Focus Areas
Cloud & Migrations
I help you get your infrastructure ready for the cloud
I have worked a lot of time with bare-metal, on-premises infrastructure. It became obvious that cloud services have a huge amount of benefits, but requires a lot of experience to make sure to avoid the drawbacks like cost traps or vendor lock-in.
I am a big proponent of Infrastructure-as-Code (IaC) and immutable infrastructure, as far as it can be sensibily achieved. Having your whole infrastructure in a git repository and being able to recreate, clone, scale or change all assets with a single command is, for me, the most important benefit of a cloud-native infrastructure.
The most difficult aspect of a cloud migration is to keep the drawbacks in check while still leveraging the benefits. Keeping an eye on costs and potential vendor lock-in is paramount.
Monitoring & Alerting
I help you get insights into your infrastructure
I really like to have detailed, comprehensive monitoring for everything in a system. This goes through the whole stack, from the infrastructure parts to the application.
Same goes for logging. With an effective combination of metrics and events nearly every problem can be traced back to its root cause.
I did 24/7 on-call duty rotations, so I have some on-hands experience with alerting and know what to improve and optimize.
DevOps Architecture
I help you build reliable, scalable services
In the past, I have worked with many different kind of applications. From big monoliths to small, stateless microservices. There are a lot of different approaches to architecture and infrastructure, and none is strictly better than the other.
Instead of focussing on a single appraoch (e.g. microservices), I prefer to adapt the solution to the requirements. Over time, I came to recognize the following values in good architecture:
- Composability
- Clear separation of concerns
- Explicit and confined state
- API-driven infrastructure
"DevOps" is one of the most misunderstood concepts that currently exists in the IT industry. Nevertheless, I am convinced that actual DevOps is the most effective way to build software. By having a tight coupling between application code and infrastructure, a whole family of potential problems are eliminted before they even appear.
Because I have experience both with the infrastructure and the application side I am able to build full-stack application that adhere to this DevOps mentality and enable architectures that would not even be possible in a traditional approach.
Security
I help you ensure the security or your data and applications
To me, information security is one of the most critical aspects in today's IT landscape. Many recent changes and technologies made traditional security approaches obsolete, or even dangerous to apply.
I am really fond of of Google's BeyondCorp zero-trust security concept, leveraging protocols like OAuth and OpenID Connect. In the end, security is not all-or-nothing, it is a spectrum and has many different aspects, from code to humans.
Also, security is not something you can just tack on existing applications after the fact. Security engineering has to be an integrated part of your application development, processes and, effectively, the whole company. You are never really "done" with security.
Automation
I help you automate as much as possible
Everything done manually will be done wrong eventually. But computers are very good at doing the exact same tasks over and over and over again, so let's delegate as much as possible to them!
Using orchestration tooling like Ansible enables us to track all tasks in version control, review them, and execute them automatically. Combined with CI tools like Drone or automation suites like Rundeck makes it possible to have all changes and regular tasks done automatically.
My philosophy is to never do a tasks twice manually. Before you do it a second time, automate it away.
Technologies
Containerization
Kubernetes
Docker
helm
cri-o
containerd
OCI
Rancher
Databases
PostgreSQL
ElasticSearch
MySQL
Redis
InfluxDB
SQLite
MongoDB
Configuration Management
Terraform
Ansible
Pulumi
Packer
Puppet
SaltStack
Web Development
HTML
CSS
Bulma
JavaScript
Flask
Django
Elm
Programming
Python
Go
TypeScript
Rust
Bash
PHP
Java
C#
Ruby
Monitoring
Prometheus
Grafana
CheckMK
Logstash
Kibana
OpsGenie
cAdvisor
Development
Git
Neovim
OpenAPI
Visual Studio Code
Automation
Drone
GitLab CI
Jenkins
Rundeck
Foreman
Cloud Providers
AWS
DigitalOcean
OpenStack
Hetzner Cloud
Web Servers
Nginx
Apache
HAProxy
OpenResty
Operating Systems
CentOS
Debian
Ubuntu
Fedora
Alpine
FreeBSD
Arch Linux
Security
Keycloak
OpenID Connect
GnuPG
pfSense
Letsencrypt
Nmap
Wireshark
OpenVPN
OAuth
Virtualization
Libvirt / KVM
Vagrant
Qemu
LXC
oVirt
Storage
Ceph
ZFS
AWS Services
EC2
RDS
S3
VPC
IAM
ECS
EFS
Lambda
Route 53
Misc
Jira
LaTeX
Hugo
systemd
Postfix
Dovecot
Certifications
Languages
German | |
English | |
French | |
Spanish |