I bring forth a wide range of experience across DevOps, Cloud Engineering and Cloud Solutions Architecture, bringing more than 14 years of knowledge and expertise working within rather complex and technical capacities towards a common goal.
I have amassed a strong academic record where I am a CKA and CKS certified, Pro AWS Solutions Architect and Pro AWS Certified DevOps Engineer, Red Hat Certified Systems Administrator (RHCSA) as well as Azure Administrator certified and MCSA, and ITIL v3 Certified Professional.
- Website: lessandro.ugulino.com
- Linkedin: linkedin.com/in/lezampieri/
- Email: lessandro.ugulino@gmail.com
- Blog: Medium
- Diploma in Network Computer - UNIFACCAMP
- Certified Kubernetes Administrator (CKA)
- Certified Kubernetes Security Specialist (CKS)
- Red Hat Certified System Administrator (RHCSA)
- AWS Certified DevOps Engineer - Professional
- AWS Certified Developer - Associate
- AWS Certified Solutions Architect - Professional
- AWS Certified Solutions Architect - Associate
- AZ-104: Azure Administrator Associate
- Microsoft® Certified Solutions Associate: Windows Server 2016
- Microsoft® Certified Solutions Associate: Windows Server 2012
- Microsoft Certified Professional: Microsoft Certified Professional
- Microsoft® Certified Technology Specialist: Administering and Deploying System Center 2012 Configuration Manager
- Microsoft® Certified Technology Specialist: Windows Server 2008 R2, Server Virtualization
- Microsoft® Certified Solutions Associate: Windows Server 2008
- Microsoft® Certified Technology Specialist: Designing, Assessing, and Optimizing Software Asset Management (SAM)
- Microsoft® Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
- Microsoft® Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
- Microsoft® Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
- ITIL v3 Foundation
- CI/CD: GitLab pipeline - Coffee Portal
- Python3 - Exporter Google Analytics v4
- Cluster K8s on RPi
- Ansible Automation: Grafana & Prometheus for AWS Fargate
- Ansible Automation: Jenkins on AWS Fargate
- Ansible Automation: Backend API Get Books
- Ansible Automation: K8s Nginx Ingress
- Terraform Automation: K8s Nginx Ingress Wordpress
- Ansible Automation: EC2 Docker Swarm
- Ansible Automation: Vagrant Docker Swarm
- Running
- Boxing
- Puzzles
- TV shows and movies
- Audiobooks
- Reading (Kindle)
Sr. DevOps Engineer / Cloud Architect
[Jun 2023 - Current]
Working across different clients and regions such as Hong Kong, Dubai, China, India, and Australia, I’m responsible for automating infrastructure deployment, monitoring system performance, ensuring the reliability and security of applications, and collaborating between the development and IT operations teams to streamline the software delivery process.
As an example, working for the customer in Dubai my responsibility was to design and deploy the whole CI/CD pipeline using the tools Azure DevOps, Private Azure AKS with self-hosted agents, Private ACR, Ingress Application Gateway, VNets, Security Groups, Azure KeyVault, ḎNS, private endpoints, etc.
Another project I got a chance to work with was for one of the Rackspace customers who provide the best e-auction platforms where buyers and sellers of diverse goods & services, our sourcing platforms promise fair price discovery, bringing transparency and savings to the buyer.
Due to sensitivity data, and the organization’s compliance objectives, the AWS RDS could not be used. My responsibility was to design and deploy a solution to provide High Availability for PostgreSQL using the tools ETCD, Patroni and AWS.
Also, as senior DevOps engineer, one of my roles is helping different engineers sharing my knowledge and helping them handling difficult clients.
Project 01:
Consultant and Deployment of the whole Azure AKS environment to support the client’s application.
The customer is an award-winning international financial center located on Al Maryah Island in the heart of the UAE's capital city, Abu Dhabi.
• Design and architect the Azure Kubernetes (AKS) to support the front-end and back-end of the client’s applications.
• Consultant knowledge to help the client provide the best recommendation following Microsoft best practices.
• Design the whole CI/CD pipeline using Azure DevOps.
• Documentation of the whole solution/deployment.
• Microsoft Azure: AKS (Kubernetes), Azure DevOps, Container Registry, Ingress Application Gateway, Load Balancer, KeyVault, SSL Certificates, Private Endpoints, Private DNS Zone, VNet, Subnet, NSG and route tables.
• Scripting and Development: PowerShell, Bash and YAML.
• Microsoft: Windows Server
• Linux: Ubuntu Server
• Centralized location to deploy the Pipelines.
• Improved the time spent to release a new application or version.
• Centralized location to run the client’s applications.
• Security improvement to access the client’s applications.
• Centralized location to store the docker images.
Project 02:
Consultant, Deployment, and Improvement of the Azure Security and Networking resources.
The customer is a world leader in Testing, Inspection and Certification (TIC). They assist their clients throughout the lifetime of their assets, products, and infrastructure, helping them assure quality, reduce costs, increase productivity, and foster a more responsible, sustainable culture.
• Review the whole Azure environment following the Azure Well-Architected framework.
• Improve the security and networking of Azure resources.
• Consultant advice providing the Microsoft best practices.
• Design and architecture the Azure Kubernetes (AKS) to support the client’s applications.
• Design and architecture of the Azure Firewall to enhance the security layer.
• Documentation of the whole solution/deployment.
• Microsoft Azure: : Azure Firewall, Azure Firewall Policies, AKS (Kubernetes), Azure DevOps, Container Registry, Private Endpoints, Private DNS Zone, VNet, Subnet, NSG and route tables.
• Scripting and Development: Bash and YAML.
• Microsoft: Windows Server
• Linux: Ubuntu Server
• Centralized location to deploy the Pipelines.
• Strengthen the network security posture.
• Prevent malware and viruses from spreading.
• Inspect traffic in real time.
• Improved the time spent to release a new application or version.
• Centralized location to run the client’s applications.
• Security improvement to access the client’s applications.
• Centralized location to store the docker images.
• Reduced MS Azure costs.
Project 03:
Consultant, Deployment, and Improvement of AWS EC2 applications.
The customer provides best e-auction platforms where buyers and sellers of diverse goods & services, our sourcing platforms promise fair price discovery, brings in transparency and savings to the buyer.
• Review the application performance deployed on the AWS environment.
• Proposed the solution to enhance the client’s application following the AWS best practices.
• Provide the best approach to deploy the HA with automatic failover management using Patroni, ETCD, and PostgreSQL databases.
• Set up the AWS DevOps tools (CodeCommit, CodePipeline, CodeBuild and CloudFormation) to automate the whole HA solution.
• Documentation of the whole solution/deployment
• AWS: EC2, AMI, Load Balancer, ASG, Target Groups, CloudWatch Application Signals, AWS Backup, AWS DevOps tools, Parameter Store, KMS, IAM, EFS, CloudFormation, S3, VPCs, Subnet, NSG and route tables.
• Scripting and Development: Ansible, Bash and YAML.
• Open Source: Patroni, PostgreSQL and Etcd.
• Linux: Red Hat 7.3
• Centralized location to deploy the HA solution.
• Enabled the users to model and manage infrastructure resources in an automated and secure manner.
• Automatically instrument applications based on best practices for application performance.
• Automatic failover management.
• Automatic scaling and management of EC2 instances.
• PostgreSQL High Availability.
• Tomcat application performance improvement.
• Centralize data protection management for the application.
Sr. DevOps Engineer
[May 2021 - Jun 2023] 2 years
As a senior DevOps Engineer, I was responsible for designing and implementing complex CI/CD pipelines and architecting scalable and resilient infrastructure using AWS CloudFormation and Terraform.
During my time working for Culture AMP, we designed and deployed a self-service portal using Ansible, Python, Jenkins, PowerShell, and AWS CloudFormation to help the development and infrastructure team release and speed up the process of delivering new applications.
In this portal, the engineers could launch new EC2 instances as well as AWS Lambdas using a drop-down list.
Apart from that, my responsibilities were evaluating new technologies, establishing best practices, optimizing cloud costs, and implementing security best practices. Also, I was leading the K8s project.
Senior SRE / DevOps
[March 2020 - Jan 2021] 10 months
The Ticketek website during major events could receive millions of visits per day, especially during peak ticket sale periods or when highly anticipated events are announced.
I was responsible for ensuring the reliability, scalability, and performance of production systems which include designing and implementing resilient architectures, establishing, and monitoring service level objectives (SLOs) and error budgets, conducting incident management and postmortems to drive continuous improvement, and automating operational tasks to minimize manual intervention.
I was part of a project to automate the whole production release in the UK which involved designing Continuous Integration (shared repository), Continuous Delivery (automating the software release process such as automated deployment, testing, and configuration processes) and Continuous Deployment (every change that passes automated tests is automatically deployed to production without manual intervention).
DevOps Engineer / Cloud Architect
[June 2016 - March 2020] 3yrs 9m
I was responsible for helping clients implement continuous integration/ continuous deployment (CI/CD) pipelines, managing configuration management tools, and optimizing cloud infrastructure usage.
Also, one of my roles was leading a project involving cloud migration and collaborating with cross-functional teams to align cloud strategies with business objectives. Additionally, staying updated with the latest cloud technologies and trends to drive innovation within the organization.
-
Gateway Rebuild Project
- Inefficiency for development
- DR failover issues
- Build separate Production and Non-Production Gateways to provide agility for development
- Setup two AWS accounts following CI/CD best practices
- Setup AWS Transit Gateway via Terraform and Cloudformation
- Setup Fortigate and F5 via Ansible Tower and Cloudformation
- Zero downtime
- Resolved the existing gateway technical design and DR failover issues
- Terraform
- Ansible
- Jinja Templates
- PowerShell
- AWS EC2
- AWS VPC (Subnets, Internet Gateway, NACLS and VPC route tables)
- AWS Transit Gateway (TGW Attachments and TGW Route tables)
- AWS CloudFormation
Senior Consultant
[October 2012 - October 2013] 1yr 1m
Responsible for:
- IT infrastructure projects;
- Microsoft projects as MS System Center, MS Active Directory, MS Windows Server, among other projects for big and middle-sized companies;
- Writing, updating, and maintaining technical tutorials;
- Repairing and replacing peripheral equipment such as terminals, printers, and modems;
Systems Engineer
[April 2010 - October 2012] 2yr 7m
Installation, configuration, and deployment of SCCM 2007 and SCCM 2012 for imaging and deployment of applications and Operating Systems across enterprise environments. Complete installation of SCCM from start to finish for several large clients. Deployment of SCCM client via "Client Push" mechanism. Setup and synchronization of WSUS with SCCM for patching maintenance. OSD via "Zero Touch" or "Lite Touch" delivery.
- Responsible for providing 1st level / 2nd level/ 3rd level support to end-users in troubleshooting and resolving PC/Server problems;
- Develop as well as implement application test plans, including both integration and full system test plan;
- Implemented solution to eliminate duplicate SCCM GUID's thus creating client stability and integrity;
Support Analyst
[March 2009 - March 2010] 1yr 1m
Performed first level problem determination using automated Helpdesk software tools to resolve problems across the company.
- Apply service packs to workstations via WSUS;
- Performed network administration; created user groups and user accounts; reset passwords;
- Provide first call resolution to ensure customer satisfaction;
- Writing, updating and maintaining technical tutorials;
- Repairing and replacing peripheral equipment such as terminals, printers and modems;
- Installing and downloading appropriate software;
Jr. Support Analyst
[Jan 2008 - Mar 2009] 1yr 3m
Responsible for coordinating with staff and handling new account creations, system builds, and deployments.
- Performed Active Directory user management;
- Created and performed computer imaging using Windows Deployment Services;
- Trained and assisted business users in the use of company's software;