Haisum's Blog It's not a bug, it's a feature.

2020 Update

Out of all 30 years of my life, this would probably be the most memorable year because of the wild wild things going on around us all. Not everything was bad about this year though. At the end of 2019, I had finally made up my mind to leave Java/Fintech and pursue a career in the cloud computing; and by February, 2020 I was working as a consultant for cloud native technologies and automation. Consultancy is a completely different domain from what I had been doing before this job; it’s a very fast paced and challenging career path compared to product based companies I have worked for before this job. As a consultant, keeping up with changing technology landscape has become more vital than ever so I have got about 7 certifications this year. I am now 2x AWS, 2x Azure, CKA, Terraform and VMWare certified. I will probably take a break from certifications for a while now.

Certifications are important stepping stones but real learning comes from real work. In my first project as consultant, I helped one of the largest online rental companies in the US in moving their applications from Docker Swarm to AKS. They had multi region HA setup in Azure supported by weighted routing via Cloudflare DNS. They were very mature company when it came to automation so everything was either Ansible/Puppet or was done with Terraform. Nothing in their organization was done without automation and I truly was in awe of the discipiline they followed around the principle that everything should be source controlled. This project also enabled me to play around with newly introduced concept of GitOps. I implemented GitOps based continous delivery and blue green deployments to their Kubernetes clusters using Weaveworks Flux and Flagger. GitHub actions was used as CI during this work. A small scale MVP of that work can be seen at https://github.com/haisum/aks-gitops-mvp-flux, https://github.com/haisum/aks-gitops-mvp and https://github.com/haisum/aks-gitops-mvp-app. I also played with ArgoCD and liked it more than Flux but client ended up preferring Flux so that’s what we implemented. I also helped setup Velero during this project to take backups of manifests and persistent volumes.

Another interesting project was to setup RKE clusters for a bank which had an air gapped environment. For this project, I setup a Harbor instance to import all required docker images via docker save and docker import commands. Once harbor was setup, I changed RKE configuration to pull images from private repository. The in house infrastructure was pretty dated and couldn’t support NFSv4 so we had to setup a storage provisioner for them. I tried setting up and testing Longhorn first but it kept crashing during initial testing so we had to replace it with Rook using Ceph driver. Rook/Ceph setup proved to be reallt stable and reliable as compared to Longhorn. All of this was to be done within 3 weeks. The project deadline was specially hard to meet because of the hops we had to jump to get anything in the environment because of no internet access. Nevertheless, we finished the project couple of days before the deadline.

I also worked with a major southern US utility provider in helping them Dockerize their Enterprise Oracle Customer Billing suite. This would help them in quickly provisioning local development environments in minutes which took anywhere between a week and a month before our engagement. I used this opportunity to learn Weblogic and WLST scripting to automate weblogic setup and app installation. In the end, I delivered docker-compose file which provisioned an Oracle database alongwith container for Oracle Customer Billing suite with pre-configured weblogic. Pipelines for building these images were setup using Azure Devops.

In another project, I worked as part of a team for the largest tractor and farming equipment manufacturer in the United States. The goal of this project was to migrate some application stacks from Cloudfoundary to Kubernetes. The Kubernetes clusters in this customer’s data centers were supposed to host mission critical applications used by the manufacturing plants of the client spread accross all over the country. Any faults or crashes in these environments directly affected customer’s production capabilities and smallest faults caused millions of dollars of potential revenue loss. High availability was major concern in this project and we delivered a Multi A-Z solution with HA Kubernetes deployment spread accross three different data centers. Some interesting new technologies I had to use during this project were Concourse CI, AppDynamics Kubernetes Integration, Prisma Compute Cloud, Cloudfoundary, Elasticsearc Enterprise, and custom LUA scripts for manipulating logs forwarded by fluent-bit.

Currently, I am working with a financial company to help them migrate from IBM Private Cloud to Kubernetes. As part of the project, I will work on integrating OPA, Styra DAS, Istio, Aqua Security and other cloud native techologies. I have so far completed work on migrating continous deployment from Jenkins to Armory Spinnaker.

That was a rather long summary of what has kept me busy for most part of the year. With a toddler running around and wanting to squeeze every bit of attention she can get from me, a demanding job and a constant requirement of keeping up with certifications and latest trends in tech, it’s been hard to write more regularly but I hope I will find time to do so more regularly in the future. I hope 2021 brings the COVID vaccine and alongwith it the normal life that we were all accustomed to before this year. Meanwhile, stay indoors and take care of yourself and your loved ones.