Development of GitLab CI/CD components to establish a unified standard and a reusable, “ready-to-use” library;
Use of Packer, OpenTofu, and Ansible to automate the creation and provisioning of virtual machines on demand within minutes;
Architecture and automated deployment of an Azure Landing Zone using OpenTofu, ensuring best practices, centralised governance, and global security for all deployed resources;
Migration from RHEL 8 and RKE2 to Talos Linux and Cluster API for our next-generation Kubernetes clusters, based on a Cloud and On-Premises immutable infrastructure;
100% “as code” deployment using Argo CD and Kargo, leveraging a GitOps approach and full application lifecycle management;
Encryption of communications using Istio Ambient and network filtering with Cilium to reduce the attack surface and implement a Zero Trust architecture;
Implementation of a unified and proactive observability stack with Prometheus, Mimir, Loki, Tempo, and Grafana (LGTM stack);
Delivery of internal training sessions;
Organisation of DevSecOps sharing sessions and demonstrations to promote internal tools and services to IT teams.
Setting up a Landing Zone with Terraform in AWS and Google Cloud;
Creation of virtual machine images with Packer and Ansible to aim creating an immutable infrastructure;
Configuration of a CI/CD in GitLab CI to check the code syntax with Tflint and various security flaws with Checkov, and finally to deploy all the components of the Landing Zone;
Implementation of Cloud security best practices to prevent data exfiltration and reduce the potential attack surface;
Monitoring management with Prometheus, Grafana and Dynatrace;
Retrieving logs with ELK;
Creation of GKE clusters and deployment of Helm charts with Argo CD;
Setting up the security part of Kubernetes clusters (e.g Network Policy, Security Context);
blog.filador.ch is my personal and technical blog aiming to share knowledge through my daily technology watch. Blog posts are currently in French and English and I manage the infrastructure by myself.