Development of GitLab CI/CD components to establish a unified standard and a reusable, “ready-to-use” library;
Use of Packer, OpenTofu, and Ansible to automate the creation and provisioning of virtual machines on demand within minutes;
Architecture and automated deployment of an Azure Landing Zone using OpenTofu, ensuring best practices, centralised governance, and global security for all deployed resources;
Migration from RHEL 8 and RKE2 to Talos Linux and Cluster API for our next-generation Kubernetes clusters, based on a Cloud and On-Premises immutable infrastructure;
100% “as code” deployment using Argo CD and Kargo, leveraging a GitOps approach and full application lifecycle management;
Encryption of communications using Istio Ambient and network filtering with Cilium to reduce the attack surface and implement a Zero Trust architecture;
Implementation of a unified and proactive observability stack with Prometheus, Mimir, Loki, Tempo, and Grafana (LGTM stack);
Delivery of internal training sessions;
Organisation of DevSecOps sharing sessions and demonstrations to promote internal tools and services to IT teams.
Setting up a Landing Zone with Terraform in AWS and Google Cloud;
Creation of virtual machine images with Packer and Ansible to aim creating an immutable infrastructure;
Configuration of a CI/CD in GitLab CI to check the code syntax with Tflint and various security flaws with Checkov, and finally to deploy all the components of the Landing Zone;
Implementation of Cloud security best practices to prevent data exfiltration and reduce the potential attack surface;
Monitoring management with Prometheus, Grafana and Dynatrace;
Retrieving logs with ELK;
Creation of GKE clusters and deployment of Helm charts with Argo CD;
Setting up the security part of Kubernetes clusters (e.g Network Policy, Security Context);
Implementation of continuous integration and deployment pipelines, preparation for application containerisation in AWS Fargate with Kaniko and finally, migration to the internal offer in AWS for the SNCF assistant;
Setting up the infrastructure-as-code in Azure, aiming high availability and securing the platform for healthcare sector;
Providing a tool to deploy different environments with Terraform and Ansible for Canal+’s IT team.
If you’d like to know more about me, feel free to check out my LinkedIn profile.
blog.filador.ch is my personal and technical blog aiming to share knowledge through my daily technology watch. Blog posts are currently in French and English and I manage the infrastructure by myself.
