About the role
Job Title: Kubernetes Architect (AKS) Location: Mississauga, ON Duration: Contract
Job Requirements: • 10+ Years of experience on Azure and 6+ years’ experience on AKS, istio mesh. • Design and Development
Key Responsibilities
- Define the target reference architecture for greenfield AKS clusters along with engineering team and ensure how bluefield cluster remain undisruptive: control plane choices, private clusters, node pool strategy, upgrade/runway, and regional topology.
- Lead design for NGINX → Azure Managed Gateway API: HTTP Route/Gateway modeling, TLS/WAF strategy, policy attachments, and weighted/canary traffic for cutover.
- Architect kubenet → Azure CNI (Cilium) migration with new clusters with Engineering team: IP planning, subnet sizing, pod density, surge capacity, cordon/drain and service-by-service move plan.
- Choose/validate dataplane features: Cilium network policy, kube proxy replacement (if enabled), Hubble visibility, and implications on performance/SNAT.
- Standardize identity/secrets: Azure - Key Vault + CSI; cert lifecycle (Key Vault and/or Gateway API).
- Establish platform guardrails: Azure Policy, RBAC least privilege, multi tenancy boundaries (namespace/project isolation).
- Define/Follow the GitHub standards: reusable workflows, CODEOWNERS, branch protections, environment approvals, and artifact provenance/signing.
- Own non functional requirements: SLOs, HA/DR, capacity modeling, performance budgets, and failover patterns for ingress and data plane.
- Govern delivery: roadmap, cutover criteria, readiness gates; mentor Platform/DevOps on architectural compliance.
Section IV - Job Qualifications & Skills Soft Skills
- Excellent communication
- Team collaboration
- Documentation and knowledge sharing
Education Requirements Bachelor's/master’s in computer science or equivalent (can be marked optional or flexible)
Best Regards, Karunakar Apptoza Inc. Phone: 647-953-1040 Email: karunakar@apptoza.com Website: www.apptoza.com linkedin.com/in/v-karunakar-93109b200