Senior Engineering Manager (DevOps). Twenty-six years of infrastructure — from Unix deployment tooling in 1999 to Kubernetes autoscaling and AI/LLM platforms today.
HeapCon · on stage
A walkthrough of KEDA-driven HPA: event-sourced scaling, custom scalers for queue depth, and the pitfalls that bite you once the autoscaler starts making decisions faster than humans can audit them.
Read on Medium ↗Lead globally distributed DevOps team of four (Israel · NJ · Bulgaria). On-prem (GKE) components — Langfuse, Flagsmith, Hush Security. Strengthened DR for GPU instances, Cloud SQL, GCS, Redis, GKE. LLM observability and GPU workload optimization. Built reusable Claude skills for DB queries, Redis triage, architecture scans, K8s scans, Datadog APM trace analysis.
Led a team of architects and SRE engineers. Owned end-to-end system architecture — extensive POCs to integrate CNCF components, custom Kubernetes operators, infrastructure tools. Hands-on RCA across all cloud environments; focus on reliability, scalability, and information security.
Productized MatLab algorithm specifications into scale-out C++ implementations. Implemented H2O, TensorFlow, Kubeflow. Recruited and restructured engineering (dev, automation, DevOps). Cost-optimized ALM via on-prem Kubernetes CI/CD. Introduced architecture changes for cloud-agnostic, geo-distributed, regulatory-compliant systems.
At Clicktale: three dream-teams building SaaS behaviour analytics; performance/cost improvements enabling larger deals; ad-hoc real-time big data (HP Vertica), NewSQL POCs. At AGT OpenMind: core team building advanced analytics — Spark, Cassandra, graph analysis, ML/NLP — for investigative use.
Earlier roles across enterprise software. .NET single-page + RESTful platform for mail-room automation with SAP R3 invoice integration. CTO at Data-Mall — structured CMS with ERP integrations and WYSIWYG SPA query/report designer. Cross-platform (Unix + Windows NT) packaging/deployment system for AvivERP.
Treat autoscaling as a control system, not a config file.
Latency is a distribution. Design for p99, not the mean.
The cheapest GPU is the one you didn't spin up.
Observability before optimization. Always.
A hands-on architect who can't still read a stack trace is just a diagram-maker.
Twenty-six years of infrastructure — from Unix deployment tooling in 1999 to Kubernetes autoscaling and LLM platforms today. Still hands-on.
# The control-system idea from the Medium article, # distilled down to the config that makes it real. apiVersion: keda.sh/v1alpha1 kind: ScaledObject metadata: name: llm-inference-serve spec: scaleTargetRef: name: vllm-gateway minReplicaCount: 2 maxReplicaCount: 80 pollingInterval: 5 cooldownPeriod: 120 triggers: # queue depth drives scale-out faster than CPU can - type: prometheus metadata: query: sum(vllm_queue_depth) threshold: "8" - type: prometheus metadata: query: p99(vllm_latency_seconds) threshold: "1.2"
Event-sourced scaling, custom scalers for queue depth, and the pitfalls that bite once the autoscaler makes decisions faster than humans can audit.
read article ↗Event-driven autoscaling is the exact primitive an inference platform uses to absorb bursty, uneven traffic without overprovisioning GPUs.
Event-driven autoscaling in production: the failure modes, the cost math, and what changes when your pods are GPU-bound instead of CPU-bound.
A field guide to how modern information systems actually fit together: the layers, the seams, and the tradeoffs that decide whether a platform survives real traffic.
A walkthrough of KEDA-driven HPA: event-sourced scaling, custom scalers for queue depth, and the pitfalls that bite you once the autoscaler starts making decisions faster than humans can audit them. Directly applicable to scaling inference workloads on AWS.
READ ON MEDIUM →
■ HEAPCON · 01
YT ↗
▶
Event-driven autoscaling in production: the failure modes, the cost math, and what changes when your pods are GPU-bound instead of CPU-bound. Written for platform engineers who have to make the scaler behave under real traffic.
Watch on YouTube ↗
■ HEAPCON · 02
YT ↗
▶
A field guide to how modern information systems actually fit together: the layers, the seams, and the tradeoffs that decide whether a platform survives real traffic.
Watch on YouTube ↗Lead distributed DevOps team of four (IL · NJ · BG). GKE on-prem components (Langfuse, Flagsmith, Hush Security), GPU workload optimization, LLM observability. Built reusable Claude skills for DB queries, Redis triage, K8s and Datadog scans.
Led architects and SRE engineers. End-to-end architecture — CNCF integration, custom Kubernetes operators, infrastructure tools. Hands-on RCA across all cloud environments; focus on reliability, scalability, security.
MatLab → scale-out C++ algorithm productization. H2O, TensorFlow, Kubeflow. On-prem Kubernetes CI/CD. Architecture for cloud-agnostic, geo-distributed, regulatory-compliant systems.
Clicktale: three teams building SaaS behaviour analytics; HP Vertica, NewSQL POCs. AGT OpenMind: core team for law-enforcement advanced analytics with Spark, Cassandra, graph, ML, NLP.
.NET SPA + REST platform with SAP R3 invoice integration. CTO at Data-Mall — structured CMS with ERP integrations and WYSIWYG SPA designer. Cross-platform packaging/deployment system for AvivERP (Unix + NT).
Runnable demo for the Horizontal Autoscaling in Kubernetes article and the HeapCon auto-scaling talk.
Terraform-managed AWS VPC, EC2, S3, IAM, Route53, plus Cloudflare zones & DNS. Self-hosted GitHub Actions runner for CI/CD.
Physical ARM cluster with Rook-Ceph storage, IPsec site-to-site VPN to a cloud gateway, PKI-backed everything, full Ansible lifecycle.
Small-team PKI without the operational weight: keys, CSRs, signing, hardware tokens via PKCS#11.
Magnet-tile board detection — FastAPI image processing API, YOLO + CNN edge detection, Android client, Next.js frontend.
Ansible roles for OpenWRT routers: VPN, firewall, DHCP/DNS, ACME certificates, DDNS, StrongSwan IPsec.