About Me
I am seeking a challenging position that can effectively leverage and advance my strong technical skills. With my passion for technology and open source, combined with my strong work ethic, effective teamwork, and leadership capabilities, I am eager to make valuable contributions to the success of any project or organization I work with. I am committed to ongoing learning and growth, and am confident that I can make a positive impact on any team or project.
Projects
Below are some of the projects I am proud of achieving in my career.
CEPH Storage Cluster - Was tasked with architecting a cheap storage solution that would complement our EMC. After proof of concepting a few solutions, we settled on CEPH. Lead the architechture of data pool's, replication scheme across machines and racks, developed tools for finding dead drives, and monitoring the entire cluster.
Cost effective Virtualization - Lead architecture and migration of development, QA, and backoffice virtual machines to KVM / CEPH. This saved the company on having to expand EMC cluster and improved performance in production due to decreased load on the EMC.
Unattened Deployment of Poll Station Device - Developed automation to build our voiting system on a airgapped machine. After which it would be packaged within a Ubuntu install ISO. This ISO was then imaged onto a usb thumb drive. Thumb drive was then used to provision poll stations for voting. The usb would automatically install, lockdown and provision our voting software.
Migration to Chef / Salt Stack / CFEngine - Took a combination of perl, bash, and manual steps of deploying our applications and systems to a closed loop configuration management change control and merge request which trigger automatic deployments.
Experiences
- Led the migration of Kubernetes clusters and Terraform infrastructure from Ubuntu GNU/Linux to Flatcar GNU/Linux, improving automation in cluster upgrades, security, performance, and cost savings.
- Transitioned static Kubernetes clusters to an autoscaling architecture based on key performance metrics, enhancing efficiency and reducing operational costs.
- Replaced the deprecated KIAM (Kubernetes IAM credentials provider) with the pod web identity standard, enabling secure AWS role access for Kubernetes pods.
- Deployed the Flatcar Update Operator for seamless security updates to nodes, leveraging release channels where production tracked stable releases and development tracked testing to identify issues early.
- Optimized and right-sized AWS EC2 node configurations across all environments, resulting in significant cost reductions.
- Developed an AWS Lambda function to automatically scale down the development Kubernetes environment and scale up when necessary, leading to further cost savings.
- Consolidated the largest development cell into a single availability zone, reducing EC2 and inter-availability zone transfer costs.
- Fine-tuned and optimized Calico network reflectors, enhancing Kubernetes networking performance.
- Created and deployed multiple Grafana dashboards with integrated Alertmanager notifications to monitor EC2 costs, autoscaling performance, autoscaler capacity, and cell utilization metrics.
- Ensured the VMWare Tanzu Mission Control platform was deployable within a FEDRAMP-compliant environment.
- On customer solution archetecture review board.
- Managed team of 6 DevOps engineers.
- Responsible for calculating cost of goods sold for our kubernetes based platform.
- Program increment planning and ensuring our new product features are cloud ready.
- Responsible for all cloud ready validations pre-release.
- Migration of customers into Fico SaaS products utilizing puppet, openshift, and continuous integration and deployment pipelines.
- Onboarding of new products into Amazon AWS and Rackspace utilizing kubernetes and docker.
- Introduced configuration management using Salt Stack. Turned a hand managed system into fully automated role based deployment via salt.
- Used salt-cloud and terraform to proof of concept migration to Digitalocean and Amazon EC2.
- Implemented central authentication using jumpcloud's saas LDAP, RADIUS, and single signon user managment accross gapps, jira, box, netsuite, *nix, wiki, wifi access points, openvpn, and local machines.
- Improved development process by introducing salt and vagrant local workstation environments.
- Set up monitoring with Zabbix and auto registration of nodes configured with salt stack.
- Migration from VMWare to KVM/CEPH for all development, QA, and backoffice virtual machines.
- Designed 4 data-centers in US & Canada with Cisco UCS B200 M3 blades, EMC VNX 5300, Cisco Nexus 5500, FEX 2200, ASA 5515
- Drove migration to HAproxy load-balancers with custom configuration based on gitlab merge request hooks, which improved page load times and eased management of configuration for our team.
- Designed and implemented monitoring system (Zenoss), central logging system (Elastic search and Kibana), directory services (Samba based ActiveDirectory), Developer tools (Jenkins, OwnCloud, Mediawiki, Jira, and gitlab).
- Developed chef cookbooks for production deployments and post install system configurations, such as monitoring registration, ldap authentication, automatic security patching,and system lockdown settings.
- Reverse engineered and re-architected the elect voting system deployment integration from standalone scripts to Chef roles.
- Led effort for ongoing federal certification of voting systems to VVSG 1.1 standards with a voting systems test lab (VSTL).
- Analyzed root cause on service impacting outages and gave technical expertise on incident reports for any customer impacting outages.
- Part of core team responsible for data-center migration to Equinix in Los Angeles.
- CFengine architecture implemented to automate deployments to prod, stage, qa, and multiple development environments.
- Architected and maintained Solaris zones (containers) to facilitate quick deployments and facilitate higher density on our bare metal servers.
- Architected Xen virtualization to bring in Windows and GNU/Linux Virtualization.
- Implemented a web API to track Linux package versions and deploy security related packages.
- Cisco internal cloud automation integration using virtualization and web UI to maintain life-cycle of virtual servers. Features include utilization reports, idle decommissioning, and charge-back to various departments to generate critical KPIs.
- Integrated Enterprise DNS (Infoblox) and wrote backend API for use with the Cisco internal cloud.
- Part of core team responsible for data-center migration to Equinix in Los Angeles.
- Setup of our staging data-center in AIS San Diego ranging from hardware, cabling, OS, and services.
- Developed and deployed PXE system used to bring up new Linux hosts supporting 3 different distributions and various server roles.
- Connected and secured 2 off-site offices and 2 data-centers via OpenVPN and iptables.
- Implemented VMware QA cluster, with custom Linux kernel performance enhancements.
- Implemented and administered an EMC SAN used for our data warehouse system.
- Implemented Cacti host monitoring and expanded our Nagios host monitoring.
- Configured and deployed a custom Linux kernel to support a diverse hardware environment.
- Implemented streamlined version of Apache and PHP for our front end needs.
- Setup and secured our primary and secondary mail servers.
- Load balancer setup and management (Pound, Zeus, f5, and Netscaler).
- Cisco switch setup, administration, and monitoring.
- Cyclades setup, administration, and monitoring.
- Setup and maintained various back-office services such as Subversion, MediaWiki, Bugzilla, and IRC.
- Setup and maintenance of websites memcached cluster.
- Part of core team responsible for data-center migration to Equinix in Los Angeles.
- Implemented server and services monitoring for our infrastructure.
- Implementing and teaching the use of an ticket tracking system (Trac).
- Implemented source control management system (Subversion).
- Setup an automated build system using CruiseContro.NET and nAnt.
- Implemented network security for their document imaging infrastructure.
- Firewall, web server, and FTP server setup and maintenance.
- Server security for this on-line entertainment business.
- Maintained five co-located Linux servers in the US, Canada, and Europe.
- Managed primary and secondary domain name servers which hosted more than 100 domains.
- Managed apache virtual host configuration for all domains
- Managed MySQL servers.
- Provided support for web developers.
- Worked closely with owner to improve performance and redundancy of servers and web services.
- Researched and implemented google.com hacks/tricks to improve web site ranking.
- Implemented web site and servers statistics via Webalizer/mrtg.
- Designed entire office network.
- Configured, built, and maintained all office workstations and servers.
- Implemented an off-site data backup strategy.
- Designed, coded, and hosted the business web site.
- Offer technical support for all employees.
- Programming and installation of IntelliMold process controls into PC-104 embedded systems using Sigmatek LASAL.
Orginizations
Network design and administration for the associations fund raiser MPCon
Worked closely with president to organize all other aspects of the event like: building accommodations, power, and funding.