This portfolio showcases some of the projects that I have worked on over the years.



Software Development Projects

NetGuard Cybersecurity Dome

NetGuard Cybersecurity Dome is an award-winning security orchestration software suite with pre-built 5G use cases for telecommunication service providers and critical infrastructure enterprises.

Built on extended detection and response (XDR) architecture, it offers visibility across various networks, cloud infrastructure and endpoints. It unifies security control points, offers security telemetry and provides analytics and operations in a single view.

Kafka Azure Sink

The Kafka Azure Sink is responsible for pushing messages from a list of topics to Azure Log Analytics.

Features:

  • Fast throughput (1 GB/sec per instance)
  • Dynamic topic list
  • Deployable to Kubernetes via HelmChart/FluxCD
  • Small CPU/memory footprint


Technology: Go, Kafka, Docker, Kubernetes, Prometheus Metrics.


Challenges

  • Controlling back-pressure between Kafka and a slower downstream API.
  • Preserving delivery guarantees while batching messages for throughput.
  • Handling dynamic topic discovery at runtime.
  • Validate and size-limit payloads.


Kafka Stream Operator

The Kafka Stream Operator is responsible for processing messages from one topic and publishing them to another. Processing includes filtering messages and transforming the contents.

Features:

  • Message filtering
  • Transforming the message into a normalized schema

  • Separate instances of this service can be deployed for different use cases.

  • Deployable to Kubernetes via HelmChart/FluxCD
  • Small CPU/memory footprint


Technology: Go, Kafka, Docker, Kubernetes, Prometheus Metrics.

Challenges

  • Designing a streaming pipeline that could handle high message volume without falling behind.
  • Handling Kafka offset commits and failure scenarios without introducing data loss risk.
  • Anonymizing sensitive fields while preserving enough structure for downstream use.


Credential Management Service

The Credential Management Service securely manages application credentials for other platform components. Secrets are stored in Azure Key Vault, while searchable metadata is maintained in Azure Cosmos DB.

Features:

  • Secure secret storage in Azure Key Vault
  • Searchable credential metadata in Azure Cosmos DB
  • Role-based access control with OpenID Connect
  • Versioned REST APIs for retrieval and search
  • Bulk create and bulk update support
  • Prometheus metrics and internal health endpoints


Technology: Go,Azure Cosmos DB, Azure Key Vault, OpenID Connect, Prometheus, Docker


Kubernetes Deployment using Flux

For our Kubernetes deployments, we adopted Flux as a GitOps-based continuous delivery framework. Flux enables automated, declarative deployments by continuously reconciling cluster state with configuration stored in Git.

Features:

  • GitLab repositories define the desired cluster state, including applications, configurations, and infrastructure components.
  • A single repository can manage deployments across multiple Kubernetes clusters.
  • Flux continuously detects and applies changes from Git, ensuring clusters remain in sync without manual intervention.
  • Kubernetes components are defined using Helm charts, allowing reusable, versioned, and parameterized deployments.
  • Helm charts are pulled from a chart repository (e.g., internal artifact registry), while container images are retrieved from a Docker registry.
  • Helm values define application configuration, container images, and runtime settings in a consistent, version-controlled manner.
  • Kubernetes pulls container images from the configured registry and deploys them based on the declared specifications
  • Versioning achieved through use of Kustomize. 


Technology: Flux, Helm, Kustomize, Git, Artifactory, Docker, Kubernetes.



Keystone

Keystone is a secure, policy-based vehicle digital key solution that leverages Bluetooth™ Low Energy technology to enable proximity-based vehicle access using a smartphone. 

Features:

  • Keyless access to vehicle
  • Policies that can
    • restrict access to vehicles features
    • limit speed
    • geographical limitations


Technology: Java, Go, Docker, Kubernetes, PostgreSQL.

IOT Projects

Brew Controller

Features:

  • Wireless connectivity 
  • Software PID controller
  • Data logging 
  • Graphing of live and historic data
  • Dynamic web UI
  • Over the air updates

Front End: Bootstrap, Javascript, HTML, CSS.

Back End: C++, Arduino, MQTT, HomeBridge.

Electronics: ESP8266 uController, EAGLE


Additional Details...

  • No labels

Copyright JMEHAN.COM