Éder Gillian
Verified Expert in Engineering
System Administrator and Software Developer
Brasília, Brazil
Toptal member since May 22, 2022
Éder has 14 years of experience as a system administrator, transitioning into DevOps for the last four years. As a DevOps advocate, he's incited cultural change, bridging the gap between development and operations teams. Éder's built abstraction platforms that assist developers and data scientists in their jobs, led IT support, infrastructure, and security teams, managed critical acquisition projects, and served as chief data officer and senior infrastructure and security manager in past roles.
Portfolio
Experience
Availability
Preferred Environment
Puppet, Terraform, Rancher, Kubernetes, GitLab CI/CD
The most amazing...
...team I've led built a company's entire IT infrastructure from the ground up, implementing DevOps culture and practices along the way.
Work Experience
Senior DevOps Engineer
EEG
- Developed and maintained Terraform and Terragrunt modules for cloud infrastructure.
- Reviewed and improved onboarding documentation and proposed better tooling around the process.
- Monitored and acted upon incidents of various services and platforms.
- Performed significant database migration from on-premises to cloud, configuring streaming replication to fulfill compliance requirements.
- Upgraded the main database from deprecated to supported and up-to-date version, achieving better performance and replacing abandoned extensions in favor of newer and maintained ones.
Chief Data Officer
Ministério da Agricultura - MAPA
- Implemented and orchestrated a data pipeline for the open data program in the organization using Apache Airflow.
- Created a staging area to give data analysts and scientists a place to explore data and allow all in the organization to access data to create dashboards and reports using self-service BI.
- Defined and implemented a new architecture for the containerized applications of the organization, using Rancher to provision on-premises clusters (RKE) and manage cloud clusters (GKE).
Senior Infrastructure and Security Manager
Ministério das Comunicações
- Led IT support, infrastructure, and security teams.
- Managed critical acquisition projects for infrastructure resources.
- Implemented a private cloud based on containers (Rancher and Kubernetes).
- Implemented infrastructure automation projects, such as automated provisioning (Foreman), configuration management (Puppet), secret management (HashiCorp Vault), and Infrastructure as Code (Terraform).
- Enabled the development team, promoted DevOps culture, and implemented DevOps tools in CI/CD pipelines.
- Supported architecture design for private and public cloud adoption and containerization of legacy applications.
- Complete migration of e-mail from an on-premises server to cloud.
- Guided the defining of policies and norms related to IT and information security.
System Administrator
Instituto de Pesquisa Econômica Aplicada - IPEA
- Implemented private cloud based on containers (Rancher and Kubernetes).
- Automated configuration management (Puppet) and virtual infrastructure provisioning (Foreman).
- Designed and built data pipelines for ETL purposes over big data, using distributed storage and processing technologies (Apache Spark, Apache Kafka, and MinIO).
- Implemented advanced monitoring and log centralizing tools (Elastic Stack).
- Monitored and maintained infrastructure and services (Nagios, Cacti, and Zabbix).
- Implemented a POC for infrastructure self-service platform using a private cloud based on VMs (vOneCloud - OpenNebula).
- Completed server and network administration, including virtualization (VMWare/vSphere).
Junior IT Analyst
Banco do Brasil
- Maintained web applications on platforms hosted on IBM mainframe infrastructure.
- Provided support and maintenance for IBM z/OS operating system (IBM mainframes).
- Took charge of the manual deployment of web applications hosted on WebSphere Application Server (WAS) through staging and production environments.
Experience
Infrastructure as Code for Oracle OCI
There was a specific need for an Oracle database, and getting on-premises licenses was not a viable option. It was decided that Oracle Cloud Infrastructure was the way to go.
From the get-go, as the senior infrastructure manager, I encouraged the developers involved to go for as much automation as possible, so I wrote a proof-of-concept for an IaC pipeline using Terraform that would provision all the resources from the ground up, including some basic tests along the way.
The result was a pipeline that provisions the entire infrastructure, including development, staging, training, and production environments. The code is versioned on GitLab, and every environment has its own long-lived branch. Every push to a branch starts a pipeline that initializes Terraform, validates the code, and saves a plan for the run. After the plan is approved, the changes are deployed to the environment represented by that branch with the click of a button. This pipeline was built using GitLab CI/CD. The Terraform state is saved using Gitlab-Terraform integration.
GiLlab CI/CD Pipeline Integrated with HashiCorp Vault as External Secret Management
HashiCorp Vault was configured with a JWT authentication back end, using GitLab as JWKS endpoint. Secret information would be read from Vault server by GitLab Runner deployment jobs that would authenticate and have access to specific secret back ends according to the policies set.
Two ways of reading the sensitive information were implemented: Setting environment variables and templating. The last one required a CLI tool to read from Vault and inject the values in the template file (consul-template).
Automated VM Template Generation
https://github.com/edergillian/packer-templatesThe templates were built using HashiCorp Packer, and the code for it was stored in a GitLab repository. The operating system of choice was Ubuntu Linux, contemplating the current LTS version and the one before that (e.g., 20.04 and 18.04). A GitLab CI pipeline was built to automate the whole process, scheduled to run once a week. With this, all templates were reasonably up-to-date with the latest kernel and security updates for each OS version.
Automated Provisioning and Configuration of Virtual Machines
At first, every VM (existing or new) had its own manifest written in Puppet DSL and the agent was installed manually. All code was saved in the Puppet server and had no version control.
I upgraded the whole solution: Foreman was used to do end-to-end VM provisioning and monitor Puppet execution in the managed hosts. It was integrated with vCenter for the VM provisioning and other services (DNS and DHCP) to get the network automatically configured. Puppet agent was automatically installed during the provisioning process and took care of the configuration of the whole system based on roles and profiles modules defined in Foreman and Puppet. The entire code was versioned on GitLab and went to production automatically using webhooks. This new way of managing infrastructure and the implementation of a CI/CD pipeline using Jenkins reduced VM provisioning from weeks to minutes, allowing applications to be delivered to production in a much faster and more secure manner.
Flask App for OpenVPN Automated Client Generation
https://github.com/edergillian/auto-cert-genEducation
Bachelor's Degree in Electrical Engineering
Universidade de Brasília - Brasília, Brazil
Certifications
AWS Solutions Architect Associate
Amazon Web Services
Introduction to Kubernetes
The Linux Foundation
Introduction to DevOps: Transforming and Improving Operations
The Linux Foundation
Introduction to Cloud Infrastructure Technologies
The Linux Foundation
Puppet Practitioner
PuppetLabs
GTD Level 2
Call Daniel
GTD Level 1
Call Daniel
Puppet Fundamentals
Puppetlabs
Skills
Libraries/APIs
PySpark, Terragrunt
Tools
Puppet, GitLab CI/CD, VMware vSphere, Nagios, pfSense, Shell, Apache, Terraform, GitLab, Microsoft Exchange, Packer, Elastic, Zabbix, Cacti, Apache Airflow, OpenVPN, HashiCorp, ELK (Elastic Stack), NGINX, Git, Jenkins, Microsoft Teams, GitHub, VPN, Apache Tomcat, Amazon Virtual Private Cloud (VPC), Vault, Google Kubernetes Engine (GKE), Zsh, Helm, Ansible, AWS IAM, AWS ELB, AWS CLI, Amazon Elastic Block Store (EBS), Amazon EKS, Amazon Elastic Container Registry (ECR), AWS Vault, Amazon Elastic Container Service (ECS), Keycloak, Amazon Key Management, Amazon Simple Queue Service (SQS), AWS CloudTrail, Amazon CloudWatch, Amazon ElastiCache, AWS Fargate, AWS Step Functions, AWS Glue, AWS Key Management Service (KMS), Amazon Simple Notification Service (SNS)
Paradigms
Continuous Integration (CI), Continuous Deployment, Management, DevOps, Kanban, Agile, Scrum
Platforms
Rancher, Apache2, Linux, Ubuntu Linux, Ubuntu, Ubuntu 16.04, Kubernetes, Jupyter Notebook, Docker, Amazon Web Services (AWS), Amazon EC2, Visual Studio Code (VS Code), Oracle Cloud Infrastructure (OCI), OpenNebula, Apache Kafka, CKAN, Oracle, WebSphere, IBM z/OS, Google Cloud Platform (GCP), Alpine Linux, WordPress, AWS Security Token Service (STS), AWS NLB, Amazon Linux AMI, AWS ALB, AWS Elastic Beanstalk, AWS Lambda
Languages
Python 3, Bash Script, Bash, SQL, Python, C, Java
Storage
PostgreSQL, OwnCloud, MySQL, Azure Active Directory, IBM Mainframe, MongoDB, Amazon S3 (AWS S3), Amazon EFS, Amazon DynamoDB, AWS Elastic File System, AWS Snowball
Frameworks
Flask
Other
Networking, TCP/IP, Foreman, VMware vCenter, CI/CD Pipelines, Ubuntu Server, System Administration, OSI Model, Web Security, DNS Servers, DHCP, Productivity, Time Management, MinIO, ModSecurity, Network Engineering, Shell Scripting, Infrastructure as Code (IaC), Containerization, Teams, Security, Argo CD, Containers, GitOps, Programming, Information Theory, Lean, Minikube, Site Reliability Engineering (SRE), Serverless, Amazon RDS, Argo Rollouts, GitHub Actions, AWS Secrets Manager, Amazon Glacier, Amazon Machine Images (AMI), Amazon Route 53, AWS Transit Gateway, Amazon Kinesis, AWS SSH Keys
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring