AWS Cloudformation Resource Providers

AWS Account Provisioning can be a challange when large Enterprises require highly automated integration with existing IT management systems. To support multiple scenarios with account provisioning a couple of AWS CloudFormation resource providers can be handy.

The following resources help to build a AWS Service Catalog Product, which can be used as account provisioning product. Hence, all resources priviosioned into newly created account and the account itself are created fully automated and state is maintained within AWS CloudFormation.

See a typical use case including diagram by following the projects link below.

https://github.com/aws-samples/aws-organizations-account-resource

https://github.com/aws-samples/aws-cloudformation-stack-instances

https://github.com/aws-samples/aws-concurrent-provisioned-product

Scalable Serverless Nextcloud on AWS

Nextcloud is an open source collaboration an fileshare platform. In order to scale with demand and keep operational overhead low quite some engineering efforts are required. This project includes a 100% serverless quickstart.

The open source project can be used to run Nextcloud on AWS at scale. Underlying AWS Services used are AWS Aurora Serverless, AWS Elastic Container Service, AWS ElastiCache.

One key factor to provide fast scalable file access is the use of a cloud-based objectstore. This project deploys nextcloud with Amazon S3 as primary storage.

Enterprise AWS Landing Zone for Manufacturing

Customer made a decision to go all in AWS and plan datacenter exit. Hence, big digital transformation challenges require precise guidance and a secure cloud foundation.

In order to execute a multi account strategy on AWS successful, many foundational topics have to be covered. This includes baslines security of the whole organization, integration with existing IT management systems, automation of processes as much as possible. One of my focus topics was connectivity. This is not only relevant for IT applications. Special requirements from typical manufacturing business applications part of operational technology, have to be taken into account.

In summary everything is build to scale out properly, number of accounts quickly ramped up to a couple of hundreds.

DevOps Platform

The Customer is preparing for the next level of Platform as a Service. The project is aiming to create pre-defined building blocks, pipelines and persistence layers for customers several topics.

This includes a setup of multiple OpenShift Clusters in a multi-cloud setup in Micrsoft Azure, AWS and Google Cloud Platform. This will leverage the automatic scaling functionalities and easy OpenShift Container Storage deployments. Using installer provisioned infrastructure while being compliant using hardened RHEL CoreOS images, CVE scaned docker registry and integrate into coporate networks are the main challanges here.

We design for failure and do regulary disaster and backup recovery trainings.

Microservice Architecure Migration

The customer is shifting running solutions into the Microsoft Azure Cloud. This includes many API services consisting of several microservices and DevOps processes.

The target architecture leverages Cloud DevOps services as well as Kubernetes as the underlying platform.

Daimler AG - NBx Project

The NBx Project provides a SaaS solution by leveraging a hybrid cloud architecture.

An on-premise Kubernetes Cluster on top of OpenStack is use to anonymize and encrypt data while keeping it GDPR compliant. Data analytics tasks running Spark ML job the HDInsight Service in Microsoft Azure where leveraged to provide easy access to a Hadoop Cluster.

Aperture Location Services

The aperture software components provide visualization and analytic focused geospatial storage and processing abilities.

The Charger is a core part providing essential functions and models to work with geospatial data. The main storage is the Tank, designed and developed to be used in cloud environments. Based on a column-oriented database it stores geospatial bigdata to do simple analytic extracts and more important to create vector tiles on the fly for blazing fast map interfaces. Last but not least the Open Source component Tyler provides minimal and simple self-contained access to a subset of your data. Published in 2019 we contribute to the public, see here.

Databio

“The Data-Driven Bioeconomy project focuses on the production of best possible raw materials from agriculture, forestry and fishery for the bioeconomy industry to produce food, energy and biomaterials taking into account responsibility and sustainability.”

My main contributions are designing and implementing cloud-based solutions to support smart farming in Greece. We developed agriculture monitoring systems based on sensor and earth observation data.

FTTH Factory

The “Fiber to the Home” Factory is a project by the Telekom involved in fiber cable distribution in Germany.

I supported mainly interface communications between components and development operations. Our components in this project were deploymented in a container orchestration system using different tenants for development and production inside the Open Telekom Cloud.

GeoRocket

“GeoRocket is a high-performance data store for geospatial files.“

GeoRocket is based on Elasticsearch and provides a query and aggregation endpoint. I was mainly involved in designing the aggregation DSL and implementing plugins used in the commercial GeoRocket Pro version.

KKS Architects merged into Werkum Architects

The entire IT infrastructure from KKS Architects was moved to the new offices and i had to integrate the systems into the existing architecture including hardware, networks, etc.

In addition the Website was migrated to the cloud and their on-premise Exchange Server was replaced with Office 365, the Active directory was put into a Trust Relationship with the partner's one.

New/s/leak

“Information extraction and interactive visualization of textual datasets for investigative data-driven journalism and eDiscovery“

My main responsibility was implementing the complex interactive interface. Additionally, I was taken into account adapting REST endpoints and maintain our on-premise deployment of database components.

KKS Architects Infrastructure Modernization

The entire IT infrastructure from KKS Architects was upgraded and modernized to state to the art hardware and software.

This step included a major rebuild and the following replacments:

• New CUDA ready workstations
• Enterprise ready 1 Gbit Ethernet distribution
• New Enterprise ready multi-cpu server with a Hyper-V Core installation
• From custom mailing solution to Microsoft Exchange 2013
• Microsoft Windows Server 2012 R2 Active Directory
• Windows XP Virtual Appliance for legacy server components
• Daily File Backups
• Mailstore as compliant mail archive solution
• WSUS Update Plans

AWS Certifications

Cloud computing with AWS

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.

Certified ScrumMaster

Holding a Certified ScrumMaster® (CSM®) certification demonstrates knowledge and ability to support Scrum.

Microsoft Certified Azure Fundamentals

Prove that you understand cloud concepts, core Azure Services, Azure pricing and support, and the fundamentals of cloud security, privacy, compliance, and trust.