47 lines
3.4 KiB
Plaintext
47 lines
3.4 KiB
Plaintext
---
|
|
title: "Chair DevOps Admin"
|
|
tags: [project, devops, kubernetes, server-administration, infrastructure]
|
|
excerpt: "Managed LMU chair IT: Kubernetes, CI/CD, and infrastructure automation from 2018 to 2023."
|
|
teaser: "/images/projects/arch.png"
|
|
icon: "/images/projects/arch.png"
|
|
---
|
|
|
|
During my tenure at the LMU Chair for Mobile and Distributed Systems, alongside my research activities, I assumed responsibility for the ongoing maintenance of the group's IT infrastructure. This encompassed Linux workstations, Windows Server-based hypervisors, Linux file servers (utilizing ZFS), and core network services.
|
|
|
|
---
|
|
|
|
<InfoBox title="Project Overview">
|
|
- **Role**: System Administrator, DevOps Engineer, Network Administrator
|
|
- **Duration**: 2018 - 2023
|
|
- **Technologies**: Kubernetes (K3S), Ansible, Docker, CI/CD (GitLab CI, Argo CD), GitOps, Linux Server Administration, Traefik, WireGuard, ZFS, Longhorn, IaC
|
|
</InfoBox>
|
|
|
|
|
|
## Key Initiatives & Achievements
|
|
|
|
* **Infrastructure as Code & Orchestration:**
|
|
* Leveraged **Ansible** extensively for automated configuration management and orchestration across a heterogeneous environment, ensuring consistency and reducing manual effort in managing diverse operating systems (Debian, Arch Linux, Windows), hardware configurations, and software libraries.
|
|
|
|
* **Containerization & Kubernetes Migration:**
|
|
* Spearheaded the migration of numerous internal services (including web applications, databases, and research tools) from traditional VMs and bare-metal deployments to a **Kubernetes (K3S)** cluster. This enhanced scalability, resilience, and resource utilization.
|
|
* Implemented **Longhorn** for persistent, distributed block storage within the Kubernetes cluster.
|
|
|
|
* **DevOps & GitOps Implementation:**
|
|
* Established a modern DevOps workflow centered around a self-hosted **GitLab** instance, utilizing **GitLab CI** for automated testing and container building.
|
|
* Implemented **Argo CD** for GitOps-based continuous deployment to the Kubernetes cluster, ensuring declarative state management and automated synchronization.
|
|
* Managed sensitive information using **Sealed Secrets** for secure secret handling within the GitOps workflow.
|
|
|
|
* **Networking & Security:**
|
|
* Configured **Traefik** as the primary reverse proxy and ingress controller for the Kubernetes cluster, automating routing, service discovery, and TLS certificate management.
|
|
* Implemented and managed a **WireGuard** VPN server to provide secure remote access for chair members to internal resources.
|
|
|
|
* **ML Workflow Optimization:**
|
|
* Re-architected the execution environment for machine learning experiments. Transitioned from managing dependencies directly on workstations or via a less reliable SLURM setup to a containerized approach using **Docker**.
|
|
* Utilized the self-hosted **GitLab Container Registry** for storing ML environment images.
|
|
|
|
---
|
|
<br/>
|
|
## Outcomes & Philosophy
|
|
|
|
This hands-on role provided deep practical experience in modern system administration, networking, Infrastructure as Code (IaC), and cloud-native technologies within an academic research setting. It fostered my preference for minimalist, reproducible, and microservice-oriented architectures. These principles and skills are actively applied in my personal projects, including the self-hosting and management of this website and various other containerized services.
|