// selected work

I build and run infrastructure that stays up.

DevOps, Kubernetes, security and automation — taken from messy and manual to reproducible, observable and reliable. A few cases below: the problem, what I did, and the result.

Case studies

Selected work

Managed Kubernetes
DevOps & Kubernetes

Turnkey Kubernetes platform

Challenge. A "bare" cluster with manual kubectl deploys, no autoscaling and no visibility — risky releases and slow incident response.
Approach & solution. Audit → IaC (Terraform) → GitOps on ArgoCD, ingress + cert-manager, Prometheus/Grafana/Loki, HPA and request right-sizing — rolled out without downtime.
99.9%
target uptime
1 PR
to deploy / roll back
-40%
cloud spend
DevSecOps
Security · DevSecOps

Security baked into CI/CD

Challenge. Vulnerable code and CVE-laden dependencies shipping to production; secrets scattered across the repo; no audit readiness.
Approach & solution. SAST/SCA in the pipeline (Semgrep, Trivy), image scanning, CIS hardening, secrets in Vault/SOPS with git-history cleanup, centralized logs and an incident-response plan.
-90%
vulns reaching prod
100%
deploys scanned
Ready
for ISO 27001 / SOC 2
Self-hosted DNS
DNS & Infrastructure

Self-hosted DNS: 30+ zones off Cloudflare

Challenge. Full dependence on an external DNS provider — no control, no jurisdiction split, no own redundancy.
Approach & solution. Hidden-primary PowerDNS + authoritative NSD edge nodes worldwide, two NS pools (regional split), automated wildcard certs via DNS-01, scheduled zone sync — every zone reconciled before delegation cutover.
30+
zones migrated
0
downtime
auto
wildcard certs
DevOps outsourcing
DevOps & Kubernetes

DevOps as a service: CI/CD & reliability

Challenge. Manual deploys, single points of failure and "works only on one machine" — fragile, slow, undocumented.
Approach & solution. CI/CD with auto-deploy and fast rollback, Infrastructure as Code (Terraform/Ansible), containerization, monitoring with alerts, backups and tested disaster recovery.
x10
release frequency
-80%
time to deploy
99.9%
uptime
Multisite platform
AI & Web

Multisite landing platform on one engine

Challenge. Several SEO-distinct landing sites for different services — without turning into a zoo of separate codebases.
Approach & solution. One technical core (markup, form, captcha, backend) with per-domain content, theme and keywords; single Ansible deploy looping over all sites; one shared form backend that tags the source.
1
codebase, N sites
1 cmd
deploy all
SEO
fully separated
Toolbox

What I work with

KubernetesDockerTerraform AnsibleArgoCDGitLab CI / Actions HelmPrometheus / GrafanaLoki PowerDNS / NSDVault / SOPSTrivy / Semgrep Angie / nginxPostgreSQLPython Node / Next.jsAWS / GCPLinux

Have a cluster, a pipeline, or a mess to untangle?

Tell me what you're working on — I reply within a day.

No spam, no pushy calls.