Start a project
Home Services VPN Blog About Contact
Per aspera ad astra — from stone to sky

Cloud platforms
built like pyramids.

Twenty-five years of systems engineering, poured into cloud architecture, DevOps automation, and pragmatic AI. Solid foundations. Bulletproof operations.

Start a project See what we do
KubernetesGitOpsCloud architectureRust & GoPragmatic AIZero-trust networkingLegacy modernizationObservability KubernetesGitOpsCloud architectureRust & GoPragmatic AIZero-trust networkingLegacy modernizationObservability
01 · Services

What we build.Five practices, one discipline: systems that stay up, scale predictably, and cost what they should. Each line below has carried real production weight at enterprise scale.

01

Cloud Architecture

VPC networking, managed Kubernetes, bare-metal integration, and data-plane design. We engineer platforms end-to-end — not just provision resources.

ProofMigrated a business-critical EOL NoSQL cluster to a managed DBaaS behind private VPC + DNS peering. Zero downtime.
02

DevOps & GitOps

Repeatable pipelines, audit-proof delivery, and infrastructure that reconciles itself. Standardized across dev, test, and production.

ProofUnified GitOps engine across a virtual mobile provider — self-healing runtimes, auditable CD from day one.
03

Security & Compliance

Tight IAM, advanced secrets handling, network isolation, and audit trails. Built for regulated industries where “probably fine” isn’t good enough.

ProofZero-trust VPC/DNS peering for a finance-adjacent platform; hardened security perimeter on live migration.
04

Legacy Modernization

Breaking down monoliths, containerizing the right seams, and rescuing tangled microservice estates before they become someone’s pager alert.

ProofRefactored and re-platformed carrier-grade workloads onto managed Kubernetes — scaling and reliability handled in code.
05

Pragmatic AI & Agents

LLM-backed agents, Model Context Protocol integrations, and domain-specific models — wired into actual business workflows with guardrails and observability.

ProofServerless ETL pipelines streaming service telemetry into a warehouse; executive dashboards running on live data.
02 · Products

K-Ops VPN.A TCP-native VPN for the environments WireGuard gives up on — airport Wi-Fi, hostile corporate firewalls, long-haul satellite links. Open-source core, enterprise routing.

Open source · Early access

Works where UDP doesn’t.

Modern crypto, server-controlled routing, cross-platform clients. The same simplicity story as WireGuard — with an operator’s guarantees underneath.

  • TCP-nativeSurvives restrictive firewalls and ISP interference on port 443.
  • Central policyEnforce corporate routing and ACLs from the server, not the client.
  • Modern cryptoX25519 key exchange + ChaCha20-Poly1305 AEAD.
  • Cross-platformRust core, Flutter UI. Linux, macOS, Windows, iOS, Android.
k-ops-vpn connect production
→ Authenticating device… OK
→ Handshake (X25519)… OK
→ Tunnel established (TCP/443)
Connected to Helsinki-1
03 · How we work

Three steps.No discovery-phase theatre. We find the actual problem, engineer the smallest durable solution, and stay on the hook for operating it.

Step 01

Discover

A working session, then a written architecture note. We name the risks, the constraints, and the shortest path that doesn’t create new ones.

Step 02

Engineer

Infrastructure-as-code from day one. GitOps pipelines, observability, and runbooks land with the system — not as a phase-two afterthought.

Step 03

Operate

Retained support, on-call rotation integration, or a clean handover to your team with documentation they’ll actually read. Your call.

04 · About

Built to outlast the hype cycle.

K-Ops is led by an engineer who’s been in production systems since 2001 — starting on 24/7 Unix maintenance for mission-critical environments, long before “DevOps” had a name.

Bare-metal Unix, a decade of C++ systems programming, early Kubernetes adoption, and modern Rust and Go. The throughline: platforms that don’t fall over. Backed by a trusted network of senior engineers when a project needs more hands.

25+Years in production IT
10+Years DevOps & Cloud
8+Years Kubernetes
05 · Writing

Field notes.Engineering essays from the trenches — what actually breaks in production and how we fix it.

Engineering · Feb 13, 2026

The €0/Month Web Presence Architecture

How to leverage Always Free cloud resources to run a secure, professional web presence for zero cost.

Read essay →
Engineering · Feb 13, 2026

The Pragmatic Agentic Stack with MCP

How to build autonomous agentic workflows that actually improve engineering productivity using Model Context Protocol (MCP).

Read essay →
Engineering · Jan 15, 2026

Backing up to Cloud Storage with Restic

Learn how to implement modern, fast, and encrypted off-site backups using Restic for maximum data security at minimum cost.

Read essay →
All writing
Contact

Bring us your hardest infrastructure problem.