Ruu Jones

Mentoring on the Mainframe Your junior or midlevel systems programmer knows there is a problem. They are “pretty sure” they know what they need to do, but they want to make sure they don’t make a mistake. They spend several hours looking through Redbooks.   Look through system documentation trying to determine if the fix they have in mind is the correct one. Is this PTF going to impact production? They are talking to IBM support to verify that what they are about to implement won’t impact production. But they still have doubts. Your sys progs wish that they could talk with someone that can look at the problem they are facing and let them know if they are doing the right thing. Let them know they won’t cause a Sev1. If your systems programmers are struggling a bit and need a little support, reach out to me. I know a lot of “Semi-retired” systems programmers that can help you out. #Mentor #Mainframe #ZOS #CICS #IMS #DB2 #Commserver #Sev1 

53

2 Comments

You know when a site crashes during a big sale? Or you get logged out mid checkout and your basket disappears? That’s usually not just traffic It’s a state problem This is what’s happening behind the scenes Most systems don’t struggle to scale they struggle because of where they keep state In a stateful setup each server stores user data login cart session User A lands on Server A and now everything lives there Every request has to go back to that same server So the load balancer can’t distribute traffic freely it’s forced to send users back to the same machine Now traffic spikes You add more servers but they can’t help much And if that server crashes Session gone cart wiped user logged out The server becomes irreplaceable Now look at the right side of the diagram Stateless systems don’t store user state on the server State lives in a shared place database cache or inside the request Now any server can handle any request Scaling becomes simple failures don’t break the experience servers become interchangeable Simple shift massive impact Image ByteByteGo

29

1 Comment

𝐋𝐞𝐚𝐫𝐧 𝐋𝐢𝐧𝐮𝐱 𝐁𝐞𝐟𝐨𝐫𝐞 𝐘𝐨𝐮 𝐋𝐞𝐚𝐫𝐧 𝐀𝐧𝐲𝐭𝐡𝐢𝐧𝐠 𝐄𝐥𝐬𝐞 𝐋𝐞𝐚𝐫𝐧 𝐋𝐢𝐧𝐮𝐱 𝐛𝐞𝐟𝐨𝐫𝐞 𝐃𝐨𝐜𝐤𝐞𝐫 𝐋𝐞𝐚𝐫𝐧 𝐋𝐢𝐧𝐮𝐱 𝐛𝐞𝐟𝐨𝐫𝐞 𝐀𝐖𝐒 𝐋𝐞𝐚𝐫𝐧 𝐋𝐢𝐧𝐮𝐱 𝐛𝐞𝐟𝐨𝐫𝐞 𝐊𝐮𝐛𝐞𝐫𝐧𝐞𝐭𝐞𝐬 This isn’t gatekeeping, It’s reality. Most “cloud” problems aren’t cloud problems. They’re Linux problems: Permissions Processes Networking Filesystems Logs Services not starting If you don’t understand what’s happening under the hood, tools like Docker, Kubernetes, or AWS become magic boxes and magic boxes are scary in production. Linux gives you: Confidence when things break The ability to debug instead of guessing Skills that transfer across tools and platforms 𝐆𝐨𝐨𝐝 𝐩𝐥𝐚𝐜𝐞𝐬 𝐭𝐨 𝐬𝐭𝐚𝐫𝐭: linuxjourney.com man pages A local VM Browser labs like 'Killercoda' This foundation will save you months later. #linux #devops #cloud #careers CoderCo

28

Someone in a DevOps group I am in posted this last week. "AI is going to replace DevOps engineers." 67 comments. Half agreeing. Half panicking. Here is my actual take after 9 years in this field. AI is not coming for DevOps engineers. It is coming for DevOps engineers who stopped learning two years ago. The role right now is not about who can write the best YAML or spin up a Kubernetes cluster the fastest. Every mid-level engineer can do that. What AI cannot do is understand your org's deployment culture, own incident response decisions at 2am, or architect a platform that 300 developers actually want to use. What I am focused on in 2026 is this. AIOps for automated root cause analysis. AI agents for Kubernetes optimization. LLMOps so our team can actually run and maintain AI models in production without it becoming a second full-time job. The DevOps engineers thriving right now are not the most senior ones. They are the most curious ones. Automation was the first wave. Autonomy is the next one. And the engineers who understand both will define what Platform Engineering looks like for the next decade. Stop asking if AI will replace you. Start asking what you can build with it that you never could before. What is one AI skill you are actively learning as a DevOps or Cloud Engineer right now? Drop it below. #DevOps #AIOps #LLMOps #PlatformEngineering #Kubernetes #MLOps #CloudEngineering #DevSecOps #SRE #GitHubCopilot #CICD #GenerativeAI #InfrastructureAsCode #TechCareers #DevOps2026

14

1 Comment

Technically speaking, Allen Holub is likely correct with a very high percentage. DevOps was born as a culture of shared responsibility, not a job title. When we hire a "DevOps Engineer," we often just build a new silo between the code and the user. The goal shouldn't be a middleman; it should be an engineer who owns their work from the first line of code to the final deployment..

63

3 Comments

ATTN: Senior Engineers!! Most CVs I see still read like a shopping list. “Kubernetes. Terraform. AWS. GitOps.” That doesn’t make you stand out in 2026. Here are the top 5 CV mistakes I keep seeing in DevOps / Platform Engineering / SRE: 1️⃣Tools with no context: “Kubernetes” is not a project. 2️⃣No scale: Was it one cluster or 200 services? One team or 50? 3️⃣No problem statement: What was broken before you touched it? 4️⃣No metrics: Faster deploys, fewer incidents, where are the numbers? 5️⃣No ownership: Did you build it, run it, improve it, or just “support” it? You should use this format for every big line on your CV: Problem → What you did → What changed (metric) → Where (stack + scale) Example: “Cut deploy time 70% by rolling out GitOps on EKS across 50 teams. Reduced rollback rate by 40%.” Follow: Cristian Vega-Laiz Follow: Concentric Recruitment #DevOps #SRE #PlatformEngineering

19

7 Comments

How Micro-Credentials Solved Our Cloud Architect Crisis in 28 Days Degrees don't deploy infrastructure. Skills do. A government IT client needed 19 cloud architects for a $27M federal project-with just 30 days before contract penalties hit. Traditional hiring was failing against FAANG competition and 73-day hiring cycles. The solution? Micro-credential validation hiring. Our 4-Week Sprint: Week 1: Mapped 12 specific micro-credentials (AWS Solutions Architect, Google Cloud Professional, FedRAMP certifications) to actual job requirements. Week 2-3: Built skills-first screening prioritizing proven competencies over degrees. Used 45-minute technical demos with real federal scenarios instead of traditional interviews. Week 4: Fast-tracked certified candidates through security clearance using portfolio reviews and peer coding sessions. Game-Changing Results: • All 19 positions filled in 28 days (vs. 73-day average) • 38% cost reduction in recruiting fees • 91% retention after 12 months (vs. 67% industry standard) • $2.1M saved in avoided penalties The breakthrough insight: Candidates with AWS + FedRAMP certifications outperformed degree-holders by 47% in performance reviews and needed 60% less onboarding time. Three Tactical Takeaways: 1. Map credentials to actual outcomes-not all certifications predict success equally 2. Weight portfolios over pedigree-demonstrated competency beats theory 3. Leverage faster clearance processing for certified candidates In skills-based hiring, the question isn't about degrees. It's about proving capability. Which critical roles in your organization could benefit from micro-credential validation?

2

I opened a VPC review���and my spirit left my body 😅 Everything was in one subnet. Load balancer. Application servers. Databases. Backups. All reachable from each other. Nothing was publicly broken — but nothing was isolated either. So I redesigned the network: • Separated public and private subnets • Moved the database into an isolated subnet (no internet route) • Restricted east-west traffic with security groups • Forced outbound access through a NAT gateway Same workloads. Completely different blast radius. An attacker doesn’t need admin access to take your environment. They only need one workload in the wrong subnet. From there… the network does the rest. One misconfiguration. One exposed service. They don’t stop at one server. They move sideways. Instance → application → database → backups. That’s how most cloud breaches actually happen. Not encryption failures. Not weak passwords. Lateral movement. The difference between an $80M breach and a contained incident isn’t budget. It’s segmentation. 🔴 Flat Network Once inside, nothing stops lateral movement. 🟢 Proper VPC Subnetting Public subnet → entry only Private subnet → application only Isolated subnet → data only Security groups filter traffic. Subnets create boundaries. Architecture limits damage. One subnet = one failure domain. Three subnets = blast radius control. Because security isn’t only protection. It’s containment. #FaithsCloudChronicles #AWS #CloudSecurity #VPC #CloudArchitecture #DevOps

14

15 Comments

Containment strategy in tech: 1. Find the issue. 2. Contain the issue. 3. Realize the issue contained you instead. #TechHumor #DevOps #Containment

12

The DevOps job market is shifting. Here's what I'm seeing in 2024-25: DECLINING DEMAND: 📉 Pure "DevOps Engineer" roles 📉 Tool-focused specialists 📉 Junior positions with 2-3 years experience EXPLODING DEMAND: 📈 Platform Engineering roles (+150%) 📈 DevSecOps with compliance expertise 📈 FinOps and cloud cost optimization specialists 📈 Senior advisors/consultants (10+ years experience) What's driving this? → Organizations moved past "implementing DevOps" → Now optimizing, governing, scaling what they built → Platform thinking > toolchain thinking → Need strategic guidance, not just execution If you're in DevOps, time to: 1️⃣ Pivot toward platform engineering concepts 2️⃣ Learn FinOps (Kubernetes cost optimization is gold) 3️⃣ Understand business outcomes along with tech metrics 4️⃣ Build advisory/consulting skills The future belongs to DevOps professionals who think like business strategists. What trends are you seeing in your organization? #DevOps #PlatformEngineering #CareerAdvice #TechTrends

65

14 Comments

🧠 Understanding AWS Infrastructure: Regions, AZs, and Edge Locations AWS is made up of a global network of data centers you can use without owning them. Here’s how it’s organized: 🌍 Regions: Big geographic areas (like London or Korea) that group AWS services together. 🏢 Availability Zones (AZs): Separate data centers within a region, designed for high availability and failover. 📍 Edge Locations: Small sites close to users that speed up content delivery (used with CloudFront). So here, we can talk about caching mainly. Think of it like this: Regions = Cities AZs = Big buildings in those cities Edge Locations = Local convenience stores near your house for faster service.

6

AWS Daily With Divine CloudFront costs tripled this month. Traffic stayed flat. Where do you look first? Most teams immediately check request count. That's the wrong place. CloudFront's job is to serve content from edge locations so requests never travel back to your origin. When it's working correctly, most requests hit the cache which is closer to the user so its cheap and fast. When cache miss rate is high, almost every request travels back to your origin. You're paying data transfer costs on requests that should have been free. Two reasons this can happen even with CloudFront configured: - No cache-control headers so CloudFront doesn't know how long to keep content so it fetches fresh almost every time. - Origin Shield might be disabled. Origin Shield is a middle layer that consolidates requests before they hit your origin. Without it, every edge location fetches independently. Same traffic. Tripled costs. The requests didn't change, where they're going did. Check your cache hit rate first, not your request count. That's your entire diagnosis. Have you hit this before? What was your specific culprit? #AWS

5

Contractors get exit interviews.  Your AI agents just get forgotten. Built for a project. Granted permissions. Left running when the work moved on. Your IAM team offboarded 200 people last year. They offboarded zero agents. ━━━━━━━━━━━━━━━━━━━━━━ 🔴 𝗪𝗛𝗔𝗧 𝗧𝗛𝗔𝗧 𝗖𝗢𝗦𝗧𝗦: 14 agents. Zero in IAM. Attacker found one with S3 write access. Breach cost: $2.3M. Same environment. NHIs registered, scoped, monitored. Compromised agent revoked in 3 minutes. Breach cost: $0. The difference was not the agent. It was whether anyone knew it existed. ━━━━━━━━━━━━━━━━━━━━━━ ⚡ 𝗧𝗛𝗘 𝟲-𝗣𝗢𝗜𝗡𝗧 𝗡𝗛𝗜 𝗖𝗛𝗘𝗖𝗞𝗟𝗜𝗦𝗧: 1️⃣ 𝗜𝗻𝘃𝗲𝗻𝘁𝗼𝗿𝘆 - Agent registered with a named owner 2️⃣ 𝗦𝗰𝗼𝗽𝗲 - Permissions tied to task, not team 3️⃣ 𝗘𝘅𝗽𝗶𝗿𝘆 - Every credential has a TTL 4️⃣ 𝗔𝘂𝗱𝗶𝘁 - Log intent, not just action 5️⃣ 𝗢𝗳𝗳𝗯𝗼𝗮𝗿𝗱𝗶𝗻𝗴 - Project ends, agent deprovisioned 6️⃣ 𝗥𝗲𝘃𝗼𝗰𝗮𝘁𝗶𝗼𝗻 - Compromised agent revoked in under 5 minutes 🔖 Screenshot this. Run it against your agents today. ━━━━━━━━━━━━━━━━━━━━━━ 🔴 𝗧𝗛𝗘 𝗕𝗥𝗨𝗧𝗔𝗟 𝗧𝗥𝗨𝗧𝗛: Your identity model was built for humans. Agents don't have Okta profiles. They just keep running. ━━━━━━━━━━━━━━━━━━━━━━ How many of these 6 do you have? 0 / 1–2 / 3–4 / 5–6 Drop your score _________ 🔖 Save this before your next agent deployment ♻️ Repost if your IAM policy doesn't mention agents ➕ Follow Mohammad Syed for AI & Cybersecurity insights

74

39 Comments

I’ve been a DBA long enough to know that half the job is explaining why the job even exists. The other half is doing the work anyway. Lately, I’ve been navigating something new: GitLab, DevOps pipelines, IaC for RDS, and wiring automation with Ansible. None of this was in the "classic DBA handbook," unless you count the chapter titled "Please learn whatever the organisation ignores until they suddenly need it." So I’ve been learning on the job, not pretending to be an expert cuz everyday is new, not trying to compete with anyone, just trying to make the database world a little less chaotic. - Writing automation scripts. - Adding structure to DB changes via CD pipelines. - Turning RDS configurations into IaC so things stop living in someone’s memory. - Building pipelines so changes don’t depend on luck or screenshots. It’s new. It’s messy. I still Google things I shouldn’t admit. But it’s progress. If you’re a DBA caught between expectations and tools, and you’re not alone. We adapt. We learn. We keep the lights on even when no one notices. And honestly? That’s enough. #DBA #DevOps #GitLab #Ansible #RDS #IaC #LearningInPublic #TechLife

48

3 Comments

A few ago. My colleague runs 𝘁𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺 𝗮𝗽𝗽𝗹𝘆. 30 seconds later: 10,000 VMs destroyed in staging. 𝗧𝗵𝗲 𝗹𝗲𝘀𝘀𝗼𝗻: Guardrails aren't slowdowns. They're safety nets that let you move FASTER. Here's what happened: A "minor" change in a shared Terraform module. My colleague was in a rush. He knew the code inside-out. "No need for plan, it's just a tag adjustment." 𝘁𝗲𝗿𝗿𝗮𝗳𝗼𝗿𝗺 𝗮𝗽𝗽𝗹𝘆 -𝗮𝘂𝘁𝗼-𝗮𝗽𝗽𝗿𝗼𝘃𝗲 The module had a misconfigured variable. Instead of updating tags, Terraform decided ALL VMs needed recreation. The damage: → 10,000 VMs destroyed instantly → 3 hours to rebuild the environment → 1 week of rush → +10 services impacted What I learned: ❌ 𝗪𝗵𝗮𝘁 𝗗𝗢𝗘𝗦𝗡'𝗧 𝘄𝗼𝗿𝗸:  • Trusting "I know this code"  • Using -auto-approve to "save time"  • Treating staging as "risk-free" ✅ 𝗪𝗵𝗮𝘁 𝗔𝗖𝗧𝗨𝗔𝗟𝗟𝗬 𝘄𝗼𝗿𝗸𝘀: 1. Mandatory plan in CI/CD pipeline 2. Critical resource protection 3. Terraform workspaces + state locking 4. Pre-commit hooks Terraform is powerful. Terrifyingly powerful. One command can destroy years of work in 30 seconds. Each safeguard you add = one less catastrophic mistake. Each environment you protect today = fewer rollbacks tomorrow. ____________________________________________________________________ Building in public as a DevOps & Cloud Engineer ⚙️☁️ Sharing what I learn, what fails, and what actually works in the cloud. If you find value here: save/𝗿𝗲𝗽𝗼𝘀𝘁 & follow → https://lnkd.in/eyqHVSiC #DevOps #Terraform #InfrastructureAsCode #PlatformEngineering #SRE #DevSecOps #IaC #CloudEngineering

26

Today a coworker explained to an otherwise-worthless AWS "engineer" how the world really works... Coworker: "The cloud isn’t the internet, moron. It’s just how the billionaires decided to ruin the PC revolution" Corey Haskin: LOL

5

1 Comment