Audit of the current Azure Infrastructure and migration of the workloads from 3 regions to a new AKS cluster.

• Audit of the current Azure Infrastructure and Redaction of the audit report and recommandations.
• Improve current deployment security (Pod Security Policies, TopologySpread, PodDisruptionBudget…)
• Load testing and optimization of the Istio workload
• Prepare and do the workload migration to the new AKS cluster. Change from APP Gateway to Front Door + Istio Ingress

Technologies

• Cloud Provider: Microsoft Azure
• Kubernetes: Istio
• Deployment: Terraform, Argocd, Helm

Migration from AWS to GCP

• Design and implement the landing zone on GCP
• Redaction of Architecture decisions records
• Deploy 7 apps infrastructure and provide support to dev teams
• Migrate Apps and Databases from AWS to GCP

Technologies

• Cloud Provider: Google Cloud Platform, Amazon Web Services
• GCP Services: Cloud Run, GCS, CloudSQL, Memorystore, Pub/Sub, BigQuery, IAM, VPC, Datastore…
• Deployment: Terraform, Github Actions, Terragrunt

Setup and deploy a Kubernetes Cluster Management platform, based on Cluster API, Talos and VMWare.

• Industialize the deployment of the platform, by creating a GitOps flow based on ArgoCD and Taskfile (for task that can’t be fully gitops).
• Setup Backup and Restore procedures, based on Velero.
• Setup Centralized LOM Stack based on Mimir, Loki, Tempo and opentelemetry operator
• Datascience team formation and deployment of their tools (Airflow, Metabase) inside a child cluster.

Technologies

• Kubernetes: Kubernetes, Cluster API, Talos
• LOM Components: Mimir, Loki, Tempo, OpenTelemetry Operator
• Data Science Tools: Airflow, Metabase
• Deployment: ArgoCD, Taskfile, Helm, Velero

Design a modern infrastructure for a Drone Managing Platform, that can be deploy on a Cloud Provider and on Premise, scale and meet industrial standard (monitoring, logging, security, deployment…)

• Architecture, Design and implementation of the platform (migration from a single Docker node to a Kubernetes environment).
• Monitor the infrastructure components, by deploying a Prometheus Stack, create alarms, explain Prometheus metrics to dev.
• Implement Agile methodologie. Scrum formation to developers and managers, setting up Shortcut and Scrum ceremonies.
• Developers formation to modern tools, modern infrastructure, and cloud native application.
• Proposal on new developement flows (Set up of okteto, proposal of one flow for git…).
• Performance Tuning on databases (ElasticSearch).
• Support to clients (Infrastrusture Team, RSSI…)

Technologies

• Kubernetes: Kubernetes, Azure Kubernetes Service
• Infrastructure Components: Prometheus-operator, Logging-Operator, Traefik, External-dns, Cert-Manager, Elastic Cloud Kubernetes, Strimzi…
• Deployment: ArgoCD, Terraform, Github Actions, Helm, Ansible
• Microsoft Azure: AKS, AD, Application Gateway…

Design and deploy a Platform as a service based on Kubernetes on GCP. Designed to host innovative applications, this platform allows the client to secure their applications, deploy their cloud infrastructure, monitor their applications by code.

• Design and implement the platform
• Monitor the infrastructure components
• Agile methodologie
• Support to clients

Technologies

• Kubernetes: Kubernetes, Google Kubernetes Engine
• Infrastructure Components: Prometheus-operator, Logging-Operator, Loki, Velero, Rancher, Ingress-Nginx, Sealed-Secrets, External-dns, Cert-Manager, Open Policy Agent…
• Deployment: ArgoCD, Config Connector, Terraform, Gitlab-CI, Helm
• Google Cloud Platform: GKE, GCS, CloudSQL

Deployment of a private Kubernetes on baremetal

• Deploy Kubernetes through Rancher 2.5
• Architecture Design and Documentation
• Kubernetes Evangelisation

Technologies

• Deployement: Rancher
• Storage: Rook, Ceph
• Infrastructure Components: MetalLB, Ingress-Nginx, Prometheus-operator, Logging-Operator, Loki, Harbor

Deployment of a private cloud platform based on OpenStack.

• Deploy OpenStack through OpenNext solution
• Architecture Documentation

Technologies

• OpenStack: Keystone, Nova, Neutron, Cinder, Glance, Horizon
• Deployment: OpenNext, OpenStack-Ansible, Cobbler, Ansible
• Storage: Ceph

As a Product Owner and Architect of the Private Cloud Platform, I gather the clients needs, prioritize them and explain them to the development team, in a SAFe agile environment.

• Redaction of the Architecture documentation (based on the team development
• Preparation of the SAFe ceremonies (Backlog Refinement, PI Planning, Sprint Planning
• Redaction of the Features and User Stories, based on the clients needs and technical needs of the development team.
• Client support
• Help of the development team on the deployment and development tasks

Technologies

• Deployment: MaaS, OpenStack-Ansible, Ansible
• OpenStack: Keystone, Nova, Neutron, Cinder, Glance, Swift, Octavia, Horizon, Heat
• Storage: Ceph
• Infrastructure Components: Prometheus, Grafana, PFSense

As part of the creation of an inter-ministerial Private Cloud, I studied, designed and deployed an OpenStack based private Cloud.

• Study of the community OpenStack deployments (Kolla-Ansible / OpenStack-Ansible)
• Automation, through Ansible, of the differents deployment tools.
• Creation of the documentation and development standards, for the ansible roles and playbooks.
• Deployment of the Git infrastructure (Gitlab) and Git Project Structure
• Security audit of Kolla-Ansible

Technologies

• Deployment: OpenStack-Ansible, Ansible, Kolla-Ansible, Cobbler
• OpenStack: Keystone, Nova, Neutron, Cinder, Glance, Swift, Heat, Horizon
• Infrastructure Components: Docker Notary, Docker Registry, Python Registry, Gitlab

Study on how to integrate existant network components with N OpenStack infrastructures

• Network Audit
• Technology Watch on OpenStack IPAM/FWaaS/LBaaS integration
• Competitive intelligence on DDI, Firewalls and Loadbalancer
• Technical Workshop animation
• Architecture proposals
• Partners and suppliers relationship

Technologies

• OpenStack: Neutron, LBaaS, FWaaS, Pluggable IPAM
• Network: IPAM, DNS, Firewall orchestration (Tufin), Loadbalancer (F5)

Validation of the OpenStack environment and internal developments

• Validation of the Kilo update
• Validation of puppet deployment
• Installation of the integration environment
• Configuration of the Pulse Connect VPN

Technologies

• OpenStack (Kilo): Nova, Neutron, Keystone, Glance, Cinder, Heat, Ceilometer, Horizon, Postgresql, RabbitMQ, Lbaas, FWaas, DNSaaS
• Others: Pulse Connect Secure, Ubuntu 14.04, vSphere 5.5, Libvirt, Puppet, Nginx

Deployment of a NFV platform based on OpenStack

• Redaction of the architecture documentations
• Technical Referent on OpenStack
• Deployment of the platform
• Automation of the deployment
• Management of the bugs (Client / Partners)
• Security audit and answers to ANSSI recommandations

Technologies

• Red Hat OpenStack Platform 6 (Juno): Nova, Neutron, Keystone, Glance, Cinder, Ceilometer, Horizon, MariaDB, Galera, Pacemaker, RabbitMQ, HAProxy
• Hardware optimizations: PCI-Passthrough/SR-IOV/NUMA Zones
• Others: RHEL 7.1, Libvirt, UCS Manager, Netapp

OpenStack and SDN integration POC

• Redaction of the architecture documentations
• Technology Watch on OpenSource SDN controllers (OpenDayLight, FloodLight, Onos)
• Deployment of the SDN Architecture in a virtualized OpenStack Platform (Juno)

Technologies

• Red Hat OpenStack Platform 6 (Juno): Nova, Neutron, Keystone, Glance, Cinder, Horizon
• Network: OpenDayLight, Mininet
• Others: RHEL 7, VMware

Deployment of a Mobile VPN solution based on Opencloud Rhino

• Automation and industrialization of the platform deployment. (Creation of a SVN repository, Definition of the deployment methodologies, Deployement of the integration, testing and production platform
• Benchmark the solution (Creation of the bench tools, Benchmark, Proposition on the platform evolution

Technologies

• Others: RHEL 6, OpenCloud Rhino, JMeter, SOAPUi, Testlink, Postgres, SVN, TCAP, SIP

Multi-Master, Highly resilient LDAP infrastructure for Telcos

• Build of the test strategy (test plans redaction, execution, automation)
• Deployment of the Data Recovery Platform
• Internal and External technical referent on the platform
• Redaction of commercial proposals
• Redaction of Architectural documentations
• Level 3 support referent
• Management of the deployment and Regular Service Check

Technologies

• Solaris 10, Multi Master LDAP DSEE, SOAP/REST Webservices, Apache, Data Recovery Plan, Perl, Php, Bash, MySQL, Cacti