Projekt‐ & Berufserfahrung
Parship Group, Hamburg
2/2020 – 6/2020Tätigkeitsbeschreibung
Delivered a Proof-of-Concept for Puppet, which enabled the Operations Team to test changes on their local machines before they are pushed to production through Jenkins Pipelines, increasing development velocity and failure tolerance.
Improved the existing Infrastructure as Code solution for Cloudflare, based on Terraform, by redesigning the code architecture to a modular basis, which minimized duplication and allowed reuse of Cloudflare resources. Created a golang program leveraging the Cloudflare API to dump manually created entries, converting them into a format importable into Terraform state files. These changes improved maintainability and usage of the Terraform runtime.
Implemented DNS Zone Forwarding to multiple Environments for services registered in environment-specific Consul clusters, making it possible for developers to use the Consul DNS to browse their environment-specific Services by knowing only the datacenter and service names.
Updated expired Intermediate CA Certificates on all Puppet-managed hosts and added the new certificates to the system and browser truststores in an automated way.
Planned capacity for a future Kubernetes Topology in accordance with the existing services and resources used on hypervisors.
DevOps, IT-Beratung (allg.)
Deposit Solutions GmbH, Hamburg
11/2016 – 2/2020Tätigkeitsbeschreibung
Played a key role in the main automation project converting the infrastructure from a mainly manual maintenance state into a completed automated state using Saltstack and GitLab, joining the design sessions and being responsible for a sizeable part of the implementation effort, later taking over the responsibility for being the main driver of automation and testing for any expansions using tools like kitchen and InSpec and respecting a git-flow model, ensuring that a machine park with more than 300 hosts is completely managed through an automated and audited interface.
Successful proof-of-concept of a monitoring solution for MySQL databases based on Prometheus, Grafana, and related exporters. This solution enabled developers to find inconsistencies amongst database schemas and Infrastructure engineers to adjust and enhance the database performance.
Creation of a new segregated environment standard to run the company's applications, covering different roles such as web servers, backend servers, and batch job servers backed by a set of reusable Ansible deployment scripts.
Successful migration of the company hypervisor technology from VMWare to Proxmox, greatly enhancing the automation capabilities of the platform and making it possible to run applications with LXC container technology.
Design and implementation of a new load balancing architecture for dynamic request routing based on consul, consul-template, and nginx. This new architecture enabled central log aggregation,
TLS-secured connections and dynamic routes based on service registration information stored from the Consul service catalog.
Development of a new set of guidelines for service registration and discovery in the company, together with automation systems for Consul and Consul Template management using SaltStack, including enhancements to the core states and modules for Consul.
Rollout of a new Docker Registry based on Gitlab EE together with an S3 backend with controlled access and encryption using in-house certificates. Provided documentation and examples for the internal teams to migrate to the new solution.
Setup of a new test infrastructure based on Gitlab CI and dynamic build workers on AWS governed by auto scaling runners. The solution enabled all teams working in both infrastructure and application development to have an elastic environment for functional and end-to-end testing whilst greatly reducing the need for on-premise testing infrastructure, resulting in significant cost savings. The rollout of the solution included pair sessions with the development teams in order to adapt the solution to be compatible with semantic versioning and the Java build process used in the company.
Successful PoC of infrastructure management on AWS using Terraform and a set of custom scripts, allowing better view on what would be required to migrate all AWS resources to a Terraform-managed setup.
Creation of a team vision and moderation of discussion sessions which enabled the team to map pending work in form of a comprehensive roadmap, which is used to guide the Scrum planing process.
Rollout of Graylog as the default log aggregator within the company, starting with PoC projects all the way to a fully automated setup backed by SaltStack running in the AWS cloud.
DevOps, Serveradministration (allg.), Infrastrukturarchitektur
Webtrekk GmbH, Berlin
7/2016 – 11/2016Tätigkeitsbeschreibung
Improved an existing DataStax Cassandra Cluster through a multi phased process of collecting performance data with prometheus, identifying existing bottlenecks and implementing multiple configuration enhancements, amongst them fixing rack awareness, heap space allocation, number of nodes, data replication level and automation with Ansible. After the changes the amount of running transactions per second was increased in around 400%.
Automated the installation of Apache Kafka brokers by creating custom Debian packages and an Ansible role to install them, improving provisioning time for new clusters.
Deployed a PoC project for Java application tracing based on Dynatrace, enabling development teams to proactively detect performance bottlenecks across services and infrastructure components.
The ADEX, Hamburg
IT & Entwicklung
4/2015 – 4/2016Tätigkeitsbeschreibung
Planned and migrated a Cloudera cluster from major release version 4 to 5, including an linux upgrade from CentOS 6 to 7 managed by puppet with all new configurations and components (Hadoop HDFS, YARN, HBase, Hive, ZooKeeper, Kafka, Flume, Spark). The existing data was synchronized by homegrown scripts with zero downtime.
Participated in a true DevOps culture in steadily improving YARN. Worked hand in hand with development teams to determine the best resources for the various workloads to achieve the best possible result, obtaining a performance increase of 50%.
Creation of various enrichment scripts for 3rd party data consumed from many data sources saving on-demand changes to Hadoop HDFS.
Participation in the construction of a data enrichment pipeline by means of Kafka brokers and flumes in the process of sequential data processing, storing data of a defined file size limit in a HDFS cluster. The system was able to process 2 million synthetic data messages per second.
Created a python-based data backup and recovery solution for Cassandra database systems emulating 1 automated recovery per month.
Setup a Gitlab CI 8 build pipeline to support development teams in their build and release process.
DevOps, Infrastrukturarchitektur, Netzwerkarchitektur
ad pepper media Group, Hamburg
9/2014 – 4/2015Tätigkeitsbeschreibung
Migrated workloads running over bare metal to an OnApp KVM based solution with Samba4 acting as a Domain Controller for the environment. Also deployed a unified monitoring and alerting setup for this environment with Nagios.
Implemented a centralized configuration management system with puppet (v3.4) and created custom puppet modules for various infrastructure components (MariaDB, Nagios core, vsftpd, OpenVPN, shorewall, iptables, HAProxy, POSIX users and groups, PowerMTA, ActiveMQ, Apache, MongoDB, sudo, OnApp, NFS, OpenLDAP).
Provided consultancy on performance tuning for MariaDB Galera clusters to subsidiaries of the ad pepper holding.
Performed migration of Microsoft SQL Server clusters to version 2014 from 2005 with the following features: DB-Engine, Analysis Services, Integration Services.
DevOps, Systemadministration (allg.)
United Digital Group, Hamburg
10/2013 – 8/2014Tätigkeitsbeschreibung
Administration and governance of the entire IT infrastructure including high availability, security, backup on ubuntu linux servers and ruby application and moving software business workloads into a software defined datacenter with VMWare vSphere.
Implemented a unified security solution via multiple Sophos UTM (WAN, LAN, VPN).