summary

Herbert Pfennig

E: dasein555@gmail.com L: Redwood City, CA

I am an Internet handyman with over 20 years of experience spanning both enterprise and startup environments. I thrive on collaborating with colleagues to deliver reliable infrastructure through code commit and automation, finding fulfillment in mentoring others while developing effective solutions together.

skillset

OS: Linux, OSX, FreeBSD, ESXi

IaaS: AWS, GCP, Azure (more proficient), Alibaba (stay away)

Platforms: Docker, Kubernetes, Virtualbox, VMWare

Languages: Python, Shell scripting, with some Go, C, C++ etc.

Networking: HTTP, SMTP, DNS, DHCP, GPXE, TCP/IP, UDP

Tools: Git, Gerrit, Github Enterprise, Gitlab Enterprise, Jenkins, GNUmake, BSDMake, Ansible, Terraform, Packer, Wavefront, Grafana, Prometheus, Datadog, Splunk Vault (Transit, Secrets, PKI), Terraform

Learning: Go, Crossplane, Backstage

employment

[09/2022 - Current] :: Senior Software Engineer :: Splunk

Current Employment. Acquired by Cisco Inc. in 3/2024

Tools: python, go, aws, gcp, azure, docker, kubernetes, terraform, terragrunt, opa, gitlab pipelines

• Responsible for deployment and expansion of Splunk Cloud Platform across AWS, GCP and Azure platforms for dev stage and prod environments.
• Led multi-cloud expansion and integration efforts for deploying Splunk Cloud Platform CSP resources into Azure and GCP provider platforms.
• Developed reusable Terraform modules to converge on consistent deployment of resources across all CSP's. Used to support 200+ app developers
• Expanded and enhanced enterprise-scale Terraform automation platform used by all application development teams to deploy CSP resources for their services. Write terraform once, deploy to all environments.
• Developed infrastructure governance and automation framework to enable self service deployments for app teams

[06/2018 - 09/2022] :: Staff DevOps Engineer :: VMware

Tools: aws, gcp, azure, alibaba, docker, kubernetes (eks), terraform, jenkins, git, packer, python, vault

• Migrated all internal build systems from traditional static node build systems to docker based build environments
• Deployed and managed build and test infrastructure for multiple cloud providers using Terraform
• Built out scalable and resource defined build systems using Gitlab runners and AWS EKS
• Wrote various tools for improving developer workflow including git auto-merge functionality, jira automation to track code commit activity and slack integrations for CI/CD notifications
• Reduced AWS costs by 70% by implementing strict tagging policies and enforcing resource quotas using AWS lambda functionality
• Secured IAM user management by migrating to Workspace One IdP (e.g SAML) and enforcing all IAM access through STS (e.g. instance profiles and assume roles)
• Deployed Vault services (e.g. Transit, Secrets and PKI engines) to implement Secure Release Pipelines (SRP) for things like artifact signing and secure boot infrastructure

[07/2014 - 05/2018] :: Release and Tools Engineer :: Bracket Computing

Acquired by VMware Inc. in 4/2018

Tools: aws, gcp, docker, kubernetes, minikube, jenkins, git, gerrit, packer, freebsd, alpine linux, go

• Migrated local development and hosted build infrastructure to use a Docker based build pipeline
• Developed and rolled out the continuous delivery pipeline for hosted infrastructure running in AWS on Kubernetes
• Implemented a Git precommit workflow with Gerrit and Jenkins for all internal repos to ensure code review, code compliance and testing
• Deployed build and stage architecture in both GCP and AWS for our hosted product and build/test environments

[02/2012 - 07/2014] :: Principal Release Engineer :: Silvertail Systems Inc.

Acquired by EMC Inc. in 10/2012

Tools: unittest2, jenkins, buildbot, git, github enterprise, rpmbuild, make, gpxe, vsphere, redis, c++, gcc

• Owned the build, test and rpm-based release pipeline for product written in C++ and Python
• Automated developer workflow using GitHub API (auto merge, backport fixes, code linting)
• Developed and deployed consistent build, dev and test environments on ESXi infrastructure
• Built CentOS rpm packages and internal install infrastructure for third-party dependencies
• Trained the organization on git process and best practices

[07/2010 - 02/2012] :: Senior Performance Test Engineer :: Limelight Networks Inc.

Tools: nosetests, tornado, webpolygraph, squid, varnish, apache traffic server, nginx, mongodb, java

• Automated performance testing against forward proxy infrastructure
• Created Limelight Test Framework (LTF) used by QA automation for end-to-end testing
• Built out and managed 30+ node QA lab with one-click unattended install of production\test Ubuntu, CentOS and FreeBSD platforms

[05/2004 - 07/2010] :: Network Engineer :: Ironport Systems Inc.

Acquired by Cisco Systems Inc. in 2/2007 and promoted from Performance Test Engineer

Tools: nosetests, cisco catalyst 4948, web polygraph, django, mysqld, postgres, ldap, cvs

• Owned performance testing for MTA written in stackless Python
• Designed and built performance lab test environment
• Hunted down root cause failures for major production systems

[06/1998 - 04/2004] :: Senior Test Engineer :: Product Quality Partners Inc.

Promoted from Test Engineer in 11/2000

Tools: CAIT, CDMA, Jmeter, qmail, djbdns, freeswan, and many more ...

• Lead test engineer on many high profile client\server projects.
• System and Network Administrator for both lab and corporate infrastructure

[06/1994 - 05/1998] :: Instructional Support Assistant :: Cal State Hayward

Tools: Iron Skin

• Coordinated live productions and conferences held at the University Theater

edu

CSU, Hayward (1990 - 1994) :: B.S. Industrial Psychology

random

Fluent in German and Spanish. Conversant in Swiss German

Builder, Homebrewer, Bike Commuter, Climber and Dad