who am i

Guillaume De KOKER

SysOps Linux Engineer / IAC enthusiast

I am an experienced IT enthusiast who is driven by the eager to discover, learn and deploy new and complex technologies. I am able to help diagnostics and fix L3 incident on a wide range of infrastructure component, manage small to large project, and administer, deploy and maintains large scale system. I'm used to work with a DevOps mindset and love working with Git and CI/CD

I'm looking for a SYSOPS Linux position in a company that value the use of DevOps tool and practice. I enjoy working Ansible and Saltstack for on-premise and K8s and Terraform for Cloud-native. I'm looking for a dynamic and motivated team in an innovative company that get things done. My goal is to keep growing my skill-set by working on new technologies and deploy more reliable and automated infrastructure.

  • Name Guillaume De KOKER
  • Date of birth January, 1997
  • Address Elancourt, Yvelines, France
  • Email de.koker.guillaume@free.fr
  • Phone +33 6.17.75.53.27
  • Experience 8.1 Years

professional skills

  • Debian

    95%
  • Redhat

    80%
  • Suse

    45%
Operating system
  • Shell/Bash

    90%
  • Python

    75%
  • Jinja

    95%
Scripting
  • French

    95%
  • English (Toeic: 950)

    85%
Language

experience

SysOps/IAC Specialist – Consultant for InfroPro Digital

Mar 2023 - Current

Independently managed and modernized legacy website infrastructure. Eliminated technical debt through extensive documentation and stabilization efforts. Migrated deployment processes from SaltStack to Ansible, enhancing efficiency and reliability. Developed over a dozen custom Ansible roles to streamline operations. Trained and supported the team in navigating Ansible complexities.

Sysadmin – Webedia

Jan 2019 - Feb 2023

Administration of multiple high-traffic website, CDN and SAS. Lead tech Saltstack and IAC specialist. Deployment of brand-new infrastructure and expansion of existing one. 24/7 on-call intervention on critical component. Low-level troubleshooting and performance tuning. Security audit and threat assessment. Network management (Layer 2) on Juniper equipments.

Junior Sysadmin – Airbus Safran Launchers/Ariane Group

Sept 2016 - Jan 2019

Administration of a multi-datacenter infrastructure with around 2K server, including datacenter management, physical and virtual deployment of server, Os deployment, configuration and administration, and project integration. L2 and L3 system incident resolution in a heterogeneous environment (Suse, Redhat, Solaris/SunOS, Aix, HPUX, Windows Server). Documentation writing, stock management, CMDB management

Internship in IT Security – Silca

Apr 2016 - July 2016

My project was to write a security audit tool for local and ldap account. The tool needed to run on a stronghold, connect to every server to gather account data, and then build an audit about password security, ssh key, escalation risk... I had to work in a heterogeneous environment (Solaris, Aix, RedHat, Windows Server) and make my tool compatible with every OS.

education

Training Courses – Linux Advanced System Admin

Aug 2018

Technical Degree – Computer Science

Sept 2014 - Apr 2016

High School Diploma with honors – Science, Technology and Computer Science

July 2014

I have loved working with

Ansible logo

Ansible

Simple IT automation that ends repetitive tasks and frees up DevOps teams for more strategic work.

SaltStack logo

Saltstack

Infrastructure as code based configuration management software and remote execution engine.

High Performance Computing

HPC is the use of distributed computing facilities for solving problems that need large computing power.

Gitlab logo

Github

GitLab offers integrated continuous integration and deployment, issue tracking, and code review, providing a complete DevOps platform.

testimonials

latest news

Featured picture from Bringing back Radio-france into LMS post

Bringing back Radio-france into LMS

19 May

For those of us who rely on Logitech Media Server (LMS), now known as the Lyrion Music Server, to stream music and radio throughout our homes, a recent change threw a wrench into our routines (if you are french). In April 2024, the partnership between Radio France and TuneIn came to an end, leaving many users without access to their favorite French radio stations.

Let’s fix that !

Read More
Featured picture from ZFS replication from TrueNAS to linux post

ZFS replication from TrueNAS to linux

5 Apr 2023

If you ever tried to setup ZFS replication between 2 TrueNAS instance, you might have been very surprised by how easy it is. But what if you don’t want or don’t need a dedicated TrueNAS instance for your backup ? Maybe you want it to replicate to a Linux machine that does other type of backup for example ? In this post, I’ll show you how I’ve done it in a secure and reliable way, and hopefully make it way easier for you to do the same.

Read More
Featured picture from Making a DIY Wifi gate controller using ESPHome post

Making a DIY Wifi gate controller using ESPHome

26 Mar 2023

A couple of years ago, I made this DIY add-on to my gate controller to manage it through Home Assistant. It’s Wi-Fi enabled, can warn me if it’s stuck, allows me to check its state, and control it reliably through Home Assistant, and didn’t cost much more than 15€.

Because the gate controller was provided with the house, I didn’t want to replace or damage it in any way, so I needed to make something that works in harmony with what I had.

Read More

Using Fail2ban with Nginx and Apache2 behind a proxy

6 Mar 2023

If you have a homelab or a small web server for your tool, you probably know the Fail2ban software. It’s a tool capable of taking input from another software (usually log) to flag the IP doing bad stuff and block them for a defined amount of time (usually using iptables). It’s really not a tool for big production-grade projects, but for small personal stuff, it does the job quite well!

But as long as you have multiple VMs running for different tools or projects, having all of them individually fully exposed to the internet isn’t a good idea. It costs some extra IPv4 allocation (assuming you aren’t IPv6 only), and securing them may require more time and effort. Most people end up with some kind of proxy. It can be a single Nginx/Apache2, a haproxy, or a traefik… it doesn’t really matter. What does matter is that now, all of your requests will come from the IP of that proxy and no longer the one trying to mess with your stuff. Does this make Fail2ban useless? Dropping the ban hammer on your own proxy IP isn’t a good idea, but how can you selectively ban something that comes from a single server?

Read More

map location

contact info

De KOKER Guillaume
Elancourt, Yvelines, France.

send me an email

Your message has been sent. Thank you!

Sorry your message can not be sent.