Raphaël - DevOps LINUX

DevOps Engineer

Field: Banking industry
Role: Managing test environments
Activities: Deploying infrastructures and applications
Technologies: Kubernetes, GitLab, Jenkins, Python, Terraform, Ansible
Creation and delivery
• Gathering needs from dev teams for non-production environments
• Terraform : deploying appliances in a private cloud
• Ansible : compliance monitoring and Configuration Management
• Decreased time-to-release from 1 week to 24 to 48 hours

DevOps Engineer

Role : DevOps engineer in a production environment
Missions : Infrastructures management, integration
Technologies : Hadoop stack, OpenShift PAAS, Docker, GitLab, Jenkins, Ansible

Big Data applications integrations
Requirements :
• Integration of Big Data related applications
• Setting up CI/CD processes and workflows
• Bare-metal level support
• Hadoop stack and ETL services support and maintenance
• Platform maintenance and conformity checks

Technologies and features :
• Automated integrations using GitLab and Jenkins
• Setting up development processes and workflows using JIRA issues and Gitlab Merge requests
• A complete set of Ansible playbooks to maintain and deploy applications
• Custom application image building using Docker and Dockerfiles
• Versioning and change management of OpenShift application configuration files
• Leading and managing users' developments using Git branches

Results :
• An available platform running Big Data and web applications with CPU and GPU resources
• End-to-end development process, delivered to developers and used on a day-to-day basis
• A large number of developers working with continuous integration workflows, conding
their applications and immediately seeing the results
• A production-ready platform delivered with a complete documentation and various automation scripts
and playbooks
• A continuously supplied and maintened Docker registry containing custom images (with side-car or
security features) and developers' application images

Other achievements :
• Providing training to developers about continuous integrations and workflows.
• Providing training to administrators about OpenShift technologies, administration process and security features.
• Bare-metal failures analysis, datacenter operations and server management.
• Complete documentations about workflows and technology usages.

Apprentice software developer

Company : Cloud computing, Telecoms, Big Data, Iot...
Role : Apprentice full-stack developer, IT department
Missions : Requirement gathering, web development, automation, scripting

IT engineering student

Specialization: System and network infrastructures
Fields of study : Infrastructure, Cloud computing, Virtualization, TCP networking
Certifications : CCNA (Cisco), CSNA (Stormshield), TOEIC 950

Final study project : Information system infrastructure
In order to optimize their IT resources and storage capacity, the engineering school needed a solid, scalable, VM driven
information system for their IT teachers and students. Our class set up a VMWare powered infrastructure, in which I
participated as a backup on many system and networks topics, such as network services (DNS, LDAP, VPN...), cloud
computing orchestrators(VMWare, Kubernetes) and led the "VM on demand" part of this project :
Requirements :
• A strict role system, in order to allow teachers to manage their resources and those of their students
• Set up a virtual machine or a service container with a template or custom configurations
• Set up a provisioning system for automated node configurations
• Implement a solid security system for VM access
Technologies and features :
• A PXE system daemon implemented with Python, connected to a Redis message queue
• A network-managed boot-up system, secured with SSH-key based access
• A PostgreSQL database, containing LDAP information and security access controls
• A web interface, allowing users to complete forms for service and configuration data
• A visualization of services and VM information and status
Results :
• A user-friendly web-application
• Users can deploy a new custom virtual machine within 2 minutes
• A scalable and evolving stack of services

Other projects and collaborations

Ecole des Mines d’Alès:
• Openstack private cloud setup
• Stormshield firewalls training and certification (CSNA)
• CISCO foundation certification (CCNA)
• IBM cloud storage : physical replications / backups of SAN network endpoints
IUT Montpellier :
• OpenStreetMap based map application (Java)
Passion projects :
• Homelab, cloud-powered (AWS, Azure, OVH), secured with OpenVPN, IPTables, and SSL, with services such as a
printing server, a web server, a Plex server..

Devops Engineer

Setting up private cloud platforms for Big Data application integration
• Managing 90+ virtual nodes on an OpenStack platform
• OpenShift administration and application integration for GPUs usage
• Setting up a CI/CD pipeline with Gitlab and Jenkins
• Application-level support of Hadoop stack services
• Ensuring compliance of physical and virtual nodes with Ansible
• Trained developers to SAAS and CI/CD tools
Application deployment and monitoring
• Advising on DevOps practices and setting up a CI/CD pipeline
• Gitlab : development workflows and versioning
• Jenkins : building code and deploying Docker images
• Kubernetes : instantiate docker images with ArgoCD
• Reduced failures during deployments with automated testing and code
compliance tools

Security-hardening alert system for continuous monitoring
Requirements :
• Centralize infrastructure security information
• Have a real-time visualization of alerts and potential security issues
• Flexible and scalable software architecture in order to integrate future other security tools
• Changes management and delta visualization
Technologies and features :
• Parsing of multiple system daemon outputs (apticron, RKHunter, PortSentry etc...)
• Data analysis from PERL scriptsin order to generate alerts or warning messages
• An alert system with different levels and different kinds of warnings
• A VueJS web interface with real-time datatables and performant filters system
Results :
• Scalable, a user can add a new server to the analysis tool easily
• Flexible, new sources of data can be added quickly (by adding a new parser)
• A well-documented and intuitive software

CMDB service project
Requirements :
• Centralize configuration data from customer infrastructures
• Set up a secured, unexposed access to different sources of data
• Synchronize database to actual contracts data and customer information
• Reconciliate hardware and software data from inventory and system monitoring daemons
Technologies and features :
• PostgreSQL database, divided in schemas and user account authorizations (RLS for vertical security access)
• Logical replication and duplication (with plpgsql, pglogical and Foreign-Data-Wrappers)
• Multiple back-end interfaces, a PostgREST API and a PHP-powered back-end
• Synchronization and reconciliation from Rudder inventories with PERL scripts
• A VueJS user-interface, conditionally rendered with features depending on the user role
Results :
• A living, maintained and documented stack of processes
• Used in production by the Cloud Computing Business Unit
• A distributed software architecture
• Lots of future possible improvements