Fabrice Triboix

ThinkAlpha需要从本地迁移服务, physical servers to AWS Cloud to streamline their operations and increase resiliency. They required an unusually high number of environments for various purposes, 每个都复制完全相同的服务. This was a medium-scale project, with about 25 services, six environments, VPNs and Direct Connect.

I proposed the Terraform as Infrastructure-as-Code tool and built the environments from the ground up, 依次添加每个服务. 服务要么是基于节点的应用程序，要么是静态网站. Node应用程序作为Fargate ECS集群运行. 我还帮助了Dockerization过程. Static websites were run as S3 buckets fronted with CloudFront distributions.

使用CircleCI执行持续部署. I updated the CircleCI scripts to deploy the services to AWS instead of the physical servers.

ThinkAlpha在网络方面有一些额外的要求, 并且需要vpn和Direct Connect来连接服务. 为了方便把基础设施移交给ThinkAlpha, I generated templates from the two types of services and documented how to create new services and update the infrastructure for the various environments.

SIBOTest needed to move away from a monolithic and fragile approach of having everything on one server and wanted to up their game as a startup.

I proposed an overhaul of the internal structure of the web app to use microservices based on Docker so that the architecture would be robust and scalable.

Work Done:
·引入了带有SSL终端的负载均衡器.
·分离生产环境和登台环境.
· Moved the MySQL databases to a separate subnet, using MySQL NDB Cluster.
·dockerization他们的Ruby on Rails应用程序.
· Set up a continuous-integration system based on Jenkins to automatically build the Docker images.
· Wrote Ansible scripts to automate the provisioning of new servers and deployment of the docker images.
·确保整体基础设施的密闭性安全.

In the end, this multitier architecture was working very nicely, with no reported downtime.

MyDocSafe needed some expert help to design a monitoring system suited to their application. They experienced a lot of instability, server crashes, and performance problems. 一旦这个即时解决方案到位, they required an expert to design and implement a highly available and scalable architecture to run their workload reliably on AWS, 完成自动部署.

Work Done:
• Write Ansible roles and playbook to install CloudWatch Agent on EC2 instances and configure Amazon SNS and CloudWatch to notify key people of alarms on EC2 instances.
•调整Apache配置，以防止它在高负载下崩溃.
• Write Ansible roles and playbook to create Let's Encrypt SSL certificates using DNS challenge, 包括在AWS Route53上创建子域.
•安装和配置ELK堆栈来监控Apache日志.
• Design a highly available and scalable architecture to reliably run a complex workload.
•逐步将现有系统迁移到新的架构.
•在生产中采用新架构.

PSD2Enabler required the setup of CI/CD pipelines on GitLab for various projects.

Work Done:
· Set up a GitLab pipeline to build and deploy an app to AWS using Terraform and Ansible.
· Set up a GitLab pipeline to build and deploy an app to a Kubernetes cluster hosted on the Google Cloud Platform.
· Set up a GitLab pipeline to build and deploy an app to a Kubernetes cluster hosted on AWS EKS.

I worked as part of the system team who released set-top-box software to a major EU broadcaster.

Work Done:
· Set up and maintained a variety of software tools to enable the smooth running of the continuous integration process.
· Set up the Coverity static analysis and enabled nightly automation using Jenkins
·建立黑鸭开源代码匹配.
·配置Nagios并设置带有自定义Git检查的NRPE.
·使用Bash/Python设置各种Cron/Jenkins作业以自动执行任务.
· Worked in a Scrum process with three-week iterations with a team spread over three countries.
·处理2000多万行代码.
·检测并响应系统问题.

Linux技术:, CentOS, Coverity, Jenkins, Black Duck, 持续集成, Scrum, Bash, Python, iptables / Netfilter, Nmap, Git, Rally

Armedia needed an AWS specialist and DevOps expert to help them modernize the architecture of ArkCase, 案例管理系统. They needed to move from running everything on one server to a modern architecture based on Kubernetes, microservices, 和作为代码的基础设施(IaC). Additionally, they required an AWS expert to help them build an AWS marketplace offering for ArkCase.

Tasks:
- Move from a monolithic architecture to a microservice-based architecture
—对各种服务进行Dockerize
-写舵图
—使用网络策略和RBAC保护Kubernetes集群
- Install and configure Istio to encrypt internal traffic and facilitate distributed tracing
- Install and configure observability tools: Loki for log aggregation, Prometheus and Grafana
—编写CloudFormation模板，在AWS上建立基础设施
- Write Lambda functions in Python as CloudFormation custom resources or for admin tasks such as rotating secrets with the SecretsManager
-修改现有Ansible角色和剧本
- Build an internal PKI using IaC on AWS using only serverless services; certificates are renewed automatically when they expire and when CA certificates are renewed themselves.