Senior Systems Architect, DevOps Automation
October 2015 to Present, Workwave.
DevOps Automation Architecture, Coding & Mentoring
- Hypervisors: AWS, VirtualBox, HyperV, Dev Workstations on Real Hardware.
- Tools: Packer, Chef/Ruby, PowerShell/DSC, Packer, TeamCity, Octopus, Visual Studio, Chocolatey, NuGet, Nexus Repository, ProGet Repository, AWS EC2, VPC.
- Automation of developer workstation environment using advanced Chocolatey NuGet packages so that identical automation could be shared to build CI servers and developer workstations and production end nodes with any of PowerShell, Packer or Chef. Reduction of Dev workstation build from 9 manual hours to 1 and 2 days of waiting for environment to 1 hour.
- Initiated, designed, prototyped and deployed shared NuGet services via self-hosted Nexus Repository server deployed in AWS - including support for secure package transfer via SSL, Chocolatey and CI NuGet packages, secure internet egress for global sharing of proprietary packages. Contribution of packages back to open source community. Enabled automated builds in any AWS VPC, Virtual Box or real hardware anywhere on the planet. Configured TeamCity to push and pull packages from repository. Full proof of concept on ProGet as part of requirements gathering. Proof of concept stood up for Nexus on both Windows and Linux.
- Design prototyping and deployment of secure AWS segregated environments for deploying Continuous Delivery automation services into production environment using AWS security best practices. Leveraged AWS Accounts, VPCs, VPC Peering, Subnets, AWS Security Groups (Extensive), AWS Security Policies, AWS Security Roles, VPN configuration and Network ACLs as appropriate. Use of visualops.io for rapid scenario testing. Implementation of Least Privilege Security Built-in, Monitoring Built-In, Backup, Self-Service, Multifactor Authentication (MFA) for IAM and VPN.
- Maintained and refactored Packer build configuration to streamline around packaging, allow selection of builds from on packer config file, better credential security and ensure proper operation via scripted kick-off or under TeamCity pipeline. Created least-privilege role for TeamCity to accomplish Packer builds with least-privileges which are assigned to an instance role (no credentials storage).
- Maintenance of TeamCity infrastructure automation builds including AWS orchestration from TeamCity.
- Updated monitoring scripts for Windows (abandoned by Amazon). Enhanced to submit metrics for all existing disks (rather than having know what disks are present) and created a Chocolatey NuGet package to automatically deploy and schedule disk metrics collection. One command line and the machine starts submitting disk utilitzation metrics.
- To foster a knowledge sharing community among Devs, Ops and Engineering:
- Conducted Lunch and Learns sessions,
- Initiated use of yammer and actively posted to information groups,
- Initial setup of team intranet website including recordings of Lunch and Learn sessions and how to section.
- Initiated creation of reusable, re-settable VM test templates for devs and operations along with getting started instructions on team site and along side VM images. Images created for Windows 8.1, 10, Server 2012 R2, Server 2016 TP5 w/ Containers, Nano Server TP5 w/ Containers, CentOS Linux 7 w/ Docker Containers.
- Troubleshooting of production systems for performance, advisement on application design and auditing of security best practices.
- Full participation in all aspects of Agile management of our team's work, including sprint planning, sprint demos, sprint retrospectives, sprint tracking (in Rally Dev).
- Experimentation and learning on Windows Containers, Nano Server, Server 2016 and Docker Containers on Linux.
- All work done as a member of a distributed team.
- Achieved AWS Certified Solutions Architect Associate.
Training Developer and Instructor
September 2015 to Present, PluralSight.
Chocolatey NuGet Essentials for Automation Pros
- Decide and outline content coverage - including instruction design principles.
- Create slides and demos and recorded and edited training videos.
- Researched technology domain for NuGet and Chocolatey.
- Creation of assessment questions.
- Course Link: https://www.pluralsight.com/courses/chocolatey-nuget-automation-pros
Advisory Board, Lean Startup Product Development and DevOps Architecture
October 2015 to Present, Qompat.
On an as needed basis, I provide brainstorming and perspectives to Qompat's Executive team in several focus areas:
- Application of Lean Startup (Agile for building businesses) principles to new products and market possibilities.
- Cloud computing, design, product and vendor selection.
- DevOps models and implementation.
- Windows software deployment automation - historical market behavior and futures.
PowerShell DevOps Infrastructure Automation Engineer (Contract)
July 2015 to October 2015, AssetMark.
DevOps Automation Architecture and Coding
- Design and code DevOps infrastructure automation framework for SaaS solution server builds on Server 2008 R2 and 2012 R2 using desired state coding principles and approaches.
- Structured PowerShell Code: structured function libraries as includes and PS modules which follow PowerShell best practices for discoverability, self-documentation and advanced capabilities like pipelining.
- Architecture organizes installation artifacts into “Configuration Components” which are group into “Server Roles" that can be targeted at specific servers.
- Self-describing, self-specifying artifacts allow technicians to build installable components with no PowerShell coding.
- Remoting from TFS build server to automate end node builds.
- Lightweight framework code is easily extensible to accommodate new types of installation artifacts as new requirements are discovered.
- Artifacts can be specified in JSON which facilitates handover of configuration data from database systems.
- Automation framework includes comprehensive logging, error handling, remoting and best practices for discoverable functionality for developers who have to update or enhance it in the future.
DevOps Infrastructure Automation Engineer
Dec 2013 to Oct 2015, Qompat.
DevOps Automation Architecture and Coding
- DevOps automation architecture supporting tiers, layers, artifacts and environments for single and multi-machine builds.
- Lightweight, serverless solution using Chocolatey Nuget, BoxStarter, PowerShell DSC and git.
- Full application stack install automation and configuration including PowerShell 5, SQL server, IIS setup and custom .NET software installation runs securely from web on machine to support distributed Dev / Test team.
- Broad platform support to work on Server 2012 R2 and Server 2008 R2 running on VirtualBox, VMWare, Hyper-V, Skytap and Azure.
- Design diagram in visuals section: http://www.darwinsanoy.com/visuals.html
- Creation of community packages for Chocolatey NuGet including SQL Express, SQL Management Studio, PowerShell 5, Nektra Spy Studio, Rohitab API Monitor and others that are visible on my on chocolatey profile: https://chocolatey.org/profiles/Darwin_CSIWindowscom.
PowerShell Automation Engineer / Application Escalation Engineer & PowerShell Advocate
Oct 2012 to May 2015, Air Products and Chemicals.
Lead Automation Engineer: PowerShell Automation Framework / Function Library
- 5500 line PowerShell automation framework coded to run on 5 versions of Windows, running 2 versions of PowerShell, under 32-bit or 64-bit PowerShell, on 16,000 machines in 17 OS MUI languages.
- Replaced 2000 line legacy VBScript automation framework with significant enhancements.
- PowerShell comment based help for self-documentation and "dev mode" for discoverability by other automation engineers.
- More details and walkthrough video in portfolio: http://darwinsanoy.com/portfolio.html#Portfolio_PSHTemplate
- Architected approach to Office 2013 "Click To Run" deployment that respected ITIL disciplines, was fully compatible with SCCM content replication facilities and SCCM deployment & allowed for rapid rollback.
- Managed PowerShell deployment automation code to accommodate complex project requirements and fixes.
- Rigorous testing for very high level of quality when updating automation code actively being used by 14,000 machines.
- More details in portfolio: http://www.darwinsanoy.com/portfolio.html#Portfolio_Office2013.
- Used "Lean Engineering" principles to maximize flexibility for deployment via any mechanism (SCCM, GPO, Local Schedulers), minimize coding required to add "locations to encrypt" and simple data point collection via SCCM inventory for compliance reporting.
- Designed new solution to run in tandem with old one to allow easy piloting and minimize complexity for production deployment.
- Used scrum and sprints to gain agile SDLC benefits for project.
- Single package design specification on "Visuals" resume page: http://www.darwinsanoy.com/visuals.html
- Migrated over 50 deployment automation VBScripts to PowerShell deployment automation framework and served as level 3 advisor for other automation engineers doing the same.
- Improved company-wide PowerShell awareness, competency and adoption through monthly code share meetup, monthly coding clinic meetup, internal blogging on Yammer, curating shared resources, template publishing and by being an easily engaged one-on-one mentor.
- More details, including kick off meeting video, in portfolio: http://darwinsanoy.com/portfolio.html#Portfolio_Advocacy
- Details also in Windows IT Pro article: http://windowsitpro.com/powershell-scripting/be-powershell-champion
- Created and posted to Yammer group titled "DevOps: End to End Agility". Posted many free resources for technical staff and managers.
- Fostered cross team collaborative relationships with 7 other IT and business aligned teams.
- Implemented and administered scrum "lite" for 3 projects. I was the scrum master and entire development team, but applied sprints to managing stakeholder requirements and meetings.
- Created template collection set for even distribution of packages across all regions in 5%, 10%, 20% or 33% groupings which avoiding flooding network segments for large packages going to all machines - 4000 machines (25% of total) which needed to reach across a wide area network to access a distribution point.
- Analysis of benefits and limitations of SCCM 2012 "Application Objects" versus "Package Objects".
- Created automation to clean up old App-V packages.
- Created and deployed many packages to 18,000 SCCM end points.
- Compared and contrasted SCCM 2012 "Application model" objects with traditional SCCM "Package" objects for management and teammates.
- Packaging, customization, troubleshooting and best practice auditing of Windows Installer .MSI packages using InstallShield AdminStudio and InstEd.
- Use of Application Compatibility Toolkit (ACT) for shimming applications.
- Automation of MSI packages in PowerShell, VBS and .CMD/.BAT
- App-V sequencing and troubleshooting and deployment via SCCM 2007 and 2012.
- Automation of many setup.exe installers via command line switches for customization and silent installation.
- Successfully improved team collaboration and relationship with DEV team via DevOps collaborations.
- Reduced time required to support agile dev team from 30 hours to 7 hours.
- Aligned deployment automation with development team's adoption of "Agile" methodologies.
- Accelerated availability of VMs for DEV-Test cycle, partnered with scrum master to give access to deployment automation code and gain more testing of it in return.
- Repeated 98% success rate on overnight deployment of package to over 2000 customer service machines.
- Tool creation including: [a] recognizing the need, [b] coding and testing the solution, [c] promoting it's use, [d] creating built-in metrics to track used.
- Created utilities for: [a] Office 365 install log analysis, [b] procmon wizard to allow non-technical users to create procmon traces, [c] backend Lync IM account migration, [d] clean removal of Office 2007, [e] local/remote cleanup of temporary files, [f] links that allow globally distributed users to submit logs to a central location, [g] tool to show the list of installed software exactly as the PowerShell deployment automation framework sees it and export identifying information for any given software package, [h] script to open software center (for sending in user communications).
- Use of advanced tools for troubleshooting packaging and production problems, including: Procexp (Process Explorer) Procmon (Process Monitor), Rohitab API Monitor and Nektra Spy Studio.
- Leveraged in-depth understanding of windows registry, file system structures, WMI, WOW64 (64-bit Windows) and Windows process internals for deployment automation and troubleshoot production application problems.
- Leveraged knowledge of AD/GPO, DNS, networking, to troubleshoot packaging and application problems.
- Rigorous focus on evidence-based fact finding and log analysis led to discovering three independent paths by which a regular user could reboot production Citrix servers.
- Specific identification of the path by which a user could have unintentionally performed the server reboot.
- Follow up and immediate patch generation for SCCM failures that could be handled in automation code.
- More details in portfolio: http://www.darwinsanoy.com/portfolio.html#RootCause_ServerReboot.
- Improved work throughput implementing next level of Getting Things Done (GTD) using My Life Organized and toggl.com time tracking.
- Applied principles and tools of Agile, Lean and DevOps for my projects and work.
- Used highly visual slide deck to help IT managers understand how technical issues posed a risk to IT agility when considering virtualization of large / complex / plug-in rich applications. Leveraged visual single page designs and architectures to Examples in visuals section: http://www.darwinsanoy.com/visuals.html
Principle Consultant, Subject Matter Expert, Trainer
2001 to Present, CSI-Windows.com, DesktopEngineer.com.
- SME Speaking Engagements on Windows Automation and DevOps Topics
Future and Recent Engagements:
Modern Infrastructure Summit
- [2015-May] DevOps for Established Infrastructure: Help or Hype?
- [2015-July] Windows Packager Forecast: A DevOps Wind is Blowing
IT / DEV Connections (Windows IT Pro / Penton)
- [2015-Sept] Windows Packager Forecast: A DevOps Wind is Blowing
- [2015-Sept] Championing PowerShell: Creating Experts at Your Company
-  Office 365 Pro Plus (Desktop Apps) Click to Run Enterprise Deployment Blueprints PortFolio: http://elearning.csi-windows.com/course/Office365ProplusClickToRunEntepriseBlueprints
European AppMangEvent (formerly "Packaging Event") (4 years and running)
-  Office 365 Pro Plus Deployment In the Enterprise, Portfolio: http://elearning.csi-windows.com/courses/AppManagEvent2014
-  Templating PowerShell for the Enterprise Desktop, Portfolio: http://elearning.csi-windows.com/courses/AppManagEvent2014
Full History: http://www.darwinsanoy.com/work.html#ConferenceSpeaking
- Authored eBook - Deploying and Supporting Applications on 64-bit Windows - See Amazon listing: http://www.amazon.com/Deploying-Supporting-Applications-64-bit-Windows-ebook/dp/B0098P9Z22
- Taught hundreds of students very technical classes. Class listing here: http://csi-windows.com/courses
- Instructional Design - built and revised course materials to conform to best practice for student learning.
- Entrepreneurship / Product Management - responding to the need for IT Pros to fortify their debugging and analysis skills, I built the CSI-Windows.com site, brand and courses.
- Application Packaging & Virtualization – Windows 7 / Windows Installer 5, InstallShield AdminStudio, Wise Package Studio, Orca, App-V Sequencer.
- Windows 7 Application Testing – VMware, Process Monitor, Process Explorer, AppVerifier, AppCompat, autoruns, DllRegView.
- Windows 7 Application Compatibility & Internals – Passed ACT/AppCompat ACF Exam, Completed ACT/AppCompat Partner Training, UAC, IEPM, UAC Virtualization, MSI 5, Integrity Levels.
- Cloud & Virtualization Technologies – VMWare Workstation, VMWare Server, App-V, Linux Server Virtualization, Linux in Rackspace Cloud, Azure Cloud and Skytap Cloud.
- Developed Many Advanced Scripts in .CMD/.BAT, VBScript (.VBS) and PowerShell (.PS1) – Expert in Windows Shell (.BAT/.CMD), VBScript and PowerShell including use of WMI, registry, permissions, file processing as well as creating templates and function libraries. Some examples are here: http://csi-windows.com/toolkit
- Operating Systems & Internals – Windows 7, Windows Vista, Windows XP, Windows Internals with a focus on application operations.
Practice Leader and Principle Consultant
1995 to 2001, CoreTech Consulting Group, Integrated Systems Consulting Group.
- Desktop Management Practice Leader - performed technical leadership, consultant career development, offerings formulation, vendor relationships, blogging and conference speaking.
- Sales Support - comprehensive sales support activities including proposals, presentations, statements of work, bidder's meetings, one-on-one sales calls, and formal large sales presentations.
- Career Mentoring – helped consultants in yearly career goals and guidance.
- SMS Architecture – creation of SMS architecture for global pharmaceutical. Technical requirements gathering, planning, engineering and documentation of architecture to be used by regional business divisions to ensure desktop management deployment was compliant and compatible globally.
- Lead Desktop Engineer - company wide deployment of Windows Desktop and server infrastructure. Proposed novel server acquisition strategy to facilitate desktop build servers. Provided technical leadership, oversight and primary engineering to the effort. Managed follow up development projects for utilities to support backend server migrations.
- Application Testing and Compatibility Lead – Led effort for large division of a manufacturing company to ensure all applications ran on new OS. Applied soft skills to keep application owners and developers engaged and moving forward. Finish in time for deployment and before any other company divisions.
Consulting Client History
- Air Products and Chemicals (> 16,000 Managed Nodes) - automation engineering team.
- Vanguard Group (3 onsite deliveries in PA) - Training on getting packaging processes ready for Windows 7.
- Morgan, Lewis & Bockius LLP - Trained global deskside support team of over 40 members via online delivery of troubleshooting course.
- Roche (2 onsite deliveries - Switzerland and IL) - Windows application packaging and automation and VBScript.
- Genentec (onsite San Francisco) - Windows application packaging and deployment automation onsite training.
- State Farm (> 100,000 Managed Nodes) - Windows application packaging and deployment automation onsite training.
- Chevron (> 100,000 Managed Nodes) - onsite delivery and online to Kazakhstan.
- Wyeth (now Pfizer) (> 100,000 Managed Nodes) - enterprise packaging technical architecture workshops.
- Microsoft - rewrite of SCCM custom internal remote client installer.
- GSK (> 50,000 Managed Nodes) - Packaging and deployment automation strategy workshops.
- GSK - SCCM Architecture.
- Heller Financial (> 10,000 Managed Nodes) - Desktop Lead for Global Deployment.
Education and Certification
Bachelors of Science Management Information Systems, Ambassador University, Texas.
Bachelors of Arts Liberal Studies, Ambassador University, Texas.
Current: Certified AWS Solutions Architect, MCSA
Past: MCSE, MCT
Bachelors of Arts Liberal Studies, Ambassador University, Texas.
Current: Certified AWS Solutions Architect, MCSA
Past: MCSE, MCT