Hi, I'm Kevin!

A DevOps Engineer
working at AOE GmbH.

I've spent the last 14 years learning to build websites & run servers; worked in e-Commerce since 2013, and focused on Cloud Computing, Containers, Automation, and Monitoring since starting DevOps full-time in 2018.

⬇

Cloud Computing 🌩

Computers! Computers! Computers! 👏

I've worked with Amazon Web Services since 2018.

Between 2018 and 2021 I was involved in planning and provisioning infrastructure for a microservice-based product called Konekti while working for Synoa GmbH. During this time I gained extensive knowledge of:

  • Elastic Container Services (ECS)
  • Elastic Compute Cloud (EC2)
  • Auto-scaling Groups
  • Intensive, automatic resource tagging to monitor budgets
  • Security Groups and Ingress Control
  • AWS Load Balancers and Traefik Edge Proxy
  • VPC and subnet management

Monitoring 👀

Keeping tabs on everything

Proper monitoring is incredibly helpful in debugging, and should be implemented from the start.

Some monitoring tools I've maintained and used in production:

  • Prometheus
  • Alertmanager
  • Grafana
  • Loki
  • collectd
  • node_exporter
  • blackbox_exporter
  • cadvisor
  • AWS CloudWatch metrics
  • AWS CloudWatch alarms

Containers 🐳

"It's no use Mr., it's virtualization all the way down" 🐢

In 2017 I drove the initial adoption of Docker for local development at Synoa GmbH, later pushing usage in CI/CD, Kubernetes, and ECS.

Some areas I've gained knowledge in over the years include:

  • Running CI/CD in Docker containers
  • Multi-stage docker builds
  • Running Traefik in Production from 2018 t0 2023
  • Distributing CLI tools as Docker containers
  • Deploying docker with Docker Remote API
  • Monitoring with cAdvisor

Automation 🦾

Predictability and reliability through automation and scripting

Setting up infrastructure in the cloud is lot of work and the more manual steps are involved, the more likely errors will be introduced.

Over the past years I've gained a lot of experience building, managing, and upgrading infrastructure with terraform and Ansible.

  • Terraform module creation and maintenance
  • Ansible role creation and maintenance
  • Terraform integration with CI/CD pipelines
  • Handling of breaking infrastructure changes
  • Custom tooling in Python, Go, and Rust

Terraform

I 🧡 Terraform! I've experience with the creation and maintenance of complex modules that integrate various different services, including the following technologies

  • AWS VPC and subnets
  • AWS VPC networking & routing
  • AWS EC2 servers
  • AWS EC2 Auto-scaling groups
  • AWS Security Groups and ingress rules between servers, including ingress across AWS accounts
  • AWS Route 53 domains and sub-domains
  • AWS ECS clusters and services
  • AWS S3 buckets and access policies
  • AWS IAM users for S3 access
  • MongoDB Atlas Cloud
  • MongoDB Atlas Cloud and AWS VPC peering connections
  • Hetzner Cloud

Security 🔐

◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎◼︎ ◼︎◼︎◼︎◼︎◼︎

Security must be considered from the start. Period.

Don't give all-access to a entity because it's easy. Don't open all ports because it's easy. Don't run your code as root because it's easy.

Some rules I follow:

  • HTTPS-only traffic between systems
  • Restrictive AWS IAM users and roles
  • Automatic generation of AWS IAM users and automated S3 access management via Terraform
  • Auto-generated Passwords wherever possible
  • Password management with self-hosted Password manager
  • SSL certificate management with Let's Encrypt and AWS Certificate Manager

Contact 💌

Well, well, well, ... you've reached the end of this very lovely and pretty ✨cool✨ website.

If you want to connect with me, hit me up on:

If you write me on LinkedIn or request to connect please be patient: I get a lot of messages and catch up only once a week!

Still not read enough? Well, there's the about page left!