What DevOps services do you offer?

Kubernetes platform engineering, CI/CD automation, Infrastructure as Code (Terraform/Ansible), observability (Prometheus, Grafana, Loki, Tempo), and security-by-default hardening.

Can you help migrate from a monolith to Kubernetes?

Yes. I containerize services, create Helm charts, implement GitOps with Argo CD, and use canary or blue-green deployments to minimize risk and reduce MTTR.

How do you improve reliability and speed of delivery?

By standardizing with IaC, enforcing policies (OPA/Kyverno), right-sizing and autoscaling, and building SLO/SLI dashboards for proactive operations.

Do you implement security best practices?

Absolutely. I use secrets management (Vault/SOPS), image scanning (Trivy/Grype), network policies (Cilium), and mTLS to reduce risk and support compliance.

How can I get in touch?

Email info@jeffreyvis.nl or visit https://tools.jeffreyvis.nl/ for handy scripts.

Jeffrey Vis — Senior Linux & DevOps Engineer | Kubernetes, Terraform, GitOps

Jeffrey Vis

Senior Linux & DevOps Engineer — I build reliable, scalable, and automated platforms.

Linux internals Kubernetes Terraform GitOps Observability Security by default

About me

I help teams deliver quickly and safely by making infrastructure predictable. From bare-metal and networking to containers and cloud: I automate with IaC, ensure observability, and design for reliability. My principles: simplicity where possible, security by default, and continuous improvement.

Skills & Tools

Linux & OS

Debian/Ubuntu, RHEL/AlmaLinux
systemd, kernel-tuning, cgroups/namespaces
SELinux/AppArmor, PAM, LDAP/SSSD
Storage: LVM, mdraid, ZFS, NFS
Networking: iproute2, nftables, WireGuard
Shell & tools: Bash, Python, awk/sed, tmux, (Neo)Vim

Containers & Orchestration

Docker/Podman, BuildKit, OCI images
Kubernetes (kubeadm/EKS/GKE/AKS)
Helm, Kustomize, Argo CD/Rollouts
Service mesh: Istio/Linkerd • CNI: Cilium/Calico
Ingress/Proxy: NGINX, HAProxy, Traefik

IaC • CI/CD • Security

Terraform, Terragrunt, Ansible, Packer
GitLab CI, GitHub Actions, Jenkins
Secrets: Vault, SOPS, Sealed Secrets
Policy: OPA/Gatekeeper, Kyverno
Scans & runtime: Trivy/Grype, kube-bench, Falco
AuthN/Z: Keycloak (OIDC/OAuth2), mTLS

Cloud & Data

AWS (EKS, EC2, S3, RDS, IAM), GCP, Azure
PostgreSQL, MySQL/MariaDB, Redis
Kafka, RabbitMQ, object storage (S3-compatible)

Observability

Prometheus, Grafana, Alertmanager
Loki, Tempo, OpenTelemetry
ELK/Opensearch, SLO/SLI dashboards

Scale & Reliability

HPA/VPA, cluster-autoscaling, right-sizing
Blue-green/canary, progressive delivery
Backups/DR: Velero, Restic • Runbooks

Case Studies

From Monolith to Kubernetes

Problem → Approach → Impact

Problem: Unpredictable releases and long deployments.
Approach: Containerization, Helm charts, GitOps (Argo CD), canary/blue-green.
Impact: Deployment reduced from ~30 min to <5 min, instant rollbacks, higher release frequency.

−80% MTTR+3× releases

Platform as a Product (IaC)

Problem → Approach → Impact

Problem: Snowflake servers and drift between environments.
Approach: Terraform/Terragrunt, Ansible baselines, policy guardrails (OPA/Kyverno).
Impact: Repeatable builds, predictable changes, full audit trail.

Provisioning: hours → minutesZero drift

Observability 360°

Problem → Approach → Impact

Problem: Incidents without visibility into the cause.
Approach: Prometheus/Grafana, Loki/Tempo, SLO dashboards, alert tuning.
Impact: Faster triage, less noise, predictable performance.

−50% alert noiseFaster MTTD/MTTR

Security & Compliance Hardening

Problem → Approach → Impact

Problem: Inconsistent secret management and container risks.
Approach: Vault + SOPS, image scans (Trivy), network policies (Cilium), mTLS.
Impact: Lower risk profile, audit-ready, shift-left security.

CIS benchmarksAppropriate controls

The Internet is not a safe place – anonymity is not guaranteed

Many people think the internet is “safe enough” as long as you don’t do anything strange. Reality: every digital trace can be linked back to you—via cookies, IP addresses, browser fingerprints, login patterns, and leaked datasets. Anonymity does not happen automatically; you must deliberately organize it.

Handle data carefully. Use multi-factor authentication, unique passwords in a password manager, encryption (TLS/HTTPS, end-to-end where possible), and share only what is necessary. For organizations, this means: zero-trust principles, least privilege, auditing & monitoring, and secure-by-default configurations. Security is not a product you buy; it is a process you sustain.

Contact

📧 info@jeffreyvis.nl | 💻 Handy Scripts