Building reliable
systems that don't wake
anyone up.
I'm Hamza Karhat — a DevOps / SRE engineer. I design platforms that stay boring on purpose, automate the parts that shouldn't need a human, and write about it occasionally.
I've spent the last six years standing up infrastructure that has to stay up. The kind of work where success looks like nothing happening, and failure shows up on someone's pager at 3am.
My day job is making Kubernetes platforms boring — predictable, observable, automated, recoverable. My night job is the same thing, but on a homelab, for fewer users, with more interesting hardware.
I'm at my best when there's a system that should be simpler than it is, and the path forward involves equal parts YAML, Rust, and uncomfortable conversations about scope.
Bell
Lead SRE on a portfolio of mission-critical telco services going through a cloud-native rebuild. Architect the microservices, event-driven APIs, and Kubernetes platform; automated the path from commit to prod with Terraform, GitLab CI, and Ansible — release times went from hours to minutes. Wrote the incident response and post-mortem playbooks the team runs on, and translate between architecture decks and ops reality when those two drift.
CGI
Consultant on an enterprise SAP S/4HANA migration. Built the data integration flows, API services, and UI extensions that kept downtime survivable during cutover. Shipped a Partner Center add-on — ABAP modules and SAPUI5 Fiori components — that turned a paper-trail document workflow into something humans could actually use. Picked up that 'API governance' is mostly the art of saying no with a smile.
Freelance
Built a unified payment platform stitching together two e-commerce sites — stateless Django microservices on Kubernetes, Prometheus + Grafana for the on-call dashboard. Also shipped a media-management site for independent musicians on Vue and Docker. Ran a few hands-on Kubernetes/Docker/Python sessions for soon-to-be-graduate developers; teaching is the fastest way to find the holes in your own mental model.
Welaika
Backend services and APIs in Rails, with S3 for storage and Docker keeping the dev/prod gap small. Wrote the RSpec suites, shipped on agile cycles, and got my first real lessons in scoping client work — what to push back on, what to absorb, and when to escalate.
ValuePass
Summer internship doing SAP system maintenance — database table management and functional support. First exposure to enterprise software, which mostly meant learning that nothing in production is ever simple, and most of the work happens in the seams between teams.
homelab-as-code
Everything in my homelab — Proxmox cluster, Talos K8s on top, OPNsense router, observability stack — defined in Terraform + Ansible. One pull request rebuilds the whole house.
havok
A Discord-shaped Matrix client aiming to replace Discord in my day-to-day. Familiar UX, federated backend, and none of the corporate trajectory.
dockctl
Rust-based REST API that controls Docker containers on the host it runs on. Started as an OpenStack experiment, kept around because it's a tiny static binary that does one thing well.
helios
Tenant-aware deployment conductor for OpenStack. A small Rust HTTP service that provisions Nova instances, bootstraps them with cloud-init, registers them behind a Caddy reverse proxy, and tracks tenants in Postgres. Built as a take on what a minimal cloud provider's control plane looks like.
What I do when I'm not on call.
A non-exhaustive list of things that occupy the rest of the disk.
Notes from the on-call rotation.
all posts →Let's deploy something together.
I'm open to contract SRE work, platform engineering retainers, and the occasional rescue mission for clusters that have gone feral. Drop a line and we'll figure it out.
expected response time: < 24h on weekdays