bible: I want to organize my Linux knowledge. I use WSL and Bash, but I mainly work in Windows Server environments, which kind of sucks.
\- Learn material for AWS certs: In the past, I’ve bought a couple of courses on Udemy but haven’t actually completed them. I think this could help me organize my AWS knowledge better, especially for the Solutions Architect Associate and CloudOps Associate certifications, and maybe later the DevOps Engineer Professional but that depends on how much time I have. (I don’t think I’ll actually take the exams, is it still worth it?)
\- AI coding/agents as my current company is pushing it really hard
\- Monitoring: I want to expand my knowledge in this area, but so far I only have experience with CloudWatch, which is a provider-locked solution. I’d like to learn other tools, but I don’t know where to start maybe OpenTelemetry, Grafana, or Prometheus? Could you suggest anything?
Final questions/thoughts:
What are your personal goals for 2026?
How would you approach it in my current position?
I feel like imposter syndrome is bigger than ever, especially with AI agents and recent revelations about their performance. Hard to chill, to be honest, I've even started considering weekend university courses in psychology because all of this (studies in my country are free or low fee)
https://redd.it/1q93ki6
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Looking for feedback on my AWS TUI tool
I built a terminal UI for AWS resource management (think k9s but for AWS). Would love feedback from people who actually manage AWS infrastructure daily.
GitHub: https://github.com/clawscli/claws
Main features:
Query multiple profiles × regions at once
Vim-style navigation
60+ services, 160+ resource types
Read-only mode for safe exploration
Specifically interested in:
What services/resources are missing that you'd actually use?
Any UX pain points?
https://redd.it/1q92v5s
@r_devops
I built a terminal UI for AWS resource management (think k9s but for AWS). Would love feedback from people who actually manage AWS infrastructure daily.
GitHub: https://github.com/clawscli/claws
Main features:
Query multiple profiles × regions at once
Vim-style navigation
60+ services, 160+ resource types
Read-only mode for safe exploration
Specifically interested in:
What services/resources are missing that you'd actually use?
Any UX pain points?
https://redd.it/1q92v5s
@r_devops
GitHub
GitHub - clawscli/claws: A terminal UI for AWS resource management with vim-style navigation
A terminal UI for AWS resource management with vim-style navigation - clawscli/claws
A practical 2026 roadmap for production observability & debugging
I kept seeing observability content that stops at “add metrics + dashboards” and still leaves teams blind during real incidents.
I put together a roadmap that reflects how production observability actually works in distributed systems:
– monitoring vs observability (signals vs symptoms)
– metrics, logs, traces as a system, not silos
– context propagation across async and service boundaries
– instrumentation strategy (what not to instrument)
– sampling & cost reality (debugging without full fidelity)
– latency without errors, errors without load, silent failures
– incident debugging playbooks
– cascading failure patterns & partial outages
– alerting, SLOs, and operational feedback loops
The focus is how to think during production incidents, not tools or vendors.
Language- and stack-agnostic by design.
Roadmap image + interactive version here:
👉 https://nemorize.com/roadmaps/production-observability-from-signals-to-root-cause-2026
Curious what people think is missing, overkill, or ordered incorrectly.
https://redd.it/1q94jzi
@r_devops
I kept seeing observability content that stops at “add metrics + dashboards” and still leaves teams blind during real incidents.
I put together a roadmap that reflects how production observability actually works in distributed systems:
– monitoring vs observability (signals vs symptoms)
– metrics, logs, traces as a system, not silos
– context propagation across async and service boundaries
– instrumentation strategy (what not to instrument)
– sampling & cost reality (debugging without full fidelity)
– latency without errors, errors without load, silent failures
– incident debugging playbooks
– cascading failure patterns & partial outages
– alerting, SLOs, and operational feedback loops
The focus is how to think during production incidents, not tools or vendors.
Language- and stack-agnostic by design.
Roadmap image + interactive version here:
👉 https://nemorize.com/roadmaps/production-observability-from-signals-to-root-cause-2026
Curious what people think is missing, overkill, or ordered incorrectly.
https://redd.it/1q94jzi
@r_devops
Nemorize
Production Observability: From Signals to Root Cause (2026) - Learning Roadmap | Nemorize
Phase 0 – The mindset shift
Goal: Stop treating observability as dashboards and start treating it as causality.
You will learn
Why monitoring is not obser...
Goal: Stop treating observability as dashboards and start treating it as causality.
You will learn
Why monitoring is not obser...
I need advice on meaningful personal projects (developer + DevOps, tool-building focus)
Im trying to decide on what kind of personal project to make that will be meaningful for learning and possibly useful for job applications, but learning comes first. I've made many small projects before while creating my homelab setup but I am looking for something more like actually creating my own tools.
Im aiming for something that sits between developer and DevOps.
I want to improve my coding skills and understand DevOps tools on a deeper level. I'm kind of sick of just using tools and not creating my own, if that makes sense.
Maybe Im having the wrong take on these things, a comment I always get from older gen engineers is how much they learned when they had to create their own tools. So, I thought it would be cool too.
I would be grateful for any guidance regarding this topic, if my thought pattern is incorrect I'm open to hearing what I should focus on instead.
Some additional context, Ive been a DevOps for 4 years and recently I have become unemployed and I want to start a project but everything I've seen online feels like I've done better versions of those in real production environments.
https://redd.it/1q99x3q
@r_devops
Im trying to decide on what kind of personal project to make that will be meaningful for learning and possibly useful for job applications, but learning comes first. I've made many small projects before while creating my homelab setup but I am looking for something more like actually creating my own tools.
Im aiming for something that sits between developer and DevOps.
I want to improve my coding skills and understand DevOps tools on a deeper level. I'm kind of sick of just using tools and not creating my own, if that makes sense.
Maybe Im having the wrong take on these things, a comment I always get from older gen engineers is how much they learned when they had to create their own tools. So, I thought it would be cool too.
I would be grateful for any guidance regarding this topic, if my thought pattern is incorrect I'm open to hearing what I should focus on instead.
Some additional context, Ive been a DevOps for 4 years and recently I have become unemployed and I want to start a project but everything I've seen online feels like I've done better versions of those in real production environments.
https://redd.it/1q99x3q
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Why the hell are devs still putting passwords in AI prompts? It's 2026!
Writing this because I keep seeing devs hardcode API keys and passwords directly in prompts during code reviews. Your LLM logs everything. Your prompts get cached. Your secrets end up in training data.
Use environment variables. Use secret managers. Sanitize inputs before they hit the model.
This should be basic security hygiene by now but apparently it needs saying.
https://redd.it/1q9cw8r
@r_devops
Writing this because I keep seeing devs hardcode API keys and passwords directly in prompts during code reviews. Your LLM logs everything. Your prompts get cached. Your secrets end up in training data.
Use environment variables. Use secret managers. Sanitize inputs before they hit the model.
This should be basic security hygiene by now but apparently it needs saying.
https://redd.it/1q9cw8r
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Vendor selection: enterprise vs startup vs build your own?
Hey! Solopreneur here who just launched an observability SaaS.
Need honest feedback on how you make vendor decisions.
Three options with identical SLA and infrastructure:
Enterprise with high prices ($$$)
Small company/solo founder with moderate prices ($$)
Build your own (Prometheus, Grafana, Loki) ($)
Which do you choose and why?
Key questions:
How much does brand recognition matter (to you vs management)?
Hard requirements on vendor stability/longevity?Support team size important?
Build vs Buy: what tips the scale - control/customization or time-to-market/maintenance?
If self-hosted: how many FTEs maintaining your stack?
On integrations:
Unified dashboard - deal breaker or nice-to-have?
Alert integrations (PagerDuty, Slack)?
API access?
Appreciate any feedback, especially recent vendor selection or migration experiences
https://redd.it/1q9bu87
@r_devops
Hey! Solopreneur here who just launched an observability SaaS.
Need honest feedback on how you make vendor decisions.
Three options with identical SLA and infrastructure:
Enterprise with high prices ($$$)
Small company/solo founder with moderate prices ($$)
Build your own (Prometheus, Grafana, Loki) ($)
Which do you choose and why?
Key questions:
How much does brand recognition matter (to you vs management)?
Hard requirements on vendor stability/longevity?Support team size important?
Build vs Buy: what tips the scale - control/customization or time-to-market/maintenance?
If self-hosted: how many FTEs maintaining your stack?
On integrations:
Unified dashboard - deal breaker or nice-to-have?
Alert integrations (PagerDuty, Slack)?
API access?
Appreciate any feedback, especially recent vendor selection or migration experiences
https://redd.it/1q9bu87
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Open Source Built a self-hosted PAM system - Looking for feedback
Hey r/devops!
I've been building Orion-Belt, an open-source Privileged Access Management system, and would love your feedback from folks who've dealt with SSH access at scale.
The problem we're solving:
After getting quoted $50k-$200k/year for commercial PAM solutions as a startup, we decided to build a self-hosted alternative that doesn't require enterprise budgets.
What it does:
\- Zero inbound firewall rules: Agents use reverse SSH tunneling to dial out to the gateway
\- Fine-grained access control: Specify which users can access which machines as which remote users (e.g., "Jane can SSH to prod-db as postgres")
\- Session recording & audit trails: Full compliance logging for SOC2/ISO27001
\- Temporary access workflows: Time-limited access with admin approval
\- Standard SSH compatibility.
Tech stack:
\- Backend: Go (Gin framework, golang.org/x/crypto/ssh)
\- Permissions: ReBAC with OpenFGA
\- Storage: PostgreSQL
\- Deployment: Docker + systemd, multi-distro support
Current state: Core functionality working, deployed in production in our homelab/staging environments.
Why I'm posting: Before building more features, I want to validate we're solving real problems.
Questions for the community:
1. What's your current SSH access management strategy?
(SSH keys everywhere? Jump hosts? Commercial PAM? Something else?)
2.If you've looked at commercial PAM solutions, what stopped you from adopting them?
(Cost? Complexity? Vendor lock-in?)
3. What would make a tool like this worth adopting in your environment?
(Specific features? Integration points? Deployment model?)
GitHub: https://github.com/zrougamed/orion-belt
Looking for:
\- Beta testers: Deploy it, break it, tell me what's missing
\- Contributors: Go backend developers and Frontend/UI folks (currently no UI - WIP)
\- Feedback: Honest criticism about architecture, features, docs
Happy to answer technical questions about the reverse tunneling implementation, session recording, or anything else!
https://redd.it/1q9k1kk
@r_devops
Hey r/devops!
I've been building Orion-Belt, an open-source Privileged Access Management system, and would love your feedback from folks who've dealt with SSH access at scale.
The problem we're solving:
After getting quoted $50k-$200k/year for commercial PAM solutions as a startup, we decided to build a self-hosted alternative that doesn't require enterprise budgets.
What it does:
\- Zero inbound firewall rules: Agents use reverse SSH tunneling to dial out to the gateway
\- Fine-grained access control: Specify which users can access which machines as which remote users (e.g., "Jane can SSH to prod-db as postgres")
\- Session recording & audit trails: Full compliance logging for SOC2/ISO27001
\- Temporary access workflows: Time-limited access with admin approval
\- Standard SSH compatibility.
Tech stack:
\- Backend: Go (Gin framework, golang.org/x/crypto/ssh)
\- Permissions: ReBAC with OpenFGA
\- Storage: PostgreSQL
\- Deployment: Docker + systemd, multi-distro support
Current state: Core functionality working, deployed in production in our homelab/staging environments.
Why I'm posting: Before building more features, I want to validate we're solving real problems.
Questions for the community:
1. What's your current SSH access management strategy?
(SSH keys everywhere? Jump hosts? Commercial PAM? Something else?)
2.If you've looked at commercial PAM solutions, what stopped you from adopting them?
(Cost? Complexity? Vendor lock-in?)
3. What would make a tool like this worth adopting in your environment?
(Specific features? Integration points? Deployment model?)
GitHub: https://github.com/zrougamed/orion-belt
Looking for:
\- Beta testers: Deploy it, break it, tell me what's missing
\- Contributors: Go backend developers and Frontend/UI folks (currently no UI - WIP)
\- Feedback: Honest criticism about architecture, features, docs
Happy to answer technical questions about the reverse tunneling implementation, session recording, or anything else!
https://redd.it/1q9k1kk
@r_devops
pkg.go.dev
ssh package - golang.org/x/crypto/ssh - Go Packages
Package ssh implements an SSH client and server.
SMS as an alerting channel who do you actually trust?
If SMS is your last-resort alert channel, which providers have actually been reliable for you in production?
https://redd.it/1q9af9l
@r_devops
If SMS is your last-resort alert channel, which providers have actually been reliable for you in production?
https://redd.it/1q9af9l
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Anyone else finding AI code review tools useless once you hit 10+ microservices?
We've been trying to integrate AI-assisted code review into our pipeline for the last 6 months. Started with a lot of optimism.
The problem: we run \~30 microservices across 4 repos. Business logic spans multiple services—a single order flow touches auth, inventory, payments, and notifications.
Here's what we're seeing:
\- The tool reviews each service in isolation. Zero awareness that a change in Service A could break the contract with Service B.
\- It chunks code for analysis and loses the relationships that actually matter. An API call becomes a meaningless string without context from the target service.
\- False positives are multiplying. The tool flags verbose utility functions while missing actual security issues that span services.
We're not using some janky open-source wrapper—this is a legit, well-funded tool with RAG-based retrieval.
Starting to think the fundamental approach (chunking + retrieval) just doesn't work for distributed systems. You can't understand a microservices codebase by looking at fragments.
Anyone else hitting this wall? Curious if teams with complex architectures have found tools that actually trace logic across service boundaries.
https://redd.it/1q9tup1
@r_devops
We've been trying to integrate AI-assisted code review into our pipeline for the last 6 months. Started with a lot of optimism.
The problem: we run \~30 microservices across 4 repos. Business logic spans multiple services—a single order flow touches auth, inventory, payments, and notifications.
Here's what we're seeing:
\- The tool reviews each service in isolation. Zero awareness that a change in Service A could break the contract with Service B.
\- It chunks code for analysis and loses the relationships that actually matter. An API call becomes a meaningless string without context from the target service.
\- False positives are multiplying. The tool flags verbose utility functions while missing actual security issues that span services.
We're not using some janky open-source wrapper—this is a legit, well-funded tool with RAG-based retrieval.
Starting to think the fundamental approach (chunking + retrieval) just doesn't work for distributed systems. You can't understand a microservices codebase by looking at fragments.
Anyone else hitting this wall? Curious if teams with complex architectures have found tools that actually trace logic across service boundaries.
https://redd.it/1q9tup1
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Showcase High-density architecture: Running 100+ containers on a single VPS with Traefik and FrankenPHP
Hi everyone,
I wanted to share a breakdown of the infrastructure I just built for a new SaaS project (a dependency health monitor).
As a DevOps consultant, I usually deal with K8s clusters, but for this project, I wanted to see how much performance I could squeeze out of a single multi-site VPS using a Docker Compose stack.
The Architecture:
Currently running \~30 projects and close to 100 containers on one node with high availability.
Ingress/Routing: Traefik (Auto-discovery of new docker containers is a lifesaver).
Runtime: FrankenPHP + Laravel Octane. This runs the app as a long-running Go process rather than traditional PHP-FPM, keeping the application bootstrapped in memory.
Caching: 2-hour aggressive Edge caching via Cloudflare to minimize hit-rate on the backend.
Storage: Redis for queues/cache.
The Workflow:
User Request -> Cloudflare (Edge) -> Traefik (VPS Ingress) -> FrankenPHP (App Container)
I wrote a blog post detailing the specific setup and how this stack handles the traffic:
**https://danielpetrica.com/how-i-built-a-high-performance-directory-with-laravel-octane-and-filament/**
Curious to hear your thoughts on pushing vertical scaling/Docker Compose this far versus moving to a small K8s cluster/Nomad setup. At what point do you usually force the switch?
https://redd.it/1q9y4tc
@r_devops
Hi everyone,
I wanted to share a breakdown of the infrastructure I just built for a new SaaS project (a dependency health monitor).
As a DevOps consultant, I usually deal with K8s clusters, but for this project, I wanted to see how much performance I could squeeze out of a single multi-site VPS using a Docker Compose stack.
The Architecture:
Currently running \~30 projects and close to 100 containers on one node with high availability.
Ingress/Routing: Traefik (Auto-discovery of new docker containers is a lifesaver).
Runtime: FrankenPHP + Laravel Octane. This runs the app as a long-running Go process rather than traditional PHP-FPM, keeping the application bootstrapped in memory.
Caching: 2-hour aggressive Edge caching via Cloudflare to minimize hit-rate on the backend.
Storage: Redis for queues/cache.
The Workflow:
User Request -> Cloudflare (Edge) -> Traefik (VPS Ingress) -> FrankenPHP (App Container)
I wrote a blog post detailing the specific setup and how this stack handles the traffic:
**https://danielpetrica.com/how-i-built-a-high-performance-directory-with-laravel-octane-and-filament/**
Curious to hear your thoughts on pushing vertical scaling/Docker Compose this far versus moving to a small K8s cluster/Nomad setup. At what point do you usually force the switch?
https://redd.it/1q9y4tc
@r_devops
Daniel Petrica
I built Laraplugins.io to cure your "Dependency Anxiety" 💊
Stop wasting time vetting packages. I built Laraplugins.io to automate Laravel plugin health checks & protect your stack
How liable are DevOps for redundancies in acquisitions (UK)?
Hi folks!
As the noscript says, my current company has just been acquired in the last week and while this is an acquisition (financially), this is going to be a merger i.e. our company merging into their company.
The next steps in the integration phase, AFAIK, is a company restructure, and as I have read the employees in the acquired company would be more at risk than the acquirer employees. Therefore, that would make me more at risk.
The DevOps team I am in is 7 DevOps engineers, 1 Tech lead DevOps and 1 Team lead.
I believe on their side it is 4/5 DevOps engineers.
We host our product heavily on AWS, and from what I can see they use Azure.
My main questions here is:
1. Has anyone been in a similar situation
2. If so, what happened? What side of the table where you on?
3. How "At Risk" are DevOps engineers in a merger compared to other areas of business?
4. Any other things / pointers you can give me? It is my first time in this situation.
I know that it is different company-to-company, but if I could get a general consensus of others past experience then I can come to my own conclusion on whether or not I would be highly at risk.
Any comments are appreciated.
Thanks!
https://redd.it/1q9yrii
@r_devops
Hi folks!
As the noscript says, my current company has just been acquired in the last week and while this is an acquisition (financially), this is going to be a merger i.e. our company merging into their company.
The next steps in the integration phase, AFAIK, is a company restructure, and as I have read the employees in the acquired company would be more at risk than the acquirer employees. Therefore, that would make me more at risk.
The DevOps team I am in is 7 DevOps engineers, 1 Tech lead DevOps and 1 Team lead.
I believe on their side it is 4/5 DevOps engineers.
We host our product heavily on AWS, and from what I can see they use Azure.
My main questions here is:
1. Has anyone been in a similar situation
2. If so, what happened? What side of the table where you on?
3. How "At Risk" are DevOps engineers in a merger compared to other areas of business?
4. Any other things / pointers you can give me? It is my first time in this situation.
I know that it is different company-to-company, but if I could get a general consensus of others past experience then I can come to my own conclusion on whether or not I would be highly at risk.
Any comments are appreciated.
Thanks!
https://redd.it/1q9yrii
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Headless browser sessions keep timing out after ~30 minutes. Has anyone managed to fix this?
I’ve been automating dashboard logins and data extraction using Puppeteer and Selenium for a while now. Single runs are solid, but once I scale to multiple tabs or let jobs run for hours, things start falling apart. Sessions randomly expire, cookies disappear, tabs lose state, and accounts get logged out mid flow. I’ve tried rotating proxies, custom user agents, persisted cookies, and even moved to headless=new. It helped a bit but still not reliable enough for production workloads. At this point I’m trying to understand what’s actually causing this instability. Is it session isolation, anti automation defenses, browser lifecycle issues, or something else entirely? Looking for approaches or tools that support long lived, multi account browser workflows without constant monitoring. Any real world experience appreciated.
https://redd.it/1qa1uvy
@r_devops
I’ve been automating dashboard logins and data extraction using Puppeteer and Selenium for a while now. Single runs are solid, but once I scale to multiple tabs or let jobs run for hours, things start falling apart. Sessions randomly expire, cookies disappear, tabs lose state, and accounts get logged out mid flow. I’ve tried rotating proxies, custom user agents, persisted cookies, and even moved to headless=new. It helped a bit but still not reliable enough for production workloads. At this point I’m trying to understand what’s actually causing this instability. Is it session isolation, anti automation defenses, browser lifecycle issues, or something else entirely? Looking for approaches or tools that support long lived, multi account browser workflows without constant monitoring. Any real world experience appreciated.
https://redd.it/1qa1uvy
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community
Self host Gitlab (GitOps) in k8s, or stand alone?
Hi! Linux sysadmin and hobby programmer here, I'm learning iac by converting my infra at home using OpenTofu against Proxmox. I use workspaces to launch stages as dev (and staging etc in the future). Figured it would be cool to orient everything around it.. but as I'm gonna learn/use Talos k8s ahead, I can't figure out how to deal with deploying apps with the same workspace approach in mind, to avoid being repetitive and all that.
Never automated via Gitlab before, but understood what is called GitOps is used for automation, and it's baked into Gitlab. So the thing I can't figure out is if I should setup Gitlab in k8s, or as stand alone. The first means HA, but if k8s breaks then GitOps goes down I assume. The latter means skip k8s dependency, but no HA.
Idk, maybe I'm overthinking this at such a early time, but would appreciate some insight into how others setup their self hosted iac based IT.
Cheers!
https://redd.it/1qa67nj
@r_devops
Hi! Linux sysadmin and hobby programmer here, I'm learning iac by converting my infra at home using OpenTofu against Proxmox. I use workspaces to launch stages as dev (and staging etc in the future). Figured it would be cool to orient everything around it.. but as I'm gonna learn/use Talos k8s ahead, I can't figure out how to deal with deploying apps with the same workspace approach in mind, to avoid being repetitive and all that.
Never automated via Gitlab before, but understood what is called GitOps is used for automation, and it's baked into Gitlab. So the thing I can't figure out is if I should setup Gitlab in k8s, or as stand alone. The first means HA, but if k8s breaks then GitOps goes down I assume. The latter means skip k8s dependency, but no HA.
Idk, maybe I'm overthinking this at such a early time, but would appreciate some insight into how others setup their self hosted iac based IT.
Cheers!
https://redd.it/1qa67nj
@r_devops
Reddit
From the devops community on Reddit
Explore this post and more from the devops community