Projects

calendar Apr 12, 2026 · 1 min read  ·
Share on: linkedin copy

Hands-on labs demonstrating production-grade infrastructure patterns. Each one is designed to be read — the documentation, decisions, and CI are as much the point as the code.

SRE & Operations

  • SRE Observability Lab — SLO-based alerting with error budget burn-rate math, chaos engineering with documented expected outcomes, runbooks linked from alerts, request ID correlation across services, promtool-tested alert rules in CI.

  • Go Deploy Lab — A Go application through the full deployment lifecycle: multi-stage distroless builds, Kubernetes manifests with security hardening, rolling updates, Kyverno policies, Prometheus metrics, Grafana dashboards.

Security & Compliance

  • Container Hardening Lab — CIS/Iron Bank-aligned container hardening: non-root builds, OPA/Kyverno policy enforcement, Cosign signing, SBOM generation, Falco runtime detection.

  • IaC Security Lab — Policy-as-code for Terraform with tfsec, Trivy, and OPA/Rego static analysis against CIS AWS Foundations Benchmark. No cloud credentials required.

Platform

  • K8s Bootstrap Lab — Production-grade Kubernetes platform bootstrap: GitOps, observability, and runtime security from Kind to EKS.

  • MLOps Pipeline Lab — Production-grade MLOps deployment pipeline: container hardening, CI/CD, GitOps, observability, and Kyverno policy enforcement around a HuggingFace model.