Jump to: AI Infrastructure & Platforms Self-Healing & AI Enterprise ITSM Secure Offshore Delivery Spine & Leaf Network Apps I've Built Mad Monkey Creative
Production

Enterprise AI Infrastructure & Internal Platforms

Owned the multi-year buildout of an AI company's data center — from half a rack to six full colocation racks — and built the software suite that runs it. Roughly 90% of the buildout was achieved with open-source software and used equipment.

Result: An AI company runs ~$5M of GPU compute for a fraction of typical build cost, because ~90% of the buildout used open-source software and refurbished enterprise hardware.

~2,900
Physical CPU cores (5,600+ threads)
~34 TB
Physical RAM across the fleet
35 / 48
Physical hosts / virtual machines
6 → 11
Racks today, migrating to a private suite

Architecture at a Glance

The Buildout

I joined when infrastructure was about half a rack of equipment and have specified, purchased, installed, and operated nearly all of the growth since — from the first enterprise GPU server through today's multi-rack AI operation.

  • Half a rack → six full colocation racks, now leading the migration and network redesign for a private suite built for up to eleven racks
  • First enterprise 4-GPU server ($130K) — purchased, racked, and operationalized end-to-end (OS, GPU drivers, ML toolchain), then handed to the ML team for training and inference
  • 15 dedicated Linux AI compute hosts — roughly 1,780 cores and 22 TB of RAM across training, inference, and high-memory LLM-inference tiers (including hosts with up to 3 TB of RAM), plus recent high-performance GPU servers
  • First 100G switching — installed the organization's first 100Gb switches and configured an open network operating system on them
  • Virtualization estate — stood up the first enterprise hypervisor environment (VMware ESXi) and led the migration to Proxmox; roughly ten dedicated Docker hosts across production, development, and DMZ tiers
  • Enterprise storage migration — scoping and migrating all datasets onto a next-generation enterprise flash storage platform
  • Proven reliability — multiple production VMs with 1,450+ days (4 years) of continuous uptime, and hypervisors running 1,200+ days without interruption

Internal Software I Built

Beyond operating the hardware, I designed and built a suite of internal platforms — nearly all from scratch, most open-source or custom-coded — that give the organization visibility and control over the whole environment.

  • Federated CMDB — a single source of truth that reconciles data from custom collectors, an IPAM/DCIM system, monitoring, and SNMP into one asset inventory, and seeds discovered systems back to keep documentation current
  • Live inventory & dashboards — PowerShell and Python collectors across the Windows and Linux fleet feed a FastAPI inventory API that drives a live server inventory, a top-down network map, an application-dependency graph, and per-server PDF reports regenerated automatically every day
  • AI infrastructure assistant — answers natural-language questions about the live environment over a real-time inventory snapshot
  • Power monitoring — an SNMP stack (pysnmp, InfluxDB, FastAPI, React) tracking 24 rack PDUs with per-rack and per-feed capacity analysis
  • Self-healing event-log pipeline — exports event logs, analyzes them with a mix of rules and AI, and surfaces the findings as reports and auto-generated tickets
  • Identity & access — Keycloak single sign-on for internal apps and a secure, multi-layer integration that automates and governs Active Directory account provisioning
  • Purchase-order system, secure file-transfer platform, and a reusable build-standards library — including endpoints for locally hosted AI models to accelerate new internal apps

Stack

Compute & Virtualization
GPU / CPU Compute Proxmox VMware ESXi Docker
Monitoring & Security
Zabbix Graylog Wazuh OpenVAS / Greenbone Fortinet
Internal Software
Python / FastAPI React PostgreSQL InfluxDB
Inventory & Automation
IPAM / DCIM SNMP PowerShell Keycloak SSO

My Role

Lead architect and operator. I specified, purchased, installed, and operate nearly all of this hardware, and designed and built the internal software that monitors and manages it — running the AI compute fleet, the domain and database servers, virtualization, monitoring, identity, and the DMZ web tier as one person across the whole stack.


In Operational Use

Self-Healing Systems & AI Workflow Architecture

Applications that fix themselves — and an AI-orchestration layer that runs the rest. Built with scripting and AI so systems detect, diagnose, and recover from their own faults, escalating to a human only when one is truly needed. Not chat — an operating system for delegated technical work.

Result: Known faults resolve before anyone gets paged — 1,450+ days of continuous uptime — because remediation knowledge is encoded as playbooks the systems execute on themselves.

Self-Healing
Autonomous detect → diagnose → recover
Durable Memory
Session vault + cross-conversation continuity
Cross-Host
Executes across remote infrastructure
Skill Library
Custom skills for repeated technical work

Architecture at a Glance

Self-Healing Automation

The work I'm proudest of is the systems that keep themselves running. Across my own applications and the platforms I operate, scripting and AI combine to handle faults before a person has to: an autonomous remediation agent watches for known error patterns and executes approved recovery playbooks without human intervention; container-level auto-healing restarts failed services; and an event-log pipeline analyzes logs with a mix of rules and AI, then opens its own tickets when something genuinely needs a human. The goal is simple — fewer 2 a.m. pages, and systems that recover on their own.

The AI Workflow Architecture

Running a portfolio of applications and brands means context-switching between unrelated technical surfaces all day: an ecommerce stack one hour, a marketing page the next, a Postgres backup chain after that. A multi-agent operations layer turns that into a coordinated system instead of a stream of one-shot prompts.

Specialized agents own scopes (orchestrator, infrastructure, content, research). A durable encrypted vault holds session notes that survive across conversations and agents, so handoff between a research run today and an implementation run next week is seamless. Scheduled routines run autonomously on a cron. Browser automation, MCP servers, and a custom skill library extend what any agent can do.

Stack & Capabilities

Foundation
Claude Agent SDK Claude Code MCP Servers
Memory & Handoff
Obsidian Vault (E2EE) CouchDB / LiveSync Session Notes Discipline
Execution Reach
Cross-Host SSH Browser Automation Scheduled Routines
Custom Skill Library
Self-Healing Playbooks Infrastructure Skills Content / Marketing Skills

Why It Matters

I'm not "vibe coding." This is production AI workflow architecture, with the same operational discipline I'd apply to any production system: defined scopes, durable state, audit trails, recovery procedures, scheduled jobs. The agents I work with are tools — designed, instrumented, and operated. That's the difference between using AI and integrating it.


Production

Enterprise IT Service Management Platform

Self-hosted, enterprise-grade ITSM built from scratch to replace commercial tools quoted at up to $152K/year. 10-container Docker stack with an autonomous AI remediation agent, 41 ticket types, and full Slack/Active Directory integration.

Result: $152K a year in license spend never left the building, because the platform was built in-house and runs on hardware the company already owned.

$152K+
Max annual savings vs. ServiceNow
10
Docker containers in production stack
41
Ticket types across 12 categories
100+
API endpoints, 17 routers

The Problem

A growing AI company needed enterprise-grade IT service management — ticketing, approvals, hardware tracking, change management, access requests. Commercial options were evaluated: InvGate quoted $30,520/year, ServiceNow enterprise tier runs $152K+. Both were overpowered for internal use and locked into vendor timelines for customization. The decision was made to build instead of buy.

What I Built

A complete, self-hosted ITSM platform — designed, architected, and built from scratch. Every layer: database schema, REST API, React frontend, authentication, approval workflows, AI integration, Slack connectivity, Active Directory sync, SLA enforcement, and the hosting infrastructure it runs on.

  • 41 ticket types across 12 categories — IT requests, hardware, access, change management, incident reports, and more
  • Autonomous AI remediation agent — monitors tickets for known error patterns, executes approved remediation playbooks without human intervention, escalates when confidence is below threshold
  • AI ticket assistant — helps submitters write clear, complete tickets before submission
  • 3-tier RBAC with department-scoped approval workflows (sequential, parallel, any-of)
  • Active Directory / LDAP sync — users and groups pulled automatically; no manual provisioning
  • Slack interactive approvals — approval requests delivered and actionable directly in Slack via Block Kit
  • SLA enforcement — first response 4h, resolution 72h, automatic stale ticket escalation
  • Self-healing infrastructure — autoheal container monitors and restarts failed services

Architecture & Stack

API
FastAPI 0.115 Python 3.12 Celery 5.4
Frontend
React 18 TypeScript 5.7 Vite 6 shadcn/ui Tailwind CSS
Data
PostgreSQL 16 Redis 7 JSONB
AI & Integrations
Claude AI Slack Block Kit SendGrid Active Directory
Infrastructure
Docker Compose 10 Containers autoheal Self-Hosted

Cost Comparison

Tool Annual Cost Notes
ServiceNow ~$152,000+ Enterprise tier, vendor customization, long implementation
InvGate (quoted) $30,520 Per-seat SaaS, limited customization
Jira Service Management $15,000–$40,000 Estimated at scale, additional cost for AI features
This Platform (Built In-House) ~$0 Infrastructure cost only — self-hosted on existing hardware

My Role

Sole architect and developer. Defined requirements, designed the data model, built every layer of the stack, integrated AI and Slack, stood up the hosting infrastructure, and currently operate the system in production.


Production

Secure Offshore Application Delivery

Let an overseas data-labeling team work on sensitive client data with no ability to copy or exfiltrate it — across continents, at usable speed.

Result: An offshore team works on sensitive client data every day with zero exfiltration risk, because the data never leaves the network — only pixels do.

The Problem

An offshore labeling team needed to work directly on confidential client data, but two hard constraints collided: the data could never leave the secure environment, and direct intercontinental connectivity was far too slow to be workable. Off-the-shelf remote access either leaked data or crawled.

The Solution

  • Streamed the application, not the data — published the labeling GUI as a streamed application over remote-desktop technology, so only pixels crossed the wire; copy, paste, and file transfer out were disabled by design
  • Engineered a cloud backbone — relayed traffic between the primary data center and a cloud region close to the team, delivering usable latency and throughput where a direct link could not
  • Secured end to end — wrapped the path in VPN and delivered work onto locked-down, segmented contractor desktop VMs

Stack

Delivery
Remote Desktop / App Streaming Segmented Desktop VMs
Connectivity & Security
OpenVPN Cloud Backbone Relay Data-Exfiltration Controls

My Role

Designed and implemented the solution end-to-end — the access architecture, the cloud relay, the VPN security, and the locked-down desktop environment the team works in.


Design Complete · Implementation In Progress

Enterprise Spine & Leaf Network Fabric

Designed a 3-spine/6-leaf, all-100G data center network for an AI company's GPU server fleet — replacing a flat network with a BGP underlay, VLT peer pairs, ECMP load balancing across all three spines, and Anycast Gateway per zone.

Result: GPU workloads get full east-west bandwidth with no single point of failure, because traffic routes across three spines on equal-cost paths instead of one fragile Layer 2 tree.

9
Switches (3 spine + 6 leaf)
100G
All links — no bottlenecks
ECMP paths — full redundancy
eBGP
Layer 3 underlay throughout

The Problem

A growing AI company's server fleet — including GPU compute nodes — was running on a flat network architecture. As the fleet scaled, the flat topology created bottlenecks, single points of failure, and limited east-west bandwidth. The network needed to be redesigned from the ground up to support the demands of AI/ML workloads: high throughput, low latency, full redundancy.

The Design

I designed the complete network fabric architecture: topology, hardware selection, routing protocol, VLAN scheme, redundancy model, and Fortinet firewall integration. The design is complete and implementation is in progress under my direction.

  • 3-spine / 6-leaf topology — all-active spine layer, leaf pairs for each physical zone
  • Dell S5232F-ON switches running Dell OS10 — open networking platform with full BGP support
  • eBGP Layer 3 underlay — every leaf establishes eBGP sessions to all three spines; no STP, no broadcast storms
  • VLT (Virtual Link Trunking) pairs — each pair of leaf switches acts as a single logical switch for server dual-homing; active-active uplinks
  • ECMP across all three spines — traffic hashes across three equal-cost paths; losing one spine degrades gracefully to 2× bandwidth
  • Anycast Gateway — same default gateway IP distributed across all leaf pairs per VLAN; VMs and containers can move without gateway changes
  • All-100G links — spine-to-leaf and server uplinks are all 100G; no bandwidth asymmetry
  • Fortinet firewall — north-south traffic and OOB management; leaf switches handle east-west internally

VLAN Scheme

VLAN ID Purpose
MGMT-DEVICES 10 Out-of-band management for all switches and servers
DATA-10G 20 General compute — 10G-capable devices and legacy workloads
DATA-100G 30 GPU/ML compute — full 100G server uplinks
FUTURE 40 Reserved — storage fabric or additional zones

Hardware

Switches
Dell S5232F-ON Dell OS10 32× 100GbE QSFP28
Routing
eBGP Underlay ECMP Anycast Gateway
Redundancy
VLT Pairs Active-Active No STP
Security
Fortinet NGFW OOB Management Zone Segmentation

My Role

Lead network architect. Produced the full design: topology diagrams, hardware BOM, BGP configuration templates, VLAN scheme, VLT pairing design, and Fortinet integration plan. Presenting and implementing the design with the infrastructure team. When complete, this replaces an entirely flat Layer 2 network with a production-grade Layer 3 spine-leaf fabric.


Multiple in Production

From Pain Point to Production

The throughline of my work: I spot a real, unsolved problem, define the product, build it end-to-end, and then refine it relentlessly until it's genuinely great. Time To Plate is just one example — here are several solutions I've taken from idea to running software.

Result: Six-plus recurring pain points became production software instead of permanent costs, because I own the full path from problem definition to deployed system.

6+
Applications taken concept → production
End-to-End
Product definition through live operation
Sole Owner
Product direction, build, and refinement
AI-Assisted
Modern AI-accelerated development

How I Build

My strength isn't grinding through someone else's codebase — it's product judgment. I find the pain point, design the data model and the experience, build the solution with modern AI-accelerated development backed by my own scripting and automation, and then fine-tune it through round after round until it actually solves the problem and feels great to use. I own the outcome from the first idea to the system running in production.

Solutions I've Built

  • Time To Plate (timetoplate.com) — a recipe and event-execution SaaS whose backward-planning scheduler coordinates an entire multi-dish meal to a single hard serve time, across appliances and cooks, with allergen safety built in.
  • Enterprise helpdesk / ITSM platform — the self-hosted service-management system (detailed above) that replaced commercial tools quoted at up to $152K/year, now running in production.
  • Asset-management system — tracks hardware, software, and lifecycle across a large fleet, giving a single accurate picture of what's deployed and where.
  • Purchase-order system (in development) — a request → approval → procurement workflow that replaces scattered spreadsheets and email threads.
  • Automated penetration-testing & reporting platform — runs comprehensive, repeatable security assessments and turns the raw results into clear, prioritized, plain-English reports a non-specialist can actually act on — the kind of finished output that usually requires a consultant to produce.
  • Additional multi-tenant SaaS applications — designed and built end-to-end, from product definition through production deployment and ongoing operation.

My Role

Product owner, architect, and operator on every one of these — I define what to build and why, drive the build, refine it until it's right, and run it in production.


Live — madmonkeycreative.com

Mad Monkey Creative LLC

Chicago-area creative technology company I co-founded and lead as CEO, CTO, and CISO — 7 live product brands spanning apparel, software, music, and education, all running on shared self-hosted infrastructure I designed and operate.

Result: Seven live brands run on the operating budget of one, because they share automation and infrastructure designed once and reused everywhere.

7
Live brands under one LLC
4
Industries: apparel, software, music, education
Co-Founder
CEO / CTO / CISO — direction, product, security
Self-Hosted
All brands on infra I built and run

The Company

Mad Monkey Creative LLC is a Chicago-area umbrella company I co-founded with musician and educator Rick Kelly. The LLC serves as the legal and operational home for a portfolio of independent product brands — each with its own identity, audience, and product line, but sharing the infrastructure I design and operate.

The Brands

Mad Monkey Creations
Apparel

Original design apparel — the flagship brand and primary creative identity of the LLC.

Gear Headz
Music Apparel

Music-themed apparel for musicians and gear enthusiasts.

MMKidz
Children's Apparel

Children's apparel line extending the MMC creative identity to younger audiences.

Time To Plate
Software / SaaS

Recipe manager and event execution engine — the LLC's flagship software product. Live at timetoplate.com.

Indigo Jazz Studio
Music Education

Guitar lessons and music education offerings from co-founder Rick Kelly.

Indigo Jazz
Record Label

Independent record label for original music releases under the MMC umbrella.

Where Has Benny Been
Interactive / Entertainment

Gamified fan hunt experience — an interactive scavenger hunt concept.

Infrastructure & Operations

All 7 brands run on shared self-hosted infrastructure I designed and operate. Apache vhosts per brand, PM2 process management for Node.js services, centralized logging, and a unified deployment workflow. No third-party hosting platforms — everything runs in-house on hardware I manage.

Web Serving
Apache vHost-per-brand SSL via reverse proxy
Runtime
PM2 Node.js Docker (per-service)
Self-Hosted
No AWS / Vercel On-prem hardware Internal VLAN segmented

My Role

Co-Founder, CEO, CTO, and CISO. I set company direction and own all technical infrastructure and security: server provisioning, network design, web serving, deployment pipelines, SSL/domain management, and the software products (including Time To Plate) that live under the LLC umbrella. Rick Kelly leads creative direction, brand identity, music, and education products; I lead everything technical.