Docker
Portable container packaging and runtime workflows across private and public cloud.
Tools & Tech Stack
Technology Expertise Across Production Infrastructure
Mayan.Host works across the tools, platforms, and operating practices needed to design, build, secure, observe, and recover serious production systems.
Production infra private cloud, AWS, hybrid systems, and platform operations
Cloud native Kubernetes, containers, GitOps, IaC, and platform operations
Ops depth security, observability, data, backup, networking, and recovery
Expertise Area
Containers, Virtualization & Runtime
Hands-on experience with packaging workloads, isolating tenants, and running private-cloud compute consistently.
Podman
Daemonless OCI container management for rootless and server-side container operations.
Incus
System container and virtual machine management for private-cloud compute estates.
LXD
Container and VM manager for Linux systems, labs, edge nodes, and controlled tenant environments.
Private Cloud Stack
Highly available VMs and container platforms with security, backups, and operations built in.
Expertise Area
Kubernetes, Scheduling & High Availability
Experience operating orchestrators and HA patterns for workloads that need predictable placement, failover, and uptime.
Kubernetes
Container orchestration for resilient, declarative production workloads.
k3s
Lightweight Kubernetes distribution for edge, small clusters, and resource-constrained environments.
MicroK8s
Compact Kubernetes distribution for developer, edge, and private-cloud deployments.
GKE
Google Kubernetes Engine for managed Kubernetes clusters on Google Cloud.
EKS
Amazon Elastic Kubernetes Service for managed Kubernetes clusters on AWS.
Nomad
Simpler workload scheduling for containers, services, batch jobs, and mixed estates.
Corosync / Pacemaker
Linux high-availability clustering for failover of infrastructure and stateful services.
Heartbeat
Classic Linux HA heartbeat and failover coordination for legacy clustered services.
Patroni
PostgreSQL high-availability automation with leader election and failover orchestration.
Expertise Area
Infrastructure as Code & Environment Provisioning
Expertise in repeatable infrastructure builds, machine images, and reproducible environments from reviewed definitions.
Pulumi
Infrastructure as Code using general-purpose languages for cloud and platform provisioning.
Terraform
Declarative Infrastructure as Code for repeatable provisioning across providers.
Packer
Automated machine image builds for consistent VM and cloud image baselines.
Vagrant
Reproducible local development and test environments for infrastructure workflows.
Expertise Area
Configuration, GitOps & Release Automation
Experience turning source-controlled intent into configured systems, tested releases, and automated deployments.
Ansible
Configuration management, provisioning, and environment consistency without heavy agents.
ArgoCD
GitOps continuous delivery for Kubernetes applications and platform configuration.
GitLab
Source control and CI/CD workflows for build, test, security, and deployment automation.
GitHub Actions
Repository-native automation for CI, release, security checks, and operational workflows.
Jenkins
Extensible CI automation for complex and legacy delivery pipelines.
AWS CodeBuild
Managed build service for compiling, testing, and packaging workloads on AWS.
GCP Cloud Build
Managed CI/CD and container build pipelines for Google Cloud workloads.
AWS CodeDeploy
Automated deployment service for EC2, Lambda, ECS, and hybrid targets.
AWS CodePipeline
AWS-native release pipeline orchestration across source, build, test, and deploy stages.
Expertise Area
Security, Compliance & Cloud Posture
Security expertise across governance, hardening, vulnerability discovery, cloud posture, threat detection, and audit evidence.
CISO Guidelines
Governance, policy, and operating guardrails aligned to business risk and audit expectations.
Wazuh
Open-source security monitoring, host intrusion detection, vulnerability detection, and compliance visibility.
Lynis
Unix and Linux security auditing for hardening, compliance checks, and system baseline reviews.
Prowler
Cloud security posture assessment and compliance checks, especially for AWS environments.
Checkov
Infrastructure as Code scanning for misconfigurations before changes reach cloud accounts.
Nikto
Web server scanner for dangerous files, outdated software, and common server misconfigurations.
OWASP ZAP
Dynamic application security testing for web applications and APIs.
OpenVAS
Network vulnerability scanning for hosts, services, and exposed infrastructure.
testssl.sh
TLS and SSL configuration testing for certificates, ciphers, protocols, and known weaknesses.
Image Scanning
Container image vulnerability and policy checks before promotion to runtime environments.
TruffleHog
Secret discovery across Git history, filesystems, CI logs, and cloud storage.
Trivy
Vulnerability, misconfiguration, secret, and SBOM scanning for containers, code, and IaC.
Cloudflare WAF
Edge web application firewall controls for application-layer filtering and attack mitigation.
AWS GuardDuty
Managed threat detection for suspicious activity across AWS accounts and workloads.
AWS Config
Resource inventory, configuration history, and compliance evaluation for AWS environments.
Amazon Inspector
AWS vulnerability management for EC2, container images, Lambda, and workload exposure.
AWS Security Hub
Centralized cloud security posture, findings aggregation, and compliance control visibility.
Expertise Area
Networking, Edge & Load Balancing
Operational experience with service ingress, private connectivity, edge routing, and cloud load-balancing primitives.
HAProxy
High-performance TCP and HTTP load balancing for applications and infrastructure services.
Traefik
Cloud-native reverse proxy and ingress controller with dynamic service discovery.
Nginx
Reverse proxy, web server, ingress, and application delivery building block.
Cloudflare LB
Global load balancing for resilient routing across origins, regions, and providers.
AWS Application Load Balancer
Layer 7 AWS load balancing for HTTP, HTTPS, routing rules, and service targets.
AWS Network Load Balancer
Layer 4 AWS load balancing for high-throughput TCP, UDP, and TLS workloads.
WireGuard
Modern VPN tunneling for secure private connectivity between users, nodes, and sites.
Netmaker
WireGuard-based network automation for mesh, remote access, and site-to-site connectivity.
Expertise Area
Observability, Telemetry & Incident Insight
Experience building visibility through instrumentation, telemetry pipelines, dashboards, alerting, and incident triage.
OpenTelemetry
Vendor-neutral instrumentation for metrics, traces, and logs.
Vector
High-performance telemetry pipeline for logs, metrics, and events.
Logstash
Log processing and enrichment before search, storage, or analytics.
Elastic Beats
Lightweight agents for shipping host, service, and security telemetry.
Grafana
Dashboards and operational views for production metrics, logs, traces, and alerts.
Zabbix
Infrastructure monitoring, alerting, and availability checks.
PMM
Percona Monitoring and Management for database performance visibility.
Coroot
Service dependency mapping and eBPF-based performance troubleshooting.
SigNoz
OpenTelemetry-native APM, tracing, metrics, logs, and alerts.
Loki
Cost-efficient log aggregation designed to pair with Grafana.
Sentry
Application error monitoring and release-aware issue triage.
GlitchTip
Open-source error tracking with Sentry-compatible workflows.
Bugsink
Self-hosted crash and error tracking for application teams.
Metabase
Operational analytics and BI dashboards for business and platform data.
Expertise Area
Backup, Recovery & Data Protection
Expertise in backup design, restore testing, recovery objectives, and data protection for production systems.
Velero
Kubernetes backup and restore for cluster resources and persistent volumes.
Plakar
Backup, snapshot, and restore workflows focused on portable, inspectable backup repositories.
R1Soft CDP
Continuous data protection and server backup workflows for hosted infrastructure.
Backrest / Restic
Web-managed Restic backups for encrypted, deduplicated, repository-based recovery.
BorgBackup
Deduplicating, compressed, encrypted backups for servers and repositories.
AWS Backup
Centralized backup policies and recovery management across AWS services.
Percona XtraBackup
Hot physical backups for MySQL and Percona Server with minimal database downtime.
Expertise Area
Data Platforms, Search & Storage Services
Experience operating stateful systems across cache, relational, document, object, vector, search, and analytics workloads.
KeyDB
High-performance Redis-compatible key-value database for cache and fast data access.
Valkey
Open-source Redis-compatible key-value store for cache, queues, and low-latency data.
Redis
In-memory key-value datastore for caching, sessions, queues, and fast application state.
MySQL
Relational database for transactional application workloads.
PostgreSQL
Advanced relational database for transactional, analytical, and extensible data models.
TiDB
Distributed SQL database for horizontal scale and MySQL-compatible workloads.
ClickHouse
Columnar analytics database for high-volume events, observability, and reporting.
Amazon Aurora / RDS
Managed relational databases for AWS production workloads.
TimescaleDB
PostgreSQL-based time-series database for metrics, events, and historical data.
MongoDB
Document database for flexible application data models.
MinIO
S3-compatible object storage for private cloud and Kubernetes environments.
SeaweedFS
Distributed object and file storage for scalable private-cloud storage services.
S3
AWS object storage for durable backups, artifacts, data lakes, and static assets.
Qdrant
Vector database for semantic search, recommendations, and AI retrieval workloads.
Elasticsearch / OpenSearch
Search, indexing, and log analytics for operational and application data.
Typesense
Fast typo-tolerant search engine for application search experiences.
Percona Everest
Kubernetes-native database platform for provisioning and managing open-source databases.
Expertise Area
Storage & Stateful Infrastructure
Experience with replicated and Kubernetes-native storage for databases, persistent services, and private-cloud platforms.
DRBD
Distributed replicated block storage for Linux high-availability designs.
Longhorn
Kubernetes-native distributed block storage with snapshots, backups, and replica management.
Expertise Area
Platform Engineering & Internal Tooling
Experience with developer-facing platform tools that improve ownership, service catalogs, and operational self-service.
Backstage
Internal developer portal for service catalogs, ownership, templates, and platform workflows.