- Follow Asaph
- Bash/Shell 6
- Writing SQL Statements 9
- NoSQL Database 3
- Linux OS administration 10
- XEN 4
- Vmware 9
- Rackspace 9
- jenkins 2
- Tomcat 6
- AWS 2
- Ansible 1
- puppet 2
- Vagrant 2
- Docker 2
- Make 6
DevOps Expert EverCompliant
EverCompliant is a leading provider of Cyber Risk Intelligence and Transaction Laundering Detection and Prevention.
We were brought in to help the company standardize their infrastructure to comply with ISO regulations. The project goals have shifted more than a few times during that periods and we’ve adapted to deliver.
- Hashicorp Vault & Consul - SSH Key secure storage and automation POC.
- OpenLdap POC.
- Traefik reverse proxy POC.
- EC Application dockerization POC.
Monitoirng stack POC.
- JumpCloud API wrapper implemented using Python, Bash and Ansible.
- JumpCloud Agent installation and automation using Ansible (Windows/Mac/Linux).
- JumpCloud 3rd party integrations.
JumpCloud internal system integrations.
- OVH API Wrapper - Developed using Python.
OVH API - Ansible module written in Python (Developed by us).
- Ansible Portainer - deploy a dockerized portainer while customizing every available option.
- Ansible was leveraged to automate their unique installation and configuration process (Networking required a creative solution).
- Ansible was leveraged to dynamically configure and deploy EC application on top of Docker Swarm.
Ansible Framework to provision an OVH dedicated server. (The base) on top of the premise we have developed and assembled various roles to allow and complete Docker Swarm cluster installation (Networking, NTP, NFS, OS Packages installation, Docker daemon, Docker Swarm-Mode, Deploy application stack on top of Docker Swarm).
- Dockerized EC Nodejs Application. (3 separate components).
- Dockerized EC Niodejs & Python reports server.
- Dockerized EC Apache httpd server - standardize and improve configuration.
- Dockerized Jenkins for CI/CD - Ensure we’re using the latest Jenkins version and plugins for forward compatibility.
Docker Swarm-Mode deployment and automation.
- Jenkins pipelines - created all of their jobs in Jenkins pipelines to ease the CI/QA pain.
- Jenkins as an automation UI - created various jobs to execute the various tasks such as installing server or generating SSH keys. using pipelines.
- Automate the build process of EC’s application leveraging Nexus OSS as an artifact and image repository.
QA Automation using Selenium grid & Zelenium over Docker.
- Graylog2 - implemented the solution to aggregate logs from their various systems.
- Grafana - Visualization and insight into various process.
- Prometheus - implemented the monitoring solution to monitor current systems and the Docker Swarm project.
- Portainer - Using Shelleg Ansible-Portainer role we’ve updated the role to Ansible 2.4 standard as well as adding customization options to it.
- Nexus OSS - Artifact repository & proxy. Docker images repository.
- OpenSense - Configuration & Network planning. we’ve worked with them and a 3rd party consultant to improve their network.
Ubuntu Hardening - Using Ansible we’ve helped EC harden their servers for ISO compliance.
- Project documentation leveraging Git Book and MD files.
DevOps Expert WorldMATE/CWT
The main tasks that I have to handle were:
Amazon Web Services (AWS):
- BI Data lake over AWS.
- Nevada DC to AWS dedicated VPN (Data center cloud extension).
- Networking using VPCs to insure security standards are met (Isolated from the public internet).
- Automate machine and services access (Ansible) by automating AWS Route53 DNS updates.
- Process logs from Production machines using LS.
- Kafka to store data from LS, mainly to avoid LS bottlenecks and data loss, and ship it using LS to AWS.
- Kinesis (Originally) would receive LS and keep it for 2 days. (Later this was changed to LS->Kafka->LS->Kafka->LS->S3).
- EMR Cluster, RDS Cluster (Auto deployment and termination of cluster using AWS API & Jenkins).
- MongoDB replica set to include AWS host, MySQL Replication to AWS instances (Cluster expansion).
- BI Application (Tableau) on AWS with Public access to UI.
- Monitor AWS solution using on prem Zabbix monitoring server (Using Zabbix Proxy).
AWS IAM User management using the Primary AWS account as a source and leveraging AWS IAM Roles to allow users from the primary account to login to the BI-DLP account and manage automation users.
Supply solutions to BI Team needs (some examples):
- Shell script that leverages Python to download xlsx files using a WEBDAV client and converting them to CSV, Uploading to S3.
- Store Zeppelin notebooks to S3 (Configured as a post-deploy script of the EMR cluster).
AWS Primary account management (Cloudfront management, S3, IAM, Cloud Trail, MFA (Multi Factor authentication)).
- Install & Configure Jenkins servers.
- Configure the various tools (Node, Java, Docker, Git, Ansible, etc,.).
- Integrate with #Slack.
- Monitoring (Zabbix & Grafana).
- CI with Jenkins leveraging Shared Libraries (To which I Contributed Code).
- Multi-Branch pipeline jobs.
- Helping R&D Teams by writing Jenkinsfiles (where libraries didn’t cover the use-case).
- Helping R&D Teams by writing Dockerfiles for their builds.
Integrating new services into CI.
- Docker repository.
- NPM repository.
- RPM repository.
- Artifacts repository.
- Support R&D Teams in their development and debugging efforts - Investigate & solve issues with builds.
Git (Integrate with Jenkins, Run initial Git-Pipeline on Ansible merge request (for Ops team) to check Syntax & Role).
- Contribute code to DevOps Ansible Git repository.
- Docker containers deployment.
- Node services deployment.
- Automate Ping Identity’s Ping Federate.
Automate Zabbix & LS during deployments.
Node & PM2:
- Upgrading PM2 and migrating to use Ecosystem file (Now saved in Git & Updated during deployment).
- Use NVM with PM2 (Fix the various issues regarding to not running as root).
Fix deployment scripts still using Bash (Older builds not transferred to Ansible).
- 24/7 On-Call.
- Montiroing: Zabbix, NewRelic, Pingdom, VictorOps.
- Upgrades (For example: Upgrading Jenkins, Git-Lab, etc,.).
Systems maintenance & Automation.
- RHEL 6/7, CentOS 6/7.
- MongoDB, MySQL (/w MMM).
- GitLab, SVN, GitHub.
- ELK (ElasticSearch w/ plugins for monitoring & usage).
- Kafka, RabbitMQ.
- Artifactory, Sinopia.
- Zabbix, Grafna.
- Citrix LB.
- VMware ESX.
- Open IPA (Manage users, AD Connectivity etc), MS LDAP.
- Jboss, Tomcat, Apache httpd, Nginx.
- POC new tools & technologies (Example: monitoring solution that support ElasticSearch queries natively).
- Investigate & solve issues in the various environments (Dev, Stage, Prod, PCI, SATO).
Wrote a simple Slack chat bot in Python to announce the On Call and Schedule in the company’s main channel.
- Technical documentation (wrote technical guides for the team and R&D).
- Design and implementation of solutions and services.
- Knowledge transfer & sharing with the team and R&D.
- Work with various teams abroad to achieve goals (DC team, Networking Team).