About
Dipankar Das
Designing & Building Scalable, Reliable Systems. I build sustainable platforms and share technical deep-dives on Software Development, DevOps, Kubernetes, and System Design.
Education
My academic background in computer science and engineering, providing the foundation for my technical expertise.
Bachelor of Technology
Computer Science
Work history
Enterprise IaC & Migration — Cox Automotive
Why S3 buckets, CloudFront distributions, and WAF policies for prod, dev, and staging environments were created manually via aws console and have some legacy settings
What Migrated and standardized S3, CloudFront, and WAF configurations across all three environments into Terraform. with 0 drift terraform drift and 0 downtime.
How Established a multi-environment GitOps workflow with a rigorous Plan-Review-Apply SOP, eliminating click-ops and achieving consistent, repeatable infrastructure across prod, dev, and staging.
Cloud-Native Scaling & Observability — Global FinTech
Why A monolithic Frappe/ERPNext platform was buckling under high-concurrency traffic with no visibility into where production bottlenecks occurred.
What Migrated the platform to a distributed Kubernetes cluster and implemented full-stack OpenTelemetry instrumentation.
How Decomposed the monolith into individual services and migrated to Kubernetes — gaining autohealing, rolling deployments, and the broader ecosystem benefits. Layered OTel logs, traces, and metrics across the stack while deliberately keeping the architecture as simple as possible to reduce operational overhead.
Cloud FinOps & Cost Engineering
Why Memory-intensive background jobs and cron workloads were running on always-on instances, inflating cloud spend without any performance benefit.
What Achieved a 20% reduction in cloud OpEx across Kubernetes compute.
How Engineered specialized Node Groups with Spot Instances and implemented scale-to-zero logic for background and cron workloads, eliminating idle resource waste while maintaining throughput.
Product Engineering — EasyDash / EasyEngine
Why Manual WordPress/PHP deployment processes were slow and error-prone, blocking a commercial product launch.
What Co-developed a high-scale Cloud Provisioning Engine for dash.easyengine.io.
How Built the automated backend with Python, Terraform, and Ansible — enabling rapid deployments that generated $200+ in subscription revenue within 60 days of launch.
Developer Experience & CI Optimization
Why Shared CI runners were creating queue bottlenecks and long wait times that disrupted engineering flow across teams.
What Optimized GitHub Self-Hosted Runners across the organization.
How Applied resource-aware labeling and multi-container environments, drastically reducing CI/CD wait times and improving overall build reliability.
Distributed Orchestration Engine
Why Managing Kubernetes cluster lifecycles across AWS and Azure required a reliable, cloud-agnostic solution without heavy infrastructure overhead.
What Architected a Go-based cloud-agnostic provisioning engine for full Kubernetes lifecycle management.
How Built a high-availability state layer with Turso (Edge SQLite) and Redis, enabling idempotent cluster operations with a minimal infrastructure footprint.
Event-Driven Task Orchestration with NATS
Why Long-running infrastructure tasks needed guaranteed execution without introducing the operational burden of heavy frameworks like Temporal.
What Developed a lightweight event-driven state machine using NATS JetStream.
How Implemented custom NAK/ACK and retry logic ensuring 100% task reliability during long-running cluster operations while keeping the system operationally simple.
Relationship-Based Access Control (ReBAC)
Why Flat RBAC couldn't model the complex sharing hierarchies needed for multi-tenant teams across shared infrastructure.
What Implemented a full Relationship-Based Access Control system using Authzed (SpiceDB).
How Designed a hierarchical model spanning Org, Cluster, and Workload levels, enabling fine-grained permission enforcement and quota management across distributed engineering teams.
Developer Efficiency Analytics
Why Teams had no visibility into whether container image changes improved or degraded performance and energy consumption across versions.
What Designed an engine to track container image behavior across versions.
How Delivered data-driven insights into performance and energy regressions, enabling teams to baseline and optimize software efficiency within the Kubernetes deployment pipeline.
AI-Agents Orchestration
Why Platform delivery velocity needed to scale without proportionally growing the team.
What Orchestrated AI agents (Claude Code, Gemini CLI) into the core development workflow to autonomously handle well-scoped engineering tasks.
How Leveraged agentic patterns — task decomposition, tool use, and iterative feedback loops — to boost team productivity by 40% while maintaining high code quality and architectural consistency.
Workload Recommendation Engine
Why Teams had no structured way to understand the true profile of their running workloads — efficiency waste, energy consumption, and resource behaviour were all invisible.
What Developed a recommendation system that analyses workload image insights across versions.
How Built profiling pipelines that surface each workload's resource profile, waste analysis, and energy footprint — giving teams the data to make informed decisions on right-sizing, scheduling, and sustainability.
API Security Testing with OWASP ZAP
Why Client web applications and APIs had undetected vulnerabilities posing real regulatory and business risk.
What Implemented automated API security testing using OWASP ZAP.
How Deployed a custom proxy to surface SQL injection, MITM, and other OWASP Top 10 risks across the application surface, giving the team actionable findings.
Continuous Vulnerability Scanning with Snyk
Why Security issues were caught late in the development cycle, making remediation expensive and disruptive.
What Integrated Snyk into CI/CD for shift-left vulnerability scanning.
How Enabled detection and remediation of dependency and code vulnerabilities at pull request level, before they ever reached production.
LLM Containerization & Performance Benchmarking
Why The team had no baseline data on containerization efficiency, making optimization decisions purely speculative.
What Optimized internal LLM-based projects for containerization and produced detailed performance benchmarks.
How Measured image size, network throughput, and disk I/O to give the team a clear, data-backed picture of real-world efficiency tradeoffs.
Scalable LLM Deployment on AWS
Why LLM inference at scale required elastic capacity and strict network isolation without exposing endpoints publicly.
What Deployed vLLM and Ollama on AWS for production-scale LLM inference.
How Used Auto Scaling Groups and VPC PrivateLink to deliver secure, elastic inference capacity without public endpoint exposure.
High-Performance CLI Engineering
Why Provisioning Kubernetes clusters across multiple cloud providers required deep provider expertise and many tedious manual steps.
What Architected kli — a multi-cloud CLI using Cobra and Viper — to abstract the full Kubernetes lifecycle.
How Built a pluggable architecture with robust configuration management, enabling single-command cluster creation and teardown across AWS, Azure, and Civo.
Custom Kubernetes Controllers
Why Cluster state could drift between local CLI metadata and remote cloud infrastructure, causing hard-to-debug inconsistencies.
What Developed custom Kubernetes controllers and reconciliation logic using client-go.
How Ensured idempotent state management that reliably kept local metadata and remote infrastructure in sync.
Automated Addon & Helm Integration
Why Manual post-provisioning addon setup was repetitive, error-prone, and delayed clusters reaching a ready state.
What Automated deployment of core cluster components — CNI, Storage Classes, and Ingress — as part of provisioning.
How Leveraged native Helm SDKs and Go client packages to install components consistently on every cluster without manual intervention.
Secure Distribution & Artifact Signing
Why Users needed confidence that CLI binaries were tamper-free and reliably distributed across all platforms.
What Implemented secure artifact signing and automated multi-platform binary releases.
How Integrated Cosign for signing and GitHub Actions for cross-platform builds, delivering a trusted and seamless developer distribution experience.
Kubesimplify
Ambassador
Mar 2022 - Jul 2024
Technical Content & Education
Why Developers onboarding to cloud-native lacked approachable, practical resources for Kubernetes and Go.
What Authored blogs and tutorials on Kubernetes and Go.
How Published accessible technical content aligned with real-world use cases for the Kubesimplify community.
Live Cloud-Native Sessions
Why Complex topics like cloud-native architecture benefit more from interactive live walkthroughs than static articles.
What Conducted Twitch live sessions on cloud-native development and Golang best practices.
How Engaged the community through live demos and real-time Q&A, making advanced topics approachable.
Open Source Maintenance
Why The CNCF ecosystem needed reliable, community-maintained tooling for Kubernetes workflows.
What Maintained and improved Ksctl, contributing to CNCF-aligned open-source tooling.
How Contributed code, fixes, and documentation to keep the project active and aligned with community standards.
Kubernetes Migration to EKS
Why The existing cluster lacked the scalability and traffic management needed for production workloads.
What Supported Kubernetes migration to EKS with NGINX Gateway API for traffic management.
How Configured EKS and set up Gateway API routing rules to handle production-grade traffic reliably.
Application Containerization
Why Node.js applications weren't containerized, limiting deployment consistency and portability across environments.
What Dockerized Node.js applications and migrated the reverse proxy from Apache to NGINX.
How Wrote Dockerfiles for each service and reconfigured NGINX for improved routing and performance.
CI/CD Automation
Why Manual Jenkins job setup for new projects was repetitive and slowed pipeline delivery for the team.
What Automated Jenkins job creation using a CLI tool.
How Built a CLI automation layer that provisioned jobs from config, eliminating manual setup overhead.
Security & Observability Integration
Why The team had no visibility into vulnerabilities or runtime metrics before production deployments.
What Integrated Snyk for vulnerability scanning and Prometheus for real-time observability.
How Configured Snyk in CI for early detection and set up Prometheus scraping for live service metrics.
Infrastructure & SSL Automation
Why Manual SSL provisioning and repository management were error-prone and time-consuming at scale.
What Migrated repositories to AWS CodeCommit and automated SSL provisioning.
How Set up Let's Encrypt automation for SSL certificates alongside the CodeCommit migration.
Some of my achievements
1st OSS contributions to Kubernetes, CNCF TAG Green, Kubescape, Monokle, and more
(2024)
2st Invited to GitHub Maintainers repo
(2024)
3st PR Wrangler in sig-docs (Kubernetes)
(2024)
4st Member of Kubernetes and Kubernetes-Sigs Organization
(2023)
5st Winner of Napptive + WeMakeDevs Cloud Native Hackathon (Track 2)
(2022)
Let's work together
Looking for a DevOps consultant, Kubernetes expert, or Go developer? I'd love to hear about your project.