I’m available to consult on your projects through Ordinary Experts, a team of DevOps specialists. Go here to check out our process and to set up an introductory call. 📞
These are some of the things I can help you with:
Toolchain Upgrades
Stuck with old Python 2 scripts and getting warnings that they’re going out of support? Slogging through errors upgrading to terraform 0.12? Upgrading to RHEL 8 and stuck trying to get your services migrated to systemd? I can help.
Here are some of the toolchains I’ve upgraded on past projects:
- Amazon Linux
- Bash/sh
- Chef
- CloudFormation
- Python
- Red Hat Enterprise Linux (RHEL)
- Terraform
- Ubuntu Server
- Windows Server
If you’re using something that’s not on this list, I can still help. Get in touch so we can review.
CI/CD Pipeline Development
Trying to figure out which pipeline tools to use in all the endless options? Stuck waiting hours for your pipelines to deploy new versions to prod? Has troubleshooting pipeline failures become part of your routine? I’ll review your existing tooling and it’s performance and we’ll talk about your plans for the future. We’ll work together to develop a path to that future, then I’ll build the pipelines and deliver them with documentation you can use to take over.
Here are some of the CI/CD tools I’ve used on past projects:
- AWS CodeDeploy
- AWS CodePipeline
- Azure DevOps Pipelines
- CircleCI
- Jenkins
- Maven
If you’re using something that’s not on this list, I can still help. Get in touch so we can review.
Audit Remediations and Security Hardening
Stuck iterating through a list of required remediations from a security audit? Trying to go above and beyond just what your auditors require because you’re worried about potential breaches? I’ll come onboard and work with you to remediate and harden your infrastructure.
Here are some of the security tasks I’ve handled in past projects:
- Removing
*permissions from AWS IAM policies. - Removing
0.0.0.0rules from firewalls. - Tightening traffic rules inside VPCs.
- Patching more frequently.
- Upgrading dependency chains.
- Reducing the use of root and administrator accounts.
- Adding user access logs.
- Removing private keys and passwords from code repos.
- Limiting SSL/TLS versions and ciphers accepted by web servers and load balancers.
- Hardening HTTP servers (nginx, apache, etc.).
- Hardening application servers (uWSGI, gunicorn, etc.).
- Limiting who has access to do deployments.
If you have requirements that aren’t on this list, I can still help out. Get in touch so we can review.
Reference Implementations
Want your team to own the automation but want to make sure they’re coding to good practices? I can take point while they get up to speed. We’ll work together to identify a component to automate, then I’ll automate it. I’ll keep your team in the loop while I work so they can see the process. When I’m done, I’ll deliver the code along with documentation. Your team can use that component as a reference to follow in their own work. I’ll stay onboard for a while after delivery to review their code and answer questions.
Rent-A-Lead
Need an experienced DevOps engineer to lead the development of your code for a while? I can take the review and merge-master role for your DevOps repos. I’ll maintain scheduled office hours so I can give guidance to engineers when they’re starting work. I’ll review your pull requests and give architectural, security, and line-by-line implementation feedback.
I can also help you set up a development process for engineers who have limited development experience. I’ll set up a repo structure, write templates and documentation to guide them through the development and contribution process, and train them on version control management.
This works best when I’m also booked to do at least one implementation a month. That helps me stay close to the details of your infrastructure, which helps me tailor my coaching to your specific situation.
Discovery and Documentation
Inherit an infrastructure that has undocumented components and a bunch of hand-deployed resources? Lose that one staffer who knew where everything was? I can come on board and help discover how your existing systems work and get them documented for the future.
This is a white-glove service, not a robotic one. I don’t use automated tools to detect your setup by watching network traffic (or similar). Sometimes an automated tool can do the discovery you need, but the rest of the time you need a human. I handle the cases that need a human.
Backlog Grooming
DevOps backlogs can be very technical. Unlike Web Development, where you’ll see tickets like “Users would like to be able to cancel orders”, in DevOps you tend to see tickets like “Evaluate PowerShell DSC vs Ansible to replace raw PowerShell scripts”. These can be very difficult for Project Managers to groom, especially if your staff have recently gone through a transition. I can help you:
- Add details to tickets so they’re understandable by non-engineers.
- Identify and close outdated and duplicate tickets.
- Add missing tickets.
- Prioritize tickets.
- Organize epics.
To do this well, I need to know your infrastructure. It’s generally best if I do this after I’ve completed a technical project for you.
Code-It-For-Me
Struggling to develop automation to deploy your applications? I can code it for you. Sometimes, you need a seasoned automator to get the first version to production. I can get you there. I’ll onboard to your team and start contributing directly to your repos.
This works best when your team is closely involved and actively contributing to the code with me. That makes it a lot easier for them to take over as I phase out. I may be the top contributor for a while, but I shouldn’t be the sole contributor.
DevOps 911
Swimming in outages and alerts? Trying to get the system stable but constantly under water? I can do damage control.
Normally, when I onboard to a team I adopt an integrated role. I work side-by-side with your team and involve them in the design and decision processes of development. When you pick up the red phone ☎️ for DevOps 911, I skip that and directly implement what’s needed. Sometimes it just needs to get fixed. I’ll fix it.
- Identify issues that are impractical to fix in the short term and help you find workarounds.
- Fix the top priority issues that can be fixed in the short term.
- Identify and silence non-actionable alerts so it’s easier to see what you actually need to respond to.
- Identify and prioritize the remaining work that’s needed to make the system stable.
- Deliver a plan for how to get from where you are to a stable state.
If any of these services look like the right fit for your project, I’m available to consult on your projects through Ordinary Experts, a team of DevOps specialists. Go here to check out our process and to set up an introductory call. 📞