Platform Lab Online

Kalash Bijukchhe

Aspiring Junior DevOps / Cloud / Platform Engineer

Sydney, Australia

Kubernetes GitOpsAWS + TerraformCI/CDLinuxObservability

IT student with a full-stack development background, now focused on hands-on infrastructure projects across Kubernetes, AWS, Terraform, CI/CD, Linux, and monitoring. The portfolio is positioned as a Cloud Operations Command Center: honest status, concrete proof points, and infrastructure-first work.

Completed flagship

ERP Lite GitOps Homelab

Completed flagship

AWS Secure Terraform Infra

View Platform Projects GitHub LinkedIn

platform lab status

Initializing Platform LabBOOT

Kubernetes GitOps workflow documentedOK

AWS Terraform infrastructure documentedOK

Secure container pipeline in progressWIP

Observability incident lab plannedNEXT

Ready for junior DevOps, cloud, and platform rolesLIVE

[ System Capabilities ]

What I'm Building With

Focused skill development across the modern platform engineering stack.

Container Orchestration

Building a production-style homelab workflow with Kubernetes, Helm, ArgoCD, ingress, TLS, and persistent storage.

Kubernetesk3sHelmArgoCDDockerGHCRGitOps

Cloud Infrastructure

Terraform-managed AWS networking, compute, IAM, and SSM patterns for secure learning architectures.

AWSTerraformVPCALBEC2IAMSSMNAT Gateway

CI/CD & Containers

Pipeline design for build, test, security scan, immutable tag, push, and deploy workflows.

GitHub ActionsDockerTrivyGHCRBuildxlinux/amd64

Operations & Observability

Monitoring, alerting, and hands-on debugging across pod failures, DNS, ingress, TLS, and resource pressure.

PrometheusGrafanaAlertmanagerLinuxDNSTLSTraefik

Also familiar with

cert-managerNginxPostgreSQLPrismaNext.jsGitBashPythonTypeScriptNode.js

[ Flagship Infrastructure Projects ]

Cloud & Platform Projects

Production-style homelab and secure learning architecture projects with clear status labels and concrete proof points.

LAB-001 / KUBERNETES GITOPSCompleted flagship

ERP Lite GitOps Homelab Platform

Full-stack ERP application deployed through a Kubernetes GitOps workflow in a homelab environment.

What it proves

GitHub Actions -> GHCR image pipeline
Helm chart + ArgoCD sync
Traefik ingress + cert-manager TLS
PVC-backed PostgreSQL
Prometheus/Grafana monitoring
Debugged ARM64/AMD64 image mismatch, imagePullPolicy, PVC drift, and migration issues

Next.jsPrismaPostgreSQLDockerGitHub ActionsGHCRHelmArgoCDk3sTraefikcert-managerPrometheusGrafana

View Repo

Architecture evidence

[GitHub Push]
     |
     v
[GitHub Actions]
 Build & Tag SHA
     |
     v
[GHCR Image]
 sha-<commit>
     |
     v
[ArgoCD Sync]
 Helm chart apply
  |     |
  v     v
[App] [PG+PVC]
  |
  +-> [Prometheus]
         |
     [Grafana]

LAB-002 / CLOUD INFRASTRUCTURE IACCompleted flagship

AWS Secure Web Infrastructure with Terraform

Terraform-managed AWS infrastructure using public/private subnets, public ALB, private EC2, NAT outbound access, IAM, and SSM access without SSH.

What it proves

Custom VPC with public/private subnet separation
Internet-facing ALB to private EC2
NAT Gateway for private outbound access
EC2 without public IP
SSM Session Manager access instead of SSH

TerraformAWS VPCALBEC2NAT GatewayIAMSSMSecurity GroupsNginxIaC

View Repo

Architecture evidence

Internet
    |
[ ALB ] public subnet
    |    port 80/443
    v
[EC2/Nginx] private
 no public IP
    |
[NAT GW] outbound only
    |
 Internet

Admin: SSM -> EC2
(port 22 closed)

LAB-003 / CI/CD SECURITYIn Progress

Secure Container CI/CD Pipeline

Focused pipeline project for testing, scanning, building, and publishing container images with GitHub Actions, Docker, Trivy, and GHCR.

Build scope

Automated tests before image build
Docker multi-stage build pattern
Trivy vulnerability scanning gate
Immutable SHA-tagged images in GHCR
Clear build logs and deployment artifacts

GitHub ActionsDockerTrivyGHCRKubernetesSecurity Scanning

In Progress

Pipeline in progress

[git push / PR]
     |
     v
[ Tests ]
 unit + integration
     |
[ Docker Build ]
 multi-stage
     |
[ Trivy Scan ]
 FAIL on CRITICAL
     |
[ GHCR Push ]
 sha-<commit>
     |
[ K8s Manifest ]
 deploy-ready

LAB-004 / OBSERVABILITY SREPlanned

Kubernetes Observability & Incident Response Lab

SRE-style lab for Prometheus/Grafana dashboards, alerts, incident simulations, failed rollout debugging, and runbooks.

Planned scope

Prometheus/Grafana dashboards
Alert rules and incident routing
Simulated CrashLoopBackOff and OOMKilled debugging
Failed rollout investigation practice
Runbooks for repeatable incident response

PrometheusGrafanaAlertmanagerKubernetesIncident ResponseRunbooks

Planned

Planned lab shape

[App Pods]
    | metrics
    v
[Prometheus]
    |
[Grafana]
 dashboards

[Alertmanager]
 alert rules
 routing

Incidents:
-> CrashLoopBackOff
-> OOMKilled
-> Failed rollout

[ System Topology ]

Infrastructure Map

A status-aware view of completed flagship work, in-progress pipeline hardening, and planned observability practice.

portfolio infrastructure overview

ONLINE

Homelab Cluster

Completed ERP Lite homelab workflow using k3s, ArgoCD, Helm, Traefik, TLS, and persistent PostgreSQL.

k3s Cluster

Control plane

Completed

ArgoCD

GitOps sync

Completed

Traefik

Ingress + TLS

Completed

App Pod

Next.js/Prisma

Completed

Postgres

PVC-backed

Completed

Grafana

Dashboards

Completed

Cloud Infrastructure

Completed Terraform-managed AWS environment with public/private networking, ALB to private EC2, NAT, IAM, and SSM access.

AWS VPC

Public + private subnets

Completed

ALB

Public load balancer

Completed

EC2 / Nginx

Private subnet only

Completed

NAT Gateway

Private outbound access

Completed

SSM

Admin access without SSH

Completed

Terraform

Infrastructure as code

Completed

Delivery Pipeline

Completed GitHub Actions and GHCR patterns from ERP Lite, plus a focused secure CI/CD pipeline currently in progress.

GitHub

Source + Actions

Completed

Docker Buildx

linux/amd64 images

Completed

Trivy

CVE scanning gate

In progress

GHCR

SHA-tagged images

Completed

Operations

Prometheus/Grafana monitoring is represented in the flagship work; alerting, incident simulations, and runbooks are planned.

Prometheus

Metrics scraping

Completed

Alertmanager

Alert routing

Planned

Runbooks

Incident response

Planned

Linux / DNS

Debugging practice

In progress

[ Foundational Systems ]

Application Engineering Background

I started with full-stack development. Understanding how applications are structured - their data models, API contracts, and failure modes - now directly informs how I think about deploying, securing, and operating them.

Fyntra

Full-stack fintech-style web application. Deepened my understanding of auth flows, relational data modelling, and API design.

Next.jsTypeScriptPostgreSQLPrisma

Coincise

Cryptocurrency data dashboard with real-time price feeds, charting, and state management across data-heavy views.

ReactNode.jsREST APICharting

Tourism Management System

Multi-role web application for managing tourism bookings, operators, and admin workflows. Focus on database schema design.

PHPMySQLHTML/CSSCRUD

Three.js Terrain Generator

WebGL terrain visualisation with procedural generation. Introduced me to GPU pipelines, shader basics, and 3D rendering concepts.

Three.jsWebGLJavaScriptGLSL

These projects gave me an understanding of how applications are built. I'm now focused on how they are packaged, deployed, secured, monitored, and operated - the platform and infrastructure layer.

[ Operator Profile ]

operator.yml

$ cat operator.yml

name:Kalash Bijukchhe

alias:kaybe005

location:Sydney, Australia

status:actively seeking roles

focus:

-:Platform engineering

-:Cloud infrastructure (AWS)

-:Kubernetes operations

-:CI/CD automation

background:

-:IT student

-:Full-stack background

-:Now: infrastructure

available:immediately

open_to:hybrid / remote

About Me

I started by building full-stack applications, learning how data flows through systems, how APIs behave under load, and how databases need to be designed for real workloads.

Over time, I became more interested in what happens aftercode is written: how it gets packaged, deployed, secured, monitored, and recovered. I'm now focused on DevOps, cloud infrastructure, platform engineering, and SRE fundamentals through hands-on homelab and AWS projects.

I learn by building real things. My homelab runs k3s and ArgoCD. My Terraform code lives in a real AWS environment. My CI/CD pipelines build and push actual container images. I get comfortable with systems by debugging the messy parts: ARM64/AMD64 mismatches, DNS failures through ingress controllers, PVC drift between cluster restarts.

I'm looking for a junior DevOps, cloud support, or platform engineering role where I can contribute to real infrastructure while continuing to grow.

[ Mission Objectives ]