22.10.2025 aktualisiert
verifiziert
Premiumkunde
nicht verfügbarDevOps Engineer, Cloud Operation Engineer, Infrastructure Engineer
Hamburg, Deutschland M. Sc. IT Management & Consulting
Skills
DevOps, containerization, cloud computing, cloud, Docker/Podman/CRI-O, Kubernetes, Openshift, AWS, Azure, VMWare Tanzu, Openstack, Terraform, Terragrunt, Golang, Prometheus, ElasticSearch/Kibana, FluentBit, FileBeat, Opensearch, MongoDB, MinIO, Keycloak, PostgreSQL (Crunchydata), Gitlab CI, Github Actions, Git, Linux, Python, Perl, Puppet, Ansible, Jenkins, Bash / Perl
Sprachen
DeutschMutterspracheEnglischverhandlungssicher
Projekthistorie
After a PoC phase, the Kubernetes operating environment was supposed to be reconsidered and, based on the learnings, redesigned and migrated into ongoing operations.
- Reworking the Kubernetes installation on bare metal using Ansible and k3s
- Preparing Kubernetes operations for virtualized operation within OpenStack using the Cluster API
- Establishing of GitOps deployment structure based on ArgoCD
- Implementing GDPR-compliant logging based on the ELK Stack (Fluent Bit and Opensearch)
- Implementing a metrics and alerting stack for Kubernetes, OpenStack, and Nova instances
- Implementing IDP and access management based on Microsoft AD, Keycloak, and OpenID Connect for OpenStack, Kubernetes, and web endpoints
- Revision of secret management with HashiCorp Vault
- Operating and further developing OpenStack and Ceph
- Supporting DevOps and development teams with application migration and adaptation
- Establishment of change/update management processes
- Development of CI/CD templates and migration of existing repositories
- Establishment of best practices for the development of operational components (linting, pre-commit, etc.)
Openstack, Terraform/OpenTofu, Terragrunt, Cluster API, Kubernetes (Cluster-API and k3s), ArgoCD, Helm, Grafana, Prometheus/Alertmanager, FluentBit, Opensearch, Ceph, Keycloak, Microsoft Teams, Gitlab, Microsoft AD, Sealed Secrets, GoLang, Ansible
The existing Kubernetes operation within a data center had to be expanded to meet the requirements of the C5 certification. This included redundant operation through the use of multiple data centers, the replication of storage solutions, extended audit logging, hardening of infrastructure and applications, and the establishment of appropriate fail-over processes.
- Implementing up an additional storage solution using MinIO including site replication
- Implementing up an SSO solution to secure all web applications (Teleport and Keycloak)
- Implementing up cross datacenter database replication (Postgres)
- Expanding monitoring/logging solution to support datacenter and cross-datacenter scope
- Supporting departments in modifying products to support fail-over processes
The core tasks consisted of setting up Kubernetes operating environments including the associated software/process landscape and supporting various departments in integrating their products into the newly created clusters. Their applications (including all dependencies such as persistence or connection to third-party systems) were integrated and the teams have been trained in how to use them:
- Supporting various departments in the transition of their products to a managed Kubernetes environment
- Standardization of Kubernetes creation and operation in Openstack
- Introduction of up-to-date logging and monitoring
- Introduction of Kubernetes deployments based on GitOps
- Introduction of Postgres Operator (CrunchyData) for operating Postgres in Kubernetes
- Implementing a multi-department change management
- Assistance and training of existing development teams in devops structures and independent operation in kubernetes