The Blog

How I deployed a self-hosted Stirling PDF instance on AWS EKS for a SaaS client — with OAuth2 SSO, persistent volumes, and ALB ingress sharing.

How I delivered a cost-optimized, auto-scaling GitHub Actions runner fleet on AWS using spot instances, pre-built AMIs, and time-based pool scheduling — eliminating idle compute costs for a SaaS client.

How I replaced VPN infrastructure with a Cloudflare Tunnel to provide both zero-trust VPC access via WARP and SSO-gated frontend application delivery through a private ALB — all on real public domains.

How I decomposed a monolithic Terraform state into isolated Terragrunt modules for a SaaS client — without touching live infrastructure.

How I designed an automated kill switch for a client's Athena data platform that disables OpenMetadata credentials within seconds of a scan threshold breach — no human intervention required.

A breakdown of how we deploy n8n in production on Amazon EKS using queue mode, Valkey for Redis-compatible brokering, and AWS Secrets Manager via External Secrets Operator.

GPU nodes on demand, zero cost at night, models that survive restarts — how I deployed self-hosted Ollama on Amazon EKS using a single Helm chart with Karpenter, KEDA, and ArgoCD.

How I deployed a production-ready, self-hosted LLM stack on Kubernetes using Helm, Karpenter, and KEDA — with GPU auto-scaling and SSO out of the box.

A practical walkthrough of every finding — idle EC2, oversized RDS, duplicate load balancers, and more — and exactly how we fixed each one.