Foggy Cloud Architect
2018 - 2019Virgin Australia- Chose Node.js to the primary language choice for cloud architected services.
- Built a cloud-agnostic starter kit (Github.com/sotekton/agnostic) enabling 100% code coverage and a 250% increase in development speed.
- Enabled zero-impact deployments via a microservice-optimized internal and external service backward compatibility.
- Upgraded the system to a more container-aware security type of technology.
- Ensured PII and PCI compliance against practices.
- Developed secure containers via a just-enough-operating system (JeOS) for development and production environments.
- Implemented centralized logging via the establishment of a common log format.
- Established autonomic environments for developers and continuous integration and production lines via Nix.
- Implemented Kubernetes as an orchestrator.
- Reduced cluster operating costs by 20% and container image download time by 90% via a graph-based popularity contest for Nix container layers.
Technologies: VMWare, AWS, Windows Containers, Kubernetes, Java, Node.js, Nix, SonarQube, AnsibleFoggy Cloud Architect
2018 - 2019Cyvive- Managed microservice dependency so that any part of an organization dependency tree could be extracted and developed against in development (private or shared).
- Implemented a just-enough-Linux (JeOS) approach for a host operating system via LinuxKit.
- Isolated the Kubernetes and system workloads.
- Removed TTY and SSH removed from modes as it was unnecessary in IaaC.
- Used KataContainers for VM Isolation capabilities between containers.
- Implemented multi-cluster and namespace networking isolation.
- Migrated from transparent node to node encryption so that developers could safely use HTTP for microservices.
- Enforced policy that without a mesh network, fallback to (legacy) ISTIO would be supported.
- Implemented shadow traffic replication for production-like environments following the process from production to its resulting performance. This enabled defect detection prior to a true production release.
- Provided on-demand AZ or instance-type upgrade options; companies also chose when to upgrade their cloud.
- Handled the automatic healing and resizing of the control plane.
- Performed ETCD persistence and recovery.
- Constructed an infrastructure on demand for all environments (namespaces) as a per-hour-billing solution.
- Developed multiple Kubernetes clusters in a way so that it could be managed by one person per cloud provider.
- Built microservices to be able to move between geographically dispersed data centers seamlessly.
Technologies: LinuxKit, Kubernetes, Nix, AWS, GCP, Bare Metal, CSI, CNI, Continuous Delivery, Governance, Prioritized Graph, Node.js, Go, LFS, Alpine, VMWare, KataContainers, Zero Trust, HashiCorp, Consul, NomadFoggy Cloud Architect
2017 - 2018Max Gaming (Tatts Australia)- Built disposable developer environments on-demand with sample data and microservice dependency management via Cyvive.
- Uplifted to container-aware security technology.
- Conducted education sessions where we deep dove into Kubernetes and containerization vulnerabilities and how to secure them.
- Replaced HashiCorp Vault with GitOps friendly secret encryption for public repositories via a provider key management system.
- Handled a hybrid multi-cloud implementation of Kubernetes spanning multiple on-premises data centers and AWS regions. As disaster recovery and business continuity were a critical concern of Max Gaming, it was necessary to prove applications are capable of continued operation despite cloud provider or region failure.
- Lessened in-cluster data redundancy with S3 incremental synchronization.
- Implemented IaaC via Terraform controlled provision for AWS and GCP with all security hardening, networking, and network optimizations enabled.
- Replaced Istio with Cilium, a more secure IPv6 compatible hybrid-cloud alternative.
Technologies: Node.js, Kubernetes, CNI, CSI, Terraform, Linux (All), LinuxKit, AWS, GCP, MongoDB, Go, Cyvive, Istio, CiliumFoggy Cloud Architect
2017 - 2017Cook Medical- Fulfilled the needs of globally distributed manufacturing facilities (which were operating on various clouds) by transparently stitching them together—ensuring microservice reallocation and service discovery.
- Chose and integrated HashiCrop's Consul along with technology from eBay which ensured a global datacenter-aware service discovery approach with dynamic bridging tunnels automatically established between Kubernetes clusters.
Technologies: Azure, GCP, AWS, Bare Metal, Kubernetes, ConsulFoggy Cloud Architect
2017 - 2017Flight Centre- Developed stateful services that were available in-cluster 12 months ahead of any kind of official Kubernetes support.
- Established disposable developer environments on-demand with sample data and microservice-dependency management via Cyvive.
- Upgraded to more container-aware security technology type.
- Approved CoreOS as a suitable container host operating system.
- Implemented GitOps friendly secret encryption for public repositories via a provider key management System.
- Created an SM, PCI, & PII compliance-directed design, enabling a reduction in external audit frequency.
- Installed clusters and all applications started within 60 minutes, enabling for the first time a fixed cost for disaster recovery.
- Implemented IaaC via a Terraform controlled provision for AWS & GCP with all security hardening, networking, and network optimizations enabled.
- Pioneered the concept of production and everything else via namespace isolation which reduced the infrastructure operating costs by 50% without sacrificing security or compliance.
Technologies: Java, AWS, Kubernetes, Bash, Linux (All), Go, InfinispanFoggy Cloud Architect
2016 - 2016Vodafone Hutchinson, ING Direct, and National Australia Bank- Implemented operating system and application level automation without rooting mobile devices.
- Integrated CI/CD with existing toolsets.
- Incorporated co-located data-centers with the telecommunication equipment and bank-level security.
- Implemented VPN capabilities as required on mobile devices.
- Constructed on-demand tunnels between the cloud providers and a device data center.
Technologies: Bare Metal, AWSFoggy Cloud Architect
2014 - 2016Containerized WordPress Hosting- Rearchitected WordPress from its legacy status to be 12-factor compliant—enabling native container adoption and the core performance necessary to run as the platforms scale.
- Automated the detection of real users vs spambots for registration, which increased the business value of clients websites and reduced overhead costs of contacting many false users.
- Prevented zero-day exploits—which are frequent and of strong concern in WordPress—by having a fully automatic daily production release testing and deployment system for all client websites so that the client brand's reputation was maintained.
- Secure websites against hacking, including actively attacked client websites.
- Advocated early on for the adoption of containerization, entire infrastructure from CI to CD-used containers.
- Empowered individual websites on the cluster to be able to handle 1 billion hits per month without caching; the most complex running up to 160,000 lines of PHP code on 512 MB servers.
Technologies: Docker, Bare Metal, AWS, Linux (All), Kubernetes, WordPress, PHP, SQLite, MySQL, Consul, GlusterFS
Keidrych Anton-Oates
Fog Computing Developer in Sydney, New South Wales, Australia
Member since May 20, 2019
Along with empowering organizations to optimize speed, scale, and margin via Foggy Cloud structures with zero impact to production systems, Keidrych’s worked in containerization since 2013. He's recently ranked in the top ten for containerization at TechCrunch USA 2018 due to his work: authoring Cyvive (an operational and governance platform for Kubernetes) and implementing an open-source microservice configuration language.
Keidrych is now available for hire
Portfolio
- Virgin AustraliaVMWare, AWS, Windows Containers, Kubernetes, Java, Node.js, Nix, SonarQube...
- CyviveLinuxKit, Kubernetes, Nix, AWS, GCP, Bare Metal, CSI, CNI...
- Max Gaming (Tatts Australia)Node.js, Kubernetes, CNI, CSI, Terraform, Linux (All), LinuxKit, AWS, GCP...
Experience
- Fog Computing 10 years
- IT Security 10 years
- JavaScript 10 years
- Serverless 5 years
- Node.js 5 years
- Containerd 2 years
Availability
Part-time
Preferred Environment
Linux, Vim, Nix, Cloud Providers
The most amazing...
...thing I’ve built was a universal microservice configuration language & enterprise platform for Kubernetes enabling the operational design of immutable change.
Employment
Experience
- Cyvive (Development)
Cloud-Native Computing Foundation (CNCF) in advanced implementations (enterprise) assumes that companies have well-established CI approaches following GitOps while requiring IaaC, CD, microservice governance, and Kubernetes to operate as a data-center replacement.
Cyvive enables microservice governance and CD to be implemented in any Kubernetes installation or to upgrade and optimize cloud providers to enable Kubernetes as a data-center replacement. - Sotekton: Agnostic Development (Development)https://github.com/sotekton/agnostic
Cloud-Native Computing Foundation (CNCF) lays a path for the architecture provided and is supported by graduate projects such as Kubernetes.
Developing software that conforms to these architecture best principles, and leverages the advantage of the entire supporting ecosystem is challenging using the usual development approaches, i.e., broadcast and multicast are unavailable.
Agnostic outlines a raw minimal starting point following best practices to maintain backward compatibility with external and internal microservices while ensuring microservices behave like good citizens in CNCF environments. - Anonymous User Tracking Over Multiple Devices and Multichannel Attribution (Other amazing things)
Anonymous users visit websites every day, yet companies are forced to present non-personalized content to them. I developed a machine learning approach to track and identify anonymous users against demographics identifying the same user (with a high degree of confidence) on multiple devices and from any of the attribution channels.
The system was self-validating using the feedback of converted users to validate and correct the machine learning models daily. - Foggy Ubiquity's Language (Development)http://www.foggyubiquity.com/language/index.html
Microservice dependency, configuration, and secret management were nonexistent at the time; a few isolated approaches existed but nothing with permanence.
Partnering with three universities and 35 industry publications, I created and open-sourced a universal microservice language using machine learning. - Containizen (Development)https://hub.docker.com/r/foggyubiquity/containizen
These are maximum security minimal footprint base image/language containers.
It has over 500,000 downloads from February to May 2020, Currently, it is the most secure, CI/CD compatible and update optimized base container available. - Automated Registration DDoS Protection (Other amazing things)
This is a machine registration endpoint with no prior traffic should automatically register new machine users while being able to resist port scanning and DDoS attacks while maintaining cost by not triggering auto-scale events for false traffic.
Skills
Languages
JavaScript, S, Java, Golang, Nim, PHP, PythonFrameworks
Express.js, FastifyLibraries/APIs
Node.js, API Development, Jenkins Pipeline, TerragruntTools
Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), php-fpm, AWS ECR, Amazon EKS, Terraform, Helm, GitHub, Hashistack, HashiCorp, GitLab CI/CD, Jenkins, AWS CloudFormation, AWS CLI, Logging, Nginx, ELK (Elastic Stack), VMware, Apache Tomcat, SaltStack, Ansible, Travis CI, AWS CloudTrail, AWS CloudWatch, RabbitMQ, AWS IAM, CodeshipParadigms
DevOps, Azure DevOps, Agile, Microservices, Microservices Architecture, Continuous Integration (CI), Continuous Development (CD), Continuous Delivery (CD), Serverless Architecture, API ArchitecturePlatforms
Kubernetes, Cloud Native, WordPress, Docker, Linux, Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Linux RHEL/CentOS, Red Hat Linux, Ubuntu Linux, XenIndustry Expertise
IT SecurityStorage
Redis, Google Cloud SQL, MySQL Clustering, MongoDB, Alibaba Cloud, SQLite, ArangoDB, AWS S3, Google Cloud Storage, AWS RDS, PostgreSQL, CockroachDB, GlusterFS, ElasticsearchOther
CNCF, Zero Trust, Network Security Monitoring, Cilium, CNCF Security, Elastic Load Balancers, Google Cloud Build, LinuxKit, Containerization, Container Orchestration, Secure Containers, Google Container Engine, AWS DevOps, Code Coverage, Cloud Storage, Data Management, Content Delivery Networks (CDN), Domain Name System (DNS), Containerd, RESTful Microservices, Cloud Microservices, Consul, Fog Computing, Data Architecture, Code Architecture, NixOS, Content Management Systems (CMS), Build Pipelines, Operations, High Availability, Clustering, Secure Architecture, Kata Containers, Amazon Route 53, Caching, Software Development, Containers, spiff / spire, Open Policy Agent, Pomerium, Kubernetes Operations (Kops), Artificial Intelligence (AI), Network Stack, High Availability Disaster Recovery (HADR), Business Continuity & Disaster Recovery (BCDR), Virtual Machines, Serverless, Prometheus, System Administration
Education
- ATM-G & CL in Public Speaking & Leadership2000 - 2006Toastmasters International - Colorado, USA
- Bachelors of Engineering (Infomechatronics) in Mechanical, Electrical & Information Technology Engineering2000 - 2003Queensland Institute of Technology (QUT) - Brisbane, Australia
- Advanced Placement Scholar in Biology1999 - 1999Princeton University - New Jersey, USA
