This project focuses on creating resilient, multi-tenant base services on GCP. It involves implementing a hub and spoke architecture to improve resource management, enhancing security and availability, and extending the Istio service mesh across both GCP and Azure to achieve a seamless, cloud-agnostic infrastructure that supports our diverse range of products and platform.
Responsibilities:
- Implement a hub and spoke model on GCP for multi-tenant environments, collaborating closely with the architecture team.
- Implement multi-region resilience, security, and cloud-agnostic infrastructure.
- Set up GCP environments, including networking architecture, IAM roles, and robust security configurations.
- Deploy and manage GKE clusters, Istio service mesh, and K8s services across GCP and Azure environments.
- Utilize Terraform, Helm, Argo CD, and GitLab CI/CD for infrastructure as code implementation.
- Implement solutions ensuring high availability, resilience, and optimal performance.
- Ensure security best practices, compliance standards, governance, policies, and well-architected framework principles are met.
- Facilitate seamless integration and knowledge transfer within internal teams.
- Create comprehensive documentation.
Requirements
Required Skillset:
- Expertise in GCP and strong understanding of networking, including service meshes (Istio) and multi-cluster setups.
- Extensive experience with Kubernetes.
- Proficiency in Terraform and Helm for IaC deployments.
- Experience with GitLab CI/CD pipelines.
- Proficient in Python and GoLang for scripting, automation, and developing custom controllers.
- Knowledge of security best practices, governance, and compliance standards.
- Familiarity with cloud well-architected framework principles.
- Experience working with architects.
Mandatory Skills:
- VPC Service Controls
- Kubernetes Security Controls (Kyverno, Trivy)
