kontrolplane
not accepting clients |
english english nederlands nederlands
[ / services ]

five
disciplines.
one team.

we work across the full stack of platform engineering - from cloud foundations to the pipelines that ship your code and the dashboards that tell you what just broke. engagements are focused, written down, and delivered as code.

fractionalengagement type
2 - 12 monthstypical cadence
eu / remoteavailability
01
service / infrastructure

cloud
infrastructure.

awsazuregcpterraformsecurityfinops

we ensure cloud environments like amazon web services, microsoft azure and google cloud are secure, optimized, and cost-efficient - designing, deploying, and maintaining resilient infrastructure that meets business needs and maximizes cloud technology investments.

every piece of infrastructure we touch is expressed as code. every account is scoped. every dollar is accounted for. we treat your cloud bill like a production metric - because it is one.

[ deliverables ]

  • 01 landing-zone design and multi-account setup, with guardrails and scp policies that hold up to an audit.
  • 02 reproducible infrastructure modules in terraform, reviewed and documented like application code.
  • 03 cost-attribution, rightsizing, and finops baselines - with alerts wired to the channels your team actually reads.
  • 04 disaster recovery and backup strategies that are tested, not just written down.
terraform plan - production aws / eu-west-1
$ terraform plan -out=production.tfplan
→ refreshing state…
module.network.vpc
  + aws_vpc.main
  + aws_subnet.private[0..2]
  + aws_subnet.public[0..2]
module.platform.eks
  + aws_eks_cluster.kontrolplane
  + aws_eks_node_group.system
plan: 24 to add, 0 to change, 0 to destroy.
───────────────────────────────────────────────
$ kontrolplane finops report --window=30d
total: $ 8,420  (−12% mom)
top drift: s3-egress  + $ 340
02
service / orchestration

containerisation
& orchestration.

kuberneteshelmkustomizeargocddocker

we specialize in containerization and orchestration solutions that simplify software deployment lifecycles - leveraging kubernetes to ensure applications are scalable, resilient, and easy to manage, allowing focus on innovation rather than infrastructure.

clusters should be boring. upgrades should be routine. we bake in the patterns - gitops, progressive delivery, policy, secrets - so your developers deploy without thinking about them, and your on-call doesn't dread them.

[ deliverables ]

  • 01 kubernetes clusters with hardened defaults, that actually restricts things.
  • 02 gitops workflow with argo cd, staged environments, and automated drift detection.
  • 03 helm charts and kustomize overlays owned by your teams, reviewed by us.
  • 04 migration paths off ec2, ecs, app service, or whatever is currently holding you back.
kubectl - production_eu_west_1a ctx: kontrolplane-production
$ kubectl get pods -n platform
NAME               READY   STATUS    AGE
argocd-server-7f6  1/1     running   14d
cert-manager-a91   1/1     running   14d
traefik-b3         1/1     running   14d
external-dns-x4    1/1     running   29d
───────────────────────────────────────────────
$ argocd app sync checkout-api
phase:  synced
health: healthy
commit: a4c2f9b "feat: add rollout strategy"
03
service / delivery

continuous integration & continuous deployment.

github actionsgitlab ciargo workflows

we design and implement automated continuous integration and continuous deployment pipelines that accelerate delivery, improve code quality, and reduce manual overhead - shipping faster and more reliably across the entire software lifecycle.

a good pipeline is one you never have to think about. we focus on fast feedback, short build times, reproducible artifacts, and clear signals when something is wrong - not elaborate yaml museums.

[ deliverables ]

  • 01 reusable, composable ci workflows - tests, linters, container builds, sbom, and signing wired in as defaults.
  • 02 cd strategies per environment: preview apps on pr, progressive delivery in production, one-click rollback.
  • 03 a self-service pipeline library your teams can consume without copy-pasting yaml between repos.
  • 04 build-time cost and duration tracking, so slow pipelines don't become the norm.
github actions - release / v1.4.2 success · 2m 41s
jobs
lint & test       43s
build image       58s
sbom + sign       12s
push ghcr         19s
deploy staging    29s
deploy production awaiting approval (1/2)
───────────────────────────────────────────────
$ gh pr view 417 --checks
kontrolplane/ci-lint        passed
kontrolplane/terraform-plan passed
kontrolplane/preview-app    ready ↗ pr-417.preview.kontrolplane.dev
04
service / engineering

software
development.

gotypescriptcli toolingapissdks

we build reliable, maintainable software tailored to specific needs - from internal tooling and command-line interfaces to backend services and integrations, delivering clean and well-tested solutions that solve real problems.

most platform work needs glue - a cli to bridge two systems, a webhook receiver, a small service to encode your team's process in code. we write that glue well: small surface area, covered by tests, and actually pleasant to hand over.

[ deliverables ]

  • 01 internal command-line tools that replace runbooks - written in go, small, fast, distributed as single binaries.
  • 02 backend services and apis with a production-ready baseline: logging, metrics, tracing, auth, the lot.
  • 03 sdks and integrations between the saas tools your business already depends on.
  • 04 codebases handed back with docs, tests, and a runbook for the next team.
~/kontrolplane/tools/release - main.go go 1.24
package main

func main() {
  cmd := cli.New("release")
  cmd.Flag("bump", "patch|minor|major")
  cmd.Run(func(c *cli.Ctx) error {
    return release.Ship(c)
  })
}
───────────────────────────────────────────────
$ release --bump minor
tag    v1.5.0
build  linux/arm64, darwin/arm64
push   ghcr.io/kontrolplane/release
05
service / insight

application & system
observability.

prometheusgrafanalokitempoopentelemetryalertmanagerslo

we provide a holistic view of systems and applications through real-time monitoring, logging, and tracing - offering tools and insights to maintain stability, swiftly identify issues, and address them before they escalate.

dashboards without signals are wallpaper. we design observability around the questions your team actually asks at 2am - is the user experience ok, what changed, and where is it failing - and we wire alerts to thresholds that mean something.

[ deliverables ]

  • 01 a prometheus + grafana baseline with service, cluster, and business dashboards you'll actually use.
  • 02 structured logs and distributed tracing via opentelemetry - portable across backends.
  • 03 service level objectives with error budgets, and alerts tied to burn rate, not flapping thresholds.
  • 04 runbooks linked directly from alerts, so on-call engineers don't start from a blank page.
slo - checkout.api / latency window: 30d
objective   99.5 % < 300ms
current     99.82 %
budget      64 % remaining
burn        nominal (0.4×)
───────────────────────────────────────────────
$ promql rate(http_500[5m])
checkout-api    0.002  
orders-worker   0.000  
pricing-svc     0.041   above trend
───────────────────────────────────────────────
$ alertmanager silence list
no active silences. on-call: @levivannoort

how an
engagement runs.

our engagements are small, focused, and written down. we name the problem, scope the work, and ship in the open. here's the shape of a typical one - adjusted to fit.

01week 0

scope.

a single written brief: what we'll change, what we won't, and how we'll know it worked. no 40-slide decks.

02week 1 - 2

design.

architecture, iac modules, pipeline shapes, and runbooks drafted in your repo, reviewed by your engineers.

03week 2 - n

build.

we implement in small, reviewable pull requests. every change tested, documented, and deployable independently.

04final week

hand over.

a walkthrough, a runbook, a handover session, and a short report on what's left for the roadmap.

[ ready when you are ]

no forms.
no calls.
just email.