DevOps & AI Platform Architect

Stefan Scharlott

Building AI-powered operations platforms, sovereign digital infrastructure, and MCP-native systems at scale. 20+ years Open Source. 8+ years DevOps. Designing systems, directing implementation.

Alexandra, New Zealand sscharlott@gmail.com +64 27 240 3332 LinkedIn
Explore
Ask AI About Me

Got questions? Ask the AI.

This AI knows my full professional background — try asking about my skills, projects, or experience.

What I Do
AI & Agentic Systems
MCP, LLM integration, RAG, agentic workflows

Building Model Context Protocol (MCP) servers and connectors that give AI agents structured access to real infrastructure and applications. 100+ MCP tools across operations and workplace platforms.

LLM integration with sovereign AI providers (IONOS, OpenAI-compatible), RAG pipelines using Qdrant for semantic search, intent classification engines, SSE streaming. Claude Code skill harnesses and agentic workflow orchestration for infrastructure operations.

MCP (100+ tools) RAG / Qdrant Agentic Workflows LLM Integration Intent Engines Claude Code Skills
Solution Architecture
System design, technology selection, directing implementation

Designing end-to-end systems: Go microservices, React/TypeScript frontends, Kubernetes operators with 20+ CRDs, Helm charts, and CI/CD pipelines. Choosing the stack, defining the architecture, and directing implementation through to production.

JWT/OIDC/SAML authentication flows with Keycloak, supply-chain signing with cosign, GitLab CI pipeline design, and AI-assisted development workflows.

Go React 19 / TypeScript Kubernetes Operators Next.js Helm Keycloak SSO GitLab CI
Platform Engineering
Kubernetes, GitOps, multi-cluster, HA networking

Multi-cluster Kubernetes platforms with RKE2/Rancher, ArgoCD GitOps, and Crossplane IaC. WireGuard mesh networking, OPNsense HA firewalls (CARP/pfsync), MetalLB/BGP load balancing.

Full lifecycle from bare metal provisioning (SUSE Elemental, Tinkerbell) through day-2 operations. NetBox-driven automation, secrets management with OpenBao/Vault, and observability with OpenTelemetry.

RKE2 / Rancher ArgoCD Crossplane OPNsense HA WireGuard MetalLB / BGP KubeVirt / Harvester
Leadership & Enablement
Team building, product ownership, technical training

Built a DevOps team from scratch. Servant leadership, hiring, mentoring, performance feedback. Product Owner for in-house platform (FramES) with roadmap ownership and stakeholder alignment.

Training delivery for up to 50 participants in Kubernetes, CI/CD, and IaC. Enterprise enablement on-site and remote. Conference speaker (.NEXT Anaheim).

Team Building Product Ownership Training (50+) Conference Speaker Stakeholder Mgmt
Key Projects
NightOwl / Owlstack
AI-Powered Operations Platform
Wisbric

Full-stack AI-powered operations platform built from scratch in Go and React 19. Incident management with escalation policies, real-time alert ingestion from KeepHQ, on-call scheduling and roster management.

Integrated Zammad for ticketing and Outline for knowledge management. 100+ MCP tools across two servers enabling AI-agent-driven operations. Helm umbrella chart orchestrating 8 services. Keycloak SSO with both OIDC and SAML. Deployed via ArgoCD with External Secrets Operator and OpenBao.

Go React 19 100+ MCP Tools Helm Umbrella KeepHQ Zammad Outline ArgoCD Keycloak SSO
Aussie Broadband Platform
Multi-Cluster Edge/Core Kubernetes — Lead Engineer
Adfinis

Designed and automated a Rancher RKE2 core/edge platform with Harvester (HCI) and KubeVirt for Australia's 4th-largest telco. End-to-end bare-metal provisioning using SUSE Elemental and Tinkerbell, standardised cloud-init seed images, and closed-loop ops via NetBox-driven GitOps.

Established NetBox as the single source of truth (devices, clusters, IPAM, custom fields) generating Helm values and manifests. Argo CD Apps-of-Apps with ApplicationSets for continuous delivery across clusters, tenants, and environments.

Engineered storage and networking foundations: Portworx, MetalLB/FRR (BGP), ExternalDNS (Cloudflare), Whereabouts/DHCP. Automated secrets with Vault AppRole. Built an API gateway (Flask/FastAPI) for Redfish/CIMC boot control integrated with GitOps pipelines and NetBox webhooks. Delivered observability with OpenTelemetry/SigNoz.

RKE2 / Rancher Harvester / KubeVirt NetBox GitOps Portworx MetalLB / BGP SUSE Elemental Tinkerbell Vault OpenTelemetry
openDesk CORE
Sovereign Digital Workplace — 180k+ Public Sector Users
Adfinis

Architected the next-generation Kubernetes operator and AI orchestration layer for openDesk, Germany's M365 replacement for federal government employees. MCP Hub with JWT auth dispatching to 10 connectors (47 tools) across Nextcloud, OX App Suite, Element/Matrix, OpenProject, Collabora, Jitsi, and XWiki.

Intent engine with 13 intent types, RAG pipeline with Qdrant, SSE streaming. React 19 PWA with phase-gated features, 4-role access model, WCAG 2.1 AA accessibility. 20 CRDs, 12 controllers. OX App Suite OAuth Bearer integration and Nubus user provisioning.

K8s Operator (20 CRDs) MCP Hub (47 tools) LLM Intent Engine React 19 PWA RAG / Qdrant WCAG 2.1 AA
Urban Data Platform
DIN SPEC 91357 / BSI TR-03187 — German Municipalities
Adfinis

Standards-compliant urban data platform for German municipalities (Komm.ONE, Stadt Friedrichshafen). Next.js portal with Keycloak RBAC, CKAN data catalog with approval workflows, NGSI-LD context broker (Scorpio), geodata services, NiFi ETL pipelines, OpenMetadata governance, Cadenza visualisation. Multi-tenant architecture with IoT ingestion via MQTT and TimescaleDB.

Next.js 16 NGSI-LD Multi-Tenant CKAN NiFi TimescaleDB MQTT / IoT
Sovereign Cloud Infrastructure
IONOS Cloud — 4-Cluster Mesh with Agentic Provisioning
Adfinis

Provisioned and operate 4 RKE2 Kubernetes clusters with WireGuard mesh networking on IONOS Cloud. OPNsense HA firewalls (CARP/pfsync), golden image build pipelines via GitLab CI, ArgoCD GitOps with External Secrets Operator and OpenBao. Custom MCP servers for automated VDC provisioning via agentic workflows. Claude Code skill harnesses and evaluation frameworks for AI-assisted infrastructure operations.

MCP Servers Agentic Provisioning 4-Cluster Mesh OPNsense HA WireGuard IONOS Cloud OpenBao
Experience
2023 — Present
Senior DevOps / Cloud-Native Architect
Adfinis
AI-powered platform development, sovereign infrastructure for German public sector. Multi-cluster platform engineering. openDesk CORE, Urban Data Platform, IONOS Cloud automation.
2021 — 2023
Manager DevOps Integration & Product Owner
Erik Sterck GmbH
Built the DevOps Integration team from scratch. Product Owner for "FramES" platform. Roadmap, stakeholder alignment, implementation coordination.
2020 — 2021
Senior Solution Architect
Erik Sterck GmbH · Nutanix Germany
Customer workshops in DevOps, CI/CD, IaC, Kubernetes. Redesigned FramES as a Kubernetes appliance. Technical pre-sales.
2017 — 2020
Senior DevOps Engineer
Westpac New Zealand
HCI adoption (Nutanix), VDI, CI/CD ownership. Speaker at .NEXT Anaheim on automation & security as code. Vendor management and compliance.
2010 — 2017
Senior Linux Engineer
IBM New Zealand
Primary engineer for ~300 Linux servers (Westpac NZ, Red Energy AU). On-call for ~500 servers. Security, networking, application support.
Technologies
AI & MCP
Model Context Protocol LLM Integration RAG / Qdrant Intent Classification Prompt Engineering Claude Code Skills Agentic Workflows IONOS Sovereign AI
Languages & Frameworks
Go TypeScript Python Bash React 19 Next.js Vite Tailwind CSS
Kubernetes & GitOps
RKE2 / Rancher Helm ArgoCD Crossplane kubebuilder KubeVirt / Harvester GitLab CI Kaniko cosign
Security & Networking
Vault / OpenBao Keycloak (OIDC/SAML) External Secrets Operator OPNsense HA (CARP) WireGuard MetalLB / BGP Cloudflare
Data & Observability
PostgreSQL / CNPG Redis TimescaleDB MQTT NGSI-LD OpenTelemetry Prometheus Vector