Foggy Cloud Architect2018 - 2019Virgin Australia
Technologies: Amazon Web Services (AWS), Ansible, SonarQube, Unix, Node.js, Java, Kubernetes, Containers, Windows, AWS, VMware
- Chose Node.js to the primary language choice for cloud architected services.
- Built a cloud-agnostic starter kit (Github.com/sotekton/agnostic) enabling 100% code coverage and a 250% increase in development speed.
- Enabled zero-impact deployments via a microservice-optimized internal and external service backward compatibility.
- Upgraded the system to a more container-aware security type of technology.
- Ensured PII and PCI compliance against practices.
- Developed secure containers via a just-enough-operating system (JeOS) for development and production environments.
- Implemented centralized logging via the establishment of a common log format.
- Established autonomic environments for developers and continuous integration and production lines via Nix.
- Implemented Kubernetes as an orchestrator.
- Reduced cluster operating costs by 20% and container image download time by 90% via a graph-based popularity contest for Nix container layers.
Foggy Cloud Architect2018 - 2019Cyvive
Technologies: Amazon Web Services (AWS), Nomad, Consul, HashiCorp, VMware, Alpine Linux, Go, Node.js, GRAPH, Governance, Continuous Delivery (CD), Metal, Google Cloud Platform (GCP), AWS, Unix, Kubernetes
- Managed microservice dependency so that any part of an organization dependency tree could be extracted and developed against in development (private or shared).
- Implemented a just-enough-Linux (JeOS) approach for a host operating system via LinuxKit.
- Isolated Kubernetes and system workloads against degradation through Built microservices to be able to move between geographically dispersed data centers seamlessly.
- Worked on security enhancements such as removal of TTY and SSH removed from modes as it was unnecessary in IaaC, KataContainers for VM Isolation, and transparent node to node encryption so that developers could safely use HTTP for microservices.
- Implemented multi-cluster and namespace networking isolation with automatic healing and resizing of the control plane.
- Implemented shadow traffic replication for production-like environments following the process from production to its resulting performance. This enabled defect detection prior to a true production release.
- Provided on-demand AZ or instance-type upgrade options; companies also chose when to upgrade their cloud while enabling one human operator per cloud for unlimited clusters.
- Constructed an infrastructure on demand for all environments (namespaces) as a per-hour-billing solution.
Foggy Cloud Architect2017 - 2018Max Gaming (Tatts Australia)
Technologies: Amazon Web Services (AWS), Istio, Go, MongoDB, Google Cloud Platform (GCP), AWS, Linux, Terraform, Kubernetes, Node.js
- Built disposable developer environments on-demand with sample data and microservice dependency management via Cyvive.
- Uplifted to container-aware security technology.
- Conducted education sessions where we deep dove into Kubernetes and containerization vulnerabilities and how to secure them.
- Replaced HashiCorp Vault with GitOps friendly secret encryption for public repositories via a provider key management system.
- Handled a hybrid multi-cloud implementation of Kubernetes spanning multiple on-premises data centers and AWS regions. As disaster recovery and business continuity were a critical concern of Max Gaming, it was necessary to prove applications are capable of continued operation despite cloud provider or region failure.
- Lessened in-cluster data redundancy with S3 incremental synchronization.
- Implemented IaaC via Terraform controlled provision for AWS and GCP with all security hardening, networking, and network optimizations enabled.
- Replaced Istio with Cilium, a more secure IPv6 compatible hybrid-cloud alternative.
Foggy Cloud Architect2017 - 2017Cook Medical
Technologies: Amazon Web Services (AWS), Consul, Kubernetes, Metal, AWS, Google Cloud Platform (GCP), Azure
- Fulfilled the needs of globally distributed manufacturing facilities (which were operating on various clouds) by transparently stitching them together—ensuring microservice reallocation and service discovery.
- Chose and integrated HashiCrop's Consul along with technology from eBay which ensured a global datacenter-aware service discovery approach with dynamic bridging tunnels automatically established between Kubernetes clusters.
Foggy Cloud Architect2017 - 2017Flight Centre
Technologies: Amazon Web Services (AWS), JBoss Infinispan, Go, Linux, Bash, Kubernetes, AWS, Java
- Developed stateful services that were available in-cluster 12 months ahead of any kind of official Kubernetes support.
- Established disposable developer environments on-demand with sample data and microservice-dependency management via Cyvive.
- Upgraded to more container-aware security technology type.
- Approved CoreOS as a suitable container host operating system.
- Implemented GitOps friendly secret encryption for public repositories via a provider key management System.
- Created an SM, PCI, & PII compliance-directed design, enabling a reduction in external audit frequency.
- Installed clusters and all applications started within 60 minutes, enabling for the first time a fixed cost for disaster recovery.
- Implemented IaaC via a Terraform controlled provision for AWS and GCP with all security hardening, networking, and network optimizations enabled.
- Pioneered the concept of production and everything else via namespace isolation which reduced the infrastructure operating costs by 50% without sacrificing security or compliance.
Foggy Cloud Architect2016 - 2016Vodafone Hutchinson, ING Direct, and National Australia Bank
Technologies: Amazon Web Services (AWS), AWS, Metal
- Implemented operating system and application level automation without rooting mobile devices.
- Integrated CI/CD with existing toolsets.
- Incorporated co-located data-centers with the telecommunication equipment and bank-level security.
- Implemented VPN capabilities as required on mobile devices.
- Constructed on-demand tunnels between the cloud providers and a device data center.
Foggy Cloud Architect2014 - 2016Containerized WordPress Hosting
Technologies: Amazon Web Services (AWS), GlusterFS, Consul, MySQL, SQLite, PHP, WordPress, Kubernetes, Linux, AWS, Metal, Docker
- Rearchitected WordPress from its legacy status to be 12-factor compliant—enabling native container adoption and the core performance necessary to run as the platforms scale.
- Automated the detection of real users vs spambots for registration, which increased the business value of clients websites and reduced overhead costs of contacting many false users.
- Prevented zero-day exploits—which are frequent and of strong concern in WordPress—by having a fully automatic daily production release testing and deployment system for all client websites so that the client brand's reputation was maintained.
- Secure websites against hacking, including actively attacked client websites.
- Advocated early on for the adoption of containerization, entire infrastructure from CI to CD-used containers.
- Empowered individual websites on the cluster to be able to handle 1 billion hits per month without caching; the most complex running up to 160,000 lines of PHP code on 512 MB servers.