Gineesh 
- Immutable Infrastructure
- Provisioning
- Application Deployment
- Security Management
- Manage network configurations
- Package Deployment
- Operating System Patching
- Weekly system reboot
- Enforce security guidelines
- Configuration Management
- Disaster recovery
- Adhoc Commands
- Database
- Service license agreements
Immutable Infrastructure
- Configure your re-buildable replicas of server set or application stack.
- Use Ansible for Infrastructure as Code (IaC)
Provisioning
Provision your bare-metal, private cloud and public cloud infrastructure using modules and configure them to use for day 2 operations.
AWS
- Instance Provisioning
- LoadBalancer / TargetGroup Creation
- VPC Creation
Application Deployment
Manage your applications deployments, re-deployments, migration using simple ansible playbooks; and implement DevSecOps methods in your infrastructure operations.
Security Management
- Incident Response
Manage network configurations
- Configure new network devices with same configurations as we need
- Add new rules or changes in configurations (eg: new VLAN, new Virtual Interface)
- Add/Remove rule in firewall
Package Deployment
OpenShift Container Platform
OpenShift Day 2 Cluster upgrade Auto-scaling of worker nodes AD group synchronization Time synchronization Housekeeping Pruning objects (namespaces, builds, etc.) Certificate update/rotation
Business Continuity etcd backup Global Load Balancer (GTM) failover Cluster rebuild and recovery Master/Worker nodes VM snapshot
Application Deployment/CD Namespace creation Network policy creation Application deployment, resource provisioning and testing Application upgrade
Compliance CIS OpenShift scanning and reporting Leveraging compliance operator and generating HTML reports
Operating System Patching
- Linux OS Patching Using Ansible (techbeatly)
- Windows Updates with Ansible
- Automate Windows updates with Ansible
- Windows Updates and Ansible (Ansible Blog)
Weekly system reboot
Eliminate repetitive, manual processes with automation.
Enforce security guidelines
Rules are rules. It’s best to automate in an effort to achieve strict security standards.
Configuration Management
Keep your configurations as a code and also can check if someone made chages to the same.
Disaster recovery
Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross team dependencies.
Adhoc Commands
Remarkably easy to write, you can run commands across your environment for any number of servers.
Database
Ansible Oracles Modules
Database binary patching
Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.
Service license agreements
- Gather subscription information and generate reports.
- Auto reminder emails on subscription and license renewal
Provisioning
Provisioning VMs on RHV, VMware and Hyper-V using templates Provisioning on AWS VM Snapshots on RHV and VMware
Network
Firewall rules orchestration with AlgoSec, Tuffin Load Balancer orchestration with OS updates SD-WAN Integration with Infoblox (IPAM) Asset management with Solarwinds
Compliance and Security
CIS Scanning and Hardening for RHEL, SUSE and Windows CIS benchmark for Kubernetes Rapid 7 Nexpose / Tenable Nessus Integration Anti-virus, e.g. Trend Micro, Symantec
Application
Integration with CI/CD tools such as Azure DevOps Application Deployment Installation and lifecycle management of middleware Installation of IIS, MS-SQL Installation of .NET app on Windows Application health check Dynatrace webhook Integration with Jira ServiceDesk
Config Management
RHEL and Windows patching with Red Hat Satellite and WSUS Red Hat Clustering Setup Health Check Onboarding of Windows vm to Windows AD Integration with CyberArk vault DR failover for Ansible Tower Golden Image management Configuration drift management, with baseline configurations
System and Server Automation 1. VM provision and deprovision for Windows 2016/2019, RHEL 8.x 2. Scale up/down CPU and Memory of VMs 3. Add/Delete Virtual Disks for VMs 4. Agent Installations for APM, McAfee, SCCM, Backup, Monitoring etc. 5. Join to Domains 6. Patch Management with WSUS/Satellite 7. Compliance Management for RHEL, Windows 8. Server Hardening 9. Health Check for Windows and Linux Servers 10. Server Stop/Start/Restart
Cloud Related Automation 1. VMs and Kubernetes provisioning on AWS/Azure 2. Provisioning with Autoscaling Group on AWS 3. Configure ALB 4. Create Lambda Functions to update AMI 5. VPC provision and deprovision with related network services 6. Windows/Linux Patch Management 7. Windows/Linux Hardening and Rollback Management 8. Windows/Linux Compliance Management 9. Golden Image Builds 10. CloudWatch configurations 11. Logs management/archival 12. Lifecycle management of AWS accounts, organizations, roles and access 13. Network security and WAF policy configurations 14. AWS Resource backup 15. Set budget limits and budget monitoring 16. SFTP configurations with RBAC 17. Cloud DB provisioning 18. Azure SQL managed instance provisioning 19. SNS configurations and alarm settings 20. VAPT scanning
Database and Middleware 1. Installation and configuration of MySQL, MSSQL, Oracle DB, PostgreSQL, MariaDB 2. Installation and configuration of WebLogic, Apache, NGINX, Tomcat, WebSphere, JBoss EAP 3. DB health check for MySQL, MSSQL, Oracle DB 4. DB housekeeping and archival for MySQL, Oracle DB 5. DB ad-hoc backup/restore for MySQL, MSSQL, Oracle DB 6. DB patching for MySQL, MSSQL, Oracle DB 7. DB hardening and compliance for MySQL, MariaDB, MSSQL, PostgreSQL 8. Platform build/installation for Bamboo, Jira, Bitbucket, Confluence, minio, MQ etc 9. Start/Stop/Restart DB and middleware services 10. Patching for WebLogic, JBoss EAP, Tomcat
Network 1. FW rules management (Add, delete and modify 2. Cloud FW rules management (AWS and Azure) 3. Compliance check for Cisco ASR, CSR, 9K, ACI, SD-WAN, Allot, F5, AlgoSec, Palo Alto, Panorama 4. Hardening of Cisco ASR, CSR, 9K, ACI, SD-WAN, Allot, F5, AlgoSec, Palo Alto, Panorama 5. Patch management for F5, InfoBlox, vEdge 6. PKI Certificate management 7. Configuration backup for Cisco IOS/XE, Palo Alto, F5, ACI 8. Provisioning for vEdge, F5, ACI, Cisco IOS/XE, Palo Alto 9. Health Check for Cisco IOS/XE, NX-OS, Palo Alto, F5 10. Palo Alto user management, NSP, FW session, deprovisioning
Security 1. Backup of Fortigate Config into Tectia 2. Failover and Failback of Fortigate 3. Install Security Agents for Imperva, TrendMicro, McAfee, Splunk UF, Nessus, Carbon EDR 4. CyberArk Credential retrievals 5. Palo Alto Patching 6. Palo Alto Provision/Deprovision and Firmware upgrades 7. F5 Patching
Operational Task 1. System Health Check for Windows, Linux, MySQL, Oracle DB 2. Network Health Check for AlgoSec, Infoblox, ACI, Firepower, Router, F5, Palo Alto 3. Server, DB and Application Services Stop/Start/Restart 4. Common Incident Remediations 5. DB Operational Tasks