IT Consultant / Software Architecture / Dev-Ops / Development / Cloud / Monitoring

Platform Engineer working with a team of SRE’s in the DataBase as a Service ( DBaaS ) team. All essential activities required for preparation for a PCI-DSS Readiness Audit – i.e. reviewing and and updating the current Dev / Test / Prod MariaDB based DBaaS clusters consisting of many instances of the current MariaDB DBMS stack : ProxySQL + Orchestrator + MariaDB currently deployed on-prem as well as in Azure as well as MultiCloud scenarios.

Typical activities involved reviewing Automation scripts in ( Terraform / Ansible / Python / Go-Lang / Bash ) and associated Documentation for environment setup / maintenance / operations activities / etc as well as patching of systems at different levels such as kernel patching of on-prem as well as cloud based VM’s and patch upgrading MariaDB Live cluster instances to known approved versions based on known CVE’s in preparation for the PCI-DSS Audit and also updating associated certificates in Venafi for VM’s and DB cluster nodes, etc.

Also reviewing backup and restore strategies and scripts for on-prem as well as cloud and multi cloud based MariaDB clusters as well as troubleshooting and stabilising RDBMS clusters if and when needed.

Analysis of application stack SxS Computer Vision - a realtime vision capture and event detection system based on EDGE / IoT design principles.

Adaptation and migration to a new high performance horizontally scalable distributed systems concept.

Proof of concepts were developed with Docker Swarm and Kubernetes K3S and demonstrated in a series of workshops highlighting pros and cons of each technology set and highlighting key concepts :

- Fault Tolerance / Horizontal Scaling / Fail-Over

- relevant tooling stacks ( Terraform / Ansible / Pulumi )

- diverse target environment support ( AWS / Azure / Bare Metal / Nutanix / HyperV ).

Design / Implementation of a PoC with K3S cluster ( Terraform / Ansible / Helm etc ).

Automation PoC with local envs ( VMWare x86 VM’s, Canonical MultiPass/QEMU ARM ), remote systems ( VMWare ESX, Azure Cloud )

Design / Implementation of the monitoring stack for the Kubernetes sub-system including the application stack components utilising TICK Stack ( InfluxData ) customised for EDGE / IoT scenarios in K3S.

Workshops delivered include :

- Intro to Docker Swarm for Beginners ( with sample apps utilising REST API’s / GoLang / Python )

- Intro to Kubernetes for Beginners ( theory and practice of Kubernetes internals )

- Troubleshooting application components within Kubernetes & optimisation to minimise connectivity issues.

- Optimisation of K8S Failover scenarios when hardware nodes are removed from a K3S cluster / eg. appl. downtime from 5 mins to 20 secs.

I worked as a part of the Cloud Security / CISO team at Metro Group reviewing the existing BlackDuck Synopsis platform tools and database results to optimise and improve the automated code inspection by validating cases of false positives in the Terraform Cloud setup code against known CVE vulnerabilities with MITRE and NIST across all of Metro’s cloud platform projects.