Helm Chart Registry
Internal OCI-based chart registry with linting CI, security scanning, and signed releases.
I m a k e i n f r a s t r u c t u r e t h a t s t a y s u p .
More than 3 years of DevOps work, mostly inside service-based company — which is to say I've worked with a lot of stacks. The ones below are the tools I reach for without thinking and have dabbled with. Even though the variety of tools available, I tend to prefer CNCF native tools.
Most of the systems I've inherited were a slow accumulation of "we'll fix it next sprint." My job is usually to either fix that or build the thing that doesn't become it.
I care about boring deployments, blameless postmortems, and runbooks that someone on call at 3 am can actually follow. I'm equally happy writing a Terraform module, drawing an architecture diagram, or pairing with a backend engineer on a memory leak.
Outside of work, I run a small homelab for tinkering and testing, and I read way more than is strictly healthy. That said, I'm not entirely bound by my nerdy interests; I still make plenty of time to travel and touch some grass.
The roles that shaped how I think about systems, on-call rotations, and the difference between "running" and "production-ready". In my long career I have not just worked in IT but also in other industries. Every past experience has shaped me into the person I am today.
Started as an Intern in 2022, I have worked hard and grown into a full-time DevOps Engineer II. Leading IaC and CI/CD efforts across AWS, GCP, and DigitalOcean. Managing 100+ Kubernetes namespaces and securing pipelines with automated scanning.
Designed and maintained IT infrastructure for headquarters and remote sites, while managing stakeholder relationships.
Liaison and maintained a healthy relationship of company with concerned governmental, non-governmental parties and stakeholders.
Taught Computer Science and Information Technology courses to undergraduate BSc. CSIT students.
Worked as a technical consultant, providing technical consultation to students, academic institutions, and businesses in the field of Robotics and Automation.
Formal credentials and the certifications I keep current — most recently re-upping CKA in 2024.
A mix of platform work, internal tooling, and weekend tinkering. Filter by category, expand the rest.
Architected a hybrid Kubernetes and VM cluster infrastructure for a critical digital governance platform, achieving 99.9% uptime across 12 interconnected applications for 20 local governments.
Led the migration from a monolithic to a microservices architecture for a global platform serving 1,000+ organizations, improving scalability by 60% and ensuring 99.95% availability with a multi-region failover strategy.
Led the complete containerization of an open-source aid transparency tool, managing the application within a single Kubernetes cluster to improve portability and deployment consistency.
Engineered a high-availability infrastructure for a critical government planning application, including an advanced backup and disaster recovery solution using Ceph storage.
Designed and deployed a Proxmox-based virtualization cluster for Air Traffic Flow Management at Tribhuvan International Airport. Automated and managed the connections between AMHS (Airspace Management and Handling System) and ACDM (Air Traffic Control and Management) servers.
Managed secure, scalable deployments for Nepal's census data visualization.
Internal OCI-based chart registry with linting CI, security scanning, and signed releases.
PgBouncer-based proxy with predictive scaling tied to app-layer queue depth.
Scans live AWS accounts against SOC2 controls; generates evidence artifacts nightly.
Bazel-compatible remote cache running on spot nodes; cut CI build times 4×.
Self-tuning bot that learns workload patterns and adjusts node group min/max.
PR-triggered isolated namespaces with auto-DNS, auto-tear-down, GitHub status checks.
PagerDuty + Grafana mashup that surfaces alert fatigue and noisy neighbors.
K8s operator that rotates DB and API secrets on a schedule with zero-downtime handoff.
Quarterly automated DR drill — flips traffic, validates data, rolls back in <8min.
CI step that analyzes layers and proposes Dockerfile edits — average 71% size reduction.
Backstage plugin set: golden paths, scaffolder templates, env catalog with TechDocs.
Vector-based log fan-in at the edge with PII redaction before shipping to central store.
Notes from the field. Mostly things I learned through trial and error. The notes also include other learnings from the trials and tribulations of my life. Full archive on notes.aakura.cc.
Most charts I review have the same five anti-patterns. Here's a refactor playbook with before/after diffs.
A walk-through of `terraform plan -out` output and what to actually look for in a code review.
Symptom-based SLOs with concrete examples — error budget burn rates, multi-window alerts.
Generous things people I've worked with have said. They probably had to be nice; I included them anyway.
Ankur rebuilt our deploy pipeline from the inside out. What used to take an afternoon takes four minutes — and we trust it more.
Calm under fire and disturbingly thorough. He left us with runbooks even our junior engineers can follow at 3am.
He pushes back when something is wrong, in the best way. The kind of engineer you want owning your platform.
Documented every decision, paired generously, and shipped it. We'd hire him again in a heartbeat.
Honestly his on-call instincts are sharper than half my staff. We've passed on him five times for headcount reasons we keep forgetting. Strong hire if we ever figure out budget.
Resume Match Score 72%. Required: 8 years AWS Lambda. Candidate: 7. Returning to candidate pool with high intent to never contact again. Tracking ID APPL-447921.
At this point we just keep him in the system. Every rejection email turns into a thoughtful conversation about engineering culture and now he's friends with three of our directors. Nobody knows how to stop the loop.
I wish I was still employed in NVIDIA.
I read every message. Best for project briefs, contract DevOps work, and the occasional architecture review.