This commit is contained in:
Mateusz Suski
@@ -1,92 +1,50 @@
|
||||
# Portfolio
|
||||
|
||||
This repository demonstrates real-world Linux infrastructure and operations experience through sanitized scripts, runbooks, and project structure. It focuses on production operations, incident response, troubleshooting, automation, and enterprise infrastructure patterns.
|
||||
This repository contains sanitized infrastructure automation examples based on Linux operations and enterprise infrastructure workflows. The focus is on precheck, dry-run, controlled execution, postcheck, troubleshooting, and clear operational reporting.
|
||||
|
||||
## Repository Diagram
|
||||
It is a technical portfolio, not a production toolkit. The examples are meant to show how I structure operational work: understand the current state, make changes only with explicit controls, verify the result, and leave readable evidence for review.
|
||||
|
||||
```mermaid
|
||||
flowchart TD
|
||||
A["portfolio"] --> B["infra-run"]
|
||||
A --> C["platform-projects"]
|
||||
A --> D["labs"]
|
||||
B --> B1["ansible"]
|
||||
B --> B2["docs"]
|
||||
B --> B3["runbooks"]
|
||||
B --> B4["scripts"]
|
||||
B1 --> B11["hardening roles"]
|
||||
B4 --> B41["bash"]
|
||||
B4 --> B42["python"]
|
||||
C --> C1["storage"]
|
||||
C --> C2["clustering"]
|
||||
C --> C3["monitoring-zabbix"]
|
||||
C --> C4["virtualization"]
|
||||
C --> C5["elk-log-analysis"]
|
||||
D --> D1["docker"]
|
||||
D --> D2["kubernetes"]
|
||||
D --> D3["terraform"]
|
||||
D --> D4["networking"]
|
||||
D --> D5["ci-cd"]
|
||||
## What Is Usable Now
|
||||
|
||||
- [infra-run](./infra-run/) - the main project in this repository.
|
||||
- [Linux healthcheck scripts](./infra-run/scripts/bash/os-healthcheck/) - host, disk, service, network, and report helpers.
|
||||
- [Disk full workflow](./infra-run/scripts/bash/disk-full/) - triage scripts for usage, inode pressure, deleted open files, large files, log cleanup review, and postchecks.
|
||||
- [Veritas examples](./infra-run/scripts/bash/veritas/) - dry-run-first VxVM/VCS storage expansion workflow examples.
|
||||
- [GPFS examples](./infra-run/scripts/bash/gpfs/) - dry-run-first IBM Spectrum Scale expansion workflow examples.
|
||||
- [Ansible hardening examples](./infra-run/ansible/) - selected Linux and AIX baseline hardening tasks organized as lab-safe roles.
|
||||
|
||||
## What Is Planned
|
||||
|
||||
The `labs` and `platform-projects` trees are intentionally thin. They are kept as planning areas for future lab notes and case studies, not as completed projects. Current planned topics are tracked in [ROADMAP.md](./ROADMAP.md).
|
||||
|
||||
## What This Repo Is Not
|
||||
|
||||
- It is not a compliance benchmark implementation.
|
||||
- It is not a drop-in change automation framework.
|
||||
- It is not proof that these exact scripts ran in any production environment.
|
||||
- It does not replace change review, peer review, backups, monitoring, or platform-specific runbooks.
|
||||
|
||||
## Validation
|
||||
|
||||
Basic local validation:
|
||||
|
||||
```bash
|
||||
find infra-run/scripts/bash -name '*.sh' -print0 | xargs -0 shellcheck -x -P infra-run/scripts/bash/disk-full -P infra-run/scripts/bash/gpfs -P infra-run/scripts/bash/veritas
|
||||
yamllint .
|
||||
cd infra-run/ansible && ansible-lint playbooks roles
|
||||
```
|
||||
|
||||
## Core Project
|
||||
Some scripts depend on platform tools such as `vxdisk`, `hagrp`, `mmcrnsd`, and `mmlscluster`. Those commands are not expected to exist on a normal workstation, so functional testing against Veritas or GPFS requires a real lab environment.
|
||||
|
||||
### infra-run
|
||||
See [infra-run/TESTED.md](./infra-run/TESTED.md) and [infra-run/KNOWN_LIMITATIONS.md](./infra-run/KNOWN_LIMITATIONS.md) for the current validation status.
|
||||
|
||||
`infra-run` is the core operational project in this repository. It contains Linux operations automation, incident response tooling, Bash-based operational scripts, and runbook-style workflows for pre-checks, controlled changes, troubleshooting, and post-change validation.
|
||||
## Skills Demonstrated
|
||||
|
||||
## Toolkits
|
||||
|
||||
### Linux Operations Toolkit
|
||||
|
||||
[infra-run/scripts/bash/os-healthcheck/](./infra-run/scripts/bash/os-healthcheck/)
|
||||
|
||||
General Linux operations scripts for host health checks, disk usage checks, service validation, system reporting, and first-pass OS-level diagnostics. The toolkit is written for practical operations checks on RHEL, Oracle Linux, and Ubuntu-style systems.
|
||||
|
||||
### Disk Full Incident Toolkit
|
||||
|
||||
[infra-run/scripts/bash/disk-full/](./infra-run/scripts/bash/disk-full/)
|
||||
|
||||
Production-style disk full incident workflow covering filesystem usage, inode pressure, large file discovery, deleted open files, top directory analysis, log cleanup review, and safe cleanup suggestions. The scenario reflects common incidents involving logs, temporary files, deleted files held open by processes, and inode exhaustion.
|
||||
|
||||
### Network Troubleshooting
|
||||
|
||||
[infra-run/scripts/bash/os-healthcheck/](./infra-run/scripts/bash/os-healthcheck/)
|
||||
|
||||
OS-level network diagnostics for interfaces, routes, DNS resolution, gateway reachability, listening sockets, and optional remote connectivity checks. The script is designed for first-pass troubleshooting during Linux operations incidents.
|
||||
|
||||
### Veritas Storage Toolkit
|
||||
|
||||
[infra-run/scripts/bash/veritas/](./infra-run/scripts/bash/veritas/)
|
||||
|
||||
Veritas VxVM and VCS storage expansion workflow covering new LUN detection, VxVM disk initialization, diskgroup extension, volume and filesystem resize, and VCS service group freeze/unfreeze handling. The approach is cluster-safe, dry-run by default, and organized around pre-check, change, and post-check steps.
|
||||
|
||||
### GPFS Storage Toolkit
|
||||
|
||||
[infra-run/scripts/bash/gpfs/](./infra-run/scripts/bash/gpfs/)
|
||||
|
||||
GPFS / IBM Spectrum Scale filesystem expansion workflow covering cluster validation, candidate disk discovery, NSD stanza planning, NSD creation, filesystem expansion, optional rebalance, post-checks, and change reporting.
|
||||
|
||||
### Ansible Hardening Toolkit
|
||||
|
||||
[infra-run/ansible/](./infra-run/ansible/)
|
||||
|
||||
CIS-inspired Ansible automation for repeatable operating system hardening across RHEL 9, Debian 13 / Ubuntu 26.04, and IBM AIX 7 targets. The roles are organized around pre-checks, configurable safeguards, SSH and sudo policy, auditing, logging, services, filesystem controls, platform-specific system settings, handlers, and post-change validation.
|
||||
|
||||
## Repository Structure
|
||||
|
||||
- `infra-run` - core operational automation, scripts, runbooks, and infrastructure operations examples.
|
||||
- `platform-projects` - larger infrastructure topics including storage, clustering, monitoring, virtualization, and log analysis.
|
||||
- `labs` - experimentation and lab work for Kubernetes, Terraform, Docker, networking, and CI/CD.
|
||||
|
||||
## Design Principles
|
||||
|
||||
- Safety first, with dry-run behavior by default.
|
||||
- Pre-check, change, and post-check workflow.
|
||||
- Real-world scenarios, not tutorials.
|
||||
- Minimal but practical tooling.
|
||||
- Configurable automation with sanitized defaults and explicit overrides.
|
||||
|
||||
## Notes
|
||||
|
||||
- Scripts are simplified and sanitized for portfolio use.
|
||||
- Examples are based on real production operations patterns.
|
||||
- Linux operations triage and reporting.
|
||||
- Disk pressure and deleted-file incident analysis.
|
||||
- Dry-run-first Bash automation.
|
||||
- Controlled storage change workflow design.
|
||||
- Veritas VxVM/VCS operational awareness.
|
||||
- GPFS / IBM Spectrum Scale operational awareness.
|
||||
- Ansible role organization for selected hardening controls.
|
||||
- Clear documentation of what was tested and what still needs a real system.
|
||||
|
||||
Reference in New Issue
Block a user