Available for new contracts

Hi!, I'm
Ankur Raj Karn.

I m a k e i n f r a s t r u c t u r e t h a t s t a y s u p .

DevOps engineer turning brittle deployments into boring, predictable ones. More than 3 years across cloud platforms, Kubernetes, and CI/CD. Currently enjoying platform engineering at YoungInnovations, which means I've debugged a little bit of everything.

Based in Lalitpur, NP
Currently YoungInnovations
01 · About

The stack I reach for.

More than 3 years of DevOps work, mostly inside service-based company — which is to say I've worked with a lot of stacks. The ones below are the tools I reach for without thinking and have dabbled with. Even though the variety of tools available, I tend to prefer CNCF native tools.

I treat infrastructure like a product, not a side quest.

Most of the systems I've inherited were a slow accumulation of "we'll fix it next sprint." My job is usually to either fix that or build the thing that doesn't become it.

I care about boring deployments, blameless postmortems, and runbooks that someone on call at 3 am can actually follow. I'm equally happy writing a Terraform module, drawing an architecture diagram, or pairing with a backend engineer on a memory leak.

Outside of work, I run a small homelab for tinkering and testing, and I read way more than is strictly healthy. That said, I'm not entirely bound by my nerdy interests; I still make plenty of time to travel and touch some grass.

Cloud & Infrastructure

AWS GCP DigitalOcean Managed K8s Proxmox VMware Linode

Container & Orchestration

Kubernetes Docker Kustomize Helm Cloud Run

Infrastructure as Code

HashiCorp Terraform Pulumi

CI / CD & Automation

GitLab CI/CD GitHub Actions Jenkins Argo CD Capistrano Python Fabric

Monitoring & Observability

Grafana LGTM Stack Prometheus ELK Stack

Programming & Scripting

Bash Python Ruby Go Rust

Security & Access Management

Keycloak Teleport Trivy OWASP ZAP SonarQube Wazuh SIEM Sealed Secrets Mozilla SOPS

Web Services & Databases

Nginx HAProxy Caddy

Databases & Storage

PostgreSQL MariaDB Valkey Redis AWS S3 MinIO Ceph

OS & Management

Ubuntu Server CentOS / Rocky Linux Cloudflare DNS Zero Trust
02 · Experience

Where I've worked.

The roles that shaped how I think about systems, on-call rotations, and the difference between "running" and "production-ready". In my long career I have not just worked in IT but also in other industries. Every past experience has shaped me into the person I am today.

2022 — Present Present

DevOps Engineer II

YI YoungInnovations Pvt. Ltd.

Started as an Intern in 2022, I have worked hard and grown into a full-time DevOps Engineer II. Leading IaC and CI/CD efforts across AWS, GCP, and DigitalOcean. Managing 100+ Kubernetes namespaces and securing pipelines with automated scanning.

TerraformKubernetesGitLab CI/CDTrivyKeycloakPython
Read more
2021 — 2022 1y 2m

ICT Associate Engineer

E Eco Global Power Development Pvt. Ltd.

Designed and maintained IT infrastructure for headquarters and remote sites, while managing stakeholder relationships.

InfrastructureNetworkingLinuxStakeholder Management
Read more
2020 — 2022 1y 8m

Engineer

E Eco Power Development Company Pvt. Ltd.

Liaison and maintained a healthy relationship of company with concerned governmental, non-governmental parties and stakeholders.

Stakeholder Management
Read more
2019 — 2020 9m

Faculty Member

H Hetauda City College

Taught Computer Science and Information Technology courses to undergraduate BSc. CSIT students.

CC++Data StructuresAlgorithms
Read more
2016 - 2019 3y 7m

Technical Consultant

T Tajex E-Solutions Pvt. Ltd.

Worked as a technical consultant, providing technical consultation to students, academic institutions, and businesses in the field of Robotics and Automation.

C++LinuxEmbedded SystemsRobotics
Read more
03 · Education & Certifications

Studied and Certified.

Formal credentials and the certifications I keep current — most recently re-upping CKA in 2024.

Education

Bachelor’s in Engineering in Electronics and Communication
Tribhuwan University, IOE Eastern Regional Campus
2015 — 2019

Certifications

Registered Engineer License
Nepal Engineering Council (NEC)
NEC 2020
04 · Selected projects

Selected work.

A mix of platform work, internal tooling, and weekend tinkering. Filter by category, expand the rest.

18 projects
01 / 18

SUSASAN Digital Governance Platform

Architected a hybrid Kubernetes and VM cluster infrastructure for a critical digital governance platform, achieving 99.9% uptime across 12 interconnected applications for 20 local governments.

KubernetesGitLab CI/CDTrivyOWASP ZAPDevSecOps
02 / 18

Aidstream

Led the migration from a monolithic to a microservices architecture for a global platform serving 1,000+ organizations, improving scalability by 60% and ensuring 99.95% availability with a multi-region failover strategy.

AWSMicroservicesScalabilityMulti-region
03 / 18

IATI Publisher

Led the complete containerization of an open-source aid transparency tool, managing the application within a single Kubernetes cluster to improve portability and deployment consistency.

DockerKubernetesGitHub ActionsOpen Source
04 / 18

NPBMIS (National Project Bank)

Engineered a high-availability infrastructure for a critical government planning application, including an advanced backup and disaster recovery solution using Ceph storage.

High AvailabilityCephDisaster RecoveryPostgreSQL
05 / 18

ATFM-ACDM (Air Traffic Management - Airspace Control and Management)

Designed and deployed a Proxmox-based virtualization cluster for Air Traffic Flow Management at Tribhuvan International Airport. Automated and managed the connections between AMHS (Airspace Management and Handling System) and ACDM (Air Traffic Control and Management) servers.

VaultTeleportOIDC
06 / 18

Census Nepal 2021 Results

Managed secure, scalable deployments for Nepal's census data visualization.

PythonAWSPrometheus
07 / 18

Helm Chart Registry

Internal OCI-based chart registry with linting CI, security scanning, and signed releases.

HelmCosignChartMuseum
08 / 18

Auto-Scaling Database Proxy

PgBouncer-based proxy with predictive scaling tied to app-layer queue depth.

PgBouncerGoK8s
09 / 18

Compliance Drift Scanner

Scans live AWS accounts against SOC2 controls; generates evidence artifacts nightly.

PythonAWS ConfigS3
10 / 18

Build Cache Service

Bazel-compatible remote cache running on spot nodes; cut CI build times 4×.

GoBazelS3
11 / 18

Cluster Autoscaler Tuner

Self-tuning bot that learns workload patterns and adjusts node group min/max.

GoK8sML
12 / 18

Ephemeral Preview Envs

PR-triggered isolated namespaces with auto-DNS, auto-tear-down, GitHub status checks.

ArgoCDGitHub Actions
13 / 18

On-Call Insights Dashboard

PagerDuty + Grafana mashup that surfaces alert fatigue and noisy neighbors.

GrafanaPostgresPD API
14 / 18

Secrets Rotation Operator

K8s operator that rotates DB and API secrets on a schedule with zero-downtime handoff.

GoOperator SDKVault
15 / 18

Multi-Region Failover Drill

Quarterly automated DR drill — flips traffic, validates data, rolls back in <8min.

Route53Terraform
16 / 18

Container Image Optimizer

CI step that analyzes layers and proposes Dockerfile edits — average 71% size reduction.

GoBuildkit
17 / 18

Internal Developer Portal

Backstage plugin set: golden paths, scaffolder templates, env catalog with TechDocs.

BackstageTypeScript
18 / 18

Edge Log Aggregator

Vector-based log fan-in at the edge with PII redaction before shipping to central store.

VectorLokiRust
05 · Writing

Notes from
the field.

Notes from the field. Mostly things I learned through trial and error. The notes also include other learnings from the trials and tribulations of my life. Full archive on notes.aakura.cc.

06 · Testimonials

Kind words.

Generous things people I've worked with have said. They probably had to be nice; I included them anyway.

Ankur rebuilt our deploy pipeline from the inside out. What used to take an afternoon takes four minutes — and we trust it more.

PN
Priya N.
VP Engineering · Helix

Calm under fire and disturbingly thorough. He left us with runbooks even our junior engineers can follow at 3am.

MT
Marcus T.
CTO · Northwind

He pushes back when something is wrong, in the best way. The kind of engineer you want owning your platform.

SL
Sara L.
Staff SRE · Quanta

Documented every decision, paired generously, and shipped it. We'd hire him again in a heartbeat.

DR
Dev R.
Eng. Manager · Pixelmint

Honestly his on-call instincts are sharper than half my staff. We've passed on him five times for headcount reasons we keep forgetting. Strong hire if we ever figure out budget.

DO
Director of Engineering
[REDACTED] · Hiring Committee

Resume Match Score 72%. Required: 8 years AWS Lambda. Candidate: 7. Returning to candidate pool with high intent to never contact again. Tracking ID APPL-447921.

ST
Senior Talent Partner
[REDACTED] · Recruiting

At this point we just keep him in the system. Every rejection email turns into a thoughtful conversation about engineering culture and now he's friends with three of our directors. Nobody knows how to stop the loop.

TH
The Hiring Committee
[REDACTED] · Joint statement

I wish I was still employed in NVIDIA.

FN
Former NVIDIA Employee and currently lamenting his job in NVIDIA.
Software Engineer · Freelancer
07 · Contact

I read every message. Best for project briefs, contract DevOps work, and the occasional architecture review.