Summary
Searching for a job in IT, be it remote or onsite (Iasi, Romania).
Please do not contact me for opportunities that require skills that I do not own, nor for ones that require less skills/expertise than I currently have.Eighteen year old with 22yr experience in *nix based systems.
Perl, bash, sed, awk, make, cmake, some ansi c, some php, some python, kernel hacking, embedded dev (mips, arm, atmel/arduino).
Networking experience: Mikrotik, Cisco L2-3, Juniper, bgp, ospf, rip, IpSec, multihoming.
Virtualization: OpenVZ, Xen, Kvm, Qemu, VmWare, VirtualBox, FreeBSD containers, lxc, docker
♣ Worked for the same employer for the last 11 years. Started as a sysadmin with some embedded development tasks (porting stack to a different platform - openwrt based with c/cmake/make/bash and some scripting and backporting of libraries), switched to devops and then devops lead - where I managed a team of 8 members maximum.
♦ Led some big clients from heads to toes, as Orange France - for their SmartHome platform - hardware requirements for the platform, datacenter design with vmware, backporting app to RedHat (from Debian), deployments with rundeck and ansible, monitoring and end-to-end testing automation using containers, scripts and headless browser leveraging PhantomJS.
♠ For another big client (Nortek), created a setup that had to provide services to a set of alarm panels which connected to our private network through 3G provided by AT&T. The connection between AT&T and our VPC used multiple IPSec tunnels and BGP.
Experiences
Caring for clusters (k8s, docker), servers, virtual machines,
alongside firmware integration, packaging (deb/rpm), analytics (ELK)
Lead for:
- devops/sysadmins
- firmware integration team (2014-2020)
- analytics (ELK) (2016-2020)
Activities:
Infrastructure design and deployment in AWS, GKE, DigitalOcean, Hetzner, Oracle, Azure or hybrid environments.
Automating cloud components build and deploy for k8s, docker, lxc/lxd or VM’s with all the things in place:
- databases (including replication, sharding)
- NFS mounts, CEPH, iSCSI, glusterFS etc
- networking with multiple zones, firewall, routing rules, BGP, IPsec
Automation and management of:
- Gitlab
- Jenkins
- Rundeck
Writing IaC - Helm, Terraform, Puppet, Ansible
Maintenance of the server fleet (roughly 200-ish physical servers, VM’s, AWS/EC2 or GCP hosts)
Package maintainer for our own internal software - Debian, RedHAT
Package maintainer for mips/arm (openwrt based)
Backporting libraries for OpenWRT apps (c/c++)
Porting packages for OpenWRT
Porting our solution to Intel Quark (Galileo)
Maintaining internal apps and tools
Maintaing analytics platform(s) and gathering of data, alongside other colleagues
Database monitoring, performance tweaking and configuration (mysql, posgresql)
Writing scripts for SysV init, OpenRC, systemd, Monit, Nagios and others
Office networking - pfSense, OPNSense, Cisco, Mikrotik, Juniper, VLANs
Name and address of employer: eZLO Romania, Poitiers 16 Blvd, Iaşi, Romania
Developing plugins/modules for the Nagios monitoring system, with Perl and C, both server part and client part (nsclient++/nrpe)
Create web interfaces with Perl
Patch internal scrips done by other colleagues or for OSS that Mind uses
Develop patches for ticketing system based on Otrs and maintain Oracle database
Name and address of employer: Mind CTI, Ciurchi 126-128, Iaşi, Romania
Management of servers and network
Software/hardware testing
Website developer - php, Perl, MySQL/PgSQL + wpress/textpattern/osCommerce
Installing and configuring servers and workstations, switches and routers
Maintaining the network for a small ISP with ±100 customers
Name and address of employer: SC HOL.RO SRL, C-tin Rădulescu Motru 25, 4rd district, Bucharest
Individual Projects
Personal charts I use for work and other projetcs. Right now it's only one package, busybox-httpd, which I specifically use to deliver the CA cert for K8s clusters deployed with the digitalocean-cluster-setup mentioned below.
Needed an easy way to add RBAC (auth) to an existing k8s DigitalOcean cluster by bundling some open source tools into a simple to deploy helm repo.
Backported to docker with Alpine an app that required to be built and ran on Ubuntu 12.04 or Debian Jessie.
Managed to make it build in 4 steps via Gitlab CI and then run in docker or podman, using nginx as a reverse proxy.
We needed to have a method to deliver embedded device firmware through a secured (or not) connection, but having the datastream protected in a dynamic way, so that every device downloading the firmware will be downloading different content, decrypting it locally after the download.
Created an algorithm to encrypt the backup containing the critical files stored on an embedded device.
Created an AWK script that was used to decode a base64 string and parse the encapsulated json, checking for certain variables and settings stored in the object.
Took LinkedIn's implementation of oncall and adapted it so it supports authenticating against database stored users. Created a roster managing script that fills the database per team needs.
Code will be pushed online eventually.
Ported the stack for Banana M3 PRO. Initially it was only working on Raspberry PI, and I only had BananaPI's. I had to use a different kernel and also adapt some build parameters. I also updated some packages that were installed by default.
While having a smallish ISP, the users were connecting through PPtP, and we needed a way of fairly sharing the outbound bandwidth between users.
There were also other methods, like using a VM and apply QoS on the traffic through it, but this was good enough at the time.
I was in need of a plugin that was small and fast and could run on a small monitoring system that I already had. So I created a minimal Perl plugin, that works with smokeping; the plugin monitors the current latency of a MySQL server.
Group Projects
Designed the architecture to run our solution in a private cloud, via virtual machines running Red Hat Linux on VMWare nodes.
Led all the aspects related to the project: meetings, design, porting from Ubuntu to Red Hat, installation, setup monitoring (passive and active).
Our client was manufacturing and selling an alarm panel, with no WiFi capability - only 3g/4g SIM. We had to make a setup that was secure and accomodated client requests.
The SIM was provisioned in a different APN, with no access to DNS or any external service; it was only allowed to access specific IP addresses (which were private)
Needed an easy to manage service desk like alternative, since the team was big at that time.
Took the open source truedesk, adapted it to docker initially per this comment and then also did a patch to have mobile UI working.
Have some other patches that were not published yet, including requirement to have tags to create a ticket, helm(k8s) deployment, nginx delivery of static content - ie only /api/ is delivered by trudesk itself.
OSS Hosting control panel, to which I contributed a few minor changes.
Tools for Loading and Visualizing GCP and AWS Detailed Billing with ELK(Elasticsearch, Logstash, Kibana)
Gathering data from out cloud platforms, to be able to display metrics of the most important aspects of the business.
Using OSS, created a protected web portal to help customer care download logs from the client owned devices, so they help the client (and development team) debug any issues.