An accomplished, committed and adaptable infrastructure architect with twenty years experience of architecting, migrating, implementing and maintaining large scale complex heterogeneous infrastructures from on-premise to the Cloud, including Kubernetes and serverless.
Experienced in environments ranging from start-up companies, to leading multinationals including Dixons Carphone and IBM; and within mobile, retail, ecommerce and media industries, including third party consultancy. Highly motivated to achieve excellence in continuously changing environments including working in DevOps environments. Outside of work I am a helper at my children’s Beaver Scouts group, am a fan of video and board games, build and fly model helicopters and aircraft and have an interest in photography.
- Well versed in migration from on-premise to cloud, including containerisation, Kubernetes and FaaS.
- Extensive experience with Cloud technologies, including on premise scale out to public Cloud (AWS).
- Proficiency with virtualisation, including VMWare.
- Expertise in online technologies, designing website infrastructure including the inherent issues large volumes of traffic can have on web applications and the underlying infrastructure.
- Excellent understanding of performance issues, particularly root cause analysis, including tuning of applications and infrastructure.
- Docker, Kubernetes, Helm, Flux, Terraform, Vagrant, Packer, CloudFormation, AWS (EC2, ECS, R53, S3, Lambda, RDS, boto), VMWare ESX, vSphere.
- Puppet, Ansible, Capistrano, Consul.
- Graphite, Influx, Sensu, Nagios, Grafana, Kibana, Logstash, Elastic Search, Filebeat.
- Jenkins, Gitlab, Atlassian tools (Confluence, Jira, Bitbucket, Bamboo, Hipchat, Crowd). Tomcat, Websphere, RabbitMQ, GIT. Slack and IRC.
- Linux (CentOS/RedHat, Debian, Ubuntu, Alpine).
- OIDC, OAuth, Keycloak, Heptio Gangway.
- Defined the Architecture for the Centralised Identity Management platform, which will handle authentication and authorisation for the 2000 users in PMI Digital. Consisting of AWS Directory Services, Keycloak and Heptio Gangway hosted on Kubernetes.
- Created Terraform modules and configurations to deploy the components of the system.
- Authored Helm charts for Heptio Gangway and Open Policy Agent.
- Created a Python library to ease the process of creating users and groups in the AWS LDAP directory, the tool offered both a CLI and a Slack based ChatBot interface.
- Performed a proof of concept of Open Policy Agent to programmatically define policies which the Kubernetes clusters enforced.
- Lead a team to migrate a legacy Windows dotNet application to a containerised solution running in Kubernetes on the AWS cloud. Worked hands on throughout the project, porting Git repos, creating pipelines and new Docker images and writing all the Helm charts required to deploy the stack. The project was considered the greatest success of the year, over delivering on expectations and going onto influence the next 9 months’ work.
- Rapidly deployed dev, test and production environments in Kubernetes on AWS, for four customers. The business saw massive gains in speed to market due to the re-usable nature of the Helm charts and the speed of provisioning on Kubernetes. These have been running in production since August 2017.
- Had the virtual role of Technical Design Authority for all of the infrastructure within the company.
- Defined the hosting direction for the new business unit, including the monitoring solution including Sensu, Graphite - later migrated to Influx, Grafana and the ELK stack.
- On AWS, fully ‘baked’ AMI’s using Packer and CloudFormation to deploy infrastructure, utilising Consul for service discovery.
- Proposed Terraform to the architecture board as a way of increasing the flexibility of our infrastructure as code policy. Gained approval and initiated a migration from Cloud Formation to Terraform, wrote the initial code, set standards for its use and mentored the team.
- Wrote terraform for deployment of AWS Lambda functions, utilising SQS, S3 and Elastic Search, including Cloud Watch schedules for starting the periodic functions and API Gateway for internet exposed functions.
- Deployed and managed a cluster of ECS nodes, used Jenkins to deploy entire environments to ECS via custom ECS task and service definitions.
- Built a ‘self-serve’ solution for all of the honeybee product suite using Jenkins, Terraform, AWS ECS and ECR.
- Ran a cross team solution selection process, presenting Kubernetes, Mesos, Nomad, ECS, and Docker Swam.
- Wrote Helm charts for all of our microservices to make repeatable, deployment efficient and error free.
- Worked closely with the application Architecture team to ensure all designs were ‘Cloud ready’.
- Saw an opportunity to reduce our license cost and improve the flexibility of our CI pipelines by moving from Bitbucket and Bamboo to Gitlab.
- Worked with Ops Engineers and the internal Finance team on AWS cost management.
- Lead designer for the £2 million Power upgrade; CPW had chosen to migrate in excess of 200 AIX LPARs from 6 existing P595 frames onto 4 new P440 frames, I defined the migration strategy for this large program.
- Produced the solution for an upgrade of the OS, Application server and database to the CPW insurance application, a critical system to the CPW business and one which suffered many issues and problems prior to the migration.
- Redefined the architecture behind the primary CPW website hosting; the designs migrated the entire site from Solaris on SPARC to RedHat Enterprise Linux on VMWare virtual machines.
- Lead designer for the new PCI compliant payment card platform; this system handled all credit card transactions across the multiple CPW retail channels.
- Redesigned the infrastructure for the main Carphone Warehouse retail website to coincide with the launch of the re-written site and new CMS, which went on to contribute over £10m profit over the Christmas trading period. The design has since been used as a template for other web properties within the CPW group of companies.
- Spotted excessive duplication between designs, initiated the use of design patterns which would go on to be adopted by the entire design team, reducing the time taken to create new designs by 25-30%.
- Designed the new VMWare ESX cluster, which went on to form the blueprint for future ESX cluster deployments. The consolidation resulted £250,000 worth of hardware being made available for re-use or sale.
- Primary architect and delivery lead on the infrastructure for a Computer on TV project.
- Automated configuration management throughout the estate-using Puppet.
- Worked to design and build a voicemail to SMS services using an open source PBX (Asterisk).
- Designed and managed the creation of DAM system for image hosting, search and delivery using bespoke and open source software. The system grew to include 150 million images and became the primary search and delivery system for almost all press photographs in the UK.
- Lead UNIX admin on a multi-million user web-based email system.
- Administration of multiple Enterprise class Sun servers and Netscape software products.