Systems and Security thinking applied to DevOps Engineering. Hands-on experience designing, building, and operating infrastructure across on-premise and cloud environments.
Every component is automated, version-controlled, pipelined through GitLab CI/CD, and shipped publicly on GitHub.
Domains & Methodologies: Infrastructure as Code (IaC), Continuous Integration and Continuous Delivery (CI/CD), GitOps, Configuration Management, Distributed Systems, Storage, Container Orchestration, Networking, On-premise Infrastructure, Security Hardening, High Availability (HA), Fault Tolerance, Disaster Recovery (DR), Service Discovery, Load Balancing, Horizontal Scaling, SLO/SLI Definition, Reliability Engineering, Observability-Driven Development, Automation of Toil
Security: IAM/Least-Privilege Policy Design, Container/Image Scanning, CIS (Center for Internet Security) Benchmarks, Secrets Management
Automation: GitLab CI, GitHub Actions, Git, Terraform, Bash, SOPS, AWS Secrets Manager, Trivy
Delivery: Docker, Nomad, Linux, AWS (IAM, EC2, S3, ECS, ECR, ALB/ELB, Fargate), Consul Connect mutual-TLS service mesh, Tailscale, Cloudflare, Render, HashiCorp Vault
Observability: CloudWatch, Grafana LGTM stack (Loki, Grafana, Tempo, Mimir), Node exporter, Alertmanager, Prometheus, OpenTelemetry, OpenTelemetry Collector
- Infrastructure
- Storage Architecture & Data Management
- Network Segmentation & Traffic Control
- High Availability & Fault Tolerance
- Infrastructure Architecture & Networking
- Linux Systems Administration
- Platform & orchestration
- Multi-Environment Deployment
- Containerization & Orchestration
- Service Mesh & Internal DNS
- Configuration Management
- Infrastructure as Code
- Delivery & automation
- CI/CD Pipeline Design & Automation
- GitOps & Version Control Workflows
- Developer Tooling & Process Engineering
- Operations
- Platform Reliability Engineering
- Observability & Monitoring
- Capacity Planning & Resource Optimization
- Threat Detection & Incident Response
- Secrets Management & Credential Rotation
- Disaster Recovery & Backup Strategy
Description:
A Go webhook relay through multi-stage GitLab CI/CD with Grafana's Loki-Grafana-Tempo-Mimir (LGTM) observability stack, service mesh, and live AWS deployment. Instrumented end-to-end with OpenTelemetry for trace, metric, and log correlation.
Technologies:
Go · GitLab CI/CD · Terraform · AWS ECS Fargate · Nomad · OTel
Description:
Infrastructure-as-code and documentation for a on-premise GitLab CI/CD pipeline, LGTM observability stack, Nomad orchestration, and Tailscale networking on Arch Linux.
Technologies:
GitLab CE · Docker Compose · LGTM · Nomad · Consul · Tailscale
┌─────────────────────────────────────────────────────────────────────┐
│ cicd-observability-stack │
│ │
│ ┌─────────────┐ ┌──────────────────┐ ┌─────────────────┐ │
│ │ GitLab CE │───▶│ GitLab Runner │───▶│ Loki · Grafana │ │
│ │ Registry │ │ Docker executor │ │ Tempo · Mimir │ │
│ └─────────────┘ └──────────────────┘ │ Alloy · OTel │ │
│ └────────┬────────┘ │
└────────────────────────────────────────────────────────│────────────┘
│ observes
┌────────────────────────────────────────────────────────│────────────┐
│ go-cicd-observability │ │
│ ▼ │
│ ┌─────────────┐ ┌──────────────────┐ ┌─────────────────┐ │
│ │ Go webhook │───▶│ GitLab CI/CD │───▶│ Nomad · Consul │ │
│ │ relay · OTel│ │ 6 stages │ ╔══│ mTLS · homelab │ │
│ └─────────────┘ └──────────────────┘ ║ └─────────────────┘ │
│ ║ │
│ ╚══▶┌─────────────────┐ │
│ │ AWS ECS Fargate │ │
│ │ Terraform · ALB │ │
│ └─────────────────┘ │
└─────────────────────────────────────────────────────────────────────┘