Hi! I'm a French native interested in distributed/edge computing, zero-trust network and general automation.
I'm working on system and software design, infrastructure provisioning, configuration management, cloud and database migrations, GraphQL ecosystem, Kubernetes environment... I'm coding with Go and Typescript. I like to automate things and reduce toil at each system level to provide flawless, maintainable and cost-efficient solutions.
Leverage 3D UX/UI into web applications with node ecosystem and edge technologies.
Deploy Google Cloud resources with Terraform, Ansible and self-deployed Kubernetes following GitOps practices.
Package a Hasura application into a Kubernetes Helm chart and deploy Helm repository as a static website.
During last years, I highly focused on Google Cloud provisioning, K3s deployments and GitOps practices through Flux and Argo with the aim to provide reliable, scalable and secure systems. That led me to investigate multi-cloud and hybrid scenarios for deploying Kubernetes. K3s and Rancher offers the ability to embrace this kind of scenarios, allowing to deploy control-plane clusters, regional clusters and edge clusters in any desired configuration. I gained good knowledge about network and load balancing issues in distributed systems, from a cloud-hosted or on-premise perspectives. K0s from Google teams is a good alternative for ready-to-use clusters. For managing multi-cluster infrastructure, there are basically three ecosystems with different level of integration and flexibility: entreprise-grade OpenShift Container Platform (and OpenShift Platform Plus for multi-cluster control plane) which provides user-provisioned or installer-provisioned installation, open-source Kubesphere Platform based on a full open source stack from observability to continuous integration, the Rancher suite for hybrid-orchestration and flexible scenarios (helped by Karmada cluster federation capabilities, Harvester integration for legacy virtual machine workloads, other external control plane tools). Nomad is an alternative and interesting approach for entreprise-grade hybrid-orchestration.
I also investigated authn/authz solutions and became an Ory.sh user. Compared to keycloak monolithic approach and SSO based on OIDC, Ory is an open source cloud-hosted and headless solution based on a micro-service architecture, each service implementing a precise requirement in a lightweight manner. It is possible to deploy each service (Kratos, Hydra, Oathkeeper, Keto) independently and in a self-hosted fashion. Ory Kratos is an IAM server which integrates with external OIDC providers while Ory Hydra is an OAuth2 server which allows to become an OIDC provider. This micro-service architecture grants so much flexibility to implement multi-tenancy requirements (single server with single database, multiple servers with single database, multiple servers with multiple databases) and to leverage a DevOps approach even for critical operations as authentication and authorization. I would really enjoy to collaborate on an open source RBAC implementation for Ory Keto, using operator pattern for example (see example).
I did a lot in CRUD generation from database schemas in OpenAPI ecosystem and then in GraphQL ecosystem, extensively using tools such as Hasura or Graphql-mesh. Thus I'm mostly using Postgres because of its rich ecosystem, its fined grained authorization system with RLS feature and its "easy" migration usage for legacy SQL databases.
Finally I like to design and create user interfaces or 3D experiences to drive my ideas forward, using edge technology to build intuitive and captivating applications.
- Inception-of-Things, a project to run K3s nodes on Vagrant machines, to run K3d cluster on Docker and to install Gitlab CE on a Kubernetes cluster, made with @c3b5aw and @naofel1.
- Webserv, a HTTP/1.1 server implementation written in C++98 made in pair working with @c3b5aw. Support for basic nginx configuration files, event-driven I/O handling, and multiple data response formats (urlencoded, multipart and transfer-encoding chunk mode).
- PipexMedic, a C functional tester for a unix system programming project, Pipex. Intensive process creation, low-level inter-process communication, I/O redirection, signal handling.
- SoLong, a 2D game written in C with a X11 library. Implementing an application loop, event handling, frame building and rendering.
- Go API with Open-API based generator (goswagger) and schema-as-code based ORM (entgo).