Projects

Work & Implementations

A comprehensive history of professional work, research, and technical implementations across cloud, DevOps, security, and infrastructure engineering.

38+Projects

8Years

3Companies

2024

ArgoCD GitOps Implementation inside AWS EKS

PT. IDstar Cipta Teknologi

GitLab CIArgoCDAWS EKSHelmDockerECR

Role: DevOps Engineer  ·  Goal: Streamline application deployment and infrastructure management using GitOps methodology.

• Developed GitLab CI/CD pipelines to build and push Docker images to AWS ECR.
• Configured ArgoCD to monitor Git repositories for application and infrastructure manifests using Helm Charts.
• Implemented ArgoCD Image Updater for automated image tag synchronization from AWS ECR.
• Automated cluster state synchronization between Git and AWS EKS.

Outcomes

• Efficient and automated application delivery process.
• Single source of truth for all Kubernetes cluster configurations.
• Enhanced scalability and observability for cloud-native applications.

AWS EKS: Kubernetes Cluster Installation and Configuration

PT. IDstar Cipta Teknologi

TerraformAWS EKSKubernetesHelmVPC

Role: DevOps Engineer  ·  Goal: Set up a production-ready Kubernetes cluster on Amazon EKS for scalable containerized workloads.

• IaC: Provisioned EKS cluster, secure VPC, subnets, and security groups using Terraform.
• Node Management: Deployed managed EC2 node groups integrated with the EKS control plane.
• Networking: Configured VPC CNI for efficient pod networking and ALB/NLB for external traffic.
• Security: Implemented IAM roles and granular Kubernetes RBAC policies.
• Scalability: Deployed Cluster Autoscaler and Horizontal Pod Autoscaler (HPA).
• Tooling: Installed Helm, ArgoCD, cert-manager, and Nginx Ingress.

Outcomes

• Production-grade EKS environment supporting high-availability critical applications.
• Simplified resource management through automated scaling and monitoring.

Implement DevSecOps GitLab CI/CD Pipeline

PT. IDstar Cipta Teknologi

GitLabAWSDockerTerraformAnsible

Role: DevOps Engineer

• Deployed a self-hosted GitLab instance on AWS EC2 using Docker containers.
• Automated infrastructure provisioning and server configuration with Terraform and Ansible.
• Designed and implemented CI/CD pipelines to streamline deployment for multiple development teams.

DevSecOps Pipeline Using Trivy

PT. IDstar Cipta Teknologi

GitLab CITrivyDockerBash

Role: DevOps Engineer

• Integrated Trivy security scanner into GitLab CI/CD pipeline stages.
• Automated vulnerability detection and reporting for container images prior to deployment.
• Improved the overall security posture by reducing manual audit overhead.

2023

GitLab Runner Cost Optimization Using Spot Instances

PT. IDstar Cipta Teknologi

AWS EC2 SpotASGGitLab RunnerDockerTerraform

Role: DevOps Engineer

• Successfully migrated GitLab Runners to AWS EC2 Spot Instances, reducing infrastructure costs by 60–70%.
• Configured Auto Scaling Groups (ASG) to ensure runner availability and scalability.
• Implemented fallback strategies with On-Demand instances to maintain pipeline reliability.

Self-Hosted GitLab for Company Code Repository

PT. IDstar Cipta Teknologi

GitLab CE/EEUbuntuNginxPostgreSQLDocker

Role: DevOps Engineer

• Installed and secured a high-availability self-hosted GitLab platform.
• Integrated PostgreSQL backend and Nginx reverse proxy with SSL/TLS.
• Managed repository migration and implemented RBAC/SSO for developer access.
• Automated backup and disaster recovery procedures for data protection.

Migrate to Docker and Optimize WordPress Company Profile

PT. IDstar Cipta Teknologi

DockerDocker ComposeNginxMySQLPHP-FPMLet's Encrypt

Role: DevOps Engineer

• Containerized the WordPress stack for improved portability and scalability.
• Optimized PHP-FPM and Nginx caching, resulting in 40% faster response times.
• Automated SSL/TLS certificate management using Let's Encrypt.
• Established CI/CD workflows for development, staging, and production environments.

DevOps New Generation Banking System: KB Bukopin

PT. IDstar Cipta Teknologi

GitLab CIFastlaneKubernetesSonarQube

Role: DevOps Engineer

• Configured on-premises GitLab Runners to support secure banking build environments.
• Automated mobile app (iOS/Android) releases using Fastlane and GitLab CI.
• Integrated SonarQube for continuous code quality and static security analysis (SAST).
• Collaborated in an Agile/Scrum environment to ensure mission-critical platform compliance.

Product Capstone: Communicare (Bangkit Academy 2023)

Bangkit Academy · Google / GoTo / Traveloka

GCPFirebaseCloud RunGitHub Actions

Role: DevOps & Cloud Lead

• Orchestrated the cloud environment on GCP to host backend and Machine Learning services.
• Automated deployment pipelines using GitHub Actions for seamless service delivery.
• Managed containerized services on Cloud Run, ensuring scalability for user traffic.
• Authored comprehensive documentation for system design and deployment procedures.

2022

OCR Machine Learning System: EZxtract

PT. IDstar Cipta Teknologi

CentOSPythonGunicornNginx

Role: DevOps Engineer

• Configured production-ready server environments for OCR/ML workloads.
• Deployed Python applications with Gunicorn and Nginx reverse proxy for high performance.
• Created systemd services to ensure process resiliency and auto-restarts.

Internal Apps IDStar IDSWP

PT. IDstar Cipta Teknologi

Docker ComposeNginxPostgreSQLGitLab CI

Role: DevOps Engineer

• Designed microservices architecture for internal company applications using Docker Compose.
• Integrated service orchestration and persistent storage for databases and caching.
• Optimized dev-to-prod workflows through automated GitLab CI/CD pipelines.

Grafana Resource Monitoring, Logging & Alerting System

PT. IDstar Cipta Teknologi

GrafanaPrometheusLokiAlertmanagerCloudWatch

Role: DevOps Engineer

• Implemented a centralized observability stack for metrics and log aggregation.
• Designed interactive Grafana dashboards for real-time infrastructure visibility.
• Configured proactive alerting via Slack/Email, significantly reducing MTTR.

Amazon CloudWatch EC2 Resource Monitoring

PT. IDstar Cipta Teknologi

AWS CloudWatchSNSIAM

Role: DevOps Engineer

• Configured performance monitoring for EC2 instances with detailed custom metrics (Memory/Disk).
• Established real-time alerting using CloudWatch Alarms and SNS.
• Improved incident response times through performance dashboards.

Self-Hosted Taiga Project Management Tool

PT. IDstar Cipta Teknologi

PostgreSQLNginxDockerUbuntu

Role: DevOps Engineer

• Deployed and secured a self-hosted Taiga instance for Agile project tracking.
• Configured Nginx reverse proxy with SSL/TLS and managed Dockerized services.

GitLab Event Notification Integration with Mattermost

PT. IDstar Cipta Teknologi

GitLabMattermostWebhooks

Role: DevOps Engineer  ·  Goal: Deliver real-time notifications for repository and pipeline activities.

• Integrated GitLab webhooks with Mattermost for instant team feedback on CI/CD events.
• Automated notifications for Merge Requests, issues, and pipeline failures.

AWS Cost Alert: SNS Integration With Mattermost

PT. IDstar Cipta Teknologi

AWS CloudWatchSNSMattermost

Role: DevOps Engineer  ·  Goal: Establish proactive cloud billing governance.

• Integrated AWS CloudWatch billing alarms with SNS and Mattermost webhooks.
• Provided real-time visibility into usage thresholds and cost spikes.

Website Uptime Monitoring System (Uptime Kuma)

PT. IDstar Cipta Teknologi

Uptime KumaDockerNginxMattermost

Role: DevOps Engineer

• Deployed Uptime Kuma to track availability and latency for critical company services.
• Configured real-time incident alerting via Mattermost and Email.

Cross-Account Migration of EC2 Instances and S3 Buckets

PT. IDstar Cipta Teknologi

AWS CLIAMIS3IAM Roles

Role: DevOps Engineer

• Planned and executed secure cross-account transfers of EC2 resources and S3 data.
• Managed cross-account IAM permissions and verified data integrity post-migration.

OCR Server Migration to GCP

PT. IDstar Cipta Teknologi

GCPCompute EngineCloud Storage

Role: DevOps Engineer

• Successfully migrated OCR workloads from on-premises to GCP instances.
• Configured network security and firewalls within the GCP environment.

Google Workspace Admin Implementation

PT. Tosan Perkasa Unicorn

Google WorkspaceDNSSPF/DKIM/DMARC

Role: IT Support & Network Engineer  ·  Goal: Centralize company collaboration and user management.

• Deployed Google Workspace Admin Console and migrated user accounts/emails.
• Configured DNS authentication (SPF, DKIM, DMARC) for secure email delivery.
• Established role-based access control and 2FA security policies.

On-Premises Infrastructure Migration to AWS Cloud

Sekolah DevOps Cilsy · Batch #14

AWS EC2RDSS3TerraformAnsible

• Designed and executed migration of on-premises workloads to AWS infrastructure.
• Automated provisioning using Infrastructure as Code (Terraform) and configuration with Ansible.
• Configured VPC networking and security groups for cloud compliance.

Container Orchestration Infrastructure: Kubernetes

Sekolah DevOps Cilsy · Batch #14

KubernetesDockerHelmNginx Ingress

• Orchestrated microservices deployment on a production-like Kubernetes cluster.
• Implemented Nginx Ingress Controller for traffic routing and load balancing.

On-Premises Infrastructure for Web Apps

Sekolah DevOps Cilsy · Batch #14

LinuxNginxPostgreSQLDockerProxmox

• Built a robust on-premises infrastructure using virtualization for web hosting.
• Configured web servers and database environments for secure internal application access.

Tendean Office LAN Network Installation

PT. Tosan Perkasa Unicorn

CiscoMikrotikCat6Ubiquiti

Role: IT Support & Network Engineer  ·  Goal: Implement reliable connectivity for a new office location.

• Designed and installed comprehensive LAN infrastructure using Cisco and Mikrotik.
• Deployed structured cabling (Cat6) and managed Wi-Fi coverage with Ubiquiti.

2021

HR System Migration to Proxmox Virtualization

PT. Tosan Perkasa Unicorn

Proxmox VELinuxMySQL

Role: IT Support & Network Engineer

• Virtualized legacy physical servers using Proxmox VE to improve resource utilization.
• Established automated backup and snapshot policies for critical HR data.

Proxmox VE Installation and Configuration

PT. Tosan Perkasa Unicorn

Proxmox VEZFSKVM/LXC

Role: IT Support & Network Engineer

• Deployed Proxmox VE as the primary enterprise virtualization platform.
• Configured ZFS storage pools for high-performance virtual disks.

Internet Bandwidth QoS Optimization

PT. Tosan Perkasa Unicorn

Mikrotik RouterOSQoS/HTBTraffic Shaping

Role: IT Support & Network Engineer

• Analyzed traffic patterns and prioritized business-critical bandwidth (VoIP/Video).
• Reduced network latency by optimizing traffic markings and queue disciplines.

FortiGate 30E Installation and Configuration

PT. Tosan Perkasa Unicorn

FortiGate 30EFortiOSVPNIPS/IDS

Role: IT Support & Network Engineer

• Deployed FortiGate firewall for advanced threat protection and secure remote access.
• Configured IPSec/SSL VPN and web filtering policies to secure the office network.

Mikrotik Replacement and Configuration Migration

PT. Tosan Perkasa Unicorn

Mikrotik RouterOSFirewallNATVPN

Role: IT Support & Network Engineer

• Managed hardware migration of core routers with zero service downtime.
• Migrated complex firewall, NAT, and VPN configurations to newer Mikrotik models.

Zimbra Email Migration to Google Workspace

PT. Tosan Perkasa Unicorn

ZimbraGoogle WorkspaceDNS

Role: IT Support & Network Engineer

• Successfully migrated enterprise email from Zimbra to Google Workspace.
• Managed DNS reconfiguration and data transfer for 100+ users.

2020

Zabbix Monitoring System Implementation

PT. Tosan Perkasa Unicorn

ZabbixSNMPMySQLGrafana

Role: IT Support & Network Engineer

• Deployed comprehensive monitoring for servers and network appliances.
• Configured real-time alerts for service outages and performance bottlenecks.

VPN IPSec/L2TP Network Implementation

PT. Tosan Perkasa Unicorn

IPSecL2TPRADIUS

Role: IT Support & Network Engineer

• Established secure site-to-site and remote access VPN tunnels.
• Configured RADIUS authentication for centralized user access control.

Bandwidth Improvement and Optimization

PT. Tosan Perkasa Unicorn

Firewall RulesConnection Tracking

Role: IT Support & Network Engineer

• Optimized throughput by fine-tuning firewall rules and connection tracking.
• Achieved measurable improvements in latencies for critical business apps.

2019

Core Router Migration & Replacement

PT. Tosan Perkasa Unicorn

MikrotikBGP/OSPF

Role: IT Support & Network Engineer

• Upgraded core network backbone with high-performance Mikrotik hardware.
• Implemented BGP/OSPF routing for network redundancy and failover.

CCTV System Migration to IP-Based Infrastructure

PT. Tosan Perkasa Unicorn

IP CCTVNVRNetwork Segmentation

Role: IT Support & Network Engineer

• Modernized analog surveillance to a high-definition IP-based CCTV system.
• Managed NVR storage configurations and network segmentation for video traffic.

Video Conference Room Infrastructure Installation

PT. Tosan Perkasa Unicorn

AV SystemsQoSZoomMicrosoft Teams

Role: IT Support & Network Engineer

• Designed and installed audio-visual systems for corporate meeting rooms.
• Integrated dedicated QoS for Zoom and Microsoft Teams reliability.

Computer Network Performance Improvement: Mikrotik

PT. Tosan Perkasa Unicorn

Mikrotik RouterOSFirewall

Role: IT Support & Network Engineer

• Performed deep-dive optimization of router configurations.
• Enhanced network security posture through hardened firewall rules.

2018

CV. Lintas Opsi Gradasi Informatika: LAN Design

Junior Network Engineer Internship

Cisco Packet TracerSubnettingVLAN

• Designed Local Area Network (LAN) topologies and IP addressing schemes for small businesses.
• Documented equipment requirements and VLAN segmentation strategies.