open*i GmbH

The existing Microsoft-based monitoring was replaced by an open source solution under the company's own responsibility. In the process, a highly available and distributed monitoring system was set up across several security zones. The configuration data (monitoring targets) are imported, processed and imported from the customer's CMDB via an automation system set up in-house. Via special rights configurations, role models and responsibilities, all monitoring users receive their own views and notifications from the monitoring.

The monitoring data is stored in a highly available and distributed database that was built by our team especially for this project. Performance data is stored in a cluster of TimeSeries DBs. A reporting interface including data preparation was also implemented for the customer.

After setting up the new monitoring platform, a professional operation was established for it, including support within the framework of SLAs.

Approximately 5,000 servers with around 80,000 services (checks) are monitored. The rollout and configuration of our monitoring components is done via automation.

A logistics service company/railway transport company needed advice and technical support for the implementation of an automation for system management. The project included the development of a concept incl. consulting, the technical implementation and the final training as well as aftercare.
Among others, Ansible AWX, Spacewalk incl. Kickstart and GitLab were used.

Client is a large well-known bank in Germany

Providing and advising on the set-up, organisation of/and operation of a large OpenShift environment for a migration project.

Involving several internationally dispersed parties/teams within the Bank.

Our role included technical oversight of a large OpenShift environment, including supporting the onboarding of the various application teams onto the platform.

The tasks included, among others:

• Viewing the existing architecture
• Making recommendations for optimisation, performance, scalability, connection, storage, etc.
• Solution design for sub-aspects (e.g. connection to storage)
• Supervision of >30 application teams for onboarding to the OpenShift platform and operation, incl. requirements engineering
• Organisation/optimisation of operations carried out by an outgesources team in Asia
• Building new dashboards for Management View regarding performance and utilisation of the OpenShift environment.
• Capacity management
• Liaison point between team leadership, management and engineering from Asia, UK and USA.
• Coordination of international service providers
• Project language is English

Project management, architect and engineer

Migration and network projects (e.g. RADIUS, KVM, DRBD, ADS, monitoring (Nagios-based))

As part of an agile team, open*i supports the customer in modernising and automating the backends for so-called ticket vending machines.

The focus is on automating processes, among other things on the basis of linked data on the automats.

Among others, Ansible Tower, OpenShift and AWS were used.

Evaluation, implementation and training Provisioning and staging via Suse Manager.

Design, build and operate a hybrid cloud based on Kubernetes.

The customer is a well-known logistics company that needs several Kubernetes clouds to operate its IAM solution.

In addition to several Kubernetes clusters running in the customer's various data centres, a Kubernetes cluster was also set up at Azure. Central management of all Kubernetes clusters via an interface with a web interface (Rancher).

Activities:

• Architecture/Design
• Consulting
• PoC
• Implementation of multiple on-premise Kubernetes clusters
• Implementation of software-defined storage for Kubernetes clusters
• Implementation of at least one Kubernetes cluster in the cloud
• Implementation central management of all Kuberntes clusters for hybrid cloud
• Design and implementation of continuous delivery of applications
• Setting up and running professional operations
• Deployment and operation of the IAM application
• Design, implementation and operation of an eco-system (logging, monitoring, much more)

Build and operate multiple Kubernetes container platforms for a critical publicly available application of a federal ministry, according to C5 and ISO27001.

Together with an application development partner, we are creating a cloud service for a federal ministry. The cloud service consists of a highly available private cloud and a newly developed application that is publicly accessible for citizens in Germany.

The open*i is responsible for:

• Conceptual design, set-up and operation of a private cloud (based on containers) stretched over 4 data centres
• Conceptual design, development and operation of value-added managed services, such as logging, monitoring, CI/CD, mailing, AV scanning, authentication services, web services, PostgreSQL, Vault and many more.
• Security for the overall platform
• Protection against DDoS attacks, bots and other attacks

The entire private cloud is highly available and meets high SLAs.

Project management for the construction of a redundant data centre

Design and implementation of a highly available network structure, monitoring. Various infrastructural implementations.

The customer planned to replace its NetApp storage with a software-defined storage solution. As part of a PoC, open*i set up a highly available Ceph cluster and a virtualisation platform based on RHEV (Red Hat Enterprise Virtualization). The capabilities and robustness of Ceph were tested in various test scenarios, including connection to virtualisation and testing of backup scenarios.

Consulting in the areas of automation and system management. Suse Manager and SaltStack, among others, were used. Integrated consulting and implementation of sub-aspects. Further consulting afterwards on the possibilities of the newly implemented technologies.

Activities:

• Expansion, support and partial architecture of a server farm (500+ servers)
• Architecture, introduction and operation of automation, configuration management, patch management and OS installation (Python, SaltStack, Puppet, FAI, Cobbler)
• Introduction and operation of a package repository
• Architecture, introduction and operation of software-defined storage (DRBD, GlusterFS, LizardFS, evaluation of Ceph)
• Architecture, construction and operation of highly available cluster systems and load balancers
• Architecture, construction and operation of an own LDAP-supported access control platform for SSH login management
• System administration (Linux, HAProxy, Apache, Nginx, MySQl, Postgres, OpenLDAP, etc.), monitoring
• Operation incl. 24/7 on-call service
• Administration of Atlassian tools (Crowd, Fisheye,
• BitBucket,Confluence, JIRA, Bamboo)
• Documentation, guidance, deputy team leader
• Planning and co-implementation of an RZ move

Embedded in a larger agile team, open*i has been jointly responsible for the development and go-live of several Docker Clouds. Numerous applications of the end customer from finance, banking and insurance are now running on the container platforms operated by us, including strict SLAs. We continuously advise the customer on the optimal use of the platform and migration of their application to Docker.

Areas of responsibility: Setup, architecture and go-live of approx. 50 Docker Clouds; setup of monitoring for Docker hosts and containers;
Building/maintaining eco-system components (approx. 35 additional technologies); operating the platforms for the client; agile working (Scrum/Kanban); advising on technologies and architectures for the user teams; building professional platform operations; building/expanding automation for platform management.

IT monitoring (systems, applications, network and co)

• Advice on technology selection
• Implementation
• Operation
• Workflows: Development and implementation
• Trainings, trainings

Migration of inventory monitoring to a modern solution based on Icinga2

Introduction of templates for hosts and services so that customer staff can easily add new systems to the monitoring process

Advice on related topics, including Icingaweb2 Director and automatic configuration monitoring.

Better storage and visualisation of performance data