Skip to content

Portfolio

2024

ArgoCD GitOps Implementation inside AWS EKS

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

This project focuses on implementing a GitOps workflow using ArgoCD in an AWS Elastic Kubernetes Service (EKS) environment. The goal is to streamline application deployment and infrastructure management by leveraging the GitOps methodology:

  • Develop a GitLab CI/CD pipeline to build Docker images for the application, Push the Docker images to AWS Elastic Container Registry (ECR).
  • Set up ArgoCD to monitor the k8s-infra Git repository for application and infrastructure manifests using Helm Charts
  • Setup ArgoCD Image Updater for auto update image tag from AWS ECR
  • Automate synchronization between the Git repository and the AWS EKS cluster to ensure desired state configurations.

Outcomes: - Efficient and automated application delivery process. - Reliable Kubernetes infrastructure state management via GitOps principles. - Enhanced scalability and observability for cloud-native applications on AWS EKS. - Single source of truth and version control for kubernetes cluster config.

AWS EKS - Kubernetes Cluster Installation and Configuration

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

This project sets up a fully operational Kubernetes cluster on Amazon EKS, designed for scalability, security, and high availability of containerized workloads.

Key Deliverables: - Cluster Setup: Provision EKS cluster with secure VPC, subnets, and security groups using AWS Console, CLI, or IaC (Terraform/CloudFormation). - Node Groups: Deploy managed/self-managed EC2 or Fargate nodes integrated with the EKS control plane. - Networking: Configure VPC CNI for pod networking, set up ALB/ELB/NLB for external traffic. - Access Control: Implement IAM roles and Kubernetes RBAC for fine-grained security. - Monitoring & Logging: Enable CloudWatch, metrics-server, FluentD, and centralized log collection. - Autoscaling: Deploy Cluster Autoscaler to dynamically adjust resources based on workload demands. Add-ons & Tooling: Install Helm, ArgoCD, cert-manager, nginx-ingress, infisical-secret-operator, CoreDNS, and storage solutions (EBS/EFS).

Outcomes:

  • Production-ready Kubernetes cluster on AWS EKS.
  • Scalable, secure, and automated environment for containerized applications.
  • Integrated monitoring, logging, and DevOps tooling for smooth operations.

Implement DevSecOps Gitlab CI/CD Pipeline

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Implemented a self-hosted GitLab instance on AWS for a large-scale project, providing a robust and secure version control system (VCS) for managing the company’s codebase.

Technologies: GitLab, AWS, Docker, Terraform, Ansible

Key Contributions:

  • Set up AWS EC2 instances with Docker containers running GitLab.
  • Automated infrastructure deployment using Terraform and Ansible.
  • Enabled CI/CD pipelines for multiple development teams to streamline project releases.

DevSecOps Pipeline Using Trivy

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Designed and integrated a DevSecOps pipeline in GitLab CI/CD to enhance security by performing automatic vulnerability scanning on container images.

Technologies: GitLab CI/CD, Trivy, Docker

Key Contributions:

  • Integrated Trivy for vulnerability scanning in the CI/CD pipeline.
  • Automated the process of detecting and reporting vulnerabilities in Docker images.
  • Reduced the time spent on manual security checks, improving release cycles.

2023

Gitlab Runner Cost Optimization using spot instance

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Optimized GitLab CI/CD pipeline infrastructure by migrating GitLab Runners to AWS EC2 Spot Instances, reducing operational costs while maintaining reliability and scalability.

Technologies: AWS (EC2 Spot, Auto Scaling Groups, IAM, CloudWatch), GitLab Runner, Docker, Terraform, Ansible

Key Contributions: - Designed and deployed GitLab Runners on AWS EC2 Spot Instances, achieving significant cost savings compared to on-demand instances.
- Configured Auto Scaling Groups and Launch Templates to ensure resilient and scalable runner pools.
- Implemented fallback strategies with On-Demand instances to handle Spot interruptions and maintain pipeline stability.
- Automated provisioning and configuration with Terraform & Ansible, reducing manual overhead.
- Integrated CloudWatch monitoring & alerts to track runner performance, availability, and cost efficiency.
- Result: ~60–70% cost reduction in CI/CD runner infrastructure while maintaining SLA.

Setup and configure Gitlab Self Hosted for company code repository

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Implemented and configured a self-hosted GitLab platform to serve as the company’s central code repository, enabling secure, collaborative, and efficient software development workflows.

Technologies: GitLab CE/EE, Linux Ubuntu, Nginx, PostgreSQL, Docker, SSL/TLS, CI/CD Pipelines

Key Contributions: - Installed and configured self-hosted GitLab on company infrastructure with high availability and secure networking.
- Integrated PostgreSQL backend and Nginx reverse proxy with SSL/TLS for secure code management.
- Migrated existing repositories into GitLab, ensuring smooth transition with minimal downtime.
- Configured GitLab Runners to support automated build/test/deployment pipelines.
- Implemented role-based access control (RBAC) and LDAP/SSO integration for secure developer access.
- Automated backups and disaster recovery plans to protect source code assets.
- Delivered a reliable, self-hosted platform for source control, CI/CD, and collaboration.

Migrate to Docker and Optimize Wordpress Company Profile

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Migrated the company’s WordPress-based company profile website into a Dockerized environment, improving scalability, maintainability, and performance while reducing operational overhead.

Technologies: Docker, Docker Compose, Nginx, MySQL/MariaDB, PHP-FPM, Let’s Encrypt (SSL/TLS), Cloudflare

Key Contributions: - Containerized WordPress, MySQL, and Nginx using Docker & Docker Compose, standardizing deployments.
- Optimized PHP-FPM, caching, and Nginx configuration for faster page loads and reduced resource usage.
- Configured reverse proxy with SSL/TLS (Let’s Encrypt) and integrated Cloudflare for enhanced security and performance.
- Automated deployment workflows for development, staging, and production environments.
- Implemented monitoring and alerting to ensure uptime and detect performance bottlenecks.
- Result: Achieved ~40% faster response times and simplified maintenance with containerized infrastructure.

DevOps New Generation Banking System - KB Bukopin Project

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Supported the New Generation Banking System (NGBS) project for KB Bukopin, providing DevOps solutions to ensure scalable, secure, and automated infrastructure for a mission-critical banking platform mobile apps.

Technologies: Gitlab CI/CD, Fastlane

Key Contributions: - Setup Gitlab and Gitlab Runner on-premise server - Implemented CI/CD pipelines with GitLab to automate testing, deployment, and security scanning.
- Collaborated with development teams in an Agile/Scrum environment to streamline DevOps workflows.
- Delivered a secure, scalable, and resilient infrastructure on-premise foundation for the next-gen digital banking platform.

Product Capstone - Communicare - Bangkit Academy 2023

Project Information

Bangkit Academy 2023

Communicare is a mobile application developed as part of the Bangkit Academy 2023 Capstone Project (Team C23-PS325). The app combines communication psychology principles with machine learning to help users improve their communication skills through personalized recommendations, practice scenarios, and interactive exercises.

Technologies: Google Cloud Platform (GCP), Firebase, Cloud Run, Docker, GitHub Actions (CI/CD), Git, Python, Machine Learning APIs

Key Contributions: - Set up and managed the cloud environment on GCP to support application backend and ML services.
- Automated deployment workflows with CI/CD pipelines using GitHub Actions.
- Configured and deployed application services on Cloud Run & Firebase, ensuring scalability and reliability.
- Managed repository structure, version control, and collaboration workflows across the development team.
- Authored project documentation for deployment, system design, and DevOps processes.
- Delivered a stable, cloud-native foundation that enabled the team to focus on building ML-driven features for the app.

2022

Project Sistem OCR machine learning - EZxtract Project

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Contributed to the EZxtract OCR Machine Learning Project, which leverages AI/ML for automated text extraction. My role focused on setting up and configuring the server infrastructure to ensure reliable deployment and service delivery of the OCR application.

Technologies: Linux Centos, Python, Gunicorn, Nginx (reverse proxy), Systemd, Firewall, OCR/ML stack (Python-based)

Key Contributions: - Installed and configured application server environment for OCR/ML workloads.
- Deployed Python application with Gunicorn as WSGI server for efficient request handling.
- Set up Nginx reverse proxy with proper routing, SSL/TLS, and firewall rules for secure access.
- Created systemd services for Gunicorn to ensure process auto-restart and reliability.
- Collaborated with ML developers to integrate and optimize the OCR service on production infrastructure.
- Delivered a stable, secure, and production-ready environment for the OCR application.

Project Internal Apps IDStar IDSWP

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Supported the development and deployment of internal company applications (IDSWP) using a microservices architecture containerized with Docker Compose. The goal was to streamline application delivery, improve maintainability, and standardize development environments.

Technologies: Docker, Docker Compose, Nginx, PostgreSQL/MySQL, Redis, GitLab CI/CD, Linux

Key Contributions: - Designed and implemented a microservices-based architecture using Docker Compose for multiple internal applications.
- Containerized backend services (API, database, cache) and integrated them into a single orchestrated stack.
- Configured reverse proxy (Nginx) and load balancing for service routing.
- Integrated with GitLab CI/CD pipelines to automate build, test, and deployment workflows.
- Set up persistent storage volumes for databases and services to ensure data durability.
- Improved developer productivity by providing a standardized, reproducible environment across teams.
- Delivered a more efficient and maintainable deployment process for IDStar’s internal platforms.

Grafana Resource Monitoring, Logging, And Alerting System

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Designed and deployed a centralized monitoring, logging, and alerting system to improve visibility, reliability, and performance of infrastructure and applications across multiple environments.

Technologies: Grafana, Prometheus, Loki, Promtail, Alertmanager, CloudWatch, Linux, Docker/Kubernetes

Key Contributions: - Implemented Prometheus for metrics collection and configured exporters for infrastructure, Kubernetes, and applications.
- Deployed Grafana dashboards to provide real-time visibility into CPU, memory, disk, and network usage.
- Set up Loki & Promtail for log aggregation and visualization, reducing troubleshooting time.
- Configured Alertmanager & Grafana Alerts with email/Slack integrations for proactive incident notifications.
- Integrated monitoring with CloudWatch and Kubernetes clusters to unify observability across platforms.
- Delivered a scalable monitoring stack that improved system reliability and reduced mean-time-to-recovery (MTTR).

Amazon Cloudwatch EC2 Resource Monitoring

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Implemented Amazon CloudWatch monitoring for EC2 instances to track resource utilization, enable proactive alerting, and improve operational visibility for cloud workloads.

Technologies: AWS CloudWatch, CloudWatch Alarms, EC2, IAM, SNS, Linux

Key Contributions: - Configured CloudWatch metrics to monitor EC2 performance (CPU, memory, disk, and network usage).
- Created CloudWatch Alarms with thresholds for critical metrics to trigger proactive notifications.
- Integrated Amazon SNS for real-time alerts via email/Slack channels.
- Implemented custom metrics (memory & disk) using CloudWatch Agent on Linux instances.
- Provided dashboards for system health visibility and improved incident response time.

Setup Taiga Project open-source project management tool

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Implemented and and configured Taiga, an open-source agile project management platform, to improve project tracking, sprint planning, and team collaboration within the company.

Technologies: PostgreSQL, Nginx, Docker, Ubuntu Linux, SSL/TLS

Key Contributions: - Installed and configured a self-hosted Taiga server with PostgreSQL database.
- Set up Nginx reverse proxy with SSL/TLS for secure and reliable access.
- Deployed services with Docker to simplify updates and maintenance.
- Configured user roles and permissions to support agile workflows.
- Delivered a stable and user-friendly project management tool that enhanced team productivity.

GitLab Event Notification Integration with Mattermost Webhook

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Overview: Implemented an integration between GitLab and Mattermost using webhooks to deliver real-time notifications of repository and pipeline activities, improving team communication and response time.

Technologies: GitLab, Mattermost, Webhook API, Linux

Key Contributions: - Configured GitLab webhook integration to send pipeline, merge request, and issue events to Mattermost channels.
- Automated real-time notifications to relevant project teams for faster feedback and collaboration.
- Enhanced developer awareness of CI/CD processes, reducing delays and improving project visibility.
- Delivered a lightweight, reliable integration without third-party dependencies.

Cost Alert AWS SNS Integration With Mattermost

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Overview: Implemented a cost monitoring and alerting system by integrating AWS SNS (Simple Notification Service) with Mattermost, enabling real-time notifications for cloud billing and usage thresholds.

Technologies: AWS SNS, AWS CloudWatch, IAM, Mattermost Webhook, Linux

Key Contributions: - Configured AWS CloudWatch billing alarms to detect unusual usage or cost spikes.
- Integrated CloudWatch alarms with SNS topics to trigger cost alerts automatically.
- Connected SNS notifications to Mattermost channels via webhook for real-time visibility.
- Established proactive monitoring, reducing risks of unexpected AWS billing issues.
- Improved cost governance by ensuring the operations team received instant alerts.

Website Uptime Monitoring System (Uptime Kuma)

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Deployed and configured Uptime Kuma, an open-source uptime monitoring solution, to continuously track website availability and performance, ensuring reliable operations and proactive incident response.

Technologies: Uptime Kuma, Docker, Nginx, Linux, SSL/TLS, Notification Integrations (Email/Mattermost/Slack)

Key Contributions: - Installed and configured Uptime Kuma in a Dockerized environment for easy deployment and maintenance.
- Monitored critical company websites and services with health checks, latency tracking, and availability metrics.
- Integrated alerting via email and Mattermost for real-time incident notifications.
- Secured the monitoring dashboard with reverse proxy (Nginx) and SSL/TLS.
- Delivered a cost-effective uptime monitoring solution, reducing downtime impact and improving response time.

Cross-Account Migration of EC2 Instances and S3 Buckets

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Executed a cross-account AWS migration by transferring EC2 instances and S3 buckets between AWS accounts. This project ensured secure data transfer, minimal downtime, and compliance with company cloud governance policies.

Technologies: AWS EC2, S3, IAM, AWS CLI, CloudWatch, Linux

Key Contributions: - Planned and executed EC2 instance migration (AMI backup, snapshot replication, and launch in target account).
- Migrated S3 buckets with secure cross-account permissions, bucket policies, and data synchronization.
- Implemented IAM role-based access control to ensure secure data transfer between accounts.
- Verified service integrity post-migration with monitoring and validation checks.
- Minimized downtime and ensured business continuity during migration activities.

Migrasi Server OCR Server Machine GCP

Project Information

PT. IDstar Cipta Teknologi - DevOps Engineer

Migrated an on-premises OCR server to Google Cloud Platform (GCP), improving scalability, reliability, and cost efficiency while ensuring smooth integration with existing services.

Technologies: Google Cloud Platform (GCP), Compute Engine, Cloud Storage, IAM, Linux, Nginx, Firewall

Key Contributions: - Planned and executed the migration of OCR server workloads from on-premises to GCP Compute Engine.
- Configured firewalls, networking, and IAM roles to ensure secure access and compliance.
- Integrated OCR application services with Cloud Storage for scalable data handling.
- Set up reverse proxy (Nginx) and system services for stable and optimized performance.
- Conducted post-migration validation to ensure application functionality and uptime.
- Delivered a cloud-based OCR infrastructure with higher availability and easier maintenance.

Google Workspace Admin Implementation

Project Information

PT. Unicorn Tosan Perkasa

Implemented and configured Google Workspace Admin Console to centralize company email, collaboration, and user management. The project enhanced productivity, security, and administrative control across the organization.

Technologies: Google Workspace (Gmail, Drive, Docs, Calendar, Meet), Admin Console, DNS (MX, SPF, DKIM, DMARC), SSO/2FA

Key Contributions: - Deployed and configured Google Workspace Admin Console for company-wide collaboration.
- Migrated user accounts, groups, and email services into Google Workspace.
- Set up DNS records (MX, SPF, DKIM, DMARC) to secure and authenticate email delivery.
- Implemented role-based access and 2FA for enhanced account security.
- Trained staff on using Gmail, Drive, and Meet effectively to improve adoption.
- Delivered a centralized, secure, and scalable productivity suite for the organization.

On-Premises Infrastructure Migration to Amazon Web Service Cloud

Project Information

Sekolah DevOps Cilsy Batch #14

Overview: Migrated a traditional on-premises infrastructure to AWS Cloud, modernizing deployment processes, reducing operational costs, and improving scalability and reliability.

Technologies: AWS (EC2, VPC, IAM, S3, RDS, CloudWatch), Linux, Terraform, Ansible, Nginx, Docker

Key Contributions: - Assessed on-premises workloads and designed a migration strategy to AWS.
- Migrated applications, databases, and storage into EC2, RDS, and S3 with minimal downtime.
- Implemented Terraform and Ansible for Infrastructure-as-Code and automated provisioning.
- Configured VPC, IAM roles, and security groups to ensure compliance and secure access.
- Enabled monitoring and alerting with CloudWatch to maintain operational visibility.
- Delivered a scalable, cost-efficient cloud infrastructure that replaced legacy on-prem systems.

Build Infrastructure Container Orchestration Based / Kubernetes

Project Information

Sekolah DevOps Cilsy Batch #14

Designed and deployed a container orchestration platform using Kubernetes to manage microservices workloads, improve scalability, and enable automated deployments in a production-like environment.

Technologies: Kubernetes, Docker, Nginx Ingress, Linux, Terraform

Key Contributions: - Deployed and configured a Kubernetes cluster to orchestrate containerized applications.
- Designed microservices infrastructure with Docker and Helm charts for efficient deployment.
- Implemented Nginx Ingress Controller for load balancing and routing external traffic.
- Delivered a scalable and highly available orchestration platform for application workloads.

Build Infrastructure on Premises for Web Apps

Project Information

Sekolah DevOps Cilsy Batch #14

Overview: Designed and implemented an on-premises infrastructure environment to host and manage web applications, ensuring secure networking, scalability, and maintainability before transitioning to cloud platforms.

Technologies: Linux, Nginx, Apache, MySQL/PostgreSQL, Docker, Virtualization (Proxmox/VMware), Firewall

Key Contributions: - Set up virtualized infrastructure on-premises for running multiple web application environments.
- Deployed web servers (Nginx/Apache) and configured databases (MySQL/PostgreSQL).
- Implemented reverse proxy, SSL/TLS, and firewall rules to secure application access.
- Containerized selected workloads using Docker to simplify deployment and maintenance.
- Documented infrastructure setup and migration paths to support future cloud adoption.
- Delivered a reliable and maintainable environment for hosting business-critical web apps.

Tendean Office LAN Network Installation

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

2021

HR System Migration Into Virtual System Proxmox

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Installation and Configuration Proxmox VE

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Internet Bandwidth QoS Optimization

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Fortigate 30E installation and configuration

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Mikrotik replacement and configuration migration

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Zimbra Email Migration To Google Workspace

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

2020

Implementing Zabbix Monitoring System

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

VPN IPSec/L2TP Network Implementation

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Bandwidth Improvement And Optimization

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

2019

Core Router Migration & Replacement

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

CCTV System migration

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Video Conference Room Infrastructure Installation

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

Computer Network Performance Improvement Mikrotik

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc

2018

CV. Lintas Opsi Gradasi Informatika Design LAN

Project Information

PT. Unicorn Tosan Perkasa

Overview - Bla Bla Bla

Technologies: A, B, C

Key Contributions: - point 1 - point 2 - point 3 - etc