About

Senior DevOps Consultant

About Charles Bernardin

Cloud Native Engineer passionate about automation, open source and knowledge sharing. National Bank of Canada, EDF, La Poste, Yves Rocher…

11+ years IT7 years K8s/OpenShift5 certificationsFR + 🇨🇦 Québec

Senior OpenShift / Kubernetes engineer with 11+ years of Linux and 7+ years of OpenShift in production — banking, public services and public health in Canada and France. I design, deploy and operate end-to-end Cloud Native platforms: bare-metal / UPI / IPI / Assisted installs, Kubernetes on the immutable Flatcar OS, multi-cluster operations with RHACM & RHACS, and HashiCorp Vault HA.

I hold a defense-in-depth bar on DR (OADP, Velero, etcd snapshots to S3, Vault Raft to S3), centralized monitoring (Prometheus / Grafana / Alertmanager / Thanos), and audience-tailored runbook authoring (C-suite, tech-lead, on-call). Customer-facing posture — clean RCAs, knowledge transfer and team enablement.

My latest flagship project at Micro Logic: designed and deployed an OpenShift 4.20 bare-metal cluster with a LACP 802.3ad dual-bond architecture — orchestrated by Bash scripts (9-phase pipeline, PXE/iPXE with Ignition 3.x, 6-validator pre-flight framework, 120+ pages of Markdown documentation). The cluster integrates OpenShift Virtualization (CNV), Advanced Cluster Management (ACM), Thanos (3-tier retention pyramid) and ClusterAutoscaler — deployment time cut from 4 h to 45 min (−80 %) and documented MTTR brought down to 20 min.

Learning platforms

Training the French-speaking community

Three platforms I build to fill the gap in French-language Kubernetes & HashiCorp Vault certification prep tools — with multilingual support (FR / EN, sometimes more).

100% Free FR / EN

KubeDex

kubedex-app.vercel.app

Gamified platform to learn Docker & Kubernetes step by step — 5 worlds, 40+ lessons, built-in CLI/YAML editor, badges & XP.

Docker Kubernetes OpenShift Networking Storage
Start the adventure
100% Free FR / EN

VaultQuest

vaultquest-five.vercel.app

Learn HashiCorp Vault and prep for the Vault Associate (003) certification — theory, hands-on labs and mock exams aligned with the official curriculum.

Secrets Engines Auth Methods Policies PKI HA / Raft
Prep Vault Associate
100% Free Multilingual

CKA-Quest

cka-quest-app.vercel.app

Prepare the Certified Kubernetes Administrator (CKA) in French, English and several other languages — mock questions, practice environments, detailed scoring.

Cluster Architecture Workloads Networking Troubleshooting
Prep the CKA

Career path

OpenShift & Kubernetes Administrator — Micro Logic, Quebec City (Mar 2022 – Present)

  • Automated OCP deployment — Terraform + Ansible automation across bare-metal, VMware vSphere and VMware Cloud Director — −60 % deployment time. Standardized RHCOS / Fedora CoreOS post-install via reusable Ansible roles.
  • Kubernetes on immutable Flatcar — Terraform provisioning on VMware, full lifecycle via Ansible. Comparative documentation that underpinned the Flatcar adoption decision in production.
  • Centralized observability — 99.9 % monitoring uptime — Prometheus / Grafana / Alertmanager / Thanos stack across all clusters, custom Grafana dashboards (Calico, Vault, etcd, Java apps).
  • Multi-cluster & security — RHACM, RHACS and NeuVector across the OpenShift / Kubernetes fleet — visibility, policy enforcement and compliance.
  • Defense-in-depth Disaster Recovery — OADP / Velero, etcd CronJob snapshots to S3, Vault Raft DB snapshots to S3 — audience-tailored runbooks.
  • HashiCorp Vault HA — 3-node cluster on Kubernetes with integrated SSL/TLS and automated unseal, later ported to OpenBao. VM variant (3 VMs + management + DNS + DHCP + HAProxy).
  • Cluster identity & TLS hardening — OpenID Connect, etcd encryption at rest, replacement of default certificates, scheduled rotation across multiple production clusters.

DevOps Engineer — National Bank of Canada, Montreal (Mar 2021 – Mar 2022)

  • OCP 3.11 → 4.x migration — Led bare-metal → VMware vSphere UPI migration, automated environment builds with Terraform + Jenkins + Ansible — −80 % manual configuration errors, 50+ applications migrated.
  • OCP 4.x hardening — Local Storage + StorageClass, Prometheus / Grafana / Alertmanager, LDAP, NetApp NFS, etcd encryption, OADP/Velero, Splunk for Kubernetes.
  • RHACM / RHACS — Hydro-Québec engagement — Joint deployment of multi-cluster management and security with the National Bank of Canada.
  • AWS cloud — EC2 / S3 configuration — +50 % cloud resource utilization.

DevOps Engineer — SII Canada, Montreal (Mar 2019 – Mar 2021)

  • OKD 3.9 production — public health — CentOS bare-metal install, lifecycle (version migrations, automation with Terraform / Ansible / Bash) — +80 % deployment efficiency.
  • Internal platforms — Open-source Gogs git, Pinpoint APM integrated with OpenShift (PHP / Java).
  • Jenkins CI/CD pipelines−60 % deployment time on containerized workloads.
  • Observability & training — Grafana dashboards, team training (Docker, Ansible, Jenkins, Prometheus, Pinpoint).

DevOps Consultant — Progressive, Paris (Jan 2018 – Jul 2021)

  • OKD 3.7 production — public health — CentOS bare-metal install, Terraform / Ansible / Bash automation — +80 % deployment efficiency.
  • OpenShift on VMware — Scalable Fedora CoreOS / Rocky Linux architectures — +40 % system reliability.
  • Nexus release automation−30 % deployment time.
  • Prometheus / Grafana monitoring — Custom dashboards — −20 % downtime.

Linux Systems Engineer — France (2011 – 2018)

Engagements at EDF, Yves Rocher, La Poste, France Billet, MBS, Datasystem. Multi-distro Linux administration (Red Hat, Debian, Rocky Linux, CoreOS), shell-script automation — +50 % efficiency on manual workload. Monitoring with Nagios / Zabbix / ELK — −40 % system crashes through proactive detection.

Certifications

Red Hat & HashiCorp — active

  • RHCSA — Red Hat Certified System Administrator (2024)
  • HashiCorp Terraform Associate (003) — 2024
  • HashiCorp Certified: Vault Associate (003) — earned Sep 2025 · expires Sep 2027
  • Red Hat Certified Specialist in OpenShift Administration (EX280) — 2023
  • Red Hat Certified Specialist in Containers and Kubernetes (EX180) — 2022

In progress

  • Red Hat Certified OpenShift Administrator (RHCOA / EX380)
  • Red Hat Certified Engineer (RHCE / EX294)
  • OpenShift AI Specialist (EX480) — active prep with NVIDIA GPU Operator + KServe / Kubeflow

Tech stack

  • Container platforms — OpenShift Container Platform (3.7 → 4.20), Kubernetes, OKD, Docker Swarm, Rancher
  • Cluster lifecycle — Bare Metal / UPI / IPI / Assisted, MachineConfig, MachineSet, NodePool, NMState, Ignition 3.x, PXE/iPXE, OpenShift Virtualization (CNV / KubeVirt), HyperShift / Hosted Control Plane, MCE, RHACM, RHACS, ClusterAutoscaler
  • Kubernetes on immutable OS — Flatcar Linux Container, Fedora CoreOS, RHCOS — Terraform provisioning, Ansible-driven lifecycle
  • Security, RBAC & networking — Namespaces, RBAC, ServiceAccounts, OPA/Gatekeeper, OAuth/OIDC/LDAP, etcd encryption at rest, OVN-Kubernetes, LACP 802.3ad, HAProxy L4, HashiCorp Vault HA Raft, OpenBao, Quay container security, NeuVector, RHACS
  • Storage & DR — ODF, Red Hat Ceph Storage, NFS provisioner (RWX), CSI drivers, NetApp NFS, S3, OADP/Velero, etcd snapshots to S3, Vault Raft to S3
  • IaC / GitOps / CI/CD — Ansible, Terraform, Bash, Helm, ArgoCD, Jenkins, Tekton, OLM, Nexus, Gogs
  • Linux, SRE & observability — RHEL, RHCOS, Fedora CoreOS, Flatcar, Rocky, AlmaLinux, CentOS, Debian — systemd, kernel tuning, SLO/SLI/error budgets, Prometheus, Grafana, Alertmanager, Thanos, Loki, ELK, Splunk, Pinpoint APM, Nagios, Zabbix
  • Cloud & AI/ML on OpenShift — AWS (EC2, S3), GCP, VMware vSphere, VMware Cloud Director, AI/ML fundamentals (CNV + GPU passthrough), EX480 prep + NVIDIA GPU Operator + KServe / Kubeflow

My philosophy

Open Source first — I favour open source solutions (Kubernetes, OpenBao, Prometheus) that deliver transparency, flexibility and freedom from vendor lock-in.

Automate to make reliable — Every repetitive task should be automated. Infrastructure as Code is not a luxury, it is the guarantee of reproducible, error-free deployments.

Share the knowledge — I document every procedure, train teams to make them autonomous, and build learning sites for the French-speaking community. A good consultant leaves clients independent.

Education

  • BSc Enterprise Network Administrator — European Institute for Computer Engineers, Paris (2011)
  • IT Support Diploma (DUT) — CESI, Reims (2008)
  • BSc Electrical Engineering, Electronics, Industrial Automation — Champagne-Ardenne University, Reims (2006)

Find me online

LinkedInlinkedin.com/in/charles-bernardin-zogbelemou-7bb55489

Email[email protected]

Scroll to Top