SUMMARY
I began using Linux with RedHat 4.0 in 1996, since then I've also been using Gentoo, Ubuntu, and Debian and RHEL/CentOS derivatives, basically always running Linux since then.
My career has been a journey through a lot of different tasks, but it's been always challenging and fun. I began just managing a few servers and doing some PHP programming, learned Perl and began to juggle some complex data structures of a few gigabytes to pack and produce a custom CDs (later DVDs) converted the system from linear perl to multithreaded perl and reduced the running time from ~12 hours to ~4 hours. In a side job I learned some mid-low level programming to read inputs of a digital I/O card and store the values and its timestamps in a mysql database with a multithreaded C program. Now I manage an interesting number of servers using Ansible and Python, and also the underlying AWS infrastructure.
I'm part of the small team that manages the infrastructure area of the company, a mix of Linux servers and containers on AWS, plus some additional on-site Windows and Linux servers in a VMWare cluster. All were custom created and configured when I arrived, and now almost everything is done through Ansible playbooks / roles that are applied to the servers based on the tags assigned at instance creation.
I love to try & tinker with new challenges and tools, be it adding a Varnish cache to a mid traffic site and seeing how it helped our users, or participating in the world IPv6 day in 2011.
I have been lucky enough to be able to have been always working with the tools I know and love.
Specialties: Linux sysadmin, AWS, Ansible, Varnish, Python, Perl, MySQL administrator, PHP
Main certifications:
- AWS Certified Solutions Architect - Professional
- LPI-300 (LPIC-3)
EXPERIENCE
Principal Linux Devops - Linux Systems Administrator, BetBright - 888 Spectate
Dublin, Ireland — April 2015 – ongoing
Working as a Linux administrator managing the Linux servers in AWS and the AWS infrastructure as well as the in house servers in VMware's VSphere. Working with Ansible and Terraform, Python, Bash, etc. Managing EC2, RDS (Aurora MySQL mainly), Redshift, Lambda, Route 53, IAM policies, VSphere, etc.
Accomplishments
- Wrote a system for quicker RDS Aurora MySQL master failover for our servers than what Amazon provides with their default cluster endpoint, downtime was reduced to usually ~3s in that case.
- Wrote Ansible idempotent playbooks to automate deploying new instances with appropriate software, configs, hardening, logging, users, etc, based on the tags applied at instance creation, and to regularly keep them in line.
- AWS IAM Policies based on the principle of least privilege for service users performing calls to AWS APIs.
- Defining all the AWS resources using multiple layers of IaC (Infrastructure as Code) using Terraform, and AWX (Ansible) to finish deployment of EC2 instances.
Computer engineer, Leggio, Contenidos y Aplicaciones Informáticas, S.L.
Zaragoza, Spain — December 2000 – March 2013
Administering the office servers and network with a mix of linux servers (some virtualized using KVM/qemu/libvirt), some LTSP clients, and some windows clients. There were between four internal servers when I managed to group various services in new machines up to a dozen different servers and twenty different LTSP thin clients. Managing the external servers, housed and dedicated hosting of http://noticias.juridicas.com (~13M pageviews/month, ~5M visits/month, ~200 requests/sec) using IPv4 + IPv6. Running apache, varnish, squid, exim, cyrus, clamav, samba, openssh. Programming in PHP 4 & 5, connecting to mysql versions from 3.23 to 5.1.x. Programming with perl5 scripts to produce cds packaged with compressed gigabytes of data and a custom database engine to allow searching.
Accomplishments
- Setup a complete monitoring and alerting system with some fully automated incident detection & resolution for the common issues. Each machine had its own firewall and fail2ban was used to protect against spam sending attempts, password guessing (ssh, web, email), mail relaying attempts, virus sent to a recipient...
- Operated a network of BIND servers, some public to serve our zones, and some internal. We also used views to mask some of our development sites to internal IPs. DHCPd dynamic updates and AXFR zone transfers were secured using TSIG.
- We had a public SSL certificate that we used to cipher https traffic, imaps, smtp, dkim. We used internal openvpn certificates for the office users.
- Maintained the mail system. Exim with ClamAV and SpamAssassin, and cyrus imapd with shared folders that we used to archive the business communications. Fully scripted with Sieve filters, and SA autolearning the spam dropped in a shared folder by the office users. Also used fail2ban to drop ips because of spam attempts, password guessing, relaying attempts, virus sent… Externally we used SPF, DKIM, and DMARC policies to help the fight against spam.
- Managed the external servers, we used to have various housed physical servers, but we migrated to a big dedicated server with libvirt+qemu+kvm running virtual machines. I managed about 5 different server generations custom built by ourselves until we switched to a dedicated server.
- Optimized the web serving stack to minimize latency and send webpages as fast as possible with ample margin to grow. I put varnish in front of Apache, optimized the headers to enable cache of assets, modify the css, javascript code and images to send fewer bytes and fewer requests.
- Took care of the internal servers and scripts that reformatted our documentation, it was a mix of perl, bash, php, and some ancient tcl.
- Created a PHP web environment to edit some XML files that were presented to the user converted on-the-fly to XHTML fragments with the help of XSL, XPath and some CSS.
- Created and coordinated in a mixed OS team a system to compress, archive, index and access in realtime (no installation or decompression needed) a website in a CD/DVD to be run in a MS Windows system. I ran the “packaging” part that produced a compressed big file with all of the contents and indexes that the windows application had to understand to be able to navigate and search the documents.
Computer Engineer, Mael coccion, s.l.u.
Zaragoza, Spain — May 2003 – June 2006 (second job while working at Leggio)
Sysadmin of various linux servers; mail, exim, cyrus imapd, apache, and LTSP with failover. Multithread low-latency Linux C programming using Comedi and mysql to a digital I/O PCI card.
Accomplishments
- Managed the Linux servers that provided basic services like email (exim, cyrus, clamav, spamassasin), web presence (apache, php), and two internal servers running LTSP (Linux Terminal Server Project) to provide floating desktops running linux to the internal workers as well as the employee time tracking check-in stations.
- Created a system to graph the performance of all the worker stations, the system ran Linux and used a low latency multithreaded program and a mysql database to store the timestamps of each event in the manufacturing process. This data was graphed in a continuously updated webpage for easy monitoring of problems and bottlenecks.
- Worked in a Computer Aided Quality Assurance system to test the copper coils manufactured for induction stoves. The system ran a Visual Basic program interfacing a PCI I/O card to communicate with an industrial robot that tested the electrical properties (resistance and inductance) of the coils while in a conveyor belt. It stored the measured values and printed the serial number and barcode to enable traceability of the item as required by UNE EN ISO 9001.
Computer programmer, Sextante Net A.I.E.
Zaragoza, Spain — September 1999 – April 2000
Internship / work experience contract. Programming with PHP/FI 2, PHP 3 and mysql 3.2x in Redhat Linux environment.
Computer programmer, Zic Ingenieros de Informática Asociados S.L.
Zaragoza, Spain — September 1997 – May 1999
Internship / work experience contract; Delphi programming, Windows NT 4.0 server sysadmin and maintenance.
Accomplishments
- Worked programming in a project that created a program to record and archive the telephone calls of a financial entity to keep them as verbal contracts.
- Maintained the computers of this financial entity.
Computer programmer, Walthon Weir Pacific S.A.
Zaragoza, Spain — September 1996 – May 1997
Internship / work experience contract; MS Access, Novell Network, Autocad.
Accomplishments
- Created a database to store and relate the Bill Of Materials (BOM) of all the valves that they ever manufactured and sold.
- Briefly learned to use Autocad to help the industrial engineers team.
EDUCATION
- Degree of the University of Wales, Cardiff taken at Fundación San Valero, Zaragoza, Bachelor of Science (BS), Business Information Systems — 1996-2000
- IPv6 Sage certified by Hurricane Electric
- Certified Administrator for Apache Hadoop CDH4 (CCAH)
- Linux Foundation Certified Engineer (LFCE) by The Linux Foundation, License LFCE-1400-0019-0200
- LPIC-1, Verification code: qv34lqxm9u, LPI ID: LPI000310889
- LPIC-2, Verification code: hskpmcwr4x, LPI ID: LPI000310889
- LPI-300 (LPIC-3), Verification code: tl5pb6h45c, LPI ID: LPI000310889
- AWS Certified Solutions Architect - Associate, Amazon Web Services, Validation Number XWCJZWD2KE1EQGW4
- AWS Certified Solutions Architect - Professional, Amazon Web Services, Validation Number E9KLYST22MV1QR3R
Independent Coursework
- Cloudera Training for Apache Hadoop
- Cloudera Training for Apache HBase
- Amazon Web Services Training
- LPIC-1 Junior Level Linux Certification
- LPIC-2 Advanced Level Linux Certification
- LPIC-3 Senior Level Linux Certification (Speciality 300 Mixed Environment)
- Architecting on Amazon Web Services - Official AWS Solutions Architect (Associate) Certification
- Acloud Guru AWS Certified Solutions Architect - Professional
SKILLS
- Linux systems administration, being doing it non stop with my own servers and my employee’s ones since 1997.
- AWS (Amazon Web Services) experience, also automating it with Terraform and AWX / Ansible.
- IPv6: Detailed knowledge and experience planning, deploying, securing and maintaining IPv6. Using it externally (outside the LAN) daily since 2010 at home and 2011 at the office and our internet servers. Of course IPv4 equivalent skills.
- Web cache/application accelerator, I have been using varnish cache in front of our main website (noticias.juridicas.com) since 2008. Knowledge of HTTP headers and browser behaviour related to caching mainly.
- Front end content optimization, I have coordinated the efforts to concatenate images in sprites, combine stylesheets and javascripts in fewer files, and achieving the goal of serving less bytes, in less requests, faster.
- PHP programming since 2000, Perl programming since 2001. Python programming since 2015, Ansible since 2015.
- Mysql server administration, master-slave replication, query and database optimization.
- XML, XSL, XPath.
REFERENCES
Available upon request.