Marshall Ford — Platform Engineer

About Me
Marshall Ford

About Me

I am Platform Engineer with deep expertise in site reliability and DevSecOps principles. My background in Full Stack Web Development provides an engineering-centric perspective when architecting platforms.


My areas of focus include:

  1. Building versatile developer-first platforms with consideration for Day-2 operations
  2. Adopting container orchestration as a secure and scalable landing zone for workloads
  3. Innovating with private and public cloud offerings to solve hybrid/edge business challenges
  4. Embracing GitOps and Infrastructure as Code principles to describe and manage systems
  5. Utilizing CI/CD for standardized, reliable, and tested deployments
  6. Incorporating collaborative security best practices from “Code to Cloud”

Software Engineering

Within the web development space I have experience with:

  1. Developing intuitive and responsive front-ends
  2. Implementing performant and secure APIs
  3. Harnessing mature platforms for caching and data persistence

Other Interests

  • Self-hosting, homelabbing, and home automation
  • Contributing to and learning about open source projects
  • Finding bargains (desktop/server hardware, watches, apparel)
  • Coffee and cocktails, enjoyed separately and responsibly
  • Listening to Hip-Hop and R&B

Get in Touch

Have a question for me? Looking for my resume? Shoot me an email. Looking forward to hearing from you!

Curated Projects

Self-Managed Kubernetes


GitOps managed k3s cluster deployed with Terraform and Ansible – designed to replicate the UX of managed/cloud k8s offerings. Highly available control plane via HAProxy, Keepalived, and mock AZs. Services utilized include: Cilium for CNI, MetalLB for LBs, Istio for Ingress, Keycloak as an IdP, Prometheus and Grafana for monitoring, Rook Ceph for persistence, and OPA Gatekeeper for policy enforcement.

K8s Mutating Webhook for Defaulting AllowPrivilegeEscalation


Written in Go and published as a container image. GitHub Actions is used for CI/CD. Project includes tests, documentation, and a full featured Makefile for transparent builds/releases. Supports multiple installation methods.

Home Infrastructure


Routing and firewall functions via pfSense, hardware consists mostly of one-liter PCs, Ubuntu/KVM/Libvirt for virtualization, CoreOS VMs to manage tier-zero services like Hashicorp Vault, storage provided by TrueNas Scale, and an RPI4 running Home Assistant.

Personal Website


This very website. Rendered with Hugo, a static site generator. Styling and UX via handcrafted SCSS with a bit of transpiled JS. Built as a container image and deployed with Terraform to GCP Cloud Run. GitHub Actions is used for CI/CD.

Speedtest container image


The Speedtest C++ CLI tool published as a container image. Cirrus CI is used for CI/CD. The structured JSON output could be passed to Prometheus via the Grok exporter as a useful metric for network health.

Reverse Geocoder


A RESTful web service for reverse geocoding. Supports fall-through providers, caching, multiple provider types, and more! Built with Node.js and Redis.