image
IoannisGk
Building Reliable HA Kubernetes Clusters | [email protected]

Ioannis Gkourtzounis

Ioannis Gkourtzounis has a High First Degree in Computing (BSc) and holds two ISTQB® certifications, he is a Certified Jenkins Engineer (CJE), a Certified Kubernetes Application Developer (CKAD), a Kubernetes Administrator (CKA), and a Kubernetes Security Specialist (CKS).

After the DevOps World in Lisbon 2019, Ioannis focused exclusively in Continuous Integration, Continuous Delivery, Cloud Native technologies and especially Kubernetes. During the last years, he was a key member in various CI/CD and Kubernetes related DevOps projects, where Security was always a first class citizen.

Download CV LinkedIn Profile

What I Do

Build HA Kubernetes clusters

Build and manage reliable Highly Available Kubernetes clusters: a management cluster handles application deployments and provides monitoring and alerting of other Kubernetes clusters, that act as isolated environments. Setup HA Control Plane nodes with HAProxy and keepalived. Explore HA topologies and utilize Kube-vip in a stacked ETCD cluster. Create a step by step plan for disaster recovery.

Implement CI/CD pipelines

Install and configure Argo CD to apply GitOps principles. Describe and configure environments in one or multiple Kubernetes clusters. Use automation pipelines to reset these environments and revert them to their initial state. Create automated pipelines that build applications and deploy them to different environments, by updating the Git repository that defines the desired state of the clusters.

Deploy essentials to Kubernetes

Create automation scripts that configure GitOps with Argo CD. Use NFS shares for Pod storage with dynamic NFS Provisioner, and Vault for secure secrets management in the cluster. Deploy Harbor Registry and sign container images with Cosign. Setup Jenkins with dynamic Agents for cluster optimized CI/CD pipelines. Get cluster metrics with Prometheus and display them in Grafana dashboards.

Security in all stages of the SDLC

Make sure that all new images pass the security assessments in the Build pipelines. Deploy only signed images and perform automated vulnerability scans with Trivy on all container images. Install and configure Falco for security monitoring of containers at runtime. Use Wazuh to get CIS benchmark results on hosts with Ubuntu and RHEL OS, and perform mitigation actions.

My Certifications

Certified Kubernetes Security Specialist
Certified Kubernetes Administrator
Certified Kubernetes Application Developer
Certified Jenkins Engineer
AWS Certified Cloud Practitioner
Professional Scrum Master PSM-I
ISTQB Foundation Level Agile Tester Extension
ISTQB Foundation Level Certificate in Software Testing