Hi, I'm Debasish Mohanty
Cloud DevSecOps Engineers
I build Kubernetes-native infrastructure focused on autoscaling, observability, and platform reliability.
Official Upstream Open-Source Contributor to Kubernetes Autoscaler and Falco — fixes merged into production release branches.
Kubernetes · Go · Terraform · AWS · GitOps · Observability · SRE
About Me
I work on control-plane systems for cloud-native infrastructure — where correctness matters more than uptime percentages.
My focus is on system behavior under real conditions: autoscaling under noisy metrics, failure handling with retries and backpressure, and control-plane logic using CRDs, controllers, and reconciliation loops.
I have contributed to Kubernetes Autoscaler and Falco, fixing production-impacting bugs in scaling behavior and runtime correctness — both merged upstream and included in release branches.
What I build:
- Kubernetes operators with deterministic control loops
- DevSecOps enforcement pipelines that block, not just report
- eBPF-based runtime security at the syscall level
I build systems that behave correctly under load — not just systems that work in demos.
Control Plane & Distributed Systems
Production-grade systems focused on autoscaling, control-plane behavior, and distributed system reliability
SmartScaler — Kubernetes Autoscaling Operator
Kubernetes-native autoscaling operator with a deterministic multi-signal control loop across CPU utilization, node pressure, and cost.
Adaptive autoscaling · Fault-tolerant architecture · Noise-filtered decision logic · HA leader election · Conflict-safe retries · Prometheus observability
KubeRTSec — Kubernetes Runtime Security
eBPF-based runtime security platform that detects and kills malicious processes at the syscall level.
eBPF-based runtime threat detection · Execve tracepoint monitoring without sidecars · Sub-millisecond rule evaluation · Detect/alert/enforce response modes · Hot-reloadable YAML rules
ZeroTrustOps — DevSecOps Enforcement Platform
Self-hosted platform that scans every Git push and blocks misconfigurations before they reach production.
Custom SecTL static analysis engine (70+ rules) · Kubernetes/Terraform/Helm security scanning · Gitleaks secret detection · PASS/FAIL CI enforcement · Kyverno admission control policies
Open Source Impact
Contributions to Kubernetes control-plane systems, autoscaling behavior, and distributed system reliability
Kubernetes Autoscaler (kubernetes/autoscaler)
Fixed control-plane bug where node groups ignored configured minSize, causing silent under-provisioning in production clusters.
Restored correct scaling behavior · Merged upstream · Backported to release branches (1.32, 1.33)
View ContributionKubernetes Autoscaler (VPA Helm)
Restored missing */scale RBAC in VPA Helm chart, enabling admission controller to correctly resolve CRD selectors.
Unblocked autoscaling behavior in Helm-based deployments · Fixed broken control-plane interaction
View ContributionFalco (falcosecurity/libs)
Fixed integer overflow in memory telemetry (VMSIZE/VMRSS) affecting processes >4GB.
Restored correctness of runtime security metrics · Eliminated overflow edge cases · Merged into production releases
View ContributionFalco (falcosecurity/libs)
Resolved file descriptor leak in libscap by enforcing error-path cleanup in syscall-level thread inspection.
Prevented resource leaks in long-running agents · Improved runtime stability
View ContributionHelm (helm/helm)
Improved OCI registry client correctness by aligning documentation with actual authentication and request behavior.
Reduced ambiguity in registry interactions · Improved developer reliability
View ContributionProfessional Experience
Building control-plane systems, autoscaling logic, and distributed infrastructure for real-world production environments
Open Source Engineer — Kubernetes Control Plane & Systems
Cloud Native Computing Foundation (CNCF)
Jan 2026 – Present
Remote
- •Contributed to Kubernetes Autoscaler, Falco, and Helm, focusing on control-plane correctness and system reliability
- •Fixed Kubernetes Autoscaler bug where node groups ignored configured minSize, causing silent under-provisioning in production clusters
- •Restored missing */scale RBAC in VPA Helm chart, enabling admission controller to correctly resolve CRD selectors
- •Eliminated integer overflow in Falco memory telemetry (VMSIZE/VMRSS) using 64-bit arithmetic, restoring correctness for >4GB processes
- •Resolved file descriptor leak in Falco libscap by enforcing error-path cleanup, preventing resource exhaustion in long-running agents
- •Improved Helm OCI registry client correctness by aligning documentation with actual authentication and request behavior
- •All contributions merged upstream and included in production release branches after maintainer review and CI validation
Cloud Infrastructure Engineer
TechEazy Consulting
Jun 2025 – July 2025
Remote
- •Provisioned AWS infrastructure using Terraform (VPC, EC2, IAM, S3) with environment isolation
- •Designed CI/CD pipelines enabling automated dev → production deployment promotion
- •Implemented deployment validation using health checks and retry mechanisms
- •Optimized cloud costs via automated EC2 lifecycle management and scheduled shutdown systems
- •Managed environment-specific configurations using Terraform workspaces
Cloud Infrastructure & Platform Engineer
Elevate Labs
May 2025 – Jun 2025
Remote
- •Implemented Istio-based canary deployments with traffic splitting and progressive rollout strategies
- •Built GitOps workflows using ArgoCD for automated synchronization and deployment consistency
- •Designed full observability stack using Prometheus, Grafana, Loki, and Jaeger
- •Implemented alert-driven self-healing systems using Prometheus alerts and automation scripts
- •Worked across containerized environments using Kubernetes (K3s/Minikube) and Docker
Skills & Expertise
Control-plane systems, autoscaling behavior, and distributed system reliability in cloud-native environments
Kubernetes Control Plane
Designing and debugging control-plane components including autoscaling, controllers, and reconciliation loops
Distributed Systems
Designing systems with failure handling, retries, and consistency guarantees under real-world conditions
Systems Debugging & Reliability
Debugging production-scale systems and resolving correctness issues in control-plane and runtime behavior
Observability
Monitoring and analyzing system behavior using metrics, logs, and tracing
Programming & Systems Engineering
Building backend systems and infrastructure components for cloud-native and distributed environments
Autoscaling Systems
Designing and implementing autoscaling strategies based on multi-signal metrics and control loops
Resume
Explore my work in Kubernetes control-plane systems, autoscaling behavior, and distributed system reliability
Kubernetes Control Plane Engineer — Autoscaling & Distributed Systems
Kubernetes Autoscaling · Control Plane Systems · Distributed Systems
Key Highlights
- • Fixed Kubernetes Autoscaler bug causing silent under-provisioning due to ignored minSize (merged & backported)
- • Restored missing RBAC in VPA Helm chart, enabling correct admission controller behavior
- • Fixed integer overflow in Falco memory telemetry (>4GB processes), restoring correctness of runtime metrics
- • Built SmartScaler — deterministic Kubernetes autoscaling operator using multi-signal control loops
Core Focus
- • Kubernetes Control Plane (CRDs, controllers, autoscaling)
- • Distributed Systems (retries, backoff, idempotency, failure handling)
- • Systems Debugging & Reliability
- • Observability (metrics, logs, tracing)
Get in Touch
Let’s discuss control-plane systems, autoscaling strategies, or distributed system challenges
debasishm8765@gmail.com
Phone
+91 6372692682
Location
Bhubaneswar, Odisha (India)