Hi, I'm Kevin

I've worked with Amazon Web Services since 2018.

Between 2018 and 2021 I was involved in planning and provisioning infrastructure for a microservice-based product called Konekti while working for Synoa GmbH.

Some areas I've experience with:

• Elastic Kubernetes Services (EKS)
• Elastic Compute Cloud (EC2)
• Automatic resource tagging to monitor budgets
• Security Groups and Ingress Control
• AWS Load Balancers
• VPC and subnet management

In 2017 I drove the initial adoption of Docker for local development at Synoa GmbH.

In the years following until I departet in 2023 we used Docker locally, in ECS, in TeamCity CI/CD pipelines, and as runtime on simple Ubuntu servers.

Some areas I've gained knowledge in over the years include:

• Running CI/CD pipelines in Docker containers
• Multi-stage docker builds
• Running Traefik in Production from 2018 to 2023
• Distributing CLI tools as Docker containers
• Deploying docker with Docker Remote API

Since starting at AOE I deepend my knowledge of Kubernetes, working with multiple clusters, developing tools, and working with Developer Teams everyday. I've also started co-teaching the "Kubernetes 101" Workshop where a co-host and me give a introduction to Kubernetes concepts.

• Elastic Kubernetes Services (EKS)
• Helm Chart maintenance
• Debugging with teams
• Tools like k9s, stern, and Lens

Proper monitoring is incredibly helpful in debugging, and should be implemented from the start.

Some monitoring tools I've maintained and used in production:

• Prometheus
• Alertmanager
• Grafana
• Loki
• collectd
• node_exporter
• blackbox_exporter
• cadvisor
• AWS CloudWatch metrics
• AWS CloudWatch alarms

Setting up infrastructure in the cloud is lot of work and the more manual steps are involved, the more likely errors will be introduced.

Over the past years I've gained a lot of experience building, managing, and upgrading infrastructure with terraform and Ansible.

• Terraform module creation and maintenance
• Ansible role creation and maintenance
• Terraform integration with CI/CD pipelines
• Handling of breaking infrastructure changes
• Custom tooling in Python, Go, and Rust
• Maintenance of Helm Charts

I 🧡 Terraform! I've experience with the creation and maintenance of complex modules that integrate various different services, including the following technologies

• AWS VPC and subnets
• AWS VPC networking & routing
• AWS EC2 servers
• AWS EC2 Auto-scaling groups
• AWS Security Groups and ingress rules between servers, including ingress across AWS accounts
• AWS Route 53 domains and sub-domains
• AWS ECS clusters and services
• AWS S3 buckets and access policies
• AWS IAM users for S3 access
• MongoDB Atlas Cloud
• MongoDB Atlas Cloud and AWS VPC peering connections
• Hetzner Cloud

Security must be considered from the start. Period.

Don't give all-access to a entity because it's easy. Don't open all ports because it's easy. Don't run your code as root because it's easy.

Some rules I follow:

• HTTPS-only traffic
• Always use random, auto-generated passwords
• SSL certificate management with Let's Encrypt and AWS Certificate Manager
• Integration with Single-Sign On where possible
• Never share passwords in plain-text