Posts on Ricardo Martins — Cloud Architecture, Azure, Kubernetes & AI

Something My Manager Said Today That Stayed With Me

Tue, 24 Mar 2026 10:00:00 -0400

Had a 1:1 last week. Nothing unusual, just a regular conversation, catching up on things. But there was one moment that stayed with me after the call ended.

At some point he said he usually thinks about people in four different ways. Not as an official framework or anything like that, just how he personally sees it. And I don’t know, the way he explained it felt simple, but it kind of stuck.

Responsibility, Trade-Offs, and Learning at AI Scale

Mon, 09 Feb 2026 10:00:00 -0400

Over the past year, I’ve been working closely with some of the bigger and more visible AI customers in Microsoft’s ecosystem. Large platforms. Fast-moving teams. High expectations. High stakes.

On paper, that kind of visibility sounds exciting. In reality, it comes with a weight that’s hard to explain unless you’ve been there.

Because being close to impact also means being close to consequence.

Visibility changes everything

When you work with smaller teams or early-stage projects, mistakes are usually contained. You can recover. You can explain. You can iterate.

Why Azure Feels Harder Than AWS

Tue, 03 Feb 2026 10:00:00 -0400

…and why that’s not an accident.

If you have worked with both Azure and AWS long enough, you have probably felt it.

AWS feels straightforward. Azure feels… heavier.

Not worse. Not broken. Just harder to reason about.

The console feels denser. The mental model feels less obvious. The number of “extra” concepts feels higher.

This is not a beginner problem. Senior engineers feel it too.

And the most interesting part is this: that friction is not accidental.

Cloud Maturity Is Not About Being 100% Cloud

Fri, 23 Jan 2026 10:00:00 -0400

For years, “cloud-first” has been treated as a badge of honor. Companies proudly announce that everything is in the cloud, architects optimize for migrations instead of outcomes, and teams equate progress with how little infrastructure they still own.

But after working with dozens of real systems, across different industries and at different scales, one thing becomes clear.

Cloud maturity is not about being 100% cloud. It is about knowing why each workload is where it is.

No One Is Layoff-Proof: How Intellectual Capital Can Be Your Best Protection

Tue, 14 Oct 2025 10:00:00 -0400

Throughout my career, I’ve had countless conversations about career paths with colleagues, mentees, and professionals in transition. In those talks, I often share practices that have helped me personally along the way.

But this article is different. It’s transparent and honest. Although I’ve spoken about parts of my story with people close to me, this is the first time I’m sharing it so openly, including my mistakes, lessons, and reflections in a public space.

Who Are You Without the Company's Last Name?

Wed, 14 May 2025 10:00:00 -0400

It’s easy, even comforting, to blend in with your badge. We introduce ourselves with our name followed by the company. We join meetings carrying that title. We post with the credibility it gives.

But at the end of the day, the company is just where you are, not who you are.

You are what you’ve built. What you’ve learned, and taught. You are the reputation that stands when your name shows up alone. You are the value that stays when the badge is gone.

Private ARO Cluster with Access via JumpHost

Tue, 21 Jan 2025 10:00:00 -0400

This article was originally published at https://cloud.redhat.com/experts/aro/private-cluster/

A Quickstart guide to deploying a Private Azure Red Hat OpenShift cluster.

Prerequisites

Azure CLI

Obviously you’ll need to have an Azure account to configure the CLI against.

MacOS

See Azure Docs for alternative install options.

Install Azure CLI using homebrew

brew update && brew install azure-cli

Install sshuttle using homebrew

brew install sshuttle

Linux

See Azure Docs for alternative install options.

Import the Microsoft Keys

sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc

Add the Microsoft Yum Repository

cat << EOF | sudo tee /etc/yum.repos.d/azure-cli.repo
[azure-cli]
name=Azure CLI
baseurl=https://packages.microsoft.com/yumrepos/azure-cli
enabled=1
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc
EOF

Install Azure CLI

sudo dnf install -y azure-cli sshuttle

Prepare Azure Account for Azure OpenShift

Log into the Azure CLI by running the following and then authorizing through your Web Browser

az login

Make sure you have enough Quota (change the location if you’re not using East US)

az vm list-usage --location "East US" -o table

See Addendum – Adding Quota to ARO account if you have less than 36 Quota left for Total Regional CPUs

Creating a Lightweight Jump Host in Azure with sshuttle (No VPN Required)

Fri, 04 Oct 2024 10:00:00 -0400

When working with development or test environments in Azure, a common need is secure access to internal resources without exposing them directly to the internet. While VPN solutions are a robust way to achieve this, they can often be overkill for simple use cases, especially when you just want to access a few VMs or services for testing. A jump host combined with sshuttle offers a simple, VPN-like solution that can be quickly deployed and used to tunnel traffic to your Azure resources—without the overhead of setting up a full VPN.

Deploying Advanced Cluster Management and OpenShift Data Foundation for ARO Disaster Recovery

Fri, 04 Oct 2024 10:00:00 -0400

This article was originally published at https://cloud.redhat.com/experts/aro/acm-odf-aro/

A guide to deploying Advanced Cluster Management (ACM) and OpenShift Data Foundation (ODF) for Azure Red Hat OpenShift (ARO) Disaster Recovery.

Overview

VolSync is not supported for ARO in ACM: https://access.redhat.com/articles/7006295 so if you run into issues and file a support ticket, you will receive the information that ARO is not supported.

In today’s fast-paced and data-driven world, ensuring the resilience and availability of your applications and data has never been more critical. The unexpected can happen at any moment, and the ability to recover quickly and efficiently is paramount. That’s where OpenShift Advanced Cluster Management (ACM) and OpenShift Data Foundation (ODF) come into play. In this guide, we will explore the deployment of ACM and ODF for disaster recovery (DR) purposes, empowering you to safeguard your applications and data across multiple clusters.

Configure ARO to Use Microsoft Entra ID Group Claims

Thu, 03 Oct 2024 10:00:00 -0400

This article was originally published at Configure ARO to use Microsoft Entra ID Group Claims | Red Hat Cloud Experts

This guide demonstrates how to utilize the OpenID Connect group claim functionality implemented in OpenShift 4.10. This functionality allows an identity provider to provide a user’s group membership for use within OpenShift. This guide will walk through the creation of an Azure Active Directory (Azure AD) application, configure the necessary Azure AD groups, and configure Azure Red Hat OpenShift (ARO) to authenticate and manage authorization using Azure AD.

ARO with Nvidia GPU Workloads

Thu, 08 Aug 2024 10:00:00 -0400

This article was originally published at ARO with Nvidia GPU Workloads | Red Hat Cloud Experts

ARO guide to running Nvidia GPU workloads.

Prerequisites

oc cli
Helm
jq, moreutils, and gettext package
An ARO 4.14 cluster

Note: If you need to install an ARO cluster, please read our ARO Terraform Install Guide. Please be sure if you’re installing or using an existing ARO cluster that it is 4.14.x or higher.

Note: Please ensure your ARO cluster was created with a valid pull secret (to verify make sure you can see the Operator Hub in the cluster’s console). If not, you can follow these instructions.

What to Consider When Using Azure AD as IDP

Fri, 24 May 2024 10:00:00 -0400

This article was originally published at What to consider when using Azure AD as IDP? | Red Hat Cloud Experts

In this guide, we will discuss key considerations when using Azure Active Directory (AAD) as the Identity Provider (IDP) for your ARO or ROSA cluster. Below are some helpful references:

Default Access for All Users in Azure Active Directory

Once you set up AAD as the IDP for your cluster, it’s important to note that by default, all users in your Azure Active Directory instance will have access to the cluster. They can log in using their AAD credentials through the OpenShift Web Console endpoint:

Building a Secure and Scalable Foundation for Your Environment on Azure

Mon, 20 May 2024 10:00:00 -0400

Great! You just started your Azure journey and now it’s time to scale your infrastructure to meet the growing demands of your business. Microsoft Azure offers a robust cloud platform that can grow with you, but where do you begin? This article will introduce you to three fundamental building blocks for your Azure journey: Azure Subscriptions, Microsoft Entra ID (formerly Azure Active Directory), and Azure Enterprise Scale Landing Zones.

Understanding the Basics

Microsoft Entra ID (Former Azure Active Directory)

Microsoft Entra ID, previously known as Azure Active Directory (Azure AD), is the backbone of identity and access management in Azure. It is a cloud-based identity and access management service that provides:

Maximizing Cost Efficiency in Azure: Navigating Azure Reservations and Savings Plans

Wed, 15 May 2024 10:00:00 -0400

Introduction:

In the realm of cloud computing, optimizing costs is paramount for businesses leveraging Microsoft Azure. Azure offers two primary cost-saving mechanisms: Azure Reservations and Azure Savings Plans. Both options come with distinct advantages, disadvantages, and usage scenarios. In this comprehensive guide, we’ll explore these features, penalties, and ideal use cases to empower you in making informed decisions tailored to your business needs.

Understanding Azure Reservations:

Azure Reservations provide businesses the opportunity to commit to one-year or three-year plans for various products within the Azure ecosystem. The commitment entails a promise of usage, enabling significant discounts of up to 72% off pay-as-you-go prices.

Introduction to AI and Comparing OpenAI with Azure OpenAI

Fri, 10 May 2024 10:00:00 -0400

As I embark on my journey of learning about artificial intelligence (AI), I am discovering the fascinating world of large language models (LLMs) and their applications in various technologies. In this article, I aim to share my newfound knowledge and insights with others who are also beginning their journey in AI. We will explore OpenAI, one of the leading organizations in AI research and development, and compare its offerings with Microsoft’s Azure OpenAI service.

Real-World Applications and Ethical Implications of AI

Fri, 10 May 2024 10:00:00 -0400

As we continue our journey into artificial intelligence (AI), it’s important to understand how AI is transforming different industries and the ethical and legal challenges associated with its widespread adoption. In this new post, we will explore AI’s real-world applications and the complexities of ethical and legal concerns in detail.

AI in Healthcare

AI is making significant advances in healthcare, improving patient care and medical research:

Diagnostics: AI-powered algorithms can analyze medical images, such as X-rays, MRIs, and CT scans, to identify diseases like cancer or fractures with high accuracy. These systems can serve as a second opinion for radiologists, improving diagnostic accuracy and efficiency.
Personalized Medicine: AI enables the development of personalized treatment plans based on a patient’s unique genetic makeup. This approach can lead to more effective and targeted therapies, improving patient outcomes.
Drug Discovery: AI accelerates the process of discovering new drugs by analyzing vast amounts of data to identify potential compounds and predict their efficacy. This reduces the time and cost associated with bringing new drugs to market.
Remote Monitoring: AI-powered wearable devices and remote monitoring tools enable healthcare providers to track patients’ health in real-time, offering proactive care and reducing hospital readmissions.
Administrative Efficiency: AI streamlines administrative tasks such as scheduling, billing, and insurance claims processing, freeing up healthcare professionals to focus on patient care.

AI in Finance

AI is reshaping the finance industry by providing innovative solutions to complex problems:

Azure Front Door with ARO (Azure Red Hat OpenShift)

Tue, 09 Apr 2024 10:00:00 -0400

This article was originally published at Azure Front Door with ARO ( Azure Red Hat OpenShift ) | Red Hat Cloud Experts

Securing exposing an Internet facing application with a private ARO Cluster.

When you create a cluster on ARO you have several options in making the cluster public or private. With a public cluster you are allowing Internet traffic to the api and *.apps endpoints. With a private cluster you can make either or both the api and .apps endpoints private.

Deploying an Application on OpenShift Local: A Beginner's Guide

Fri, 08 Dec 2023 10:00:00 -0400

Introduction

OpenShift, developed by Red Hat, extends Kubernetes to provide a more robust platform for deploying and managing containerized applications in a complete application platform. It integrates the core features of Kubernetes with additional tools and services to enhance developer productivity and operational efficiency. This guide aims to introduce beginners to deploying applications on OpenShift Local, a streamlined method to run OpenShift clusters locally for development and testing.

Using a local OpenShift environment, offers several benefits, especially for developers who are new to OpenShift or Kubernetes:

DevSecOps Workshop

Thu, 07 Dec 2023 10:00:00 -0400

Just sharing an awesome learning resource I found recently. It will introduce you to the application development cycle leveraging OpenShift’s tooling & features with a special focus on securing your environment using Advanced Cluster Security for Kubernetes (ACS). You will get a brief introduction in several OpenShift features like OpenShift Pipelines, OpenShift GitOps, and OpenShift DevSpaces.

Check out at https://devsecops-workshop.github.io/

Have You Already Had a Chance to Think About Why You Should Consider Using UBI?

Thu, 07 Dec 2023 10:00:00 -0400

UBI stands for Universal Base Image. It’s a type of container-based image that Red Hat has created and maintains. UBI images are derived from Red Hat Enterprise Linux (RHEL) and are designed to be a foundation for building containerized applications. Here’s why UBI is significant and why you might consider to use it:

Compatibility with RHEL: UBI is based on RHEL, which means it inherits the reliability, security, and performance of RHEL. This compatibility is crucial for organizations that already rely on RHEL for their enterprise applications.
Open and Freely Distributable: Unlike RHEL, which requires a subscription, UBI can be used freely. This means you can build your container images on UBI and redistribute them without worrying about RHEL licensing, while still benefiting from the stability and security of a RHEL base.
Security and Compliance: UBI images benefit from Red Hat’s commitment to security and compliance. They receive regular updates and patches, which is essential for maintaining security in containerized environments.
Broad Ecosystem and Support: Since UBI is based on RHEL, it has broad support from software vendors and the open-source community. This extensive ecosystem ensures compatibility with a wide range of applications and tools.
Ease of Certification: For software vendors, using UBI can simplify the process of certifying their applications for RHEL, as UBI containers can be run on both RHEL and non-RHEL hosts.
Container Portability: Containers built on UBI can run anywhere that supports container workloads, including Red Hat OpenShift, Kubernetes, and even non-Red Hat platforms. This portability is crucial for organizations adopting a hybrid or multi-cloud strategy.
Consistency Across Environments: UBI helps maintain consistency across development, testing, and production environments, reducing the “it works on my machine” problem.
Support for Different Architectures: UBI images are available for multiple architectures, including x86_64, s390x, and others, which is important for organizations with diverse infrastructure needs.

In summary, UBI combines the reliability and security of RHEL with the flexibility and freedom of a container-based image that can be freely shared and redistributed. It’s an excellent choice for organizations looking to build containerized applications that are secure, compliant, and compatible with a wide range of environments and platforms. See more here

Prerequisites Checklist to Deploy ARO Cluster

Thu, 30 Nov 2023 10:00:00 -0400

This article was originally published at https://cloud.redhat.com/experts/aro/prereq-list/

Before deploying an ARO cluster, ensure you meet the following prerequisites:

Setup Tools

Install Azure CLI: Essential for managing Azure resources. Refer to the official documentation

Verify Resources

Core Quota: Confirm availability of at least 40 cores to create and run an OpenShift Cluster.

Permissions

RBAC Settings:
- Ensure you have Contributor and User Access Administrator roles on the cluster resource group.
- Assign Network Contributor role on the virtual network, if using a separate resource group.
- For stricter security policies, create a custom role with necessary permissions. Reference link.
Microsoft Entra (Former Azure AD):
- Have a member user of the tenant or a guest with Application administrator role for the tooling to create an application and service principal on your behalf for the cluster.
Terraform: If you plan to use Terraform for the deployment of the cluster, see here the required permissions.

Azure Integration

Resource Provider:
- Register the Microsoft.RedHatOpenshift resource provider. Reference link.
Red Hat Integration:
- Obtain a Red Hat pull secret (Recommended for access to additional content like Operators and Container Registries).

Domain Configuration

This step is optional since you can use the built-in domain.

Setup a VPN Connection into an ARO Cluster with OpenVPN

Wed, 29 Mar 2023 10:00:00 -0400

This article was originally published at Setup a VPN Connection into an ARO Cluster with OpenVPN | Red Hat Cloud Experts

When you configure an Azure Red Hat OpenShift (ARO) cluster with a private only configuration, you will need connectivity to this private network in order to access your cluster. This guide will show you how to configure a point-to-site VPN connection so you won’t need to setup and configure Jump Boxes.