Platform Engineer · Cloud Architect · CKA · AZ-104

Rajasekhar
Reddy

Platform Engineer & Cloud Architect

I've spent 7+ years building and running cloud infrastructure — migrations, Kubernetes platforms, CI/CD pipelines, security, and everything in between. I work across AWS, Azure, GCP, and German sovereign clouds like STACKIT and IONOS. I care about infrastructure that actually works in production, not just in demos.

CKA Certified AZ-104 7+ Years Multi-Cloud Sovereign Cloud
Let's Connect Download CV LinkedIn ↗
7+
Years Exp
80%
Deploy Speed↑
5+
Clouds
2×
Certifications
what I do

Services &
Expertise

☁️
01
Cloud Migration
I've migrated infrastructure and databases across AWS, Azure, GCP, STACKIT, and IONOS. That includes PostgreSQL, Azure SQL, and RDS — moved with zero downtime. If you're running on one cloud and need to move, or running on-prem and want out, I've done it.
02
Kubernetes Consulting
I set up and run Kubernetes clusters on AKS, EKS, and GKE. That means Helm charts, ArgoCD for GitOps, containerising apps that weren't built for containers, and keeping clusters healthy in production. CKA certified.
⚙️
03
Infrastructure as Code
Everything I build is in Terraform — modular, reusable, version-controlled. No more clicking around in consoles, no more environments that drift apart over time. What took days to set up manually takes hours with proper IaC.
🚀
04
CI/CD Pipeline Setup
I replace manual deployments with proper automated pipelines — ArgoCD, GitHub Actions, Azure DevOps. On one project this cut deployment time by 80%. If your team is still doing manual releases or ssh-ing into servers to deploy, that's something I can fix.
💰
05
Cloud Cost Optimization
Cloud bills have a habit of growing quietly. I use Kubecost and cloud-native tools to find where money is being wasted — oversized instances, idle resources, inefficient workloads — and fix it. Containerisation alone often cuts costs significantly.
🔐
06
Security, IAM & Secrets Management
Tired of renewing SSL certs manually or getting paged because one expired? I set up cert-manager with Let's Encrypt — certs renew on their own, you never think about it again. I also deal with secrets properly: no hardcoded credentials, no secrets committed to Git. The External Secrets Operator pulls everything directly from Azure Key Vault or AWS Secrets Manager into Kubernetes automatically.
🌐
07
API Gateway & Traffic Management
I've worked with Apache APISIX as an API gateway in front of microservices — handling routing, rate limiting, authentication, and load balancing. It gives you one place to control all your API traffic and see exactly what's happening with it.
🗄️
08
Database Migration & Search
I've done zero-downtime database migrations across PostgreSQL, PostGIS, Azure SQL, RDS, and Elasticsearch to OpenSearch. OpenSearch also works really well as a full-text search engine for applications — fast and open-source. Pair it with Apache Superset and you have proper BI dashboards and data exploration without paying for expensive proprietary tools.
📊
09
Observability & Distributed Tracing
I set up Grafana, Prometheus, and Loki for metrics and logs — and OpenTelemetry with Jaeger for distributed tracing. When something breaks across 10 microservices at 2am, you want to know exactly which service failed, which request triggered it, and how long each step took. That's what this gives you.
tools & technologies

Tech Stack

☁️ Cloud Platforms
AWS Microsoft Azure GCP STACKIT IONOS Cloud AKSEKSGKE Azure SQLAWS RDS
⎈ Containers & Orchestration
Kubernetes Docker HelmArgoCD Argo WorkflowsMicroservices
⚙️ Infrastructure & IaC
Terraform AnsibleLinux Shell ScriptingPythonGit
🚀 CI/CD & DevOps
GitOps Azure DevOps JenkinsGitLab CI GitHub ActionsSonarQube
📊 Monitoring & Observability
Grafana Prometheus OpenTelemetry Jaeger Grafana LokiOpenSearch ElasticsearchKubecostApache Superset
🔐 Security & IAM
External Secrets Operator Cert-Manager KeycloakOAuth2 Proxy Azure Key VaultAWS Secrets Manager Let's EncryptZero Trust
🌐 Networking & API
Apache APISIX NginxGraviteeAPI Management
🗄️ Databases
PostgreSQLPostGIS Azure SQLAWS RDSOpenSearch
🤖 Automation
n8nLangflow Node-REDGeoServerCKAN
case studies

Case Studies

01
GitOps
GitOps CI/CD Pipeline with ArgoCD
The team was doing manual deployments — someone would SSH in, run scripts, hope nothing broke. I replaced that with a proper GitOps pipeline using ArgoCD and GitHub Actions across AKS and EKS clusters. Every deployment now goes through Git, gets reviewed, and deploys automatically.
✔ 80% reduction in deployment time
ArgoCDGitHub Actions KubernetesHelmJenkins
02
Migration
Multi-Cloud Migration AWS & Azure
Migrated infrastructure to AWS and Azure, including PostgreSQL and Azure SQL databases. Everything was done with zero downtime and provisioned entirely with Terraform — so the new environment was reproducible and consistent from day one.
✔ Zero-downtime migration with full IaC
AWSAzure TerraformPostgreSQLAzure SQL
03
Search
Elasticsearch to OpenSearch Migration
Moved a live Elasticsearch cluster to OpenSearch without taking it down. Set up automated daily snapshots to Azure Blob Storage and built Slack alerts so the team would know immediately if a snapshot failed. No surprises.
✔ Zero-downtime migration with automated backup
OpenSearchElasticsearch Azure BlobSlack APIAutomation
04
Observability
Full-Stack Observability Platform
The team had no real visibility into what their services were doing. I set up Grafana, Prometheus, and Loki across the microservices platform and added Kubecost so they could finally see where their cloud spend was going.
✔ Real-time visibility across all services
GrafanaPrometheus LokiKubecostOpenSearch
05
Distributed Tracing
Distributed Tracing with OpenTelemetry & Jaeger
Debugging failures across 10+ microservices was painful — the team would spend hours reading logs trying to trace what happened. I instrumented the services with OpenTelemetry and set up Jaeger so every request leaves a full trace. Now when something breaks, you click on the trace and see exactly where it went wrong.
✔ From hours of log-digging to instant root cause identification
OpenTelemetryJaeger KubernetesGrafanaMicroservices
06
Security
Zero-Trust IAM Implementation
Set up Keycloak and OAuth2 Proxy across a multi-tenant platform — every service properly authenticated, nothing exposed without auth. Also automated TLS with cert-manager and Let's Encrypt so certificates manage themselves.
✔ Secured APIs across multi-tenant platform
KeycloakOAuth2 Proxy Cert-ManagerLet's EncryptNginx
07
Search & Analytics
Search Platform & BI Dashboards with OpenSearch & Superset
Deployed OpenSearch as the search engine behind a production application — the kind of fast, typo-tolerant search users expect. On top of that, connected Apache Superset so the team could build their own dashboards for BI reporting, infrastructure metrics, and data exploration. Entirely open-source — no Tableau or Elastic licences needed.
✔ Full search + BI platform on open-source stack — zero licence cost
OpenSearchApache Superset KubernetesGrafanaPostgreSQL
08
Security
Automated Secrets & Certificate Management
Two things that cause unnecessary incidents: expired certs and secrets in the wrong places. I fixed both. Cert-manager with Let's Encrypt handles all certificate renewals automatically — no manual work, no expiry surprises. The External Secrets Operator pulls credentials directly from Azure Key Vault and AWS Secrets Manager into Kubernetes — nothing hardcoded, nothing in Git.
✔ Zero cert expiry incidents · Zero hardcoded secrets in codebase
Cert-ManagerLet's Encrypt External Secrets OperatorAzure Key VaultAWS Secrets Manager
09
IaC
Portfolio Infrastructure on AWS
This site is hosted on AWS S3 + CloudFront, provisioned with Terraform, and deployed automatically via GitHub Actions. SSL through ACM, DNS on Route 53. I eat my own cooking.
✔ Live proof of AWS + Terraform + CI/CD skills
AWS S3CloudFront TerraformGitHub ActionsRoute 53
credentials

Certifications

Certified Kubernetes Administrator
CNCF · CKA
🔷
Azure Administrator Associate
Microsoft · AZ-104
background

About Me

I'm Rajasekhar Reddy, a Platform Engineer and Cloud Architect based in Germany. I've been working in cloud infrastructure for 7+ years across companies of different sizes — from startups moving fast to enterprises that need things done carefully.

I've built Kubernetes platforms, led cloud migrations, set up CI/CD pipelines, dealt with security and secrets, and kept production systems running reliably. I'm comfortable designing the architecture and also getting into the details to make it work.

One thing that's fairly unusual in my background is hands-on experience with STACKIT and IONOS — German sovereign cloud platforms that most engineers haven't worked with. For companies that need EU data residency or GDPR compliance, that experience is genuinely useful.

Multi-cloud expertise — AWS, Azure, GCP, STACKIT, IONOS
Sovereign cloud specialist — GDPR & EU data residency
CKA · AZ-104 certified — Kubernetes & Azure expertise
80% deployment time reduction via GitOps
Zero-downtime database migrations
Platform architecture — design, build, and operate at scale
latest writing

From the Blog

Loading latest posts...
View All Posts on blog.rajasekharcloud.com ↗
let's connect

Let's Connect

Let's talk cloud infrastructure

If you're working on something cloud infrastructure related — a migration, a platform build, a security problem — feel free to reach out. I'm also open to hearing about the right job opportunity.

💼 linkedin.com/in/rajasekhar-reddy-rr 📄 Download CV / Resume