Built a complete open-source web-based platform for managing virtual network labs from scratch - designed for network engineers studying for certifications like JNCIS-SP. Serves as a modern alternative to EVE-NG with advanced features.
Implemented interactive topology visualization using Cytoscape.js with drag-and-drop network diagram positioning and real-time router state updates (color-coded by status). Integrated browser-based console access using ttyd, eliminating the need for separate SSH clients - users can click "Console" and immediately access router terminals.
Developed RESTful API with Python and FastAPI managing KVM/QEMU virtual machines through libvirt, handling router lifecycle operations, lab organization, and token-based console session management. Created modern React frontend with Tailwind CSS featuring multi-lab management, optimistic UI updates, and responsive design.
Engineered one-command installer script automating complete platform setup including dependency installation (Node.js, Python, KVM, ttyd), Python virtual environment creation, React frontend build, systemd service configuration, and network setup.
Technologies: Python, FastAPI, React, KVM/QEMU, libvirt, ttyd, Cytoscape.js, Tailwind CSS, systemd, Bash scripting
Impact: Production-ready platform demonstrating full-stack development skills combined with deep network engineering knowledge. Open-sourced on GitHub with comprehensive documentation.
Links: GitHub Repository | Live Demo
Designed and deployed a production-grade global anycast network spanning 8 NetActuate Points of Presence across 4 continents (North America, Europe, Asia). The network uses BGP anycast routing to automatically direct traffic to the nearest location, achieving optimized latency worldwide.
All PoPs maintain persistent WireGuard tunnels back to home infrastructure with 25-second keepalives for NAT traversal. Traffic is encrypted end-to-end from customer to game server.
Technologies: BGP, Anycast routing, WireGuard, NetActuate infrastructure, Ubuntu Server
Impact: Enables VRHost customers to connect to game servers with minimal latency regardless of their geographic location
Developed custom "mkvm" bash script that automates the entire virtual machine lifecycle. The script parses resource specifications (e.g., "VR2x2x25" for 2GB RAM, 2 vCPU, 25GB disk), creates QCOW2 disk images, generates cloud-init NoCloud seed ISOs, assigns static IPs, and automatically registers VMs in Prometheus monitoring.
Integrated with Node Exporter for automatic metrics collection. The system has provisioned dozens of production VMs across R730 and R320 hypervisors.
Technologies: Bash scripting, KVM/libvirt, cloud-init, QCOW2, Prometheus integration
Impact: Reduced VM deployment time from 30+ minutes to under 2 minutes with consistent configuration
Built complete game server hosting business from the ground up, including WordPress/WooCommerce storefront, Pterodactyl Panel integration, and custom automation for server provisioning. When customers purchase hosting, the system automatically creates game servers, configures resources, and delivers credentials via professionally designed email templates.
The platform runs on segregated infrastructure with game servers on a dedicated network (10.10.50.0/24) separate from management services, ensuring stability and security.
Technologies: WordPress plugin development, WooCommerce API, Pterodactyl API, custom email templates, network segmentation
Impact: Fully automated business requiring minimal manual intervention for customer provisioning
Implemented comprehensive monitoring stack using Prometheus and Grafana with custom exporters for specialized metrics. Developed custom WireGuard metrics exporter to monitor tunnel health across all 8 global PoPs. Created professional dashboards tracking hypervisor resources, VM performance, storage utilization, network traffic, and tunnel status.
LibreNMS deployment monitors network infrastructure via SNMP including Juniper SRX340 firewall and both hypervisors, providing network topology mapping and interface statistics.
Technologies: Prometheus, Grafana, LibreNMS, custom Python exporters, SNMP monitoring
Impact: Complete visibility into all infrastructure components with 15-day metric retention and proactive alerting
Built complete custom Django e-commerce platform from scratch for father's bladesmithing instruction business. Developed full-stack solution with PostgreSQL database, Stripe payment processing, shopping cart with dynamic tax/shipping calculations, and comprehensive order management system.
Integrated Calendly API for automated class scheduling across 3-course catalog (Railroad Spike Knife, Hunting Knife, Damascus Steel). Implemented transactional email workflows using self-hosted mailcow server for order confirmations, shipping notifications with tracking, and booking confirmations.
Technologies: Python, Django 5.2, PostgreSQL, Stripe API, Calendly integration, Nginx reverse proxy, SSL/Let's Encrypt, Tailwind CSS, mailcow email server, Linux server administration
Impact: Professional e-commerce platform enabling automated class bookings, secure payment processing, and streamlined order fulfillment with real-time inventory and customer management.
Established complete documentation system using BookStack covering all VRHost operations, network architecture, monitoring setup, and maintenance procedures. Documentation includes Virtual Machine Inventory, Network Architecture diagrams, Web Services configuration, Email Services setup, Monitoring Stack details, and complete NetActuate Global Anycast Network specifications.
Created detailed guides for VM management, network configuration, and troubleshooting procedures ensuring operational continuity.
Technologies: BookStack, technical documentation, network diagrams, standard operating procedures
Impact: Enables efficient troubleshooting and serves as knowledge base for infrastructure management
Designed and implemented dual-hypervisor architecture separating infrastructure services (R320) from game server workloads (R730). Implemented network segmentation with dedicated VLANs for infrastructure (10.10.1.0/24), game servers (10.10.50.0/24), and out-of-band management (172.19.1.0/24).
Configured Juniper SRX340 with advanced routing, VLANs, and security policies. Ensured stability by isolating customer-facing game servers from critical management infrastructure.
Technologies: KVM/libvirt, network bridges, VLAN configuration, JunOS, network segmentation
Impact: Improved stability and security through proper isolation of workload types
Deployed centralized homepage dashboard providing single-pane-of-glass view of all infrastructure services. Dashboard aggregates links to Pterodactyl Panel, LibreNMS, BookStack documentation, Grafana dashboards, WordPress shop, and administrative tools.
Technologies: Dashboard software, service aggregation
Impact: Streamlined access to all infrastructure management tools from single interface
Earned four professional networking and security certifications in a single year while working full-time:
All certifications remain current through 2027. Currently pursuing RHCSA (Red Hat Certified System Administrator) certification for Infrastructure Engineering and DevOps advancement.
Advanced from Network Engineer Tier 1 to NOC Engineer role at tier-1 network provider within 18 months:
Created training documentation at Segra that was used to onboard future hires.