Tech focus
Cloud (AWS · Azure) · Kubernetes Platform Engineering ·
GitOps · Observability · Secrets Management · Identity Federation ·
Security Hardening · Python · BSI IT-Grundschutz · DSGVO/Schrems II
Homelab Projects
personal build · production-grade
Kubernetes Single-Cluster Platform
Beelink SER5 Pro · Proxmox VE · 3-node cluster · Phases 0–10 complete
A foundation Kubernetes platform built with production engineering practices —
running on a single Proxmox host (32 GB RAM, 500 GB SSD) with a 3-node kubeadm v1.31 cluster. The platform covers the full engineering stack:
GitOps
ArgoCD App-of-Apps · crane + Trivy image promotion pipeline
Observability
Prometheus · Grafana · Loki · Promtail
Security
Vault + ESO · Falco · NetworkPolicy · cert-manager
Identity
Keycloak SSO
Networking
Cloudflare Tunnel · nginx-ingress · Calico CNI
Storage & Backup
CloudNativePG · WAL archiving · PITR · Longhorn · MinIO · Velero · rclone
Workload
Nextcloud · Redis · Homepage
live
homelab
Kubernetes Multi-Cluster Platform
Beelink SER5 Pro · Talos Linux · Hub-and-Spoke · vCluster · Cilium
Simulates a multi-tenant enterprise environment managed centrally using a Hub-and-Spoke pattern — a single management plane controlling
isolated tenant clusters, eliminating duplication of platform services across environments.
Management
ArgoCD Hub · Vault · Keycloak · ESO · Cilium Gateway API
Observability
Prometheus · Grafana · Loki — aggregated across all clusters
Networking
Cilium CNI · Cluster Mesh · Gateway API · Cloudflare Tunnel
Storage & Backup
Longhorn · MinIO · Velero — shared across vClusters
vCluster: prod
Nextcloud · CloudNativePG · Redis
vCluster: staging
Nextcloud · CloudNativePG
planned
homelab
Application Proposals
proposed architectures prepared for job applications.