Bradley Frank

Senior SysAdmin & DevOps Engineer

image

Experienced System Administrator and DevOps engineer with a multitude of skill sets. CS/MIS by education, practical IT by trade; experience in non-profits, private industry, and higher education. Has administered and deployed with Windows and Linux, developed in a handful of programming languages, and utilized hundreds of tools. Loves learning and developing new skills. Always looking forward to building next generation systems and infrastructure.


Work Experience

Senior Systems Administrator

Tufts University | April 2018 — Present

Managed development and operations in a hybrid cloud environment running critical university services — Oracle and MySQL databases, CMS platforms, HR/finance applications, and network appliances — leveraging our private GitLab infrastructure, Puppet and Ansible for configuration management, and Docker and Kubernetes for deploying applications.

  • On-call escalation responsible for delegation of client support cases, issue resolution, and incident postmortem
  • Managed a full stack Drupal and WordPress hosting environment for university schools and departments
  • Administered CI/CD pipeline for deploying containers, working directly with Kubernetes to troubleshoot issues
  • Built ubi8-based Docker images and developed Jenkinsfile configs for customized developer needs
  • Coordinated bi-annual infrastructure-wide patching and upgrading of 500+ VMs and appliances
  • Developed systemd services for enterprise Oracle applications and other internal finance and HR tools

Cloud Architect & Security Engineer

Data Privacy Lab | June 2018 — Present

Contracted to build and maintain Ubuntu-based ec2 instances and associated components (VPC, RDS, CodeCommit, DNS, etc.) within AWS to securely publish data from collaborative work with the FTC, FEC, and other government agencies, along with investigative work into privacy and security in the realm of big data.

  • Migrated critical websites from on-prem RHEL6 VMs to Ubuntu 18.04 ec2 instances
  • Upgraded from manually generated InCommon SSL certs to an automated LetsEncrypt certificate system
  • Instituted IAM policies for securing user and root accounts with MFA
  • Developed processes and security for checking code into CodeCommit and deploying to instances
  • Created a suite of end-user documentation for managing sites and AWS infrastructure

Systems Administrator

Harvard-MIT Data Center | March 2013 — April 2018

Worked on a devops team to configure, deploy, and manage 200+ physical, virtual, and cloud-based CentOS servers making up a social science research cluster with adjacent services (DNS, LDAP, web hosting, database hosting, big data storage) that served faculty and students across Harvard.

  • On-call responsibilities for 24x7 steady-state operations included monitoring for incident response, weekly tape backup rotation, providing tier II and III support for clients, and patching/upgrading servers and appliances
  • Deployed Puppet for infrastructure management using Capistrano under a dev → qa → production model
  • Completely rebuilt internal web hosting platform to a LEMP model, managed with Puppet/Hiera
  • Upgraded legacy MySQL hosting to a modern MariaDB infrastructure with multi-master replication and backup
  • Administered NetApp FAS series storage running ONTAP 8 for hosting big data and VM storage
  • Mentored junior Systems Administrator in architecture, troubleshooting methodologies, and best practices
  • Managed confidential data (levels 1–4 as per Harvard IRB) across multiple environments

Systems Project Manager

Harvard EdLabs | August 2012 — May 2018

Contracted to develop and engineer a secure systems infrastructure — that complied with Harvard’s highest level security requirements — for a team of statistical researchers at the Education Innovation Laboratory, to store and process private, public, and governmental datasets.

  • Researched and deployed high-performance, multi-user, CentOS 7-based workstations for analyzing big data
  • Wrote custom scripts for user management, log retention, data backup, and data onboarding
  • Configured systems to meet strict security requirements with intrusion detection, access control policies, removal of network/remote capabilities, data encryption, session locking and expiration, and root logging
  • Wrote administrator and user manuals, documented technical setup of workstations, and security compliance checklists for Harvard University and third party data providers

IT Support Specialist

Harvard-MIT Data Center | July 2011 — March 2013

As a member of a small client services team, provided security training and deployment, along with tier I and tier II support for a wide array of hardware, software, mobile devices, and an on-prem High Performance Cluster for hundreds of faculty, staff, and students across several departments.

  • Built PC imaging process using Acronis True Image, reducing deployment time by dozens of hours
  • Quoted and purchased computer equipment, accessories, software, and licenses for departments
  • Supported students and faculty using the research cluster virtual desktop environment

LAN Administrator

Personal Computers, Inc. | Sept 2010 – July 2011

As part of a MSP, performed dual roles as tier II and tier III remote and on-site support for multiple clients, and a systems administrator overseeing servers, SANs, phone appliances, and networking equipment in a colocation facility.

  • Supported Domino Admin 6.5 with Lotus Notes, Exchange Server 2003, Zimbra Server 5, and iMail
  • Performed tape backups and restores with CA ARCserve and NetApp appliance
  • Responsible for a 400+ server data center and steady state operations during 24x7 on-call rotations
  • Executed monthly WSUS for Windows 2003 and 2008 servers during overnight maintenance windows
  • Developed monitoring applications for critical web hosting processes

Systems Administrator I

Crystal Run Village, Inc. | Oct 2007 – Sept 2010

Member of a small team providing comprehensive IT support for a non-profit serving intellectually disabled individuals, and its 50+ residential offices, along with managing mission critical infrastructure and services from the on-site data center.

  • Performed tape backups and restores with Symantec Backup Exec 2010
  • Developed and deployed Windows XP/7 images using Acronis True Image to standardize company-wide PCs
  • Installed printers, video conferencing, and networking equipment
  • Configured internet proxy and custom web filters
  • Performed ethernet punch-down and cable drops for office rewiring

Projects

FranklyBrad.com Website

Containerized website

This website was built with Hugo and packaged as a container based on the Alpine Linux image. It's running behind a Traefik 2 container for reverse-proxy and Let's Encrypt certs. The project is hosted at https://github.com/bradleyfrank/hugo-site.

NAS Replacement With ZFS

Home storage and file server

For cost consideration, I wanted to migrate an old NAS to use the existing HDD storage in my home server. I settled on ZFS with mirrored vdevs for redundancy. I added local snapshots, scheduled SMART scans, and offsite backup to add robustness, and Samba sharing for easy file access.

Nextcloud Implementation

File sharing and collaboration

A more secure and privacy friendly option for sharing documents with my family, I control the fullstack. My instance runs in Docker and uses a MariaDB and Redis backend.

Backups using Borg

Backups with built-in encryption

I repurposed the old NAS to be a simple server that can take backups from the new file server. BorgBackup dedupes application and user data before encrypting it on the remote system. From there, it's backed up again to cloud storage (B2).

Plex Media Server

Streaming media service

There's still a lot of movies/tv/music you can't rely on to be commercially streaming, so I converted my physical media to digital using various tools. Also great for watching all of the wedding media and home videos.

Information

Trainings & Classes

  • Red Hat: RHEL 8, Advanced Container CI/CD Pipeline Orchestration, Ansible Automation Technical Workshop
  • DevOps Foundations: Continuous Delivery/Continuous Integration
  • Global Knowledge: AWS Technical Essentials
  • Opsview: Essentials, Administration, Advanced Administration
  • Puppet Labs: Fundamentals, Practitioner
  • Harvard IT Academy: Agile Foundations
  • MITx: Introduction to Computer Science and Programming Using Python (6.00.1x)
  • Harvard Extension School: Fundamentals of Website Design (CSCI-E12), Introduction to Content Management Systems (CSCI-E30), Building Dynamic Websites (CSCI-E75)