Azure DevOps Transformation

Written By Stefaan van hoof

Introduction:

"As part of the MSC IoT project, I spearheaded efforts to transform the platform’s deployment process into a fully automated Infrastructure as Code (IaC) setup. This included transitioning from Kubernetes and legacy application services to Azure Container Apps with managed identities, aligning with modern security best practices. Working closely with MSC’s networking and security experts, I contributed to the IoT network redesign while ensuring seamless Azure tenant migration and 100% uptime."

Challenges:

  • Transitioning the architecture from Kubernetes and legacy services to Azure Container Apps.

  • Eliminating connection strings and passwords from development environments to improve security.

  • Implementing managed identities for secure resource access.

  • Supporting the redesign of a complex IoT network with onboard vessel gateways and external providers like AT&T and Telefónica.

  • Maintaining continuous service reliability during a large-scale Azure tenant migration.

Solutions & Contributions:

"I led the implementation of Infrastructure as Code (IaC) using YAML and Bicep files, automating the deployment of MSC’s IoT architecture. We transitioned from Kubernetes and legacy application services to Azure Container Apps, utilizing managed identities to eliminate the need for connection strings and passwords, significantly improving security. By collaborating with MSC’s networking and security teams, I supported the technical redesign of the IoT network, including the setup of IPsec tunnels and VNets to secure communication between onboard vessel gateways and external providers. I also played a key role in planning and executing the Azure tenant migration, achieving 100% uptime while streamlining deployment pipelines for efficient production workflows."

Results:

  • Migrated the IoT platform to a fully deployable IaC model, simplifying infrastructure management.

  • Transitioned to Azure Container Apps with managed identities, improving security posture and operational efficiency.

  • Removed all connection strings and passwords from developer environments, aligning with modern security recommendations.

  • Supported the redesign of the IoT network to enhance security and reliability.

  • Achieved 100% uptime during the Azure tenant migration.

  • Improved scalability and deployment efficiency through containerized solutions and optimized pipelines.

Key Technologies:

  • Azure DevOps, Azure Container Apps

  • Infrastructure as Code (YAML, Bicep)

  • Managed Identities, Secure IoT Communication

  • Azure Virtual Networks (VNets), IPsec Tunnels

  • CI/CD Pipelines

Reflection:

"This project was transformative for my career, allowing me to deepen my expertise in Azure DevOps, Infrastructure as Code, and secure application design. Transitioning from Kubernetes and legacy services to Azure Container Apps was a significant architectural shift that improved scalability and security. I am proud of our efforts to eliminate connection strings and passwords, aligning with best practices, and of my contributions to the technical designs and seamless execution of the tenant migration. This experience reinforced my ability to deliver scalable, secure solutions while mentoring teams through major transformations."

Stefaan van hoof
Previous

Architecture in Global Collaboration
Next

Reefer Tracking for Agencies