Description

I’m passionate about the cloud-native ecosystem and have developed a strong background in Kubernetes, CI/CD, and Cloud over the years. My daily work involves helping projects establish best practices across their organization and accelerate delivery.

An open-source lover, creator of 𝐡𝐞𝐥𝐦-𝐚𝐝𝐨𝐩𝐭 and 𝐡𝐞𝐥𝐦-𝐯𝐚𝐥 helm plugins, I love to simplify users daily jobs.

Domaines d’expertise

Langues

Anglais
Bilingue ou natif
Français
Bilingue ou natif

Préférences en matière de lieu de travail

Accepte de travailler sur site

Paris (jusqu’à 15 km)

BNPPARIBAS CIB
DevOps Engineer, Expert kubernetes
BANQUE & ASSURANCES
novembre 2024 - Aujourd'hui (1 an et 7 mois)
Montreuil, France
𝐏𝐫𝐨𝐣𝐞𝐜𝐭: Design and administration of Controlplane as Service Platform

Designed and architected an on-premise Controlplane as service platform
Provisioning of on-premise infrastructure (VMs et LB) with terraform
Deployed and configured the management cluster
Deployed tenant control planes in the management cluster using Kamaji
Implemented tenant etcd clusters via custom Helm charts
Implemented tenant isolation (using netpol, GlobalNetworkPolicy)
Enforced environment segregation through RBAC
Implementation of authentication using Pinniped
Developed a custom Kubernetes controller for automated NodePort allocation
Built an API server proxy to manage communication between the management cluster and tenant clusters
Implemented advanced traffic routing with Gateway API and kgateway
Developed custom Helm charts for platform components
Designed a GitOps approach for kubernetes addons deployments
Implemented CI workflows using Argo Workflows
Deployed monitoring stack (Prometheus, Grafana)
Deployed logging stack ( vector, Loki)
Automated tenant deprovisioning with Kyverno
Established automated security enforcement and best practice governance in tenant clusters through kyverno policies
Upgrading client Kubernetes clusters
Implemented cluster backup and recovery strategy with Velero
Deployed Sealed Secrets for secure secret encryption
Integrated of NetApp Trident for persistent storage
Deployed cert-manager for automated certificate management
Writing documentation and user guides
Providing client support

𝑻𝒆𝒄𝒉𝒏𝒊𝒄𝒂𝒍 𝒔𝒕𝒂𝒄𝒌:
Kubernetes(1.32/1.33), kubeadm, terraform, kamaji, helm, ansible, ansible tower, fluxCD, artifactory, calico, containerd, argoWorkflow, argoEvents, Go, openstack, bitbucket, kyverno, velero, etcd, gatewayAPI, vector, Loki
BNP Paribas CIB
DevOps Engineer, Expert kubernetes
BANQUE & ASSURANCES
janvier 2023 - Aujourd'hui (3 ans et 5 mois)
Montreuil, France
𝐏𝐫𝐨𝐣𝐞𝐜𝐭: Administration of a multi-region CaaS platform

Deployed and administered multi-region on-premise Kubernetes clusters
Implementation of authentication using Pinniped
Established automated security enforcement and best practice governance using kyverno/gatekeeper
Designed a GitOps approach for kubernetes addons deployments
Developed custom Helm charts
Implemented CI workflows using Argo Workflows
Deployed monitoring stack (Prometheus, Grafana)
Implementing of logging operator to send logs to kafka
Deployed and configured NGINX Ingress Controller
Enforced environment segregation through RBAC
Developed a custom Kubernetes controller for automated node auto-remediation
Upgrading client Kubernetes clusters
Implemented cluster backup and recovery strategy with Velero
Deployed Sealed Secrets for secure secret encryption
Integrated of NetApp Trident for persistent storage
Deployed cert-manager for automated certificate management
Writing documentation and user guides
Providing client support

𝑻𝒆𝒄𝒉𝒏𝒊𝒄𝒂𝒍 𝒔𝒕𝒂𝒄𝒌:
Kubernetes(1.22/1.24/1.29/1.30), kubeadm, helm, ansible, ansible tower, fluxCD, artifactory, calico, containerd, argoWorkflow, argoEvents, golang, openstack, bitbucket, kyverno, gatekeeper, velero, etcd, nginx controller, logging operator
Crédit Agricole Group Infrastructure Platform
DevOps Engineer, Expert kubernetes
mars 2022 - décembre 2022 (9 mois)
Paris, France
𝐏𝐫𝐨𝐣𝐞𝐜𝐭: Managed kubernative CaaS platform
Deployment and administration of a new managed kubernative platform offer (managed control plane) on Openstack
Enforcing best practices and securing Kubernetes cluster using kyverno
Implementation of a secure Inter-cluster communication through skupper.io
Define and design a GitOps approach to deploy Kubernetes addons in the workload cluster
Develop Helm charts for Kubernetes addons
Develop a Kubernetes controller to dynamically update kyverno admission webhooks
Update and maintain a bunch of custom kubernetes Operators
Upgrade customers Kubernetes clusters
Customers support
Write Documentation
𝑻𝒆𝒄𝒉𝒏𝒊𝒄𝒂𝒍 𝒔𝒕𝒂𝒄𝒌: Kubernetes(1.19/1.21), Ansible, Helm, Go, Openstack, FluxCD, ArgoCD, Kyverno, skupper, nginx Ingress Controller, calico, containerd, etcd
Ansible Helm Golang FluxCD Argo CD Kyverno skupper.io Openstack