Context
Groupe BPCE is France’s second-largest banking group. As a DevOps & Cloud Architect embedded in their platform engineering team, I designed and operated an internal Kubernetes-as-a-Service platform used by hundreds of developers across four banking brands.
Responsibilities
- Automated provisioning of OpenShift clusters on Dell bare-metal using Ansible and Terraform
- Delivered a Kubernetes-as-a-Service offering with multi-tenant isolation using namespaces, RBAC and Kyverno policies
- Deployed and operated GitOps pipelines with ArgoCD across production and non-production environments
- Integrated Red Hat ACM for centralized multi-cluster governance and policy enforcement
- Implemented image security scanning and signing with Red Hat ACS (StackRox)
- Set up observability stack: Prometheus, Grafana, Loki/Vector, Splunk for logs and metrics
- Deployed OpenShift Serverless (Knative) and Service Mesh (Istio) for application teams
- Configured MetalLB in BGP mode for LoadBalancer services on bare-metal
- Managed Portworx storage for stateful workloads (databases, Kafka)
- Operated Ansible Automation Platform for Day-2 operations and patching
Key Achievements
- Reduced cluster provisioning time from 3 days (manual) to under 2 hours (fully automated)
- Onboarded 15+ application teams onto the platform within 6 months
- Achieved zero-downtime cluster upgrades through rolling update automation
Technical environment: Dell Bare-metal, OpenShift 4.x, ArgoCD, Portworx, Serverless, Service Mesh, Ansible Automation Platform, Splunk, Red Hat ACM, Red Hat ACS, Kyverno, MetalLB, Python, Loki/Vector, Prometheus, Grafana, Bitbucket, Kustomize, Helm