Matthias E. Johnson [1]matthias@opennomad.com [2]https://opennomad.com/ Objective I thrive working on interesting problems of scale and complexity. I desire to build platforms that matter and leverage modern technologies with a focus on simplicity and high degrees of automation. Experience [3]Independent DevOps and Cloud consultant 10/2015 - present •  General Consulting I provide my clients with insights and guidance around their cloud infrastructure and DevOps adoption. This ranges from general best practices to driving toward a genuine DevOps culture. Often this work centers around infrastructure automation via [4]Terraform and improving observability through monitoring. • Environment Deep Dives and Reviews As a trusted third party I am able to analyze my client's existing infrastructure and provide an unbiased and fresh look of the environment. My experience with various cloud providers such as [5]AWS and technologies such as [6]Kubernetes make it possible delivery clarity and insights around an existing environment. • Performance and Stability improvements I thrive at complex and difficult problems, which often manifest themselves as scale increases. Using my many years of experience and breadth of knowledge allow me to drive vital improvements in both performance and stability. • CI/CD implementation Automation has been part of my daily work since the beginning. Continuous integration and deployment is a natural extension of this. Using tools such as [7]Jenkins, [8]CircleCI or cloud native options, I'm able to accelerate my client's ability to bring code to production. Site Reliability Engineering Architect - [9]ReactiveOps 10/2015 - 12/2017 •  Client Consulting I assisted clients in moving infrastructure to [10]AWS. This required gaining a thorough understanding of the existing infrastructure, systems, and requirements. Once this deep dive was completed, I created automation to provide [11]Infrastructure as Code through the use of [12]Kubernetes and [13]Ansible. I developed needed roles to manage the entire stack. Often I was asked to containerize existing applications to fit the [14]12 factor approach. I leveraged AWS services as applicable, including RDS, Elasticsearch Service, Elasticache, S3, and IAM credentials along with others. When requirements did not fit within AWS services, I created custom instances with necessary the software. • Development Designing and developing the core framework used by ReactiveOps to achieve repeatable and automated deployments. My contributions, among others, include: •  [15]pentagon • [16]ansible-manage-es • [17]ansible-manage-rds • [18]ansible-get-vpc-facts DevOps Manager/Lead/Architect (title/role change) - [19]Catalyst Repository Systems 1/2012 - 10/2015 •  Architecture and Design In this role I created a new platform to augment Catalyst's current offering. This product aimed at reaching past the traditional eDiscovery goals by building a less market centric search platform with greater scalability. This new product leveraged [20]AWS, [21]Elasticsearch, and [22]RabbitMQ as the foundation. Emphasis placed on RESTful design, scalability, and resilience across the multi-tier and multi-server environment. The platform was intended to grow and shrink automatically based on workload and services. My involvement extended from the technical design to working across the company on business needs to client interactions. • Development Beyond the design of the new platform I also lead the charge on the development front. Most of the development took place in Ruby and Python as well as Javascript for the web UI and [23]NodeJS for services layers. Components were deployed as micro-services via [24]Docker containers. Unit and integration testing was part of the development process which was based on [25]Gitflow Workflow and included code reviews. • Automation The goal of this new product required high scalability. Automation was a necessity considering that each dedicated environment could potentially scale to thousands of instances. We used [26]CloudFormation to create environments in a consistent fashion. The use of Docker provided us clean deployment artifacts. Those artifacts were bundled into a base AMI via [27]Packer. Building of the Docker images triggered automatic unit testing. Integration testing was performed with [28]Cucumber and Continuous Integration was under evaluation via [29]Jenkins and [30]Drone.io. • Monitoring and Reporting The highly distributed and ephemeral nature of the platform also required other approaches for managing performance and availability. Proof of concept work using [31]Logstash, [32]Sensu, and [33]InfluxDB was showing promise. • Management ... I had carried management responsibilities for the DevOps group. However, the team was small and highly effective. With a high focus on team communications and collaboration I introduced the idea of running the group without a manager. This continued to be a work in progress. Search Engine Architect / Manager of Search Team - [34]Catalyst Repository Systems 7/2007 - 8/2013 •  Search Engine Architect I was responsible for the overall availability and performance of the [35]FAST and [36]MarkLogic search engines used by Catalyst's flagship products. The environments consisted of several multi server clusters running on [37]RHEL 4 and 5. In this capacity I worked closely with DBAs, Developers, and support staff to provide the highest level of service, availability and quality of product. • Monitoring and Reporting Building on my long experience with various monitoring and reporting tools I served as key contributor in this capacity. As the primary lead for Catalyst's [38]Nagios deployment I led the charge for deeper and more unified monitoring. Monitoring was augmented via the use of [39]PNP for metrics collection. Additionally, I am developed a system to aggregate various high level metrics to provide holistic views of Catalyst's operational and business data. • Automation As Catalyst continued to experience tremendous growth it became more critical to streamline processes via the use of automation. My efforts in this area were focused on introducing tools to self-heal issues and ease the burden of repeat tasks. As time progressed I implemented [40]Puppet in my team before it was adopted across all Linux servers and partially on Windows. • Capacity Planning The heavy dependence on the FAST and MarkLogic search engines demanded a thorough understanding the relationship between a source document and how it is stored by the search engine. To this end I created and continue to refine a capacity planning tool. • Supervision and Management When I joined Catalyst, I was given the task of building out a team to support the fast growing search platform. The original expectation was for the team to grow to between 8 and 12 engineers. I succeeded in keeping the team to no more than 3 engineers through the diligent use of automation and increased stability. Manager of Linux Enterprise Hosting (title/role change) - [41]ViaWest, Inc. 3/2007 - 7/2007 •  Linux Architect I served as the most senior staff for Linux related hosting within ViaWest. Reporting directly to the VP of Hosting and Information Services, I was responsible for setting the companies direction for Linux based deployments. This also encompassed the solutions for monitoring and reporting, infrastructure components such as email, DNS, LDAP and numerous other tools used internally. • Product Development and Planning I continued to refine and define new products. My close interaction with customers and internal technical resources allowed me a unique perspective to help shape ViaWest's product offering. • Project Management I oversaw various projects by working with ViaWest customers and employees. My involvement ranged from lead contributor to coordinator and facilitator between various parties to ensure goals were met on time. • Tier 3 support As in my previous role, I continued to act as the most senior technical resource for Linux and services running on Linux servers. My technical skills remained a vital asset in my management responsibilities, but also proved instrumental when an extra set of hands were needed. • Mentoring During our internal reorganization to help scale the hosting team, we implemented a cross functional reporting structure. In this role I worked closely with other managers in shaping the personal development of the Linux engineers. Manager of Technical Operations (title/role change) - [42]ViaWest, Inc. 6/2006 - 3/2007 • Management of Senior Technical Customer Support Team The ongoing growth of the company and expanding customer base introduced the need to increase scalability. As part of this, my role shifted to support a cross functional team of systems administrators, database administrators, and other resources to fully address and manage numerous customers each generating 20-40K in MRR. I managed the customer's needs from deployment into ongoing maintenance and down the line into addressing growth needs. • Product Development and Planning In this new role I continued to contribute in the definition of new products. My close interaction with customers and internal technical resources provided me a unique perspective to help shape our product offering. • Project Management Continuing my previous role, managing projects is still an important part of my position. My diligent oversight of the deployment of new customers and internal infrastructure projects are critical to the ongoing success of ViaWest. • Tier 3 support As in my previous role, I continued to act as the most senior technical resource for Linux. My technical skills continued to be a vital asset in my management responsibilities, but also prove useful when an extra set of hands are needed. Manager of Systems Administration (internal promotion) - [43]ViaWest, Inc. 8/2005 - 6/2006 •  Management of Systems Administration Group Reporting to the COO, I lead the team of 10 systems administrators performing standard managerial and supervisory duties, while also ensuring the day to day needs of ViaWest's customers were met. This required frequent interaction with peers and senior leadership, both internally and customer facing, to ensure service of the highest quality. • Product Development and Planning I contributed in the definition of new products based on customer requests. In this function I assisted in shaping the definition of products, implementation of processes and ensuring resource availability and scalability. • Project Management I was called upon to manage complex projects. My deep technical skills and excellent communication abilities allowed me to drive projects through to success. The projects ranged from detailed internal upgrades to large customer migrations between data centers. • Tier 3 support In addition to managerial responsibilities, I continued to act as senior technical resource and escalation point within the organization. This frequently afforded me the opportunity to mentor staff. Systems Engineer - [44]ViaWest, Inc. 6/2004 - 8/2005 •  Senior Lead for Infrastructure Services I led the ongoing migration of aging Solaris servers to newer Redhat EL 3 and 4 systems to serve the needs for LDAP, RADIUS, DNS, SMTP, POP, and IMAP. The environment was a tightly integrated set of services connected via a central management point. I was also responsible for capacity and performance planning to anticipate future needs and requirements. To this end, the infrastructure services had to be able to adjust to rapidly changing demands while providing a high level of performance and resilience. In addition, monitoring, alerting and reporting were also deployed on these servers. The environment consisted of numerous Solaris and Redhat servers utilizing standard software such as Sendmail and OpenLDAP as well as an NFS storage backend. • Member of Hosting Group As a member of this group, I participated in administration and issue resolution of customer facing services. I also attended customer meetings in a technical lead advisory position. • Strategic Research Working directly with the VP of Hosting, I participated in the research and analysis of our competition. This led to the development of new products which furthered our business goals and increased value to our customers. • E-mail administrator I was responsible for the e-mail service of approximately 20,000 users. This encompassed both in and out-bound SMTP as well as POP and IMAP. In addition I performed the administration of a clustered [45]Barracuda 600 Spam and Virus firewall and managed the vendor relationship with another spam and virus filtering service. • Tier 3 support ViaWest maintains world class data centers which are staffed 24x7. Highly complex issues were escalated to me for resolution. In addition to this, I also acted as vendor liaison for the products I supported. Principal Systems Administrator - [46]University of Colorado at Denver 2/2002 - 6/2004 •  Management of Data Center I was responsible for the staffing, supervision, and general maintenance of the University's data center. Planning, layout and space allocation were under my auspice. Charged with the proper distribution and availability of power, data, and to a lesser degree the configuration and maintenance of [47]Cisco networking equipment. • Systems administration Numerous campus-critical servers and services were under the watch of myself and my team. The services provided included DNS, e-mail, web, LDAP, Databases ([48]Oracle, [49]MySQL) and scientific resources available to students, faculty and staff. The heterogeneous server infrastructure consisted of Alpha servers running Tru64 (4.0E, 4.0G, 5.0, 5.1a, 5.1b), Sparc servers with Solaris (2.7, 2.8), and Intel based Linux (Redhat, Mandrake) servers. My team and I maintained patch levels, software updates, licensing, and configuration of all services and OS software. This frequently required coordination and interaction with multiple vendors. My duties also included performing capacity planning, auditing and trouble shooting of all issues related to the above resources and services. • Server and network security lead As administrator of crucial campus services, I was also the primary person responsible for the security of the servers and certain aspects of the network. It was part of my duties to coordinate the IT security efforts of the campus. Tools employed for this purpose included [50]Snort, [51]Nessus, [52]chkrootkit, [53]NetSaint, [54]Osiris and [55]Cacti. Additionally, I managed the Campus wide Intrusion Prevention System which consisted of a [56]TippingPoint UnityOne and its management server. • Project lead for directory services I was also chosen to lead the implementation of enterprise wide directory services. In this function I was working closely with various departments in a coordinated effort to implement a highly functional LDAP service. This effort was closely tied to other University efforts and is heavily based on [57]LDAPv3 and the schema extensions specified by the [58]Internet2 consortium. The directory service was expected to provide the functionality of white pages, automatic mailing list maintenance, authentication and configuration for the entire campus. • Tier 3 level support In this capacity I offered high level end user support if the magnitude of the problem surpasses the training of help desk and second tier support. Included in this was UNIX and Linux workstation support, network services integration and security auditing and configuration, and Beowulf cluster troubleshooting. • Evaluation and implementation planning for new technologies In academia it is important to continuously provide users (especially faculty and students) with leading edge tools. To this end, I was constantly involved in the evaluation of new tools and products to increase the opportunities awarded to my users and diminish the obstacles which can come with technology. Most recently I have been instrumental in the implementation of a SAN and the integration of a centralized backup system utilizing [59]Veritas NetBackup. Senior Systems Administrator - [60]Fidelia, Inc. 3/2001 - 4/2002 •  Administration of production servers Fidelia's core business consisted in providing monitoring services to data centers and their customers. I ensured the services for this were available at all times. The platform consisted of Dell multiprocessor hardware running [61]Redhat Linux. I also acted as release manager for [62]Fidelia's product and ensured full remote administrative capabilities. • Maintenance of development environment I ensured testing took place prior to placing new versions of software into the production environment. This included the updates of [63]Fidelia's own product and as well as it's dependencies. To track issues I maintained a local instance of [64]Bugzilla with a [65]MySQL backend. • Installation and maintenance of software packages Numerous software packages were used in [66]Fidelia's environment. Those packages were comprised of [67]UCD-SNMP, [68]Apache, [69]POET, [70]Jakarta/Tomcat and a host of development tools such as Ant, TogetherJ and FSF tools. • CVS repository administration The development process at [71]Fidelia, Inc. included the use of [72]CVS. As administrator of this system, it was my responsibility to assist the developers with any versioning needs, such as branching, merging and all other end-user issues. I also maintained the integration of [73]CVS with add-on products such [74]CVSweb and [75]CVSgraph. • Testing and Evaluation of products As System Administrator it was my responsibility to ensure the service provided by [76]Fidelia incurred minimal down-time. I was charged with evaluating and testing the product and services provided by [77]Fidelia, Inc. and dependent services. I was also entrusted with performance benchmarking and optimization. • Composition and Management of Documentation I composed documentation around internal procedures and operations, introductory HOWTO's, as well as segments of administrator and end-user manuals. I also maintained subdivisions of [78]Fidelia's web space. Systems Engineer - [79]Active.Com 10/2000 - 3/2001 •  Administration of production servers I administered servers running [80]Sun Solaris and [81]Linux on hardware by [82]Cobalt and [83]VALinux. These servers provided services such as web and database access to the users of [84]Active.Com. The software on these machines consisted of, among others, [85]Oracle, [86]MySQL, [87]Apache and [88]ColdFusion • Administration of development environment The development servers of [89]Active.Com were similar to the production environment. In addition to the administration of development servers, I also provided developers with assistance in the installation, configuration and administration of their workstations powered by [90]Redhat Linux, [91]Mandrake Linux and various flavors of Windows. I also offered help in the use of a wide variety of [92]GNU tools and on various hardware and software issues. • Management of CVS repository As manager of the [93]CVS repository, I was charged with the consolidation of several disjoint projects into one global repository. I also created a means for developers in a geographically separate location to access a large repository in a more efficient manner. • Network, systems and security monitoring I ensured network availability and connectivity of the production and development environment. Firewalls, intrusion detection and systems monitoring were a vital part of this. • Documentation of resources I composed a wide variety of documents covering the installation of [94]Active.Com services, systems, and networking resources. I also composed documentation on the configuration of numerous software packages for use by the development and operations groups. Senior Technical Staff Member - [95]AT&T Labs - Research 6/1999 - 10/2000 •  Administration of a large heterogeneous server environment The servers under my care included Sun Solaris, SGI IRIX, Linux, SCO (Openserver and UnixWare), Windows NT Server, Windows NT Terminal Server, FreeBSD and Windows 2000 Server. These servers provided a wide variety of services, from production to development and testing. Approximately 50 such servers were in my care. • Providing developers with support I was involved with a wide variety of projects and the tools used in those efforts. This included type of hardware and software configurations. I supported approximately 80 developers and researchers in different groups. • Support and documentation of a wide variety of software packages on various platforms I supported and maintained database systems (Microsoft SQL Server, Oracle), web servers (Apache, IIS), as well as development tools such as Rational ClearCase and DDTS and compiler tools (VC++, Sun WorkShop, GCC) • Configuration and administration of networking equipment I was given the responsibility of router, switch and redirector equipment, to ensure a properly configured and secure network. • Ensuring backups were properly implemented and executed Information Technology Specialist - [96]Minnesota State University, Mankato 2/1996 - 6/1999 •  Administration of campus e-mail system The e-mail system under my administration was a DEC Alpha Server running Digital UNIX 4.0 as its Operating System. The server was responsible for handling the e-mail needs of the entire 13,000 user [97]Minnesota State University, Mankato campus. My duties included the maintenance of users, and installation, upgrade and configuration of the following systems software: •  Sendmail • IMAP and POP servers • custom developed software • providing strategic planning and execution with respect to upgrades, improvements, backup, and recovery for both hard and software • other software to a lesser degree • Designing, implementation and improvement of complex user database The database was a custom developed application. This system was used to track the users of all campus computer host systems under the control of Computer Services. This system has allowed [98]Minnesota State University, Mankato to automatically provide new users (faculty, staff, and students) with e-mail and dial-in privileges as soon as they arrive on campus. In addition it provided the ability to remove users as soon as their affiliation with the institution ended. Virtually all programming and design was done by me. The initial version was developed under Digital UNIX and then ported to Linux. Most of the code was written in [99]Perl with some small pieces of C. The system grew to over 20,000 lines of code and to allowed both users and administrators to interface through the web via a CGI interface and a number of command line scripts mostly for batch processing. • Evaluation, research and testing of new technology I was constantly involved in the evaluation, research and testing of new technologies and software packages. This allowed me to familiarize myself with emerging technologies, as well as find new ways of using already established products and services. In this function I was able to evaluate [100]LDAP, Roaming User access for Netscape Communicator, and SSL support through [101]Apache. I was involved in the process of setting up a campus wide file server using the [102]CODA distributed network file system and providing access via AppleTalk, SMB, NFS, ftp, and sftp. • Configuring of systems software I worked on the campus wide research host system. In this function, I configured and installed software for X-terminals such as xdm. I also worked with the configuration of various X window managers mostly with the intent of minimizing resource usage and maximizing performance while maintaining user-friendliness. • Installing various software packages I gained much experienced with compiling, installing, and configuring a large number of software packages from proprietary operating systems to Open Source software. Some of the packages are listed below: •  almost all [103]GNU packages including glibc, gcc, libg++, gcal, findutils, bash, emacs, grep etc. • Operating systems I have worked with include Digital UNIX, Ultrix, Solaris, Linux, Windows (3.1/95/NT), MacOS (7.5/7.6/8.0/8.5), OS/2, BeOS • other packages include [104]Gimp, [105]GTK+ and [106]XEmacs • Documenting and supporting various packages and programs for technical personnel and end users Documentation I have composed pertains mostly to the above mentioned database. In addition to composing documentation, I also provided direct user support on issues too technical for the general help desk. [107]Department of Computer Science - Minnesota State University, Mankato 4/1995 - 2/1996 •  Acting as the sole administrator for faculty research work station This machine ran Solaris, and provided the platform for use in the research and teaching of computational geometry. • Configuring systems software I was charged with installing Sendmail and a number of GNU packages already mentioned earlier. • Administering user accounts This consisted mostly in maintaining a small number of faculty and graduate student accounts. Technical Skills I have experience with a tremendous number of systems, services, and languages. The following list is heavily abbreviated and reflects my current focus. The full version of [108]my resume details many of these in the expanded experience section. Programming Languages Ruby, JavaScript, Bash, Perl, Python System Platforms Ubuntu, Amazon Linux, RHEL, Windows, Solaris, True64 Technology Stacks AWS, Docker, Kubernetes, Terraform, Ansible, ELK Services Elasticsearch, Redis, RabbitMQ, Logstash, many RDBMS Education MS in Computer Science Minnesota State University, Mankato - 5/2000 Completed thesis entitled [109]Knowledge extraction from Neural Nets through Graph Theory. BS in Computer Science Minnesota State University, Mankato - 3/1997 Received grant for research on [110]Convex Subsets as a heuristic for Tournament Isomorphism presented as poster session at the 1996 Small College Computing Symposium in St. Cloud, MN. Another research project, related to Data Mining, on [111]Explanation Facilities in Neural nets guided further research at Minnesota State University. ══════════════════════════════════════════════════════════════════════════ > This document was translated from L^AT[E]X by [112]H^EV^EA. References Visible links 1. mailto:matthias@opennomad.com 2. https://opennomad.com/ 3. https://matthiasjohnson.com/ 4. https://www.terraform.io/ 5. https://aws.amazon.com/ 6. https://kubernetes.io/ 7. https://jenkins.io/ 8. https://circleci.com/ 9. https://www.reactiveops.com/ 10. http://aws.amazon.com/ 11. https://en.wikipedia.org/wiki/Infrastructure_as_Code 12. https://kubernetes.io/ 13. https://github.com/ansible/ansible 14. https://12factor.net/ 15. https://github.com/reactiveops/pentagon 16. https://github.com/reactiveops/ansible-manage-es 17. https://github.com/reactiveops/ansible-manage-rds 18. https://github.com/reactiveops/ansible-get-vpc-facts 19. http://www.catalystsecure.com/ 20. http://aws.amazon.com/ 21. https://www.elastic.co/ 22. https://www.rabbitmq.com/ 23. https://nodejs.org/ 24. https://www.docker.com/ 25. https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 26. http://aws.amazon.com/cloudformation/ 27. https://www.packer.io/ 28. https://cucumber.io/ 29. https://jenkins-ci.org/ 30. https://drone.io/ 31. https://www.elastic.co/products/logstash 32. https://sensuapp.org/ 33. https://influxdb.com/ 34. http://www.catalystsecure.com/ 35. http://www.fastsearch.com/ 36. http://www.marklogic.com/ 37. http://www.redhat.com/rhel/server/ 38. http://nagios.org/ 39. http://www.pnp4nagios.org/pnp/start 40. https://puppet.com/ 41. https://www.linkedin.com/company/viawest/ 42. https://www.linkedin.com/company/viawest/ 43. https://www.linkedin.com/company/viawest/ 44. https://www.linkedin.com/company/viawest/ 45. http://www.barracudanetworks.com/ 46. http://www.cudenver.edu/ 47. http://www.cisco.com/ 48. http://www.oracle.com/ 49. http://www.mysql.com/ 50. http://www.snort.org/ 51. http://www.nessus.org/ 52. http://www.chkrootkit.org/ 53. http://www.netsaint.org/ 54. http://osiris.shmoo.com/ 55. http://www.raxnet.net/products/cacti/ 56. http://www.tippingpoint.com/ 57. http://www.ietf.cnri.reston.va.us/html.charters/ldapbis-charter.html 58. http://www.internet2.org/ 59. http://www.veritas.com/products/category/ProductDetail.jhtml?productId=nbux 60. http://www.fidelia.com/ 61. http://www.redhat.com/ 62. http://www.fidelia.com/ 63. http://www.fidelia.com/ 64. http://www.mozilla.org/projects/bugzilla/ 65. http://www.mysql.com/ 66. http://www.fidelia.com/ 67. http://ucd-snmp.ucdavis.edu/ 68. http://www.apache.org/ 69. http://www.poet.com/ 70. http://jakarta.apache.org/ 71. http://www.fidelia.com/ 72. http://www.cvshome.org/ 73. http://www.cvshome.org/ 74. http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi/ 75. http://www.akhphd.au.dk/~bertho/cvsgraph/ 76. http://www.fidelia.com/ 77. http://www.fidelia.com/ 78. http://www.fidelia.com/ 79. http://www.active.com/ 80. http://www.sun.com/ 81. http://www.linux.org/ 82. http://www.cobalt.com/ 83. http://www.valinux.com/ 84. http://www.active.com/ 85. http://www.oracle.com/ 86. http://www.mysql.com/ 87. http://www.apache.org/ 88. http://www.allaire.com/products/coldfusion/index.cfm 89. http://www.active.com/ 90. http://www.redhat.com/ 91. http://www.linux-mandrake.com/en/ 92. http://www.fsf.org/ 93. http://www.cvshome.org/ 94. http://www.active.com/ 95. http://www.research.att.com/ 96. http://www.mnsu.edu/ 97. http://www.mnsu.edu/ 98. http://www.mnsu.edu/ 99. http://www.perl.com/ 100. http://www.opendldap.org/ 101. http://www.apache.org/ 102. http://www.coda.cs.cmu.edu/ 103. http://www.gnu.org/ 104. http://www.gimp.org/ 105. http://www.gtk.org/ 106. http://www.xemacs.org/ 107. http://www.cset.mnsu.edu/cis/ 108. http://opennomad.com/resume 109. http://matthiasjohnson.com/Extra/Research/Thesis/thesis-manuscript.html 110. http://matthiasjohnson.com/Extra/Research/Tournaments/tournaments.html 111. http://matthiasjohnson.com/Extra/Research/EBNN/ebnn.html 112. http://hevea.inria.fr/index.html