--- title: "DevOps, Cloud & Production Industrialization - José DA COSTA" description: "DevOps and cloud production, in my definition, is the practice that **turns a piece of code into a reliable, observable, recoverable production system**. It covers CI/CD, infrastructure-as-code, monit" locale: "en" canonical: "https://portfolio.josedacosta.info/en/skills/devops-cloud-production" source: "https://portfolio.josedacosta.info/en/skills/devops-cloud-production.md" html_source: "https://portfolio.josedacosta.info/en/skills/devops-cloud-production" author: "José DA COSTA" type: "skill" slug: "devops-cloud-production" generated_at: "2026-04-26T21:12:48.539Z" --- # DevOps, Cloud & Production Industrialization Icon: ☁️ ## My definition DevOps and cloud production, in my definition, is the practice that **turns a piece of code into a reliable, observable, recoverable production system**. It covers CI/CD, infrastructure-as-code, monitoring, continuity, testing strategy, and advanced Git workflows. Without mature DevOps, the team pays in on-call what it gains in velocity - and observability debt is never paid back at a reasonable cost. ### Context I run this competency on **3 scopes** in parallel. **Local dev**: Docker Compose, pnpm/Turborepo, reproducible environments via Vagrant or devcontainers. **CI/CD**: GitHub Actions / Bitbucket Pipelines / GitLab CI per customer context, Terraform plans validated before any apply. **Cloud production**: AWS (EC2, RDS, S3, Lambda, EKS, VPC) + OVH VPS Docker, observability ELK or SOFT Monitor depending on legacy. **11 years** of progression from manual deployment at Zend (2014) up to **multi-tenant Terraform AWS IaC** at ACCENSEO (2025-2026), with **15 DevOps + 7 cloud + 7 monitoring + 7 deployment references** in the portfolio. ### Relevance In 2026, the **observability stack is consolidating around OpenTelemetry**, now CNCF-graduated and natively integrated across Google Cloud, AWS X-Ray, Azure Monitor, Datadog, New Relic, and Honeycomb. The CNCF documents the move from proprietary agents to an open pipeline in [How to build a cost-effective observability platform with OpenTelemetry](https://www.cncf.io/blog/2025/12/16/how-to-build-a-cost-effective-observability-platform-with-opentelemetry/), with a **50% observability cost reduction** and a measurable MTTR improvement at the end. For a CTO starting a platform today, OpenTelemetry + explicit FinOps (Infracost) have become the non-negotiable baseline. ## My evidence ### Codifying every ACCENSEO environment in Terraform on AWS **Context:** When I founded ACCENSEO in 2024, I set a non-negotiable rule from the very first customer: **no manual configuration anywhere**. Customer engagements touched healthcare, institutional real estate and finance, meaning production databases with **several 100 GB of RAM** (PostgreSQL, MongoDB), regular audits, and a need for full reproducibility across dev, staging, and production. Without IaC from day one, drift would set in within months. **Action:** I codified the **entire infrastructure in Terraform**: **EC2** (application servers), **RDS PostgreSQL** (managed databases), **S3** (object storage and backups), **CloudFront** (CDN), **Lambda** (serverless), **API Gateway** (REST exposure), **EKS** (container orchestration), **VPC + Security Groups + IAM** (network and security). Every customer environment has its own Terraform workspace with plans validated in **GitHub Actions / Bitbucket Pipelines CI** before any apply, **Infracost** plugged into the pipeline for **explicit FinOps discipline** (cost-delta review on every merge), and **SSH tunnels** for secured database access. Deployments are **zero-downtime**, backups automated, and disaster-recovery plans tested quarterly. **Result:** **Zero manual configuration** across the customer fleet, environments **rebuildable in minutes** on incident, and **explicit FinOps** present in every PR - any infra change displays its cost delta before being approved. **Value added:** That discipline reshaped my commercial posture: I can promise a customer a reproducible environment and a transparent infra budget right from the quote, which sets me apart from consultants stacking ad-hoc servers. It is also the baseline I will replay in the next CTO scale-up role - **treat infrastructure as a product deliverable**, not as an ops chore. ### Wiring observability into the Pichet PSR platform **Context:** The Pichet **PSR platform** (partner leads ingestion) ingested up to **one lead every 2 seconds at peak**, from a dozen external partners (SeLoger, Myopla, Cooper Advertising...) with strict SLAs. Each lost lead represented potentially tens of thousands of euros in missed real-estate revenue. Without per-partner observability we were flying blind - and an outage on a partner API could go unnoticed for hours. **Action:** I built observability **partner by partner**: dedicated **SOFT Monitor dashboards** (volume, error rate, latency) with one tab per connected API, **real-time email alerts** on every critical threshold, and **native APIM observability** (analytics, throttling, OAuth) on the Microsoft API Manager. I versioned the API across **5 consecutive documented versions** on Confluence, with a progressive migration strategy for legacy partners. On infrastructure, I deployed on **AWS EKS** with **Kubernetes** + **Docker** + **GitLab CI**, and passed a **formal 2023 security audit** that hardened access controls and firewall rules. **Result:** **Zero major lead-loss incident** across 3 years, **diagnostic time on cross-system anomalies reduced** (from hours to minutes), **SLAs respected** on every partner, and **partner integration lead time dropped from several weeks to a few days** thanks to pipeline industrialisation. **Value added:** That project locked in a reflex: **invest in monitoring tooling on day 1** of a critical platform, because observability debt is never paid back at a reasonable cost. On every ACCENSEO engagement, that is the first deliverable I now lay down on any customer infrastructure I take over. ### Industrialising the Pichet ESB pipeline over 4 years **Context:** The Groupe Pichet ESB scope was **more than 100 production integration flows** across 20 business applications, **18K euros per month of Docker/Kubernetes hosting OPEX** at Claranet, and 24/7 critical traffic on the accounting and financial flows. When I joined, every flow deployment relied on scattered manual operations and the SOFT Monitor system was firing **2,377 notifications per month** with no triage capability. **Action:** I industrialised the pipeline brick by brick. On the CI/CD side, I rolled out a complete **GitLab CI** chain with **explicit kill criteria** on every deployment (tests, lint, Terraform plans). On operational quality, I imposed **blameless post-mortems** on every critical incident, formalised 7 types of **technical documentation** (DAA application architecture, DAT technical architecture, DAU automation, DEX exploitation, DFX flows, DIN installation, DMI migration), and **one runbook per flow** kept up to date. For observability, I ran the **ELK Stack** evaluation (Elasticsearch + Logstash + Kibana) to replace SOFT Monitor, and scoped the move to **MongoDB Atlas** for non-relational flows. **Result:** **Single-digit incident rate** maintained across **4 consecutive CIO changes** (2021 to 2024), a fact often called out at the COPIL because it was unprecedented in the department. The post-mortem framework I shipped became the department-wide standard for every critical incident. **Value added:** On this project I understood that **DevOps maturity is not a tooling question** but a discipline question: a simple system held in light SRE always beats a complex one abandoned after its purchase. That is the philosophy I lay down on every ACCENSEO engagement and that I will impose on the next scale-up platform. ## My self-critique ### Mastery level **Senior**, on 11 years of progression from manual deployment at Zend (2014) to **multi-tenant Terraform AWS IaC** at ACCENSEO (2025-2026). Coverage is complete: GitHub Actions CI/CD, Terraform infrastructure-as-code, Docker containerisation, observability (SOFT Monitor + dashboards), continuity (cross-region backups, tested rollback), Git workflows tuned to context. 15 DevOps + 7 cloud + 7 monitoring + 7 deployment portfolio references. What still needs strengthening: **Kubernetes** in production beyond EKS-via-Terraform, large-scale OpenTelemetry, and advanced FinOps. ### Importance in my profile Core to a CTO scale-up role. Without mature DevOps, the team pays in on-call what it gains in velocity. It is what makes the other competencies shippable: an architecture without a pipeline stays theoretical, a strategy without observability is unmeasurable. For a CTO position in regulated industries, it is also what unlocks audits and certifications. ### Advice (for myself and others) ### My operating principles - treat **the deployment pipeline like product code** (PR review, tests, ADR) - automate **early and idempotently**, especially the operations done in panic (rollback, restore, credential rotation) - measure **one indicator** (DORA elite cycle, for example) before stacking ten - prefer *a simple system held in light SRE to a complex one abandoned after the purchase* ## My evolution in this skill ### Role in my professional project DevOps and cloud are **what makes my CTO decisions measurable**. In the 24-month plan, they let me run a production without unmanageable on-call, defend an infra budget in front of a board with explicit FinOps, and pass a security or compliance audit without surprise. Without them, perceived customer value silently degrades as the base grows. ### Mid-term target level The observable goal is to **run a multi-environment EKS cluster** with transparent budget, non-noisy alerts and **rollback automated and tested every quarter**. The main effort axis is Kubernetes in production (beyond EKS-via-Terraform), large-scale OpenTelemetry and advanced FinOps. ### Current training Daily hands-on Terraform on ACCENSEO projects, OVH VPS Docker migration in progress (2026) with [Traefik](https://traefik.io/) as reverse proxy, GitHub Actions for monorepo CI/CD. Master in Software Engineering active until 2026. ### Future training AWS Solutions Architect Associate (SAA) certification planned 2026, AWS DevOps Engineer Professional or **Kubernetes CKA** targeted 2027. Possible intensive SRE cohort (Google SRE workbook + cohort) triggered upon landing the CTO scale-up role. ## Progression across journey This skill was developed across 10 different journey items. - **2001** - [BTS IG (IT Management)](https://portfolio.josedacosta.info/en/journey/bts-computer-science.md) (education) - Confidence: 2/5 - **2008** - [Junior Software Engineer · PHP Joomla Webmaster Developer](https://portfolio.josedacosta.info/en/journey/ministere-sante-webmaster.md) (experience) - Confidence: 2/5 - **2009** - [Software Engineer · PHP Zend Framework Developer](https://portfolio.josedacosta.info/en/journey/european-sourcing-engineer.md) (experience) - Confidence: 4/5 - **2013** - [Senior Software Engineer · Lead PHP Symfony Developer](https://portfolio.josedacosta.info/en/journey/medialeads-senior-engineer.md) (experience) - Confidence: 5/5 - **2016** - [Technical Project Manager · Co-founder · Early-Stage Startup](https://portfolio.josedacosta.info/en/journey/adspower-cofounder.md) (entrepreneurship) - Confidence: 3/5 - **2017** - [Senior Software Engineer · Lead PHP Magento Developer](https://portfolio.josedacosta.info/en/journey/smile-senior-engineer.md) (experience) - Confidence: 5/5 - **2019** - [Engineering Manager · Project Manager / Product Owner · Technical Lead](https://portfolio.josedacosta.info/en/journey/pichet-group.md) (experience) - Confidence: 4/5 - **2019** - [Technical Lead · Flows and Products: content and enterprise integration](https://portfolio.josedacosta.info/en/journey/pichet-technical-lead.md) (experience) - Confidence: 4/5 - **2023** - [Master Expert in Software Engineering](https://portfolio.josedacosta.info/en/journey/master-software-engineering.md) (education) - Confidence: 5/5 - **2024** - [CTO · Founder · technical director](https://portfolio.josedacosta.info/en/journey/accenseo-founder.md) (entrepreneurship) - Confidence: 5/5 ## Related achievements - [SaaS platform for mortgage credit brokers powered by AI](https://portfolio.josedacosta.info/en/achievements/plateforme-saas-courtiers-credit-immobilier.md) - Terraform IaC with 3 environments, Docker Compose, Neon PostgreSQL, Upstash Redis, Cloudflare R2. 15 GitHub Actions workflows, Docker multi-service, Traefik reverse proxy, automated releases - [E-Commerce Platform Redesign Magento Enterprise Edition (alias Fleurance Nature)](https://portfolio.josedacosta.info/en/achievements/refonte-ecommerce-magento-fleurancenature.md) - 8-environment deployment pipeline (local to production) with Git tags, delta scripts, SCP transfer and Varnish cache preservation during live migration - Internal Smile testing + client acceptance testing (recette client) with formal PV sign-off, regression testing across 3 sites for each change - [PIM Extranet for B2B Promotional Products Search Engine (European Sourcing)](https://portfolio.josedacosta.info/en/achievements/extranet-pim-b2b-objets-publicitaires.md) - PHPUnit test suite with 611 test files validating entities, controllers and business logic on the v2 Rebirth. OVH dedicated servers self-administered: Vagrant + Chef provisioning, 25+ cookbooks, Apache, security, monitoring, backups - [Intelligent Accounting SaaS Platform](https://portfolio.josedacosta.info/en/achievements/plateforme-comptabilite-saas.md) - Docker Compose + PostgreSQL 16 + Open Banking PSD2 (Bridge, Qonto, GoCardless) - [AI Chat Export - Multi-Platform AI Conversation Export Extension](https://portfolio.josedacosta.info/en/achievements/ai-chat-export.md) - Designed automated CI/CD pipeline from commit to Chrome Web Store publication - [Atlassian Forge Developer - Intelligent IDE Plugin](https://portfolio.josedacosta.info/en/achievements/atlassian-forge-developer-ide-plugin.md) - 5 GitHub Actions workflows covering build, test, Qodana analysis, compatibility verification, and signed JetBrains Marketplace publication - [European B2B Search Engine for Promotional Products (European Sourcing)](https://portfolio.josedacosta.info/en/achievements/moteur-de-recherche-europeen-b2b-objets-publicitaires.md) - Led the migration from SVN (398 revisions) to GitHub (13 repositories, 836 commits) - organization setup, per-developer branch strategy, 20+ private repos under the medialeads organization - [Partner Lead Reception API Platform (alias PSR)](https://portfolio.josedacosta.info/en/achievements/plateforme-api-reception-leads-partenaires.md) - SOFT Monitor dashboards, real-time email alerts, per-partner flow observability - [Akeneo PIM Project Management and Product Information Governance](https://portfolio.josedacosta.info/en/achievements/pilotage-pim-akeneo-migration-saas.md) - Managed migration from on-premise Kubernetes to Akeneo SaaS, designed rsync pipeline from internal ERP to AWS to PIM cloud - [Food Truck & Mobile Concept Platform - French manufacturer (alias MCR)](https://portfolio.josedacosta.info/en/achievements/plateforme-food-truck-concepts-mobiles.md) - Built an industrial-grade GitHub Actions pipeline (5 jobs), Terraform DNS for 6 domains, PM2 across 3 environments with safety confirmations before production - [tailwindcss-obfuscator - Open Source CSS Obfuscation Tool](https://portfolio.josedacosta.info/en/achievements/tailwindcss-obfuscator.md) - TurboRepo monorepo with pnpm workspaces, ESM/CJS/DTS exports via tsup, automated npm publication - [Collaborative Project Management Platform](https://portfolio.josedacosta.info/en/achievements/plateforme-gestion-projets-collaboratif.md) - Set up Docker multi-stage builds, Docker Compose (dev + prod), GitHub Actions pipeline with 5 jobs, Docker Hub deployment - [ETL Pipeline for Real Estate Listing Syndication (alias Ligneurs)](https://portfolio.josedacosta.info/en/achievements/pipeline-etl-syndication-immobiliere.md) - Docker/Kubernetes deployment with GitLab CI per partner module, enabling zero-downtime migration from PIM v1.4 to v2 - [E-Commerce Site Generator with Customization CMS (alias MyEasyWeb)](https://portfolio.josedacosta.info/en/achievements/generateur-sites-ecommerce-avec-cms.md) - Led SVN to GitHub migration in 2016, OVH dedicated infrastructure, pre-CI/CD manual deployments Interactive version with navigation: https://portfolio.josedacosta.info/en/skills/devops-cloud-production