Hi, I'm Kevin

a Platform / DevOps Engineer
working at AOE GmbH.

A photograph of me, Kevin Gimbel, in front of a grey background

I've spent the last 14 years learning to build websites & run servers; worked in e-Commerce from 2013 to 2023, and started focusing on Platform Engineering in early 2023. Right now I'm part of a DevOps/Platform Team running and building a Kubernetes based Platform for multiple developer teams.

🐝 Buzzwords: Cloud Computing Kubernetes Automation Monitoring

Random facts: Big Rust fan.

News from the block blog

  • RE: You’re a Blogger, Not an Essayist

    Blogging is a conversation. It’s a conversation with yourself and it’s a conversation with others. Barry Hess via https://bjhess.com/posts/you-re-a-blogger-not-an-essayist Some real talk right there. Blogging is all about conversations, thoughts, and FUN. This very website is not a magazine and it’s not a professional publication; It sometimes may include content which is related to the […]

    Continue reading >>

  • Oh no my gpg key expired (like every year)

    Who doesn’t love encryption and security? I like to sign my git commits, and for this I need PGP keys. They are cool when they work and you don’t need to think about them, but every now and then they need to be renewed (unless you use never expiring keys which of course you shouldn’t!). […]

    Continue reading >>

  • What we should learn from the xz backdoor

    You may have heard that a vulnerability was found in the xz tool and liblzma library on Friday, 29th of March 2024 which specifically targeted sshd being managed by systemd on Debian and RedHat Linux systems. What happened The catastrophic scope of the attack At first the backdoor seems very odd. xz is a compression […]

    Continue reading >>

Skills, tools, and other work stuff

Cloud Computing 🌩

Computers! Computers! Computers! 👏

I've worked with Amazon Web Services since 2018.

Between 2018 and 2021 I was involved in planning and provisioning infrastructure for a microservice-based product called Konekti while working for Synoa GmbH.

Some areas I've experience with:

  • Elastic Kubernetes Services (EKS)
  • Elastic Compute Cloud (EC2)
  • Automatic resource tagging to monitor budgets
  • Security Groups and Ingress Control
  • AWS Load Balancers
  • VPC and subnet management

Containers 🐳

"It's no use Mr., it's virtualization all the way down" 🐢

In 2017 I drove the initial adoption of Docker for local development at Synoa GmbH.

In the years following until I departet in 2023 we used Docker locally, in ECS, in TeamCity CI/CD pipelines, and as runtime on simple Ubuntu servers.

Some areas I've gained knowledge in over the years include:

  • Running CI/CD pipelines in Docker containers
  • Multi-stage docker builds
  • Running Traefik in Production from 2018 to 2023
  • Distributing CLI tools as Docker containers
  • Deploying docker with Docker Remote API

Kubernetes ⛵️

Since starting at AOE I deepend my knowledge of Kubernetes, working with multiple clusters, developing tools, and working with Developer Teams everyday. I've also started co-teaching the "Kubernetes 101" Workshop where a co-host and me give a introduction to Kubernetes concepts.

  • Elastic Kubernetes Services (EKS)
  • Helm Chart maintenance
  • Debugging with teams
  • Tools like k9s, stern, and Lens

Monitoring 👀

Keeping tabs on everything

Proper monitoring is incredibly helpful in debugging, and should be implemented from the start.

Some monitoring tools I've maintained and used in production:

  • Prometheus
  • Alertmanager
  • Grafana
  • Loki
  • collectd
  • node_exporter
  • blackbox_exporter
  • cadvisor
  • AWS CloudWatch metrics
  • AWS CloudWatch alarms

Automation 🦾

Predictability and reliability through automation and scripting

Setting up infrastructure in the cloud is lot of work and the more manual steps are involved, the more likely errors will be introduced.

Over the past years I've gained a lot of experience building, managing, and upgrading infrastructure with terraform and Ansible.

  • Terraform module creation and maintenance
  • Ansible role creation and maintenance
  • Terraform integration with CI/CD pipelines
  • Handling of breaking infrastructure changes
  • Custom tooling in Python, Go, and Rust
  • Maintenance of Helm Charts

Terraform 🤖

I 🧡 Terraform! I've experience with the creation and maintenance of complex modules that integrate various different services, including the following technologies

  • AWS VPC and subnets
  • AWS VPC networking & routing
  • AWS EC2 servers
  • AWS EC2 Auto-scaling groups
  • AWS Security Groups and ingress rules between servers, including ingress across AWS accounts
  • AWS Route 53 domains and sub-domains
  • AWS ECS clusters and services
  • AWS S3 buckets and access policies
  • AWS IAM users for S3 access
  • MongoDB Atlas Cloud
  • MongoDB Atlas Cloud and AWS VPC peering connections
  • Hetzner Cloud

Security 🔐

◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎

Security must be considered from the start. Period.

Don't give all-access to a entity because it's easy. Don't open all ports because it's easy. Don't run your code as root because it's easy.

Some rules I follow:

  • HTTPS-only traffic
  • Always use random, auto-generated passwords
  • SSL certificate management with Let's Encrypt and AWS Certificate Manager
  • Integration with Single-Sign On where possible
  • Never share passwords in plain-text

Contact 💌

Well, well, well, ... you've reached the end of this very lovely and pretty ✨cool✨ website.

If you want to connect with me, hit me up on:

If you write me on LinkedIn or request to connect please be patient: I get a lot of messages and catch up only once a week!

Still not read enough? Well, there's the about page left!