sergio@portfolio:~$ whoami

_

Practical posts organized as case studies with clear situation, issue, solution, usage context, and impact.

Recruiter View About + CV Archive View CV

Current role

Linux & Virtualization Engineer

Deutsche Pfandbriefbank AG · Madrid · Hybrid

Published posts

Case-study driven technical notes

Last update

Feb 28, 2026

Archive-first publishing flow

Recruiter Snapshot

Full profile

● Recruiter-ready overview

Linux and virtualization engineer with a delivery-first portfolio focused on automation, platform reliability, and practical enterprise AI implementation.

Role fit

Linux platform administration in enterprise environments
Infrastructure as code with Ansible + Git workflow discipline
Cross-team delivery from design through operational handoff

Top outcomes

Patch and lifecycle orchestration patterns for safer rollouts
RHEL modernization playbooks for controlled migrations
Applied AI pilots documented from prototype to operations

Quick actions

Ready to review full experience and delivery outcomes?

Open Profile & CV

Delivery Focus

Profile

Infrastructure automation at scale

Ansible + Git workflows for auditable rollouts, lifecycle changes, and safer operational execution.

RHEL modernization

RHEL 7/8 to 9 migration planning, Satellite lifecycle control, patch orchestration, and hardening.

Applied enterprise AI

Azure AI Foundry and document intelligence pilots translated into operationally viable workloads.

Choose Your View

Current: Recruiter Mode

Recruiter view prioritizes impact, role fit, and business outcomes first. Engineer view enables full live labs, telemetry streams, and command simulations.

Engineer Labs

Recruiter Mode keeps this portfolio concise and impact-first. Switch to Engineer Mode to open live Linux telemetry, command simulation, and network topology labs.

Engineer Lab · Live Linux + AI Simulation

stream: ready

host rhel-prod-09

automation ansible-playbook --check

ai mode low-latency edge validation

Ops Cockpit · top + command sandbox

load avg: 0.72 0.61 0.43

[telemetry] awaiting stream...

CPU load

32%

Memory pressure

44%

Error rate

0.6%

Prompt cache hit

78%

Process monitor

click headers to sort · values stream live

Command sandbox

try: top · journalctl -n 5 · ansible --version · ai.health

Live Network Topology

mode: normal · mesh stable

Domains

Browse all

Infrastructure 23

RHEL lifecycle, automation, virtualization, and production operations.

Automation 1

Ansible playbooks, task automation, and configuration management.

AI 7

Generative AI use cases, integration patterns, and practical lessons.

Cloud 2

Azure architecture, infrastructure design, and delivery practices.

Local AI 5

Running models on local hardware with privacy-first workflows.

Kotlin 2

Kotlin projects, notes, and engineering experiments.

Snippets 1

Quick commands and reusable building blocks for day-to-day work.

Career 0

Professional updates, retrospectives, and growth notes.

7 active domains with published case studies.

Recent Case Studies

All posts

Feb 28, 2026 AI 4 min read

Data Normalization Strategies for AI Document Extraction

How to handle messy OCR data and normalize fields like dates, currencies, and names after extracting them with AI models.

Issue: Needed a repeatable way to handle messy OCR data and normalize fields like dates, currencies, and names after extracting them with AI models.
Solution: Implemented a practical runbook/automation pattern with clear safety checks, execution steps, and verification points.
Used In: Used in enterprise AI initiatives where extracted data must be production-ready and governable.

azuredocument-intelligencedata-engineeringllm

Feb 28, 2026 Local AI 3 min read

Context Folding on Edge LLMs: Fatigue Thresholds and Hierarchical Compression

A practical context-management design for long conversations on constrained hardware: estimate tokens, detect fatigue, and fold history through a 4-level hierarchy.

Issue: As conversations grow, irrelevant middle context accumulates, token budgets get exceeded, and edge devices pay extra latency for input processing.
Solution: Implemented a context folding hierarchy (RAW → DETAILED → SUMMARY → CONCEPTS) with fatigue detection thresholds (85%/95%/98%) and fast character-based token estimation.
Used In: Used in RADXA AI Suite (edge inference + RAG + multi-agent orchestration).

context-windowsummarizationedge-airagagents

Feb 28, 2026 Infrastructure 3 min read

Security Layering for Edge AI APIs: Encryption, Rate Limits, Validation, and Monitoring

A concrete security module set for an edge AI backend: AES-256-GCM at rest, adaptive rate limiting, input validation, alerting, and automated scanning.

Issue: Without explicit controls, an AI API is vulnerable to abuse (burst traffic), unsafe inputs (command/path traversal), leaked secrets, and silent security regressions from dependencies.
Solution: Implemented five security modules: encryption at rest, enhanced rate limiting, advanced input validation, security monitoring + alerts, and vulnerability scanning with report generation.
Used In: Used in the RADXA AI Suite TypeScript backend security package (`backend-ts`).

securitynodejstypescriptrate-limitingencryption

Feb 28, 2026 Cloud 3 min read

Automating Firebase Deployments: Multi-Account Routing and Discord Notifications

A documented deployment automation pattern for Firebase: scripted CLI operations, account profiles, environment routing, and Discord webhook alerts.

Issue: Manual Firebase deployments are easy to mis-target (wrong project/hosting target), hard to audit, and slow to coordinate without realtime status notifications.
Solution: Centralized deployment configuration into an `accounts.json` profile, added API endpoints for account switching, and integrated Discord webhooks for start/success/failure notifications with log snippets.
Used In: Used in RADXA AI Suite deployment automation documentation and tooling.

firebasedevopsautomationdiscorddeployments

Feb 28, 2026 Local AI 3 min read

KV Cache Quantization on Qwen 3.5 (27B): Cutting Memory Without Breaking Latency

A small, practical benchmark showing how quantizing the attention KV cache can materially reduce RAM usage on edge hardware.

Issue: Large models can be loadable, but the KV cache can still consume meaningful memory as context grows, limiting concurrency and increasing OOM risk.
Solution: Benchmarked KV cache quantization modes (default vs q8 vs q4) at a fixed context window and compared startup time, request latency, RSS, and KV cache footprint.
Used In: Used in Engram AI benchmark runs for CPU GGUF inference (llama.cpp) on ARM64.

llama.cppggufqwenkv-cachequantizationarm64

Feb 28, 2026 Local AI 3 min read

RK3588 LLM Performance: NPU vs CPU in a Discord Agent

Benchmarking local LLM inference on RK3588 and why NPU acceleration (RKLLM) is the difference between real-time chat and unusable latency.

Issue: CPU-only inference on small models was too slow for interactive UX, and some NPU model runs initially failed for non-runtime reasons (corrupted downloads or wrong target platform conversions).
Solution: Benchmarked CPU (Ollama) vs NPU (RKLLM), applied system and inference parameter optimizations, and documented failure modes to distinguish model-file issues from NPU/runtime issues.
Used In: Used in Engram AI (local-first Discord bot) running on RK3588.

rk3588npurkllmollamabenchmarksdiscord

Feb 27, 2026 Automation 4 min read

Automating AD Computer Object Deletion on Linux Decommission

How to use Ansible and adcli to safely remove a Linux server's computer object from Active Directory during decommissioning.

Issue: Needed a repeatable way to use Ansible and adcli to safely remove a Linux server's computer object from Active Directory during decommissioning.
Solution: Implemented a practical runbook/automation pattern with clear safety checks, execution steps, and verification points.
Used In: Used in Ansible playbook pipelines for provisioning, patching, and decommissioning with audit requirements.

ansibleactive-directorydecommissionlinux

Feb 26, 2026 Kotlin 4 min read

Modernizing Android UX: High Refresh Rates & App Shortcuts

How to request 90Hz/120Hz rendering and implement static deep-linked app shortcuts to improve mobile application usability.

Issue: The app was locked to standard 60Hz rendering, causing sub-optimal scrolling experiences on devices capable of 90Hz or 120Hz. Additionally, users had to navigate through multiple screens to perform frequent actions.
Solution: Detected 90Hz+ display modes and configured window post-processing preferences for smoother rendering, then implemented static XML-based app shortcuts routed via deep links.
Used In: Used to modernize an Android mobile application built with Jetpack Compose.

androiduxperformancekotlin

Feb 25, 2026 Infrastructure 3 min read

Flexible Apache Reverse Proxy Configuration with Ansible

How to use a single, universal Ansible role to deploy static sites, PHP apps, or complex reverse proxies just by changing host variables.

Issue: Needed a repeatable way to use a single, universal Ansible role to deploy static sites, PHP apps, or complex reverse proxies just by changing host variables.
Solution: Implemented a practical runbook/automation pattern with clear safety checks, execution steps, and verification points.
Used In: Used in Linux platform engineering, middleware operations, and datacenter modernization projects in regulated environments.

ansibleapacheproxytomcat

Feb 24, 2026 Infrastructure 4 min read

Building Custom Ansible Execution Environments

How to package Ansible dependencies into a portable, containerized Execution Environment (EE) for consistent automation across runners.

Issue: Needed a repeatable way to package Ansible dependencies into a portable, containerized Execution Environment (EE) for consistent automation across runners.
Solution: Implemented a practical runbook/automation pattern with clear safety checks, execution steps, and verification points.
Used In: Used in Linux platform engineering, middleware operations, and datacenter modernization projects in regulated environments.

ansiblecontainersdevopsautomation