I'm an Associate Principal Specialist Solution Architect at Red Hat. I work on OpenShift, OpenStack, identity, automation, infrastructure labs, and security patterns for privileged automation.
These repositories are my public technical notes, demos, and experiments. They mostly center on reproducible infrastructure labs, identity-aware automation, and operational patterns for platforms that need to survive real constraints.
I'm currently using Calabi, eigenstate-ipa, and Blastwall to explore how OpenShift, Red Hat IdM, Ansible Automation Platform, and SELinux can work together as a coherent control plane for privileged automation.
- calabi - Ansible-driven disconnected OpenShift 4 lab on one bare-metal host, with nested KVM, OVS segmentation, IdM/AD/Keycloak auth, agent-based install, and day-2 automation.
- calabi-shell - Starship shell UI for the Calabi project.
- eigenstate-ipa - Ansible collection for Red Hat IdM / FreeIPA with live inventory, Kerberos, secrets, policy, and OpenShift ecosystem workflows for AAP.
- eigenstate-openshift-app-demo - OpenShift application identity onboarding demo with AAP workflow assets.
- blastwall - SELinux, IdM, and AAP proof of concept for confining privileged automation and denying kernel exploit surfaces before jobs reach managed RHEL hosts.
- yaft-drm - DRM/KMS framebuffer terminal with Sixel graphics, mouse support, and Nerd Font rendering.
- cloudforms-heat-deployment - Heat-based deployment automation for a CloudForms cluster on OpenStack.
- vmware-to-openstack - Ansible role for migrating VMware guests into OpenStack.
- openstack-odds-and-ends - Useful OpenStack operational snippets.
- rhosp-17-1-lab - Lab material for RHOSP 17.1.
- deterministic-density - Deterministic virtualization, cgroup tiering, and symmetric CPU capacity planning.
- openstack-cgroup-tiering - Nova, Watcher, and cgroup tiering ideas for RHOSO.
- privileged-automation-security - Design notes on the risks around privileged automation.