CV/Mission K8s freelance

Aperçu d'expériences de Miguel,
freelance K8S résidant dans Paris (75)

• AWS SysOps/DevSecOps/GitOps [CI/CD]-Production Support K8s/EKS

  BPI France
  Jan 2022 - aujourd'hui

  Mission of administration, expertise&support (L1 to L3) SysOps/DevSecOps/GitOps using AWS EKS Kubernetes (K8s)/Docker containers deployed in AWS infrastructures. Several K8s clusters [near of 70 nodes for Staging&Prod platforms. Administration, industrialization and deployments using CI/CD Jenkins pipelines in Production environments (Run mode) around GitOps tools (FluxCD/Helm, Atlantis).
  
  SysOps/DevSecOps (CI/CD) using Jenkins + Artifactory + GitLab + Vault + Kubernetes/Docker :
   Automation/Installation/Administration of CI-CD pipelines using Jenkins, GitLab; Artifactory,Vault, Kubernetes in order to build/deploy CI-CD platforms for internal BPI project teams (more than 150 CI-CD internal project platforms “end-to-end” running in parallel under an unique AWS EKS cluster infrastructure).
   K8s Administration&Supervision&Monitoring of the AWS EKS cluster using docker containers: Fluentd+Prometheus => Grafana & Kibana & Datadog, several applications deployed using Helm : Helm Operator, GitLab, Jenkins, Sonar, Artifactory, Vault, etc.
   Administration and configuration: Jenkins pipelines; JenkinsFiles, scripts shell, Phyton, etc
   SAFe Agile methodology and deployments using JIRA & Jenkins stacks CI/CD
   Incidents resolution and deep analysis from clients using EasyVista tools and JIRA (ITIL process).
   Richfull environments using “DevSecOps” tools in order to provide a high level of CI-CD tooling for the BPI projects : GitLab, Jenkins, Artifactory, Sonar, Anchore/Grype, Jenkins Agents, Atlantis, Flux, SealedSecrets, etc
  
  GitOps methodology :
   « IaC » using Atlantis/Terraform: deployment of the AWS infra using Git MergeRequest as unique entry point.
   « CI-CD » using Flux(CD)/Helm : the application layer in AWS EKS K8s cluster is done using Flux as unique entry point through Git MergeRequest(s). Any “manifest” K8s file in EKS is under the control of Flux and any “manual (without Git)” change done in the “manifest” EKS file is rectified by Flux (native auto-remediation tooling).
  
  FinOps :
   Optimization using the recommendations of the « CoE Cloud Shared Services » of BPI.
   AWS EKS cluster : spots instances when necessary, cluster nodes (“bottle rocket”), autoscalling optimization; etc
   SLA&Costs according to NO Production platforms (Staging/PreProd)
  
  Security:
   Installations & security aspects : AWS SSM , Vault, Sealed Secrets
   Encryption/Decryption : SSL flows, certificates, AWS Certificate Manager (ACM), etc
  
  Knowledge in other technical aspects:
  Linux, Jenkins, GitLab, Artifactory, Sonar,Vault, Nginx, Python, JSON, YAML, VisualStudio, SailPoint, ServiceNow, JIRA , etc

• SysOps/DevOps[CI/CD] Production Support Kubernetes/Docker

  CIB BNP Paribas
  Jan 2020 - Jan 2022

  Mission full english spoken of support, expertise (L1 to L3 support) SysOps/DevOps using Kubernetes (K8s)/Docker containers deployed in a private cloud (Marketplace). Several K8s clusters [more than 250 nodes using the Dev, Staging&Prod platforms] hosting a big datalake and Intelligence Artificial (IA) applications. Administration, industrialization and deployments using CI/CD Jenkins in Production environments (Run mode).
  SysOps/DevOps (CI/CD) using Jenkins + Artifactory + Bitbucket + Ansible + Kubernetes/Docker :
   Automation/Installation/Administration CI/CD pipeline using Jenkins, Artifactory, Ansible Tower, CyberArk, Kubernetes.
   K8s Administration : K8s DashboarUI & Kibana, Resource Quotas, Namespaces, Users management, Nodes maintenance, Pod Security Policies, Taints&Tolerations, Healthchecks, secrets, volumes, affinity, Helm, etc.
   Administration and configuration: Dockerfile, Playbooks, scripts shell, etc
   Debugging and production support (ITIL process)
   Agile methodology and deployments using JIRA & Jenkins stacks CI/CD
   Incidents resolution and deep analysis from clients using ServiceNow tools and JIRA (ITIL process).
   Richfull environments using “dockerisation” but other technologies : Apache servers, Nginx, Oracle & Postgree DB’s, LoadBalancing, AVI technologies (VIP’s), https protocols and certificates, NAS shares, S3 buckets, etc
   Supervision&Monitoring : ELK stack  Installation/configuration (log&search patterns platform)
  
  FinOps :
   « Best Practices »: taxonomy/tagging of ressources, tracking of unused resources, tools and scripting.
   Review&optimization shell scripts for launching only the necessary resources in the private cloud.
  
  Security:
   Installations & security aspects using secrets and CyberArk
   Encryption/Decryption of flows using the transfert of data for AI applications (PGP tools)
  
  Knowledge in other technical aspects:
  Linux, CyberArk, Jenkins, Git, Ansible, Nginx, Python, JSON, YAML, VisualStudio, SailPoint, ServiceNow, JIRA, Alteryx, etc

• SysOps/DevOps [CI/CD] Production Support Kubernetes

  BNP Paribas
  Jan 2020 - aujourd'hui

  Mission full english spoken of support, expertise (L1 to L3 support) SysOps/DevOps Kubernetes (K8s) deployed in a private
  cloud. Several K8s clusters [more than 250 nodes using the Dev, Staging&Prod platforms] hosting a big datalake and AI
  applications. Administration, industrialization and deployments using CI/CD Jenkins in Production environments (Run
  mode).
  
  SysOps/DevOps (CI/CD) using Jenkins + Git + Ansible + Dockerhub + Kubernetes :
  Automation/Installation/Administration CI/CD pipeline using Jenkins, Git, Ansible Tower, Dockerhub,
  Kubernetes.
  K8s Administration : K8s DashboarUI & Kibana, Resource Quotas, Namespaces, Users management, Nodes
  maintenance, Pod Security Policies, Taints&Tolerations, Healthchecks, Liveness&readiness probes, secrets,
  volumes, affinity, Helm, etc.
  Administration and configuration: Dockerfile, Playbooks, scripts shell, etc
  Debugging and production support (ITIL process)
  Agile methodology and deployments using JIRA & Jenkins stacks CI/CD
  Incidents resolution and deep analysis from clients using ServiceNow tools and JIRA (ITIL process).
  Richfull environments using “dockerisation” but other technologies : Apache servers, Nginx, Oracle & Postgree
  DB’s, LoadBalancing, AVI technologies (VIP’s), https protocols and certificates, NAS shares, S3 buckets, etc
  Supervision&Monitoring : ELK stack Installation/configuration (log&search patterns platform)
  
  FinOps :
  « Best Practices »: taxonomy/tagging of ressources, tracking of unused resources, tools and scripting.
  Review&optimization shell scripts for launching only the necessary resources in the private cloud.
  
  Security:
  Installations & security aspects using secrets and CyberArk
  Encryption/Decryption of flows using the transfert of data for AI applications (PGP tools)
  Knowledge in other technical aspects:
  Linux, CyberArk, Jenkins, Git, Ansible, Nginx, Python, JSON, YAML, VisualStudio, SailPoint, ServiceNow, JIRA,
  Alteryx, etc

• Serveless / Security – DevOps

  SysOps/DevOps Cloud AWS Infrastructure Terraform&Kubernetes [Kops-EKS] /
  Jan 2019 - Jan 2020

  Mission « SysOps/expertise Cloud » for NOAE consulting: technical support (N1 to N3) in cloud infrastructure with AWS. “Best
  Practices » in installation&administration infrastructure with AWS, industrialization on deployments (Infrastructure as Code /
  IaC) using Terraform. Administration of Kubernetes/Docker (DevOps) and deployments charts.
  
  SysOps/DevOps (CI/CD) using Jenkins + Maven + Git + Ansible + Dockerhub + Kubernetes :
  Automation/Installation/Administration CI/CD pipeline using Jenkins, Git, Ansible, Dockerhub, Kubernetes.
  Installations & security aspects: full “On-premises”, “Hybrid”; full “cloud”.
  Administration and configuration: Dockerfile, Playbooks, scripts shells, etc
  
  SysOps Kubernetes(K8s) / Docker expert using “Kops” & EKS :
  « Best Practices” in administration, deployment of Kubernetes clusters with AWS.
  Installations & security aspects of K8s : full “On-premises”, “Hybrid”; full “cloud”.
  “Installation Manual” using “kops” & “kubectl” & “eksctl”: prerequisites ELB LoadBalancer (Route 53 and the “onpremise” DNS).
  K8s Administration : K8s Dashboard UI, Resource Quotas, Namespaces, Users management, Nodes maintenance, Pod
  Security Policies, Healthchecks, Liveness&readiness probes, secrets, volumes, affinity, Helm, etc.
  Installing Kubernetes using EKS (Elastic Kubernetes Service of AWS): IAM roles for Service Accounts.
  
  « IaC » using Terraform:
  « Best Practices » & security using Terraform.
  Scripting with Terraform and AWS & GCP providers (some examples also with Azure Provider ).
  "Standard patterns": scripts for deploying VPCs, subnets, security groups , NACL’s, internet Gateways, Routing Tables,
  EC2, S3, ELB Classic, Elastic Load Balancing v2 (ALB/NLB), EBS, Autoscaling, EFS, Kubernetes clusters, etc
  Very good skills developing under Terraform
  
  FinOps :
  « Best Practices »: taxonomy/tagging of cloud resources, tracking of unused resources, tools and scripting.
  Review&optimization in the Terraform scripts for launching only the necessary resources on the cloud.
  Study/review of cloud compute services (EC2): "On-Demand Instances"vs" Reserved Instances"vs"Scheduled
  Instances"vs"Spot Instances"vs"Dedicated Hosts"
  Worshops with operational teams: accountability of the teams on costs.
  
  Security:
  Installation and configuration : VPC Flow Logs, CloudTrail, AWS Config , Trusted Advisor, Inspector , Macie.
  Best practices using and configuring AW SIAM Roles & Access
  
  Supervision& Logging & Monitoring:
  ELK stack : Installatio...