I build software: developer tools, distributed systems, experiments, side projects, and the occasional weird machine.

Publicly, that currently looks like:

• 100+ original repositories
• 2,800+ merged PRs in external open source

A lot of my work happens upstream rather than only in personal repos.

• SIG API Machinery lead and maintainer for many years; represented the SIG at KubeCon — 📺 2018, 📺 2019, 📺 2021, 📺 2023, 📺 2026
• co-authored the foundational CRD improvements 2018–2022: structural schemas (OpenAPI-based type system), pruning, defaulting, webhook conversion — turning CRDs from a prototype into production-grade infrastructure
• co-designed Watch List (KEP-3157) — streaming informer startup replacing LIST, reducing server-side memory from terabytes to gigabytes in large clusters; critical for AI/ML workloads
• drove generic control plane (KEP-4080) — extracting kube-apiserver into an embeddable library, enabling projects like kcp to build real control planes on top
• maintained kube-openapi — the go-openapi fork backing Kubernetes's OpenAPI aggregation pipeline
• co-authored audit logging in the Kubernetes API server (2017–2018)
• implemented deepcopy code generation (used across the entire Kubernetes codebase today) — replaced reflect-based copying with generated typed code, significantly improving memory efficiency and runtime reliability
• co-created the Kubernetes codebase structure of hierarchical staging repos (client-go, apimachinery, api, apiserver, …) — made the codebase significantly more maintainable and enabled its continued growth
• built the publishing-bot staging build machinery — the system that publishes Kubernetes staging repos (client-go, apimachinery, etc.) as independent Go modules; still running today, including go.mod support

• architectural lead during the Red Hat era; helped transition the project into CNCF Sandbox; still project advisor
• designed the core multi-tenancy model: APIExport and APIBinding — CRDs defined once, bound into many workspaces without copying, forming the basis for a new kind of platform API
• drove the authorization model: workspace-scoped RBAC, user scopes, and warrants for cross-workspace delegation
• built the virtual workspace layer and the sharded cache server for replication across kcp instances
• kcp was the main real-world driver for the generic control plane work and directly influenced kube-bind and multicluster-runtime

• control plane lead for several years, owning the reliability and lifecycle of the OpenShift API server tier
• designed the static pod installer model in library-go: revision-based rolling updates for API servers with startup monitors, fallback logic, and prune policies — zero downtime
• owned the kube-apiserver operator and the OpenShift apiserver operator end-to-end
• drove KMS encryption at rest for the OpenShift API server, integrating Kubernetes's KMS envelope encryption with OpenShift's key management
• did multiple rebases of the OpenShift codebase onto new Kubernetes versions, keeping a large downstream fork aligned with fast-moving upstream
• production issues in OpenShift fed back into SIG API Machinery work upstream, and vice versa

Contributions across Crossplane and related projects — Go

• 🧠 nanoschnack — language model training and tokenizer work — Python, Go — 📺 KubeCon
• 🕸️ kausality — causal traceability for Kubernetes resource mutations — Go — 📺 KubeCon
• 🔗 kube-bind — invented CRD binding across Kubernetes clusters — Go — 📺 KubeCon — 📺 ContainerDays
• 🌐 multicluster-runtime — invented and bootstrapped multi-cluster controller-runtime — Go — 📺 KubeCon
• 🤖 slagent — Claude talking to Slack — Go
• ☸️ kc — Kubernetes Commander — Go
• 🌐 kubectl-http — HTTPie as a kubectl plugin — Shell
• 🕹️ claw64 — an OpenClaw-inspired Claw for the Commodore 64 — Go
• 🧩 xf-cli — XenForo CLI and MCP tooling — Go
• 🧪 shell-ai-widget — AI-powered inline shell command editing — Go
• 🏠 ha-git-backup — Git-backed backup add-on for Home Assistant — Shell
• 🎮 kbounce — Godot recreation of KBounce — GDScript — Web — App Store
• ⚡ godot-quickjs — QuickJS embedded into Godot 4 — C++
• 🔧 crd-gates — feature gates for CRDs — Go
• 🧱 blender-wrl — Blender plugin for importing WRL files — Python
• 📚 tvniki — a revived programming learning system from 1996 — Pascal

• Programming Kubernetes — co-authored with Michael Hausenblas — O'Reilly, 2019

All talks: YouTube

• 2026: SIG API Machinery: SIG Updates and Deep Dive in the AI/ML Era - Stefan Schimanski, NVIDIA
• 2025: The Life (or Death) of a Kubernetes API Request, 2025 Edition - Abu Kashem & Stefan Schimanski
• 2025: Dynamic Multi-Cluster Controllers With Controller-runtime - Marvin Beckers & Stefan Schimanski
• 2024: The Missing Talk About API Versioning & Evolution in Your Developer Pl... S. Schimanski, S. Urbaniak
• 2024: Deep Dive Into Generic Control Planes and Kcp - Stefan Schimanski & Mangirdas Judeikis
• 2024: Shift-Left: Past, Present, and Future of Validation in CI... Alexander Zielenski & Stefan Schimanski
• 2024: Why Kubernetes Is Inappropriate for Platforms, and How to Make It Better
• 2023: API Machinery Dual Maintainer Track - Federico Bongiovanni & Leila Jalali & Stefan Schimanski
• 2022: Kcp: Towards 1,000,000 Clusters, Name^WWorkspaced CRDs - Stefan Schimanski, Red Hat
• 2022: Towards Something Better Than CRDs In a Post-Operator World - Stefan Schimanski, Red Hat
• 2021: SIG API Machinery Deep Dive - App... Abu Kashem & Stefan Schimanski, Joe Betz & Federico Bongiovanni
• 2020: Into the Deep Waters of API Machinery - Federico Bongiovanni & Daniel Smith, Google, & David Eads
• 2019: Tutorial: Mastering Multi-version CRDs: From YAML to a Serious Devel... Stefan Schimanski & Joe Betz
• 2019: Deep Dive Into API Machinery - Antoine Pelisse, Google & Stefan Schimanski, Red Hat
• 2019: OpenAPI Specs – Towards Native User Experience of CRDs - Stefan Schimanski, Red Hat
• 2018: Kubernetes Contributor Summit 2018 - API Codebase Tour
• 2018: Deep Dive: API Machinery SIG - Stefan Schimanski, Red Hat & Daniel Smith, Google
• 2018: Audit in Kubernetes, the Future is Here - Stefan Schimanski & Maciej Szulik, Red Hat
• 2018: The Future of Your CRDs – Evolving an API - Stefan Schimanski, Red Hat & Mehdy Bohlool, Google

• 2026: Building a GPT-2 Model from Scratch by Stefan Schminanski
• 2025: Dynamic Multi-Cluster Controllers with controller-runtime - Marvin Beckers & Stefan Schimanski
• 2023: The future of CRDs in a post-cluster world - Sebastian Scheele & Stefan Schimanski
• 2022: Panel: The Future of Kubernetes is Control Planes - Red Hat OpenShift Commons 2022 Detroit
• 2022: What if namespaces provided more isolation than just names?
• 2018: Code Base Tour: github.com/kubernetes/kubernetes
• 2018: Extending Kubernetes with CustomResouceDefinition - Dr. Stefan Schimanski, Red Hat
• 2018: Stefan Schimanski about Kubernetes as a API driven platform, Reykjavík Kubernetes Meetup
• 2016: Elastic etcd – automatic add, replace and cluster growth

Older projects and ecosystems that still represent what I build:

• 🐧 KDE — core contributor: KBounce, KMixer, Konqueror, browser plugins, and khtml, later becoming WebKit by Apple and today used in nearly every browser — C++, Qt
• ☁️ Kubermatic — invented Kubermatic, predecessor to Cluster API and HyperShift, later sold to Loodse, today Kubermatic GmbH — Go
• ⚙️ elastic-etcd — elastic discovery wrapper around etcd — Go
• 🐳 kubernetes-dind-cluster — early Docker-in-Docker Kubernetes dev clusters, an ancestor of kind — Shell
• 🏗️ compute-platform — Mesos-based compute platform — Shell
• 🚀 kubernetes-mesos — Kubernetes on Apache Mesos — Go
• 🏃 Marathon — container orchestration on Apache Mesos — Scala
• 🛰️ mesos-dns — DNS-based service discovery for Mesos — Go
• 📧 ldap-notify — LDAP password and login expiration notifications — Python
• 🗺️ google-maps-mock — Google Maps JS mocking for tests — JavaScript

• @the_sttts on X
• @sttts.social on Bluesky