Available for new engagements

Infrastructure for
startups that can't
afford downtime.

I build and own production Kubernetes platforms, AI infrastructure, and DevSecOps pipelines for companies moving fast. CKA certified, 5.0 rated across 51 projects. Based in Tunisia, available globally.

Book a free 30min call → View case studies

5.0

Upwork Rating

Projects

Clients

CKA

Certified

What I do

End-to-end
infrastructure ownership

From zero to production-ready in days, with architecture, documentation, and reliability guarantees to match.

High demand · 2025 01

Private AI Infrastructure

Deploy your own self-hosted LLM stack, Ollama, vLLM, vector databases, and RAG pipelines on your infrastructure. Full data privacy, zero OpenAI dependency, production-grade observability included.

OllamavLLMQdrantChromaDBEmbeddingsRAG

Kubernetes Platform Engineering

Production-grade clusters, multi-node HA, Cilium CNI, Gateway API, RBAC hardening, and GitOps-driven lifecycle management. CKA certified.

KubernetesHelmArgoCDCiliumFluxCD

DevSecOps & Zero Trust

Security hardening across the full stack, OWASP ZAP scanning, Netbird/Wireguard zero-trust networking, Vault secret management, and CIS benchmark compliance.

OWASP ZAPNetbirdWireguardVaultFalco

CI/CD & Delivery Automation

Full delivery pipelines with zero-downtime deployments, canary and blue-green strategies, automated rollbacks, and policy-gated promotion gates.

GitHub ActionsGitLab CIJenkinsSonarQubeTrivy

Observability Engineering

Full-stack observability on Prometheus, Grafana, and Loki, SLO-driven alerting, distributed tracing, capacity dashboards, and runbooks your team can actually use.

PrometheusGrafanaLokiUptime KumaOpenTelemetry

Infrastructure Audit & Advisory

In-depth audits of cloud accounts, Kubernetes clusters, and CI/CD pipelines, delivered as an actionable report with prioritized security, cost, and reliability findings.

AWSGCPAzureTerraform

Client Work

Recent
engagements

5.0 rating across all reviewed engagements on Upwork.

Ongoing · Jan 2025–present

Full DevOps Ownership, US AI Startup

Long-term engagement · 24 projects delivered

End-to-end infrastructure and DevOps ownership, containerized deployments, self-hosted AI/ML pipelines with Ollama, VPN/firewall security architecture, CI/CD automation, and full observability stack.

DockerAzureOllamaGitHub ActionsLinuxWireguard

Completed · Feb 2026★★★★★

Kubernetes Cluster Bootstrap with Cilium Gateway API

Infrastructure Engineering

Designed and bootstrapped a production-grade Kubernetes cluster with Cilium CNI and Gateway API configuration, Ansible-driven automation, and full documentation.

"Fedi configured and bootstrapped our Kubernetes cluster with a special focus on Cilium. His expertise saved us many working hours."

KubernetesCiliumGateway APIAnsible

Completed · Aug 2025★★★★★

VPS Infrastructure Recovery & Hardening

Linux · Security

Emergency VPS recovery and full security hardening, Docker stack repair, Caddy reverse proxy, and systematic security posture improvement.

"Fedi did an outstanding job repairing our VPS after ChatGPT sent us down a thousand rabbit holes. Great communication and technical knowledge."

DockerCaddyLinux

Completed · Nov 2024★★★★★

Grafana & Prometheus Observability Stack

Monitoring · Observability

Full observability platform setup, Grafana dashboards, Prometheus metrics collection, Loki log aggregation, connector debugging, and complete team documentation.

"Overall awesome guy. He set up our Grafana server, documented everything, and helped debug the Prometheus connector. Communicating well."

GrafanaPrometheusLoki

Total clients, from one-time
fixes to long-term partnerships

Projects delivered across
different stacks and industries

5.0

Rating across every
reviewed engagement

Writing

From the
engineering desk

Deep dives on Kubernetes, AI infrastructure, and DevSecOps, from real production experience.

AI Infrastructure

Self-Hosted LLM Stack on Kubernetes: Ollama + Qdrant + Embeddings in Production

How I deployed a fully private AI stack for a US startup, inference, vector search, and RAG pipelines without touching OpenAI.

Coming soon10 min read

Kubernetes

Cilium Gateway API: Why We Moved Away from Nginx Ingress

A practical walkthrough of bootstrapping a production cluster with Cilium CNI and the new Gateway API, lessons from a real client engagement.

Coming soon8 min read

DevSecOps

Zero Trust for Startups: Replacing Your VPN with Netbird in One Weekend

How a small team can go from legacy VPN to a proper zero-trust architecture using Netbird and Wireguard, without a dedicated security team.

Coming soon6 min read

Engagements

Straightforward
pricing

No surprises. Every engagement starts with a free 30-min discovery call to scope the work accurately.

One-time Project

Fix & Deliver

from$500

Scoped projects with a clear deliverable, cluster setup, observability stack, CI/CD pipeline, VPS hardening, or AI stack deployment.

Defined scope & deliverables upfront
Full documentation included
1 week of post-delivery support
Async communication, 24h response

Book a scoping call →

Monthly Retainer

Embedded Engineer

from$2k/mo

Ongoing infrastructure ownership. I become your DevOps and platform team, ideal for startups without in-house infra engineers.

Up to 40h/month dedicated work
Priority response, same day
Unlimited async communication
Monthly infrastructure review
Incident response included

Start with a free call →

Audit & Advisory

Infra Audit

from$800

In-depth technical audit of your cloud accounts, Kubernetes clusters, and CI/CD pipelines, delivered as an actionable report.

Security gaps & vulnerabilities
Cost leakage identification
Reliability risk assessment
Prioritized remediation roadmap

Request an audit →

Technologies

The full
tech stack

Tools used in production, not just on a resume.

AI / LLM

OllamavLLMQdrantChromaDBRAG PipelinesEmbeddings

Containers / K8s

KubernetesDockerHelmArgoCDCiliumFluxCDK3scontainerd

CI / CD

GitHub ActionsGitLab CIJenkinsSonarQubeTrivy

Observability

PrometheusGrafanaLokiAlertmanagerUptime KumaOpenTelemetryJaeger

Security

OWASP ZAPNetbirdWireguardVaultFalcocert-manager

Cloud / IaC

AWSGCPAzureTerraformAnsiblePulumiHetzner

Systems

LinuxBashPythonPostgreSQLRedisKafkaNginxTraefik

Get in touch

Ready to build infrastructure
that actually works?

Book a free 30-minute call, no pitch, just a straight technical conversation about your infrastructure challenge. You will get an honest assessment and a clear scope within 24 hours.

Location

Tunisia, available globally, remote-first

Response time

24h for new inquiries, same-day for retainer clients

Availability

Open to new engagements, long-term retainers preferred

30 minutes. No pitch.

Bring your infrastructure challenge. I will give you a straight technical assessment, no sales deck, no fluff.

Current stack reviewWe look at what you have and where the gaps are

Architecture optionsTrade-offs explained clearly, no buzzword soup

Written follow-up within 24hYou get a scope summary regardless of whether we work together

Book a discovery call →

Or reach out at fedi@kubepath.io

Infrastructure forstartups that can'tafford downtime.

End-to-endinfrastructure ownership