François Gouteroux

Platform Engineer / Automation Consultant

Built and maintain a secure multi-tenant observability stack using Grafana OSS products (Grafana, Mimir, Loki, Envoy).

• Implemented multi-tenancy and secure authentication for Grafana Mimir using Envoy Proxy and Vault, providing cost savings over enterprise licensing. This solution was reused for logs with Loki (managed by another team)
• Developed and published Terraform Providers for Grafana Mimir and Loki
• Created custom Prometheus exporters: foreman_exporter, threshold_exporter
• Enhanced upstream Prometheus exporters: puppet-agent-exporter, alertmanager-silences-exporter
• Developed knot-exporter in Go as Prometheus exporter for Knot DNS, integrating C code with Go to interact with Knot DNS native libraries and transferred the project to CZ.NIC (the creator of Knot DNS and Python exporter). Continued contributing through pull requests for automated releases, unit tests, and quality improvements
• Built ACME Manager, a comprehensive certificate lifecycle management solution with automatic renewal, cluster mode with leader election (Memberlist), Vault integration, DNS/HTTP challenge support, and Prometheus monitoring.
• Developed Grantm, a tool providing enterprise-grade Grafana features similar to paid Grafana Enterprise version, including Okta user synchronization for rights/organizations
• Created Slam application for Alertmanager notifications to Slack without webhook URLs for each Slack channel
• Developed Promk (Prometheus Keepalive Agent) to reduce false positive alerts by sending Up metrics at given intervals, used with Grafana Agent (metrics, logs, traces collector)
• Built Kubernetes DNS operator for managing DNS records (A, CNAME, SRV) based on container annotations, enabling external HAProxy load balancer usage and removing MetalLB complexity/limitations
• Contributed to official projects: grafana/agent, grafana/mimir, grafana/terraform-provider-grafana, prometheus/prometheus, prometheus/alertmanager, PagerDuty/terraform-provider-pagerduty

Before 2022:

• Automated telemetry stack deployment (Metrictank, Kafka, Zookeeper, Graphite, Carbon-relay, Grafana) with operational maintenance and version upgrades
• Automated monitoring stack deployment with Sensu (Terraform) and Moira
• Developed Sensu assets for Linux system metrics collection in Go, Sensu handlers in Ruby and Go
• Developed Terraform modules for RabbitMQ, Grafana, and other components
• Created Terraform provider for managing VIPs and DNS records with Foreman SmartProxy
• Contributed to external Terraform providers (Sensu, RestAPI)
• Developed GIAUM application (Python Flask) for user creation requests
• Developed MoldApi program in Go to provide API interfaces for tools without native API support

Technologies: Go, Python, Ruby, Terraform, GitLab, Kubernetes, Grafana, Mimir, Loki, Prometheus, Envoy, Vault, Puppet, Redis, RabbitMQ, S3, ACME, Knot DNS

Automation Consultant

Advanced automation and infrastructure self-service initiatives for Dev and R&D teams.

• Developed Python automation tools:
  • f5manager: F5 configuration management with YAML files
  • foreman-clush: Shell command execution with Foreman as server repository
  • itlab: Web interface for user creation
• WSO2: Automated HA deployment and configuration, developed Python microservice for WSO2 monitoring
• Datalake: Automated deployment and configuration of multiple MapR clusters (LAB to production), managed operational maintenance, version upgrades, and scalability
• Developed maprapp Python tool for deploying Spark applications on MapR clusters without local dependencies and with controlled Java library versions

Technologies: MapR, Hadoop, Spark, Hive, Puppet, Python, Elasticsearch, Java, F5, WSO2

Automation Consultant / Tech Lead

Created and delivered database, BI, and application products for fully automated platform. Led team of 4 people (Oct 2016 - Mar 2017) interfacing with security/storage/middleware/analytics teams and opening tools to existing teams.

• Developed geo-localized orchestrator (initiated by Ahmet Demir) in Python for automated YAML workflows enabling simple, idempotent, efficient, secure and fast deployment with Flask, RabbitMQ, Celery, and MongoDB
• Implemented HA Puppet server architecture for UK and FR sites configuration management
• Built CI/CD platform with GitLab-CI and Docker
• Developed Python Flask web application for GitLab project management
• Created Ansible playbooks and callbacks
• Refactored Python modules for providers (Infoblox IPAM, NSX Manager, vCenter, Ansible, Cleversafe, RHEL Satellite) and migrated to Python 3

Technologies: Python, Puppet, Ansible, Flask, RabbitMQ, Celery, MongoDB, Docker, GitLab-CI, Linux

VMware Consultant

Infrastructure automation based on Dell EMC Vblock Systems.

• Developed workflows with VRO/VRA
• Created workflows with Cisco UCS for automated server creation and configuration

Technologies: VRO/VRA, Cisco UCS

AWS Consultant

Extended Veolia infrastructure on Amazon as part of proof of concept.

• Defined technical architecture
• Supported VM migration to AWS
• Implemented inter-region VPN failover
• Python scripting
• Documentation and knowledge transfer

Technologies: AWS, Python

Puppet Consultant

Server configuration automation with Puppet for new production platform deployment.

• Implemented development environment with Vagrant
• Developed Puppet roles/profiles and specific modules
• Automated integration testing with Jenkins and Beaker
• Created technical documentation

Technologies: Puppet, Beaker, Jenkins, Vagrant

OpenStack Consultant

Implemented OpenStack and Puppet model for ERDF infrastructure automation.

• Assisted in technical environment preparation
• Installed and configured solutions for virtual platform deployment and extended to physical platforms
• Tested, validated, and presented solutions

Technologies: OpenStack, Puppet

Cloud Consultant

Implemented private cloud offering using HP solutions.

• Gathered functional requirements
• Defined technical architecture
• Installed solutions and developed server provisioning automation flows
• Provided debugging assistance
• Transferred knowledge and created technical documentation

Technologies: HP OO 9, HP CSA 3.2

Technical Consultant

Implemented fifty IAAS offerings for enterprise clients as part of Integra’s managed services and hosting activities.

• Deployed HP OO and HP CSA solutions
• Developed automation flows and integrated services into web portal
• Assisted with production deployment
• Created documentation and transferred knowledge to technical teams

Technologies: HP OO, HP CSA

Systems and Network Administrator

Network and Security:

• Studied OpenStack project, implemented private cloud and tested components like Network (on-demand network management) and Cinder (persistent disk service)
• Analyzed UFCV network after virus infection, detected network attacks with Cyberoam UTM IPS module, identified infected computers, and created security report with recommendations
• Migrated Neoxia network infrastructure, managed patch panel, configured switches and created VLANs, integrated new storage server with operational procedures, phase preparation and analysis
• Created secure infrastructure on Amazon Cloud for client
• Secured and hardened Windows 2008 server, managed network flows, created functional specifications, technical documentation and training
• Deployed secure PHP site with SSL certificate and email sending using Amazon SES

Development:

• Developed PHP application for calculating Amazon instance costs (FuelPHP Framework, AWS API, JSON)
• Performed load testing missions to validate DSI and C3S applications for 2013 GIP-MDS campaign
• Developed and enhanced DADS-U statistics tracking for 2012 and 2013 for GIP-MDS (VB, Oracle)

Systems:

• Implemented Nagios-based monitoring solution for critical servers and network equipment
• Deployed NetFlow Analyzer for monitoring inbound/outbound traffic
• Installed and integrated new virtualization server into existing network
• Managed VMs and backups
• Studied and implemented file server storage capacity expansion
• Redesigned and improved Symantec tape backup rules and created tape management plan
• Migrated PC fleet to Mac, researched and integrated new Mac software for consultant needs
• Provided user assistance, troubleshooting and workstation reinstallation
• Developed Visual Basic application for tracking 2011 DADS-U statistics for GIP-MDS
• Conducted IT infrastructure audit for Montpellier School of Architecture (ENSAM)

Technologies: OpenStack, Nagios, NetFlow, Symantec, AWS, Windows, Linux, PHP, VB, Oracle, Cyberoam, VMware

Network Technician

• Responsible for intranet management
• Administered and maintained Windows servers
• Updated IT inventory (GLPI) and remote application deployment (OCS)
• Implemented Linux server for network-based workstation backup and restoration
• Deployed Atempo Live Backup for real-time data backup
• Created online catalog request website for customers
• Developed PHP module for expense report payroll
• Partially redesigned intranet
• Provided user assistance, troubleshooting and workstation reinstallation

Technologies: Windows Server, Linux, GLPI, OCS, Atempo Live Backup, PHP

ESGI

IUT Sénart

Cogefi