About
KTY's Journey
Software Exp.2.8 yrs Total Exp.4.4 yrs
Background
KAO TIAN YI
tianyikao@gmail.com
KTY is a Java Backend Engineer who began taking on software projects and focusing on backend development from March 2023, formally joining internal teams in 2024. Previously served as a banking MA (digital finance PM) and trading-room big data researcher.
Skilled in Spring Boot multi-layered systems, PostgreSQL optimization, Redis caching, RabbitMQ, multi-threading, non-blocking I/O, RESTful API, WebSocket, and enterprise security (Keycloak/JWT/OAuth2). Familiar with Jenkins, Docker, Kubernetes CI/CD workflows, with practical experience in OCI private node cloud architecture, Java 17 upgrades, and RHEL/JBoss modernization.
Continuously exploring AI knowledge retrieval systems, building RAG applications through LangChain and PostgreSQL hybrid search.
Expertise
Core backend expertise in Spring Boot layered architecture, PostgreSQL/Redis performance tuning, and RabbitMQ async processing. Proficient in enterprise security with Keycloak/JWT/OAuth2, and DevOps workflows spanning Jenkins, Docker, and Kubernetes on OCI/OpenShift. Hands-on experience building AI retrieval systems with LangChain RAG and pgvector hybrid search. Additional frontend exposure in Angular and Flutter.
Career Briefing
First Principles
- I treat systems like a chessboard.
- Instead of rushing to code, I first map out the structure of the problem.
- Where others see bugs, latency, or compatibility errors, I see the edges of a puzzle waiting to be solved.
- My instinct is not to patch, but to design a path that ensures long-term stability.
- When I ask questions like 'What is the essence of this process?' or 'Why does this feel counterintuitive?', I'm not looking for shortcuts—I’m uncovering the principles beneath the surface.
- This way of thinking shaped how I worked with Kubernetes.
- At first, I took the quick route—exposing all nodes to the public internet. It worked, but it was fragile. Later, I reframed the question: instead of asking 'How do I keep containers alive?', I asked 'What boundaries should protect the cluster itself?'. That shift led me to redesign the setup with private nodes and Batison operators, giving the workloads stronger isolation and governance.
- The same mindset guided me when new nodes came with restrictive CPU limits. Rather than just tweaking quotas, I restructured the flow by introducing RabbitMQ. This offloaded spikes, smoothed throughput, and turned what seemed like a scaling problem into an opportunity to upgrade the architecture.
Foundations That Led Here
- EY Auditor: VBA macros revealed passion for redesigning processes.
- Far Eastern Bank Fintech PM (2021-2022): RPA automation showed me code's power to save hundreds of hours.
- From that moment, I knew engineering was my path.
- Tarobo Investment Macro Associate (2022-2023): Daily Python coding for trading strategies became more engaging than research.
- In small coding experiments, I felt passion turning logic into running systems.
- This contrast pushed me to career transition.
- Not because finance was bad, but because I wanted 'creation' rather than 'documentation'.
- Every successful debug proved my choice was right.
- EY: I automated reconciliations with VBA, not to save hours for its own sake, but because I was drawn to the elegance of redesigning processes. Far Eastern Bank: building RPA bots for 31 workflows and prototyping BNPL taught me how code could turn repetitive operations into scalable systems. I even designed a B2B2C model where Bankee served as the entry point and a cryptocurrency exchange provided KYC onboarding—a thought experiment in mapping transaction events into auditable logs. Tarobo: integrating Shioaji tick data and automating backtests wasn't about chasing alpha alone, but about seeing how logic could self-execute as living systems. These projects deepened the contrast: finance prized documentation, while I craved creation. That's why I pursued JavaScript and JavaEE training, built Django apps, set up Jenkins pipelines, and containerized workloads with Docker. Toastmasters shaped another layer: the ability to transform abstract principles into vivid, shareable narratives. Together, these experiences formed the foundation: every script, prototype, and debug reinforced my shift from documenting reality to building it.
Battlefield
- Core: Spring Boot microservices, REST controllers, security filters.
- Django ASGI/ORM/REST.
- Celery async LLM retrieval.
- Docker/K8s for microservices.
- Redis distributed locks
- RabbitMQ for async processing
- PostgreSQL composite + GIN indexes, 5× retrieval boost.
- Algorithms: weekly LeetCode drills – Binary Trees, DP, Backtracking, Sliding Window.
- API Gateway: rewrote JOIN queries, added composite indexes, built caching layers. Retrieval systems: pg_trgm + pgvector hybrid, GIN + IVFFlat indexes, fallback logic to reduce hallucinations, provider rate-limiting. Infrastructure: containerized with Docker, K8s autoscaling, Terraform networking on OCI with VCN/Bastion/OKE. CI/CD: Jenkins pipelines. Reliability: Redis session management, WebSocket STOMP push, chain-of-responsibility for exceptions, JUnit5/Mockito coverage. Data: HikariCP tuning, ORM N+1 fix, batched queries reducing GC churn. Spring Boot: mastered layered architecture, Spring Security JWT filters, async @Scheduled tasks, optimized RestTemplate/WebClient. Algorithms: solved 200+ LeetCode problems focusing on production applications – Binary Trees for caching/indexing, DP for job scheduling, Backtracking for search optimizations.
Next Iteration
- Focus: high-concurrency architecture, asynchronous pipelines, distributed data systems, guided by DDIA.
- Product: build data-intensive flows that integrate AI modules, turn prototypes into user-facing MVPs.
- AI: generative models, prompt engineering, retrieval-augmented pipelines, embedding stores.
- Inspiration: Modular-style toolchains, assembling best-of-breed systems.
- Forward roadmap: concurrency – refine Java CompletableFuture pools, explore Project Loom virtual threads, optimize non-blocking I/O with WebFlux and Netty
- queues – benchmark RabbitMQ for throughput vs durability, backpressure handling, dead-letter strategies
- database – incremental materialized views, sharding experiments, adaptive query caching
- pipelines – batch embedding updates, retrieval accuracy tuning with hybrid pgvector + ANN, consistency checks across shards
- AI – LLM-based doc routing, cost-aware tokenization, multi-provider orchestration, evaluation harness for accuracy/latency/cost tradeoffs
- product – systematize side projects into MVPs, create feedback instrumentation, run A/B feature toggles, refine onboarding flows
- team – knowledge base from Toastmasters, peer review rituals, ownership rotation. Guiding star: DDIA principles applied to AI systems – immutability, streaming-first, fault-tolerance, scalability, traceability – each new iteration strengthens data flow resilience while keeping product usable.
Project Experience
Software Engineer
Software Engineer
- 2026/01 ~ Present - Thumbnail Asset Manager — High-Performance Media App: (I) Controller Pooling: Engineered VideoPlayerController pool to resolve hardware decoder contention and optimize memory usage. (II) Visual Effects: Developed seamless Boomerang (Forward+Reverse) loops via precise seek control. (III) Unified Caching: Built AssetCacheManager for persistent storage of both image and video assets. (IV) Asset Probing: Implemented VideoProber for background discovery and metadata extraction.
- Flutter architecture design
- performance tuning
- cache strategy
- and visual effect implementation
- ThumbManager
- Structure: Controller Pool / Asset Cache / Prober; Logic: Memory Management & Background Discovery
- 2026/03 ~ Present - LC Architecture Optimization: (I) Global Registry: Refactored API routes into a singleton registry, establishing a Single Source of Truth and eliminating hardcoded paths. (II) Gateway Facade: Implemented Adapter and Facade patterns in the gateway layer to unify legacy system interfaces. (III) Config Separation: Managed externalized properties to decouple core logic from environment-specific settings.
- architecture decoupling
- gateway adapter implementation
- config management
- LCQueryArch
- structure: Global Registry / Gateway Schemas / Config Matrix
- 2025/12 ~ 2026/03 - Printing Confirmation: Led full-stack feature delivery on Angular + Java gateway system. (I) UI Construction: Built 5 Angular components with View/Logic/Style separation. (II) Decoupling: Extracted shared logic into reusable strategies. (III) Error Handling: established unified error feedback chain. (IV) API Routing: Configured 8 API routes via XML/JSON and Java Inserter Beans.
- Angular component building
- shared strategy extraction
- gateway routing configuration
- PrintConfirmGate
- structure: Angular Components/Services/Java Beans
Open Source Backend Engineer
Open Source Backend Engineer
- 2025/04 ~ Present - Document Management System: Built multi-layered Spring Boot application with comprehensive backend features (@EnableRetry, @EnableCaching, @EnableRedisHttpSession, @EnableWebSecurity, @EnableMethodSecurity); designed dual PostgreSQL data sources with HikariCP connection pools, implementing composite indexes, batch queries, and N+1 query optimization; implemented WebSocket and RESTful APIs; established unit testing with JUnit5/Mockito and monitoring with Grafana/Prometheus
- designed document access control and versioning APIs
- implemented real-time file event notifications via WebSocket
- optimized PostgreSQL indexes and batch queries
- DocCore
- structure: Document/Version/ACL
- logic: versioning & lifecycle
- interface: REST + WebSocket
- 2025/01 ~ 2025/03 - External Portal & Portal Website: Implemented Redis-based caching with TTL management, session storage, and distributed locks for high-concurrency scenarios; configured @EnableRedisHttpSession with session timeout and fixation protection; built comprehensive error handling system with ordered exception handlers
- engineered Redis caching and session strategy (TTL
- locks)
- implemented ordered global exception handling
- tuned high-concurrency endpoints
- PortalCache
- structure: Session/CacheEntry
- logic: TTL cache & distributed lock
- interface: REST + Redis Session
- 2024/08 ~ 2024/09 - DevOps Management Portal: Configured enterprise-grade security with @EnableWebSecurity, @EnableMethodSecurity, JWT Authentication, OAuth2 Resource Server, and CORS; designed and implemented enterprise SSO solutions using Keycloak and RedHat SSO for secure authentication
- implemented JWT/OAuth2 resource server
- integrated Keycloak SSO
- defined fine-grained role policies
- SecAuth
- structure: User/Role/Policy
- logic: JWT validation & RBAC & SSO
- interface: OAuth2 endpoints + protected REST
- 2024/06 ~ 2024/07 - DevOps Team Lab: Designed OCI VCN architecture with Bastion, Public/Private Subnets, OKE clusters, and Load Balancer using Terraform
- provisioned OCI VCN and OKE with Terraform
- configured load balancers and routing
- automated cluster bootstrapping
- InfraIaC
- structure: VCN/Subnet/OKESpec
- logic: declarative provisioning & routing
- interface: Terraform modules/variables
- 2024/03 ~ 2024/05 - System Modernization & Deployment: Built JBoss War Deployment CI/CD Pipeline for UAT/PROD (10+ UAT servers); implemented Linux offline deployment strategies and containerized applications using Kubernetes and Docker Compose; led comprehensive upgrade of JBoss, MVC, and Spring/Spring Boot applications from Java 8/11 to Java 17; upgraded RHEL from 7 to 8 for 20+ servers
- created JBoss WAR CI/CD
- containerized services (Kubernetes/Docker Compose)
- executed Java 17 and RHEL 8 upgrades with rollout plans
- ReleaseKit
- structure: Pipeline/Artifact/DeploymentPlan
- logic: CI/CD stages & rollout & health checks
- interface: Jenkins pipeline + K8s manifests
Freelancer
Freelancer
- 2023/10 ~ 2024/01 - Customer Portal Q&A Assistant System (FastAPI + LangChain): Personality-based RAG chatbot with hybrid retrieval
- built RAG pipeline on pg_trgm/pgvector (GIN/IVFFlat)
- integrated multi-LLM fallback & no-knowledge handling
- designed prompts and evaluation
- RAGCore
- structure: ArticleEmbedding/TrigramIndex/ChatHistory
- logic: hybrid retrieval & prompt assembly & fallback
- interface: FastAPI + LLM adapters
- 2023/05 ~ 2023/09 - SmartSync Crawler — Online Retailer Product Information Plugin (PHP + WordPress): Automated product crawler plugin with secure admin controls
- design WordPress plugin/admin UI
- implement XPath URL collection & product extraction
- deliver styled descriptions and CSV export (UTF-8 BOM/normalized) with robust timeouts
- SmartSync
- structure: URL Collection/Data Extraction/Content Processing/CSV Export
- logic: XPath parsing & DOM manipulation & filtering & UTF-8 encoding
- interface: WordPress HTTP API + CSV + admin dashboard
- 2023/03 ~ 2023/05 - Restaurant Booking & CMS Platform (Vue 3 + Spring Boot): Built booking + CMS with Vue 3 frontend and Spring Boot API
- designed JWT/RBAC
- shipped core CMS (employee/customer/branch/coupon/menu/order/reservation)
- delivered BI dashboards and Dockerized deployment
- RestaurantCMS
- structure: Request → Router → Controller → Service → Repository → Database with POJO entities
- logic: JWT/RBAC & order/reservation workflows & analytics
- interface: REST API + JWT + SQL Server
Macro Associate
Macro Associate
- 2022/12 ~ 2023/01 - Maintained and enhanced data infrastructure across 10+ databases for comprehensive market analysis, optimizing data flow architecture for multi-source financial data integration
- 2022/11 ~ 2022/12 - Analyzed macroeconomic indicators including container shipping trends, US retail sales, TWD currency flows, foreign exchange dynamics, and EPFR fund flows for cross-asset allocation strategies, mapping market behavior patterns to investment decision frameworks
- 2022/10 ~ 2022/11 - Delivered daily market intelligence reports covering emerging markets (Mexico, India, Brazil) with real-time analysis, utilized scikit-learn, statsmodels and scipy for data analysis and statistical modeling, structuring complex market data into actionable insights through systematic data flow analysis
- 2022/09 ~ 2022/10 - Built automated reporting workflows; integrated SinoPac Shioaji trading API for market data ingestion and strategy prototyping, designing real-time market analysis data processing pipelines; utilized pandas, numpy and scipy for futures price and implied volatility data analysis, implementing automated backtesting frameworks and quantitative trading strategies (Red K strategy, volatility-based dynamic rebalancing strategy)
Fintech PM, MA Program
Fintech PM, MA Program
- 2022/04 ~ 2022/05 - Created cross-industry alliance strategies with 3 proposals approved through internal review processes, resulting in 2 successful implementations, analyzing integration requirements and data exchange protocols
- 2022/02 ~ 2022/03 - Managed 31 operational procedures for the digital payment department ensuring compliance and efficiency, designing workflow logic and data validation processes; implemented open-source RPA solutions using Python with Selenium for process automation and workflow optimization
- 2021/12 ~ 2022/01 - Conducted comprehensive research on emerging fintech trends including BNPL, cryptocurrency, and online microloan product design with weekly reporting, mapping product features to user behavior patterns
- 2021/10 ~ 2021/11 - Developed 20+ business plan drafts and successfully proposed 2 digital payment projects in collaboration with major telecommunications companies, analyzing user journey flows and payment processing logic
- 2021/08 ~ 2021/09 - Built Power BI dashboards for executive and product (Bankee) KPIs; designed data models and visuals to support business reviews, translating complex business requirements into structured data flows
Auditor
Auditor
- 2020/02 ~ 2020/03 - Audited and analyzed 20+ Balance Sheets/Income Statements and 3+ Cash Flow Statements, structuring financial reporting data flows for compliance and analysis purposes
- 2020/01 ~ 2020/02 - Developed sensitivity analyses for interest rate and foreign currency exposures, along with Top 10 Suppliers/Customers concentration analysis, creating data-driven risk assessment models
- 2019/12 ~ 2020/01 - Performed 40+ substantive analytical procedures to validate account variations and identify potential discrepancies, developing systematic approaches to financial data analysis and anomaly detection
- 2019/11 ~ 2019/12 - Coordinated audit procedures across 8 specialized teams for financial services clients including equity funds and bond funds, mapping complex financial product structures to audit testing frameworks
- 2019/10 ~ 2019/11 - Conducted comprehensive financial statement audits covering Current Assets, Fixed Assets, Liabilities, and Equity for 20+ client engagements, analyzing financial data flows and transaction processing logic
- 2019/09 ~ 2019/10 - Automated reconciliation workflow using Excel VBA to accelerate audit working papers, designing logical data validation processes for financial data integrity
Education
RedHat
2024/12- Red Hat JBoss Application Administration I (AD248)
iSpan
2023/10~2024/2- JavaEE Career Development Program
FreeCodeCamp.com
2023/7~2023/9- JavaScript Algorithms and Data Structures
- Data Visualization
Hong Kong Polytechnic University
2020/9~2021/9- Master of Finance in Investment Management
Fu Jen Catholic University
2013/9-2018/6- B.B.A. in Finance and International Business
Temple University
2016/8-2017/5- Global Exchange Program
Tech Experience
Software Engineer
Frontend Development
Backend Development
Java
- Developed backend business logic and middleware control using Java. Created and modified Java files to set up Inserter Beans for dynamic injection of specified headers before forwarding requests to downstream systems.
- Configured routing and services (XML config), modifying files like service_extn_gsp.xml to declare and bind API call methods (e.g. GET to POST) and map request parameters correctly.
General
- Implemented Gateway interface integration, applying Adapter and Facade patterns to encapsulate complex legacy system interfaces and smooth frontend/backend spec differences. Maintained Externalized Config parameter tables, ensuring config/code separation and environment migration flexibility.
flowchart LR
subgraph "Frontend (Angular.js)"
A["Angular Components\n(View / Logic / Style)"]
AR["Angular Routing Module"]
REG["Global Config Registry\n(Registry + Singleton Pattern)"]
A --> AR
A --> REG
end
subgraph "Gateway Layer (Java)"
GW["Java Gateway"]
INS["Header Inserter Beans\n(Java Interceptors)"]
ADP["Adapter / Facade\n(XML + JSON Schema Mapping)"]
EXT["Externalized Config\n(Multi-env Config Matrix)"]
GW --> INS
GW --> ADP
GW --> EXT
end
subgraph "Backend Systems"
BE["Legacy Backend Services"]
end
AR -->|"REST API Calls"| GW
REG -->|"Centralized Route Lookups"| GW
INS -->|"Injects Headers"| BE
ADP -->|"Transforms Payloads"| BE
classDef fe fill:#e8f4fd,stroke:#2196f3,color:#0b1a33
classDef gw fill:#fff3e0,stroke:#ff9800,color:#0b1a33
classDef be fill:#e8f5e9,stroke:#43a047,color:#0b1a33
class A,AR,REG fe
class GW,INS,ADP,EXT gw
class BE be
Open Source Backend Engineer
Backend Development
Java
- Implemented factory design pattern for decoupling - https://github.com/Vinskao/TY-Multiverse-Backend
- Implemented real-time WebSocket backend handling multi-threaded message queues using Java ExecutorService, ConcurrentHashMap, and async tasks. Delivered system metrics and order info to frontend via channel push, ensuring non-blocking processing across data sources.
- Developed CRUD APIs using Spring Boot framework and integrated with SSO server.
- Used JPA, MyBatis, and JDBCTemplate to implement data access layer across Spring Boot and legacy JBoss applications. Designed entity mappings and SQL queries for CRUD and batch operations.
- Designed and implemented RESTful APIs for order processing and account management using Spring MVC. Implemented unit and integration tests with JUnit 5 and Mockito. Applied Servlet 5 Filters for CORS and validation, using Maven for build management.
classDiagram
%% Application Layer
class TYMBackendApplication {
+@EnableWebSocket
+@EnableRetry
+@EnableAsync
+@EnableScheduling
+@EnableCaching
+@EnableRedisHttpSession
+@EnableWebSecurity
+@EnableMethodSecurity
}
%% Security Layer
class SecurityConfig {
+@EnableWebSecurity
+@EnableMethodSecurity
+JWT Authentication
+OAuth2 Resource Server
+CORS Configuration
}
class KeycloakController {
+OAuth2 Redirect
+Token Exchange
+User Info
+Token Introspect
}
class Auth {
+User Management
+Admin Operations
+Token Validation
}
%% Configuration Layer
class RedisConfig {
+@EnableCaching
+RedisConnectionFactory
+RedisTemplate
+TTL Management
+damage-calculations
+tymb:sessions
+Distributed Lock
+Lua Scripts
}
class PrimaryDataSourceConfig {
+PrimaryHikariCP
+HikariCP Connection Pool
+Connection Management
+Connection Timeout
+Leak Detection
}
class PeopleDataSourceConfig {
+PeopleHikariCP
+HikariCP Connection Pool
+Connection Management
+Connection Timeout
+Leak Detection
}
class SessionConfig {
+@EnableRedisHttpSession
+Redis Session Store
+Session Timeout
+Session Fixation
+Session Security
+Concurrent Session Control
}
%% Infrastructure Layer
class Database {
+PostgreSQL Primary
+PostgreSQL People
+Indexed Queries
+Batch Operations
}
class Redis {
+Cache Storage
+Session Store
+Distributed Lock
+Concurrency Control
}
%% Layer Relationships
TYMBackendApplication --> SecurityConfig
TYMBackendApplication --> RedisConfig
TYMBackendApplication --> PrimaryDataSourceConfig
TYMBackendApplication --> PeopleDataSourceConfig
TYMBackendApplication --> SessionConfig
SecurityConfig --> KeycloakController
SecurityConfig --> Auth
SecurityConfig --> SessionConfig
SessionConfig --> RedisConfig
RedisConfig --> Redis
PrimaryDataSourceConfig --> Database
PeopleDataSourceConfig --> Database
classDiagram
class SecurityConfig {
+@EnableWebSecurity
+@EnableMethodSecurity
+JWT Authentication
+OAuth2 Resource Server
+CORS Configuration
+Stateless Keycloak Endpoints
}
class JWTValidation {
+OAuth2ResourceServer
+JwtDecoder
+CustomJwtGrantedAuthoritiesConverter
+Bearer Token Resolver
}
class Authorization {
+ROLE_GUEST
+ROLE_MANAGE_USERS
+ROLE_ADMIN
+ROLE_USER
+permitAll() for /people/names
+authenticated() for protected endpoints
}
class SessionManagement {
+Redis Session Storage
+Session Timeout
+Session Fixation
+@EnableRedisHttpSession
+tymb:sessions namespace
}
class KeycloakController {
+OAuth2 Redirect
+Token Exchange
+User Info
+Token Introspect
+Dynamic redirectUri
}
SecurityConfig --> JWTValidation
SecurityConfig --> Authorization
SecurityConfig --> SessionManagement
SecurityConfig --> KeycloakController
classDiagram
class GlobalExceptionHandler {
+Chain of Responsibility
+Error Response Builder
}
class BusinessApiExceptionHandler {
+@Order(0)
+BusinessException
}
class DataIntegrityApiExceptionHandler {
+@Order(1)
+DataIntegrityViolationException
}
class ValidationApiExceptionHandler {
+@Order(2)
+MethodArgumentNotValidException
}
class DefaultApiExceptionHandler {
+@Order(Integer.MAX_VALUE)
+Generic Exception
}
GlobalExceptionHandler --> BusinessApiExceptionHandler
GlobalExceptionHandler --> DataIntegrityApiExceptionHandler
GlobalExceptionHandler --> ValidationApiExceptionHandler
GlobalExceptionHandler --> DefaultApiExceptionHandler
Python
Node.js
- Used Mongoose.js for schema definition and queries in MongoDB-powered dashboards.
PHP
General
Frontend Development
Vue
React
Angular
General
- Built Astro website with React useState integration
- Developed Thymeleaf MVC and Handlebars CRUD APIs
- Developed Vue.js 2 3 with Vuex integration
- Maintained Angular as the primary gateway frontend framework, modifying extensive .component.ts and .html files (e.g., refactoring showMessage UI behavior to alertDialog / errLabel, and refreshing component state data), and managing Angular Routing (app-routing.module.ts)
- Developed visual styles using SCSS / CSS, updating site-wide shared component libraries (widget.scss) and Angular module-specific stylesheets (e.g., MaintainPrintingOfTransactionNotification.scss)
- Implemented localization and i18n by modifying dictionary files such as package.js and package_zh.js, enabling multi-language translation mapping for the frontend application
- Centralized API routes into a global configuration using Registry and Singleton patterns, establishing a Single Source of Truth to eliminate hardcoded paths and enhance modular cohesion.
Mobile & App Development
Mobile Frameworks
Performance & Architecture
- Developed high-performance media playback application using Flutter and Dart.
- Implemented complex Boomerang effects and memory pooling for video controllers.
- Engineered unified caching systems for cross-platform media management.
- Automated asset discovery with persistent probing and background task management.
Database
Relational
- Integrated PostgreSQL with Keycloak SSO, LangChain, and multiple backend REST API frameworks
- Maintained DB Access Layer for MSSQL in JBoss EAP
- Upgraded JBoss from EAP 7 to EAP 8 and containerized JBoss 7 for 20+ servers
- Used PostgreSQL transaction blocks (with Spring @Transactional) to ensure atomic updates for order matching, record insertion, and position updates. Designed composite indexes (e.g., status + timestamp) for efficient query of latest records, and avoided unnecessary indexes to balance write performance.
- Implemented N-Gram indexing for full-text search using PostgreSQL pg_trgm extension, supporting fuzzy matching and similarity search across multiple languages. Built hybrid search systems combining N-Gram and vector search for semantic and character-level text retrieval.
NoSQL
- Deployed Redis server with producer (API server with visit count API) and consumer (deployed individually) services to record website visit counts for handling large numbers of concurrent requests
- Integrated Redis for form state management system, implementing session storage and temporary data caching, with Lua scripts for atomic operations and application-level integration for data persistence and state synchronization.
- Implemented RabbitMQ-based asynchronous message processing architecture with producer-consumer pattern. Designed TYMBackendApplication as producer with AsyncMessageService and RabbitMQConfig for message publishing. Deployed RabbitMQ 4.1 Management server as message broker with queue management and async processing capabilities. Built dedicated Consumer Pod for message processing and database write operations, ensuring reliable message delivery and fault tolerance. This architecture enables scalable, decoupled communication between backend services and database operations, supporting high-throughput message processing with guaranteed delivery semantics.
graph LR
A[Backend<br/>Spring Boot<br/>REST Endpoints] --> B[RabbitMQ<br/>Message Queue]
B --> C[Consumer<br/>Spring Boot<br/>JDBC Processing]
C --> D[PostgreSQL<br/>Database]
%% Vivid, high-contrast class colors for light theme
classDef producer fill:#bbdefb,stroke:#1e88e5,color:#0b1a33
classDef mq fill:#e1bee7,stroke:#8e24aa,color:#0b1a33
classDef consumer fill:#c8e6c9,stroke:#2e7d32,color:#0b1a33
classDef database fill:#ffcdd2,stroke:#c62828,color:#0b1a33
class A producer
class B mq
class C consumer
class D database
Infrastructure & Deployment
Containerization & Orchestration
- Implemented PV and PVC for database data persistence
IaC & Automation
- Used Terraform to provision infrastructure on OCI and configure networking, compute, and storage resources. Automated deployment with Ansible for multi-node environments. Created and templated Helm charts for application rollout and upgrade across namespaces.
Servers & Middleware
- Set up volumes for containerized JBoss EAP 7 for real-time configuration updates
- Configured systemctl for JBoss EAP 8 and JBoss containers for auto-start on restart
System Architecture
- Implemented thread pool patterns for concurrent task processing and resource management in high-performance applications.
Monitoring & Visualization
- Integrated Prometheus with Spring Boot Actuator for collecting JVM and custom metrics. Visualized real-time data using Grafana dashboards. Monitored JBoss runtime via Jolokia and collected traces with Instana.
CI/CD
- Built Jenkins Server and implemented CI/CD pipelines using Jenkins and Jenkins Credentials for Spring Boot, Django, Laravel, and Astro projects
graph LR
A[GitHub Repository] --> B[Clone and Setup]
B --> C[Build with Node.js]
C --> D[Build Docker Image with BuildKit]
D --> E[Push to Docker Hub]
E --> F[Deploy to Kubernetes]
Network
Protocols
- Built chat room and Spring Boot Actuator metrics exporter with WebSocket, using STOMP for message broker
Load Balancing & Ingress
- Deployed Nginx Ingress Controller with all services exposed through ingress and cert-manager TLS, and Nginx Static File Server for serving static files.
- Applied round-robin load balancing for stateless services and integrated Nginx for static assets delivery. Used cert-manager with ACME to issue and auto-renew TLS certificates for ingress.
Cloud
Platforms
- Deployed bare-metal K8S server on OCI with public subnet and ingress configuration.
- Provisioned OKE with bastion in public subnet, operator VM in private subnets, and OKE control plane on private endpoint; configured public/internal load balancers and route tables (IGW/NAT/Service Gateway), with kubectl access via SSH proxy through bastion.
flowchart LR
user["User"] -->|SSH 22| bastion["Bastion (Public Subnet)"]
subgraph OCI VCN
direction LR
subgraph Public["Public Subnets"]
bastion
pubLB["Public LB Subnet (OCI LB - Reserved IP)"]
end
subgraph Private["Private Subnets"]
operator["Operator VM"]
cp["OKE Control Plane (Private Endpoint)"]
workers["Worker Nodes (NodePool size=2, A1.Flex 1c/8GB/50GB)"]
intLB["Internal LB Subnet"]
end
subgraph Gateways["Network Gateways"]
ig["Internet Gateway"]:::net
nat["NAT Gateway"]:::net
sg["Service Gateway"]:::net
end
pubRT["Public Route Table"]:::net --> ig
privRT["Private Route Table"]:::net --> nat
privRT --> sg
bastion -.-> pubRT
pubLB -.-> pubRT
operator -.-> privRT
workers -.-> privRT
intLB -.-> privRT
end
bastion -->|SSH Proxy| operator
operator -->|kubectl 6443| cp
pubLB --> workers
intLB --> workers
%% Improve contrast with vivid class definitions
classDef host fill:#eef3fb,stroke:#1f5bff,color:#0b1a33;
classDef control fill:#ede7f6,stroke:#5e35b1,color:#0b1a33;
classDef compute fill:#e8f5e9,stroke:#43a047,color:#0b1a33;
classDef net fill:#fff3e0,stroke:#fb8c00,color:#0b1a33;
%% Assign classes for better differentiation
class bastion host;
class pubLB,intLB,cp control;
class operator,workers compute;
class pubRT,privRT net;
Tools
Systems
- Upgraded RHEL from 7 to 8 for 20+ servers
Scripting
- Used Bash and Shell scripts to automate backup, deployment, and log rotation for RHEL-based systems. Used Python scripts to call APIs, process logs, and integrate with third-party services for data extraction and cleanup.
Others
- Used Yum Repository and Satellite to get files for upgrading RHEL
- Developed WordPress plugin to crawl double-layered data in Elementor ecommerce form
Security & Authentication
Identity Provider / SSO
- Built Keycloak SSO server and implemented authorization code OIDC method to connect public and confidential clients - https://github.com/Vinskao/keycloak-client-demo
Protocols & Flows
Framework & Keys
- Built Keycloak SSO server and implemented authorization code OIDC method to connect public and confidential clients - https://github.com/Vinskao/keycloak-client-demo
- Updated Keycloak 18 to 26 on K8S, persisted data to PostgreSQL
- Updated Keycloak SPI to Quarkus 3 from Quarkus 2, and implemented Keycloak username-password authentication flow using Informix stored procedure
- Implemented CDI to inject entity manager to DAO layer
sequenceDiagram
participant User as User
participant App as Application
participant Auth as Authorization Server
participant API as Resource Server
User->>App: 1. Access Application
App->>Auth: 2. Redirect to Authorization Page
User->>Auth: 3. Login and Authorize
Auth->>App: 4. Return Authorization Code
App->>Auth: 5. Exchange Code for Token
Auth->>App: 6. Return Access Token
App->>API: 7. Access Resources with Token
API->>App: 8. Return Protected Resources
AI
Frameworks & APIs
- For Maya Sawa V1, Built knowledge-based RAG chatbot using FastAPI framework with LangChain and OpenAI APIs with multi-character personality system. Implemented name detection for character profiles, semantic search for people, and vector similarity search for document context. Used LLMChain and PromptTemplate to build query workflows with personality prompt builders. Parsed and embedded documents, exposed query interface via FastAPI, and orchestrated flow with tools and chains. Integrated Redis for chat history management and session storage. Built multi-layered architecture with API Layer (FastAPI Router), Q&A Layer (QAChain, PageAnalyzer), Support Layer (NameDetector, ProfileManager, PeopleWeaponManager, PersonalityPromptBuilder, VectorStore, ChatHistoryManager), and External Services integration (OpenAI API, People System API, PostgreSQL, Redis).
- For Maya Sawa V2, Built advanced QA system using Django framework with hybrid search capabilities combining trigram and vector search in PostgreSQL using pg_trgm and pgvector extensions. Implemented full-text retrieval pipeline with GIN indexes for trigram search and IVFFlat indexes for vector search. Added support for multiple AI providers (OpenAI, Gemini, Qwen, Mock) through AIResponseService. Built comprehensive service layer with FilterChainManager, KMSourceManager, ChatHistoryService, and AIResponseService. Enhanced data layer with PostgreSQL, Redis, and Celery Broker integration. Maintained backward compatibility while adding advanced features like model management, health checks, and legacy chat history support.
- Implemented N-Gram indexing techniques in AI applications for fuzzy text matching and semantic search. Used PostgreSQL pg_trgm extension for trigram-based similarity search, enabling typo-tolerant queries and multi-language text retrieval in RAG systems.
Maya Sawa V2
graph TD
%% User and Entry
U["User"] --> Q["ask-with-model API<br/>question"]
Q --> P["Full-text Retrieval Pipeline"]
%% Retrieval Process
subgraph "Pipeline"
P --> N["Normalize/Lowercase<br/>trim punctuation"]
N --> E{"Compute Embedding?"}
E -- Yes --> EM["OpenAI Embeddings<br/>(text-embedding-3-small) → qvec"]
E -- No --> SKIP["Skip vector branch"]
%% PostgreSQL Retrieval (Trigram & Vector)
subgraph "PostgreSQL"
direction LR
PG1["Trigram Search<br/>content % :query<br/>similarity(content, :query) as text_sim"]:::trgm
PG2["Vector Search<br/>1 - (embedding <=> :qvec) as vec_sim"]:::vec
IDX1["GIN Index<br/>idx_articles_content_trgm<br/>(content gin_trgm_ops)"]:::idx
IDX2["IVFFlat Index<br/>idx_articles_embedding_ivfcos<br/>(embedding vector_cosine_ops)"]:::idx
EXT1["EXTENSION pg_trgm<br/>set_limit(:min_sim)"]:::ext
EXT2["EXTENSION pgvector"]:::ext
end
EM --> PG2
SKIP -.-> PG1
N --> PG1
PG1 --> MRG["Merge & Rank<br/>score = 0.6*text_sim + 0.4*vec_sim"]
PG2 --> MRG
MRG --> TOPK["Top-K Articles"]
end
%% Post-processing and Response
TOPK --> CTX["Build Context from Articles<br/>(title + snippet)"]
CTX --> AI["LLM Call (OpenAI/Gemini/Qwen/Mock)"]
AI --> RESP["Answer + Citations/No Knowledge Notice"]
RESP --> RDS["Redis ChatHistory<br/>chat:session:{sid}"]
RESP --> OUT["API Response"]
%% Database Table and Indexes
subgraph "articles schema"
TBL["articles<br/>- id BIGSERIAL PK<br/>- file_path VARCHAR(500) UNIQUE<br/>- content TEXT NOT NULL<br/>- file_date TIMESTAMP NOT NULL<br/>- embedding vector"]:::tbl
end
TBL -. indexed by .-> IDX1
TBL -. indexed by .-> IDX2
%% Styles
classDef trgm fill:#e3f2fd,stroke:#1e88e5,stroke-width:1px
classDef vec fill:#fce4ec,stroke:#d81b60,stroke-width:1px
classDef idx fill:#fff3e0,stroke:#fb8c00,stroke-width:1px
classDef ext fill:#ede7f6,stroke:#5e35b1,stroke-width:1px
classDef tbl fill:#f1f8e9,stroke:#43a047,stroke-width:1px
graph TB
subgraph "Frontend Layer"
A[User Interface] --> B[API Client]
end
subgraph "API Layer"
B --> A1[ask-with-model<br/>Async Processing]
B --> A2[task-status<br/>Task Status Query]
B --> A3[available-models<br/>Available Models List]
B --> A4[add-model<br/>Add Model]
B --> A5[chat-history<br/>Chat History]
B --> A6[legacy-chat-history<br/>Legacy Chat History]
B --> A7[healthz<br/>Health Check]
end
subgraph "Processing Layer"
P1[Async Processing<br/>Celery Task]
P2[Task Status Management<br/>Redis/Celery]
end
subgraph "Agent Service Layer"
AS[MayaAgentService<br/>Unified Service Entry]
end
subgraph "Workflow Layer"
WF[MayaAgentWorkflow<br/>Graphical Workflow]
N1[Intent Classification Node<br/>FilterChain]
N2[Knowledge Retrieval Node<br/>KMSourceManager]
N3[Tool Selection Node<br/>Smart Tool Selection]
N4[Tool Execution Node<br/>PDF/OCR/Calculation/Search]
N5[AI Response Generation Node<br/>LLM Call]
N6[Result Saving Node<br/>Data Persistence]
N7[Error Handling Node<br/>Exception Handling]
end
subgraph "Capability Support Layer"
LLM[LLM Capability<br/>OpenAI/Gemini/Qwen]
TOOLS[Tool Capability<br/>PDF/OCR/Calculation/Search]
MEMORY[Memory Capability<br/>Redis/Vector Memory]
RAG[RAG Capability<br/>pgvector/Hybrid Retrieval]
end
subgraph "Data Layer"
D1[(PostgreSQL<br/>Conversations/Articles)]
D2[(Redis<br/>Cache/Memory/Celery)]
D3[(RabbitMQ<br/>Celery Broker)]
end
subgraph "External Systems"
E1[Paprika API<br/>Knowledge Base Content]
E2[OpenAI API<br/>GPT-4o/GPT-4.1]
E3[Google Gemini API<br/>Gemini Pro/Flash]
E4[Qwen API<br/>Qwen Turbo/Plus]
end
%% API to Processing Layer
A1 --> P1
A2 --> P2
%% Processing Layer to Agent Service Layer
P1 --> AS
%% Agent Service Layer to Workflow Layer
AS --> WF
%% Workflow Node Connections
WF --> N1
WF --> N2
WF --> N3
WF --> N4
WF --> N5
WF --> N6
WF --> N7
%% Workflow Nodes to Capability Layer
N1 --> LLM
N2 --> RAG
N3 --> TOOLS
N4 --> TOOLS
N5 --> LLM
N6 --> MEMORY
%% Capability Layer to Data Layer
LLM --> D1
TOOLS --> D1
MEMORY --> D2
RAG --> D1
%% Celery Tasks to Data Layer
P1 --> D3
P2 --> D2
%% External System Connections
LLM --> E2
LLM --> E3
LLM --> E4
RAG --> E1
%% Style Definitions
classDef api fill:#e8f5e8,stroke:#4caf50,stroke-width:3px,color:#000000
classDef process fill:#fff8e1,stroke:#ffa000,stroke-width:3px,color:#000000
classDef agent fill:#e3f2fd,stroke:#2196f3,stroke-width:3px,color:#000000
classDef workflow fill:#fff3e0,stroke:#ff9800,stroke-width:3px,color:#000000
classDef capability fill:#fce4ec,stroke:#e91e63,stroke-width:3px,color:#000000
classDef data fill:#f1f8e9,stroke:#43a047,stroke-width:3px,color:#000000
classDef external fill:#f3e5f5,stroke:#9c27b0,stroke-width:3px,color:#000000
class A1,A2,A3,A4,A5,A6,A7 api
class P1,P2 process
class AS agent
class WF,N1,N2,N3,N4,N5,N6,N7 workflow
class LLM,TOOLS,MEMORY,RAG capability
class D1,D2,D3 data
class E1,E2,E3,E4 external
sequenceDiagram
participant U as User
participant F as Frontend
participant A as API
participant C as Celery Worker
participant DB as Database
U->>F: Send Question
F->>A: POST /maya-v2/ask-with-model/
A->>DB: Create Task Record
A->>C: Send Processing Task
A-->>F: Return task_id
F-->>U: Show Processing
loop Poll Status
F->>A: GET /maya-v2/task-status/{task_id}
A->>C: Query Task Status
C-->>A: Return Status
alt Task Complete
A-->>F: Return AI Response
F-->>U: Display Result
else Processing
F-->>U: Show Processing
end
end
Tools
- Set up local GPU inference with NVIDIA Container Toolkit and WSL2 on Windows. Used Colab for LLM prototyping and rapid experimentation. Tuned prompt behavior and latency benchmarks between local and remote environments.
Freelancer
Backend Development
Python
- Architected knowledge management Q&A system using FastAPI and LangChain; injected data via Laravel API, storing in PostgreSQL and converting to vector embeddings for semantic search.
PHP
Tools
Others
AI
Frameworks & APIs
Maya Sawa V1
graph TD
A["User Request</br>(/qa/query)"] --> B{FastAPI Router};
B --> C["qa_chain.get_answer(query)"];
C --> D{"Detect names in query"};
%% Name Detection Branch
D -- "Names found" --> E["Fetch character profiles</br>from DB"];
E --> F{"Profile found?"};
F -- "Yes" --> G["Create prompt with</br>character profile"];
F -- "No" --> H["Respond 'not found'"];
%% No Names Branch
D -- "No names found" --> I{"Semantic search for people"};
I -- "People found" --> J["Generate answer from</br>search results"];
I -- "No one found" --> K["Similarity search</br>in Vector Store"];
K --> L["Create prompt with</br>document context"];
%% Unified Processing
G --> M["Invoke LLM"];
J --> M;
L --> M;
H --> N["Return final answer"];
M --> N;
N --> O["Save chat history"];
O --> P["Return AI answer"];
P --> B;
flowchart TD
subgraph "API Layer"
APIRouter["FastAPI Router<br/>(maya_sawa/api/qa.py)"]
end
subgraph "Q&A Layer"
QAChain["QAChain"]
PageAnalyzer["PageAnalyzer"]
end
subgraph "Support Layer"
NameDetector["NameDetector"]
ProfileManager["ProfileManager"]
PeopleWeaponManager["PeopleWeaponManager"]
PersonalityPromptBuilder["PersonalityPromptBuilder"]
NameAdapter["NameAdapter"]
VectorStore["PostgresVectorStore"]
ChatHistoryManager["ChatHistoryManager"]
ConfigManager["ConfigManager"]
ConnectionPoolManager["ConnectionPoolManager"]
Scheduler["ArticleSyncScheduler"]
end
subgraph "External Services"
OpenAIAPI["OpenAI API<br/>Chat & Embeddings"]
PeopleAPI["People System API<br/>/tymb/people/*"]
ArticleAPI["Public Article API<br/>/paprika/articles"]
PostgresDB["PostgreSQL"]
RedisDB["Redis"]
end
Client["Client / Frontend"] --> APIRouter
APIRouter --> QAChain
APIRouter --> PageAnalyzer
APIRouter --> VectorStore
APIRouter --> ChatHistoryManager
APIRouter --> Scheduler
ChatHistoryManager --> RedisDB
QAChain --> NameDetector
QAChain --> ProfileManager
QAChain --> PeopleWeaponManager
QAChain --> PersonalityPromptBuilder
QAChain --> NameAdapter
QAChain --> VectorStore
PageAnalyzer --> QAChain
NameDetector --> OpenAIAPI
QAChain --> OpenAIAPI
ProfileManager --> PeopleAPI
PeopleWeaponManager --> PeopleAPI
VectorStore --> PostgresDB
VectorStore --> ArticleAPI
PeopleWeaponManager --> PostgresDB
ConfigManager --> PostgresDB
ConnectionPoolManager --> PostgresDB
Scheduler --> ArticleAPI
Personality
Results-driven and pragmatic, KTY approaches every problem through the lens of feasibility, efficiency, and deliverability — prioritizing actionable output over theoretical exploration.
Rationally analytical at the core, he relies on logic and structured thinking to navigate complex or high-pressure situations. His decision-making consistently returns to the fundamentals: what is the nature of this problem, and what do the rules and logic dictate? This stable, affect-neutral approach consistently improves problem-solving quality.
Strong systems thinker who naturally decomposes complexity into manageable modules, analyzing systems through architecture, data flow, and component relationships. He habitually evaluates trade-offs via A/B comparison and proactively identifies bottlenecks — in performance, concurrency, or resource usage — to drive continuous optimization.
In short: a logic- and data-driven engineering mindset that pairs execution speed with optimization discipline, capable of rapidly pinpointing root causes and shipping grounded solutions even under shifting requirements.