Sylvain Rabot

Hired to create the company's infrastructure, build and manage an SRE team to maintain it, evolve it, and support development teams in the deployment process of their applications.

Implementation and management of the following solutions:

• Microsoft O365 / Entra ID
• AWS
• Cloudflare
• GitHub
• Tailscale
• Terraform Cloud
• Splunk
• Confluence / Jira
• Sectigo Certificate Manager
• PagerDuty
• 1Password
• Apple Business Manager
• Jamf

Creation of an AWS infrastructure:

• Multi-account architecture segregated by environment with centralized billing and access management.
• Management of all infrastructure using IAC with Terragrunt and then Terraform Cloud.
• Implementation of SSO with Entra ID (formerly Azure AD) for all internal services.
• Creation of a private VPC architecture only accessible to partners via Direct Connect or via Cloudflare.
• Creation of Kubernetes EKS clusters in each environment.
• Advanced access management with custom IAM roles.
• Implementation of Direct Connect with partners.

Creation of a Kubernetes infrastructure:

• Implementation of basic cluster components using FluxCD (CNI, reverse-proxy, logging, monitoring, etc.).
• Implementation of Karpenter for node lifecycle management.
• Implementation of Cilium to replace AWS VPC CNI.
• Implementation of RBAC management associated with AWS roles for users.
• Implementation of monitoring / tracing / profiling / supervision based on Prometheus, Grafana, Pyroscope, Thanos and PagerDuty.
• Implementation of an authenticated proxy (Pomerium) to restrict access to certain critical applications.
• Implementation of a process to shut down dev environments at night and on weekends.

Implementation of GitHub Enterprise:

• Implementation of Git best practices.
• Implementation of CI/CD with GitHub Actions.

Implementation of a company VPN with Tailscale:

• Mandatory gateway to access all resources hosted in AWS that are not publicly accessible.

Hired to create an AWS infrastructure to host Kubernetes clusters.

Member of Production / Operations team responsible for the implementation, management, and maintenance of a "Cloud" architecture based on Microsoft Azure as part of the company's software offering transformation from "thick clients" to a "thin clients" offering hosted in the cloud.

• Implementation / management of a "Cloud" architecture based on Azure
• Implementation / management of Kubernetes clusters
• Implementation / management of monitoring and supervision services
• Implementation / management of a Splunk cluster for log management
• Support for R&D teams

Team Hosting, division Storage and Digital Content
Interventions on production environments for clients: Orange, British Telecom, VirginMedia, SFR.

• Initial sizing and deployments of platforms
• Deployments of the virtualization layer
• Deployments of OS and applications
• Load and high availability tests
• Additions of new equipment related to capacity increases
• Daily maintenance
• Level 2 and 3 on-call duties

Team Professional Services, division Storage and Digital Content.
Projects for telecom operators: Orange, SFR, Singtel, La Poste

• Development of the backend solution (PHP + PostgreSQL)
• Development of backend-to-backend SSO interfaces with clients

• Supinfo - 33000 BORDEAUX, FRANCE
• Supinfo - 94133 SAN FRANCISCO, CA, USA