avatar

Mathieu CARBONNEAUX OSUAGWU
Senior Infrastructure Solutions Architect

About

Passionate about IT since I was very young, I started programming at the age of 12 (logo, basic, Z80 assembler, 680x0, C/C++).

I initially trained in electronics, industrial IT and then in management IT (client/server programming, network, system, database and network writing), which gave me a global vision of IT from hardware to software.

With nearly 30 years (1997) of professional experience, where I have alternately held the roles of application developer, database administrator, system engineer, network engineer, security engineer, middleware expert, and ended up as a Solutions Architect, in a wide variety of business and technical applications. I am what you call a multi-potential.

And I always manage the architecture, operation, implementation and design aspects in parallel (Architect and Devops).

Currently I participate in almost all of SFR SI's infrastructure architecture orientations.

Particularly experienced in distributed client/server architecture, I know more than 10 programming languages, especially the Java ecosystem, I have worked on almost all j2ee type application servers and everything that goes around it.

I have very strong experience in SSO and IAM technologies.

A long experience in middleware (MFT/MOM/API GW).
A long experience in web hosting security infrastructure (Reverse Proxy, Waf, Firewall).

We have currently started to develop Kubernetes operators for our middleware industrialization needs. Always interested in new technologies, I love experimenting with new concepts.

Always interested in learning new things. My latest personal passion is the Internet of Things (I'm going back to my origins as an industrial computer scientist) and also Machine learning…

Work Experience

2014 – Present
Monitoring Tools Expert
I introduced Zabbix to SFR to replace Cacti for monitoring network equipment in SNMP.

I had Zabbix develop for SFR the low level discovery, the provisioning APIs and the JMX proxy (roughly v2.3).

Then around 2017 I participated in the switch of monitoring tools to prometheus/thanos/grafana.

Then the massive use of ELK for storing hosting infrastructure logs.

Since 2020 I have set up a Clickhouse data well (much more efficient than ELK), coupled with Kafka (for the feed) and grafana for data visualization. Since then we have stored all the logs in clickhouse, i.e. more than 300 TB of data (compressed into 35 TB).
2010 – Present
Infrastructure Solutions Architect
Standardization and Orientation for SOA.

Standardization of the uses of SOAP and Rest.

Architect of the Web hosting platform.

Participation in the definition of network standards for the implementation of our new Datacenters.

Refactoring of major SFR projects: V&S, BIOS, SIGC...

Standardization of the use of programming languages.

Evangelization of the use of Open Source to monitor production.

Evangelization of the use of SNMP to monitor network equipment.

Evangelization of the use of Linux instead of proprietary Unix.

Evangelization of the use of Virtualization.

Open Source Evangelization.

In 2020 I set up a security data lake for all SFR IS security logs (FW, Router, Switch, Reverse proxy, VPN, etc.) based on a Clickhouse cluster and powered by Kafka.

In 2023 I set up the SFR Google Cloud Platform landing zone, the implementation of a dedicated connection adduction with GCP, and the SSO connection with our keycloak. As part of this project, I supported the teams in the implementation and design of the Landing Zone, in particular on the design aspects of our MLOps platform.

In parallel with the Landing Zone, I set up the connection to the salesforces SSO with our Keycloak SSO.

I am currently training on artificial intelligence, to set up anti-ddos mechanisms on our web hosting infrastructure based on artificial intelligence. I set up a security data lake (more than 300 TB of data) to prepare for this work.
Highlights
  • SOA
  • API Gateway
  • Programming language
  • Infrastructure
  • Open Source
  • Monitoring
  • Virtualization
  • Data Lake
  • Machine Learning
  • Load Balancing
  • Networks
  • UML/Merise
  • Agil Method
  • CI/CD
  • Container architecture
  • Architecture Normalization
  • OS and Middleware
  • DBMS/NoSql
  • SSO/IAM
  • Automation
2006 – Present
SOA Expert – API Gateway
I designed and developed the SFR Gateway API (and also participated in the evangelization of SOA at SFR), based on IBM DataPower.

In 2014, Redevelopment of the SOAP Gateway API on an open source solution (Apache/mod_perl) and in-house development.

In 2015, development of the evolution of the SOAP Gateway API to also support Rest.

In 2017, redevelopment of the Gateway API on a completely event-driven technology (Zeus Traffic Manager).
Highlights
  • SOAP
  • Rest
  • API Gateway
  • Event Model
  • Oauth
2006 – Present
Directory and IAM Expert (SSO)
At the same time, I had to take charge of the engineering of SFR's LDAP Directories (Netscape Directory Server, then iPlanet, then Oracle, then Fedora Directory Server).

Later in 2010 I set up the first SFR SSO based on siteminder. Then we redeveloped our specific solution at SFR instead of siteminder with the use of a certificate on the workstation as a second authentication factor (Arcot).

In 2020 I set up a solution based on the SAML2 Standard and OpenId Connect, with keycloak.
Highlights
  • SSO
  • IAM
  • LDAP Directory
  • SiteMinder
  • Arcot
  • Keycloak
  • Netscape Directory Server (iplanet, sun, oracle, fedora)
  • SAML2
  • OpenId Connect
2005 – Present
Web Hosting Infrastructure and Networks Expert
Then I had to manage the SFR web hosting infrastructure, first on Iplanet Web Server under Solaris, then on Apache under Linux (for which I designed the first base). I then participated in the implementation of reverse proxy and Load Balancer infrastructures in front of web servers, such as Deny All, Zeus ZXTM (currently owned by ivanti), F5, Alteon...

On this occasion I started working in the network teams that take care of the Switch, Firewall, Router (BGP), VPN and Proxy of the SFR IS.

In 2021 I designed a new hosting architecture based on kubernetes (Talos/Cilium), haproxy, and an internal operator to manage SFR hosting in an industrial manner.
Highlights
  • Reverse Proxy
  • Load Balancers
  • Tatlos
  • Cilium
  • Kubernetes
  • Deny All
  • Zeus ZXTM
  • F5
  • Alteon
  • Apache HTTPD
  • Iplanet Web Server
  • HAProxy
2004 – Present
Expert Unix Aix and Linux
At the same time, I also provided engineering for the Unix AIX and Linux systems (I was the one who introduced Linux into the SFR IS) (industrialization, construction of installation masters, software packaging). I collaborated with my colleagues on Solaris and HP-UX on software packaging.

In 2006, I participated in the evangelization of virtualization and the generalization of the use of Linux operating systems (instead of Unix Solaris/Aix/HP UX) and virtualized Windows within the SFR IS.

Then in 2020, I participated in the evangelization of containers and Kubernetes.
Highlights
  • Aix
  • Linux
  • Docker
  • Kubernetes
  • HP-UX
  • Solaris
  • Packages: rpm, LPP, SD, pkg, msi
  • OS Installation: Kickstart, Autoyast, NIM, VMware Templating, Foreman, sysprep
  • TFTP/DHCP/Bootp/PXE
April 2003 – Present
OLTP Technical Expert Tuxedo, IBM TXseries/Encina and MOM IBM MQseries
I first worked as a transactional system expert, I provided engineering, administration and support for SFR's transactional platforms (Tuxedo and Encina). As a result, I also worked a lot with database administrators (Informix, Oracle), as well as on IBM MQseries, due to the strong link between transactional database and MQSeries (which is transactional) and OLTP (two-phase commit protocol XA).

In 2017 I participated in the construction of our Kafka infrastructure (MOM Pub/Sub).
Highlights
  • TXSeries/Encina
  • Tuxedo
  • MQseries
  • Kafka
  • MOM
  • OLTP
January 2001 – March 2003
Infrastructure Engineer
Infrastructure Architect on SFR web hosting.
Highlights
  • Encina L3/4 Transactional System Support
  • Outsourcing of the Bouygues 6th Sense wap portal
  • Technical migration from Informix to Oracle, Encina to Txseries
  • SOA Standardization
  • Refactoring of major SFR projects: BIOS, V&S
January 1998 – December 2000
Software Engineer
Software Development.
Highlights
  • Encina Transactional System Level 3/4 Technical Support
  • Evolution of the SRPP project (Prepaid payment system)
  • Evolution of the SIMP project (Bank card payment system)
  • Support for the CSP code migration project to Visual Age
  • Evolution of the KART project (GSM Ticket System recipe tool)
  • Development in C++/Java

Projects

  • ZenProjects: My different open source projects

Contact

Home Page
My Personal Page
Github
My Github
Github
My Open Source Projects
Linkedin
My Linkedin

Education

  • 1995 1996

    ICEP (Institut comtois d’enseignement polytechnique)

    TRIO (Computer Network Technology and Organization) (Bachelor of Science)

    Computer science

  • 1990 1994

    ICEP (Institut comtois d’enseignement polytechnique)

    Industrial IT BTS (BTEC Higher National Diploma/12th Grade)

    Computer science

  • 1987 1989

    Lycée Pasteur (Dole/Jura)

    Baccalaureate F2 - Electronics (Business and Technology Education Council National Diploma)

    Electronics

Skills

Architecture Expert
Standardization and Orientation for SOA at SFR Standardization of SOAP and Rest usage at SFR Architect of the SFR web hosting platform Definition of network standards for implementing our new Datacenters Refactoring of major SFR projects: V&S, BIOS, SIGC… Standardization of the use of programming languages Evangelizing the use of Open Source to monitor production Evangelization of the use of SNMP to monitor network equipment Evangelization of the use of Linux instead of proprietary Unix Evangelization of the use of Virtualization Open Source Evangelization UML/Merise (MCD/MPD) SSO/IAM Standardization Support for projects on the use of Infrastructures Agile Methods: Kanban, Scrum Evangelization of the use of the use of CI/CD principles Standardization of Cloud Infrastructures
Middleware & SOA Expert
JEE App. Server MOM Web Server Transaction Processing App.Server Ldap Directory Server File Monitor gateway Tomcat JBoss Websphere Weblogic MQSeries Apache Nginx Oracle iPlanet Web Server TXSeries/Encina Tuxedo Oracle Directory Server 389 Directory Server OpenLdap OpenDS/DJ Axway/XFB CFT proftpd SOAP Rest gRPC/protobuf ESB Service Mesh API Gateway
SSO/IAM Expert
SSO SAML2 OpenID Connect Keycloak SiteMinder Arcot Oauth CA Advanced authentication ADFS OCRA HOTP FIDO key (yubikey) Webauthn Passkey LDAP Radius OpenAM
Networks & Security Expert
Reverse proxy & Load balancer Firewall Router BGP Load Balancing Direct Server Return eBPF and XDP Checkpoint Cisco fwsm Linux NetFilter BSD pf Ivanti/Pulse/Brocade/Zeus vTM F5 HAProxy Apache Sent Nginx SquidCache rWeb Deny ALL Brocade vTM WAF Alteon DPDK vpp.io VXLAN SDN SD WAN K8S Overlays (CNI)
Continuous Integration Platform (PIC) and Gitops Expert
Github Gitlab Gitea Drone Argoscd Fluxcd Git SVN CVS Act
Development language Expert
Java C# C/C++ PHP GO Shell (bash/ksh/perl/awk) Rust (beginner) Assembly language: z80, esp32, 680xx, x86 64, pic, hp saturn Javascript TCL (used in encine/websphere and F5) Python Jetbrain Studios: InteliJ, PHPStorm, Resharper, Clion, Rider, GoLand VS Code Gnu Compiler suite Visual Studio
Containers Advanced
Kubernetes Dockers Cillium Flanel Docker Compose CRI-0 Containerd Talos
Operating system Advanced
Technical Support and Software Packaging RPM on Linux Suse/Redhat LPP on AIX SD on HP-UX pkg on Solaris msi on windows sysprep on windows Kickstart on RedHat/Centos Autoyast on Suse linux NIM on AIX VMware Templating Foreman TFTP/DHCP/Bootp/PXE Linux RHEL/Suse/Ubuntu/Debian/Alpine AIX HP-UX Solaris
Open Source Monitoring Advanced
Zabbix Prometheus Elasticsearch/Kibana Clickhouse/Open Telemetry Nagios Grafana
Automation Advanced
Ansible Awx/Tower Terraform/opentf Gitlab CI Github actions Travis-CI Circle-CI Drone Gitea act
DBMS Intermediate
Database administration Database software packaging Development support Oracle Mysql Postgresql Informix ClickHouse
NoSQL Intermediate
Memcached+MCRouter Apache Ignite Infinispan DB Layer Redis MongoDB
Cloud Beginner
Landing Zone Network DC interconnect IAM GCP AWS

Interests

Wildlife
Kayak Canyoning Climbing Treking
Computer
Open Source Iot Video game Electronic