πŸš€ DevOps Projects

Real-world infrastructure I’ve built and optimized β€” focusing on automation, cloud-native tooling, and secure, scalable design. These are just a few examples of the work I’ve done.

βš™οΈ EKS Provisioning with Terraform

🏒 The Pokémon Company

Provisioned and automated EKS clusters across environments using Terraform.

πŸ’‘ Highlights:

  • Built reusable Terraform modules for EKS provisioning
  • Automated multi-environment cluster creation (dev, staging, prod)
  • Managed worker node groups, OIDC provider, and autoscaling

🌟 Result: Reduced manual cluster setup time and improved standardization across environments

🚒 Migration to Amazon EKS

🏒 Cox Automotive

Modernized deployments from EC2 to Kubernetes, cutting costs and boosting agility.

πŸ’‘ Highlights:

  • Containerized apps with Docker
  • Built custom Helm charts for multi-env (dev/staging/prod)
  • GitLab CI pipeline: build β†’ push to ECR β†’ deploy via Helm
  • Configured NGINX Ingress + Route 53 DNS

🌟 Result: Saved ~$150K/year and reduced provisioning time by 28%

πŸ” CI/CD Automation at Scale

🏒 Cox Automotive

Designed flexible GitLab CI pipelines tailored to multiple branches and stages.

πŸ’‘ Highlights:

  • Dynamic pipelines per branch (main, staging, feature/*)
  • Helm templating for environment-specific values
  • Built-in quality gates: linting, testing, and approval

🌟 Result: Cut deployment time by 35% and reduced human errors by 30%

🐳 Containerization & Image Automation

🏒 Cox Automotive

Docker-first workflows with automated image building and publishing.

πŸ’‘ Highlights:

  • Created and optimized Dockerfiles for app containerization
  • Automated Docker image builds using GitLab CI pipelines
  • Stored images in AWS ECR with version tagging and cleanup

🌟 Result: Streamlined container lifecycle and improved CI efficiency

πŸ› οΈ Secure GitLab Runners in EKS

🏒 Cox Automotive

Self-hosted GitLab runners built with best-practice security in mind.

πŸ’‘ Highlights:

  • Deployed GitLab runners inside EKS
  • Integrated Kubernetes service accounts and IAM roles via IRSA
  • Enforced RBAC and isolated execution environments

🌟 Result: Improved pipeline performance and met internal security requirements

πŸ›‘οΈ Secure Infrastructure as Code

🏒 Cox Automotive & 🌟 Pokémon Company

Security-first Terraform modules for multi-cloud environments.

πŸ’‘ Highlights:

  • Provisioned MySQL, PostgreSQL, and DocumentDB with multi-AZ failover
  • Enabled detailed CloudWatch metrics and backups
  • Integrated Secrets Manager and CSI driver for runtime secret access

🌟 Result: Hardened infrastructure and improved audit/compliance readiness

πŸ“Š Observability Stack in Kubernetes

🏒 The Pokémon Company

Brought end-to-end observability into Kubernetes workloads.

πŸ’‘ Highlights:

  • Prometheus + Grafana for system & app metrics
  • EFK stack: Fluentd β†’ Elasticsearch β†’ Kibana
  • Custom alert rules with thresholds and Slack/email notifications

🌟 Result: Faster incident response and better visibility for dev teams

πŸ” Secrets Management in Kubernetes

🏒 The Pokémon Company

Implemented secure credentials handling using AWS services.

πŸ’‘ Highlights:

  • Integrated AWS Secrets Manager into EKS with OIDC
  • Deployed CSI driver for pod-level secret injection
  • Applied fine-grained access control with IAM and IRSA

🌟 Result: Reduced risk and improved compliance posture

🌐 Ingress & TLS Management

🏒 The Pokémon Company

Configured routing and encryption for Kubernetes workloads.

πŸ’‘ Highlights:

  • Deployed and managed NGINX Ingress Controller
  • Handled Route 53 DNS records and routing policies
  • Used ACM and Cert Manager for TLS automation

🌟 Result: Secured public endpoints and simplified certificate renewals

🌍 AWS Resource Management & Optimization

🏒 The Pokémon Company

Managed a wide array of AWS services for better performance and cost-efficiency.

πŸ’‘ Highlights:

  • Maintained and optimized S3, Lambda, VPC, ELB, RDS, ASG, SNS
  • Improved monitoring setups using CloudWatch
  • Tuned network, access, and resource utilization

🌟 Result: Better cloud visibility and improved overall infrastructure hygiene

🌐 High-Availability 3-Tier Web Stack

πŸ’» Personal Project

Resilient architecture with graceful static failover.

πŸ’‘ Highlights:

  • S3 + CloudFront for global, fast frontend delivery
  • Lambda fallback redirect in case of backend outage
  • Route 53 DNS failover + HTTPS with ACM

🌟 Result: Seamless user experience and robust fault-tolerance

βš™οΈ Each project reflects my approach to DevOps: automation-first, security-focused, and developer-friendly.