Welcome to the homepage of Marco Freimuth
About Me
Hey, I am Marco! As an enthusiastic DevOps and Cloud Engineer, I combine my passion for computers with my dream job. The fascinating world of IT and its rapid development excite me every day. I love designing and optimizing high-availability cloud infrastructures and efficiently managing them through automation. As a team player, I value the exchange of ideas and the joy that drives us to push the boundaries of technological possibilities.
Information
- Name: Marco Freimuth
- Title: Bachelor of Engineering
- Job: Cloud Engineer
- Age: 30 years
- Skype:
- LinkedIn: Marco-Freimuth
- Xing: Marco_Freimuth2
Skills
Cloud
AWS
Azure
Terraform
Docker
Kubernetes
GitOps (FluxCD)
DevOps
Jenkins
Ansible
Python Scripting
Datadog
Kibana (ELK)
Grafana (Prometheus)
Operating Systems
Windows
FreeBSD
Ubuntu
Languages
German
English
Japanese
- Atlassian Stack Administration (Jira, Confluence, Bitbucket)
- Networking (TCP/IP, VLAN, etc.)
- VMware ESXi Virtualization
- Firewall (PF)
- Web Development (PHP, JavaScript/jQuery, HTML, CSS)
- SQL
- Webservers (Apache, Nginx)
- VPN (OpenVPN)
- Empathy
- Curiosity
- Passion
- Self-discipline
Interests and Hobbies
Portfolio
Kubernetes Cluster
I operate my own Kubernetes cluster with multiple nodes on Ubuntu. I use RKE2 as the Kubernetes distribution, and as a big fan of GitOps, I use FluxCD to efficiently and securely deploy and synchronize applications and configurations.
My Kubernetes cluster runs various services, including several websites like this one, and other private projects. Additionally, I manage a private cloud storage for secure and scalable file and data storage. For secure password management, I host a password manager that allows convenient and encrypted storage.
For monitoring and alerting in case of cluster errors, I have set up Prometheus in conjunction with Grafana. Prometheus enables metric collection, while Grafana provides me with visual representation and data analysis. I have also set up external monitoring using the Grafana Cloud service.
To ensure Single Sign-On (SSO) for my services and simplify user management, I have implemented Keycloak. Furthermore, I run a mail server, a VPN server, a Minecraft server, Nessus as a vulnerability scanning tool, and many other tools that interest me and that I like to try out.
Overall, my Kubernetes cluster with RKE2, FluxCD, and the various services I run on it allows me to provide and manage reliable, scalable, and secure infrastructure for my projects.
FreeBSD Jails
Before switching to Kubernetes, I always used FreeBSD and isolated all the services I operated in separate jails. I first forwarded the traffic to HAProxy via the packet filter (pf), which then forwarded the traffic to an available jail with the desired server. Inside these jails, I ran various services such as mail servers, webservers, database servers, Elasticsearch, and others.
The jails were created entirely using Ansible, and the services within the jails were fully installed and configured. Ansible allowed me to automate and efficiently manage the provisioning and configuration of jails and services. This enabled me to quickly and consistently build and manage my infrastructure while ensuring security and isolation through the use of jails.
Overall, by combining FreeBSD, Jails, and Ansible, I created a reliable and well-structured environment to run and manage my various services in isolated environments. This architecture provided me with flexibility and control over my services while ensuring high security.
Logchain
As part of my bachelor thesis "Securing Cloud Environments Against Cyber Attacks," I developed the program Logchain in Python. This program secures relevant logs for post-hack analysis in a blockchain to ensure their availability in case of a successful attack.
Technology
Since computational power is crucial in cloud environments, the application uses the Proof-of-Stake method to generate nearly no additional load on the instances. The application has a self-managed error correction and distribution of defined logs, allowing the blockchain network to operate autonomously without further manual intervention. If logs are deleted by an attacker during an attack on one or more instances, they can be restored from the blockchain.
CMS
To edit and maintain my websites faster, I developed my own Content Management System in PHP. Most of my websites are based on this CMS, which is continuously expanded and optimized.
Features
The system consists of an easily understandable folder structure. A configuration file allows loading a desired theme and plugins. Additionally, functions such as the cache function, an offline database as a file, the debug mode, the hash algorithm, and much more can be set. Moreover, the CMS offers many predefined functions to simplify the integration of a dynamic menu, a login area, or other elements.
Technology
All pages are stored as files, allowing for faster processing compared to loading all texts from a database. This offers a performance advantage. The admin area allows easy management of menus, plugins, and user permissions in a responsive design that also enables comfortable work via mobile devices.
Kubernetes Cluster
Go to Project
FreeBSD Jails
Go to Project
Logchain
Go to Project
CMS
Go to Project