Best of DevOps — September 2025
- 1
- 2
JavaScript Mastery·34w
DevOps Full Course | Build and Deploy a Scalable Production Ready API
A comprehensive DevOps course covering fundamentals through production deployment. Teaches Git version control, CI/CD pipelines with GitHub Actions, Docker containerization, Kubernetes orchestration, and infrastructure as code. Includes hands-on project building a production-ready API with authentication, database integration, monitoring, and security features using modern tools like PostgreSQL, Neon DB, and Arkjet.
- 3
TechWorld with Nana·35w
Learn Docker in 2025 - Complete Roadmap Beginner to Pro
A comprehensive Docker learning roadmap that takes beginners through containerization fundamentals, from understanding the 'it works on my machine' problem to advanced production practices. Covers essential concepts including Docker images, containers, Dockerfile creation, Docker Compose for multi-container applications, networking, volumes for data persistence, and production best practices like security scanning and multi-stage builds. Also introduces container orchestration with Kubernetes as the natural next step for scaling containerized applications.
- 4
Simple Thread·34w
Docker Approaches to Multiple Environments
Explores two strategies for managing Docker configurations across development, staging, and production environments. The first approach uses separate Dockerfiles for each environment (similar to Rails configuration patterns), while the second leverages Docker's multi-stage builds to handle multiple environments within a single Dockerfile. Compares the trade-offs between explicit separation versus DRY principles, helping teams choose the right approach based on their complexity needs and Docker expertise.
- 5
- 6
Noted·34w
Meet the New Self-Hosted Portainer Alternative: Arcane
Arcane is a modern Docker management tool that serves as an alternative to Portainer, offering a clean interface for managing containers, images, networks, and volumes. It features real-time monitoring, resource visualization through graphs, and mobile-responsive design. The tool can be easily installed via Docker Compose and includes convenient features like one-click pruning of unused resources.
- 7
Lobsters·35wNixOS is the endgame of distrohopping
NixOS represents the ultimate Linux distribution for experienced users seeking reproducible, declarative system management. The author chronicles their journey from Arch Linux through various distributions to NixOS, highlighting how it solves fundamental problems like configuration drift, dependency hell, and the "works on my machine" issue. NixOS offers immutable infrastructure, safe rollbacks, and mathematical guarantees about system state through pure functional package management. While not recommended for beginners due to its abstraction of low-level Linux concepts, it provides unparalleled control and reproducibility for managing multiple servers and development environments.
- 8
Netflix TechBlog·33w
Empowering Netflix Engineers with Incident Management
Netflix transformed their incident management from a centralized SRE-only process to a democratized approach where all engineering teams can declare and manage incidents. They adopted Incident.io as their platform, focusing on intuitive design, internal data integration, balanced customization, and organizational investment in training. This shift resulted in 50% adoption across engineering teams within six months and fostered a culture where incidents are viewed as learning opportunities rather than scary outages.
- 9
Product Hunt·35w
QuickDeploy: Deploy your web app to a VPS in minutes
QuickDeploy is a new tool that enables developers to deploy web applications to Ubuntu VPS servers with a single command. It automatically detects frameworks like Next.js, builds optimized Docker images, and configures HTTPS with custom domains. The tool was created to solve deployment delays during hackathons and is targeted at indie developers and solo hackers who need fast deployment solutions without vendor lock-in.
- 10
Reinier·34w
DevOps Full Course | Build and Deploy a Scalable Production Ready API
A comprehensive crash course covering essential DevOps practices including version control with Git and GitHub, continuous integration and deployment pipelines, containerization with Docker, orchestration with Kubernetes, infrastructure as code, and API deployment automation. The course provides hands-on experience building and deploying scalable production-ready applications.
- 11
Docker Networking Made Simple: What Every Beginner Needs to Know
Docker networking fundamentals explained for beginners, covering bridge networks, host mode, and custom networks. Learn how containers communicate, why they need networks to talk to each other, and best practices for setting up container networking. Includes practical examples of creating custom networks and using container names for DNS resolution.
- 12
SavvyNik·34w
Ubuntu's Massive Mistake..
Ubuntu's package repositories experienced a 35-minute outage that caused days of disruption for users worldwide. The archive.ubuntu.com and security.ubuntu.com repositories went down, preventing package installations and security updates. While the servers came back online quickly, the resulting backlog overwhelmed mirrors and caused ongoing failures for several days. The incident highlighted critical infrastructure weaknesses in Ubuntu's centralized repository system and raised questions about redundancy, failover mechanisms, and community communication during outages.
- 13
strongdm·33w
15 Role-Based Access Control (RBAC) Tools in 2025
Role-Based Access Control (RBAC) tools help organizations manage who can access what systems and data based on user roles. This comprehensive guide covers 15 essential RBAC tools including identity providers (Okta, Microsoft Entra ID), cloud IAM services (AWS, Azure, Google Cloud), infrastructure tools (Kubernetes, Terraform), and specialized platforms for secrets management, workflow approvals, and audit logging. The tools work together to create layered security through identity verification, fine-grained permissions, automated provisioning, and comprehensive audit trails.
- 14
ByteByteGo·35w
EP179: Kubernetes Explained
Kubernetes fundamentals are explained including control plane components (API Server, Scheduler, Controller Manager, etcd) and worker nodes (Pods, Container Runtime, kubelet, kube-proxy). Docker best practices cover using official images, specific versions, multi-stage builds, .dockerignore, least privileged users, environment variables, caching optimization, labeling, and security scanning. Caching strategies are detailed across multiple layers from browser cache and CDN to distributed cache, databases, and messaging infrastructure. Additional topics include N8N vs LangGraph comparison for AI workflow automation.
- 15
Platformatic·33w
Node.js on Kubernetes: Unveiling Myths and Costs
Running Node.js on Kubernetes presents significant challenges due to fundamental mismatches between Node.js's lightweight, event-driven architecture and Kubernetes' resource allocation model. Common myths include believing autoscaling works seamlessly out-of-the-box, when in reality scaling delays can cause performance issues during traffic spikes. The rigid CPU/memory request/limit system forces teams to choose between costly overprovisioning or risky underprovisioning. To optimize Node.js in Kubernetes, teams should use smarter scaling signals like event loop lag, implement finer-grained resource strategies, reduce scaling reaction times, treat cost as a first-class metric, and recognize that Node.js requires different management approaches than traditional JVM applications.
- 16
Kubernetes·34w
Kubernetes v1.34: Use An Init Container To Define App Environment Variables
Kubernetes v1.34 introduces a new alpha feature that allows containers to load environment variables from files generated by init containers, eliminating the need for ConfigMaps and Secrets in certain scenarios. The EnvFiles feature gate enables loading environment variables from files in emptyDir volumes using the fileKeyRef field, simplifying configuration management for vendor-supplied containers and reducing API complexity. While the feature offers a cleaner approach to environment variable management, it requires careful security considerations since sensitive data stored in emptyDir volumes could be accessible to operators with node filesystem access.
- 17
Faun·35w
Hands on Automation with Ansible
A practical guide to setting up a 2-node Ansible lab environment using VirtualBox with Kali Linux as the control node and Ubuntu Server as the managed node. Covers installation, SSH configuration, inventory creation, and running a sample playbook that installs and configures Apache web server. Demonstrates Ansible's agentless architecture and YAML-based automation capabilities in an isolated testing environment.
- 18
Komodo - Manage Docker Images & Containers Across Multiple Servers
Komodo is an open-source web application that centralizes Docker container and server management across multiple servers. It provides monitoring, deployment automation, Docker Compose stack management, and scheduling capabilities through a unified interface. The platform includes server resource tracking, container lifecycle management, Git-based deployments, configuration management, and audit logging without subscription limitations.
- 19
Spacelift·35w
GitOps vs Infrastructure as Code (IaC): Differences & Overlaps
GitOps and Infrastructure as Code (IaC) are complementary but distinct practices. IaC focuses on defining infrastructure through code, while GitOps governs how that infrastructure is continuously deployed and maintained using Git as the single source of truth. Key differences include GitOps using pull-based workflows with continuous reconciliation versus IaC's typically push-based, CI-triggered approach. GitOps emphasizes automated deployment and compliance through Git, while IaC concentrates on infrastructure provisioning and definition. Together, they enable scalable, secure, and automated infrastructure management.
- 20
selfh.st·33w
Self-Host Weekly (19 September 2025)
Weekly newsletter covering self-hosting news and updates, featuring community drama around developer-user interactions, new YouTube download management tools (HomeTube, Youtarr, yt-dlp-co2), Home Assistant's 12th anniversary, Mastodon's paid hosting announcement, and a spotlight on TaskTrove task management platform. Includes video recommendations on Traefik, Docker Swarm, and security tools.
- 21
Last9·33w
Kubernetes Service Discovery Explained with Practical Examples
Kubernetes service discovery enables applications to find and communicate with each other in dynamic container environments. Services provide stable network abstractions over ephemeral Pods using DNS resolution and label selectors. The guide covers practical examples including internal communication, external access via Ingress, headless services for direct Pod access, and troubleshooting common issues like DNS resolution failures and missing endpoints.
- 22
InfoQ·32w
Kubernetes 1.34 Released with KYAML, Traffic Routing Controls, and Improved Observability
Kubernetes 1.34 introduces KYAML, a streamlined YAML subset to reduce configuration errors, enhanced traffic routing controls for network operators, and production-grade tracing for kubelet and API server using OpenTelemetry. The release includes 58 enhancements with improved security features like X.509 certificate management for pods, ServiceAccount tokens for image credential providers, and ordered namespace deletion to prevent security vulnerabilities.
- 23
Docker Multistage Builds: How to Optimize Your Images
Docker multistage builds enable developers to use multiple base images in a single Dockerfile, allowing complex build processes while keeping final images lightweight. By copying only necessary files between stages, developers can reduce image sizes, improve build efficiency, and simplify Dockerfile maintenance. The technique is particularly useful for separating build tools from runtime environments, such as compiling code in one stage and deploying only the compiled output in a minimal final image.
- 24
.NET Escapades·35w
Using and authoring .NET tools
.NET tools are programs distributed via NuGet that can be installed globally or locally using the .NET SDK. When authoring tools, developers face challenges around supporting multiple .NET runtime versions through multi-targeting or using RollForward configuration. Local tools use a dotnet-tools.json manifest for version control and team collaboration. Key considerations include compatibility across runtime versions, package size optimization, and testing strategies in CI environments using flags like --source, --tool-path, --prerelease, and --allow-downgrade.
- 25
Hacker News·34w
Native ACME Support Comes to NGINX
NGINX now includes native ACME protocol support through the ngx_http_acme module, enabling automatic SSL certificate management from Let's Encrypt without third-party tools. This built-in functionality, implemented in memory-safe Rust, joins other web servers like Traefik, Caddy, and Apache in providing seamless certificate automation, reducing operational overhead for developers and system administrators.
