Kubernetes and I
Since 90’s I have worked with production level Linux and opensource systems. I have worked with many virtualization technologies, all major Linux variants and open source systems high availability clustering, cluster filesystems, security, network and many more. I’m infrastructure and security specialist, not application developer but I have also developed many infrastructure related tools (e.g. Bash, Expect, Python, Go etc.).
In my project 2018 – 2020 I made whole transformation from old VM based monolithic infrastructure to new K8s DevOps CI/CD container infrastructure. I personally designed the whole new architecture, at that time that company did not have any other infra resources than me.
I was also CIO, so I had invite tenders for new service provider, created selection criteria, selected service provider and negotiated all service and SLA agreements with them. After that I started to create new automated infrastructure as code to Vmware private cloud. I created multiple K8s clusters, also K8s high availability versions and automated all installations with Terraform and Ansible. I created production container Pods K8s yaml files and designed K8s storage solutions.
I created DevOps pipeline between GitHub and K8s with Argo CD, but I also tested Jenkins CI/CD. Instead of having K8s integrated CI with Jenkins I chose external cloud CI service. After having all DevOps components in place I created K8s monitoring systems with Prometheus, Alertmanager, Grafana and Nagios. In March 2020 I was responsible person in datacenter switchover project where customer production systems were transferred to new datacenter.
After switchover I was administering all K8s clusters, I deployed and tested external Ceph storage and K8s internal Rook Ceph storage and designed advaced Pod yaml configurations. I tested Helm charts, StorageOS, Rancher Labs tools, Aqua Security K8s tools and many more. I automated system installation (droplet) to Digitalocean cloud with Ansible.
I did K8s docker, Kubelet and kernel parameter tuning and I have deep understanding of different K8s runtime options, advanced configuration and security. I created custom made Haproxy K8s container for my client for finnish goverment healthcare professional client certificate authentication, created Fluentd Pod logs collection solution, ssh 2fa solutions for tunneling Dashboards from K8s and many more. I created custom gpg solution for delivering secrets and configmaps to K8s.
I automated installation of every K8s component I mentioned in this article with Ansible: in 30 minutes you could have fully operational production cluster with every K8s component and configuration in place.
I’m interested about infrastructure, Kubernetes, DevOps, container etc. projects, so please don’t hesitate to contact me 🙂 For more information, please checkout my LinkedIn profile. You can read my articles about Kubernetes from my blog