Posts on Teddy Ferdinand

Why `curl | bash` is a dangerous bad habit

Wed, 29 Apr 2026 09:42:21 +0000

Recently, I stumbled again upon an old bad habit from the Linux/DevOps/Cloud world: installing a tool with a command like:

curl -sSL https://example.com/install.sh | bash

Or worse:

curl -sSL https://example.com/install.sh | sudo bash

We have all seen it before.
We have probably all used it at some point.

And let’s be honest for a minute: in many official documentations, this is still presented as the “simple” way to install a tool.

Attack techniques: understanding ARP poisoning

Fri, 21 Oct 2022 05:37:16 +0000

Disclaimer

As often on this kind of post, I would like to remind you that the content you will find here is for educational purposes only.

Unauthorized intrusion in an information system is punishable by fine and/or imprisonment.

Understanding attacks means knowing how to avoid them. In this post, I propose you see a common network attack model: ARP poisoning.

What is ARP?

To understand the attack, we must already understand what it is based on.

Log4j from the eye of the storm

Mon, 20 Dec 2021 20:37:40 +0000

Unless you live in a cave, you couldn’t miss the last few days the flaws discovered on the Java log4j library.

I’m not going to make another post talk about this flaw, but rather to talk about my experience in the field on the impact of this flaw at the operational level.

The importance of having an up-to-date inventory

I talked about this on Twitter (in French), but for me, this flaw highlights the fact that many companies lack an up-to-date inventory of their resources.

OpenSource Traefik ratings with Matomo

Mon, 15 Feb 2021 07:34:00 +0000

Some time ago, I talked to you about tracking and why I care about my privacy. In my conclusion, I indicated that user tracking was still a useful tool for a company, as long as it was ethical and respectful of users.

However, very often, I see that Google Analytics is used by the sites I browse on. It is far (even very far) from being respectful of your users’ data. Even worse! You allow Google to know the activity of your site from end to end and to know how to better target its ads (among others).

[IT] Salary is not the only recruitment criteria

Mon, 08 Feb 2021 07:07:00 +0000

Because of my professional background, I’ve worked for a lot of companies, either as a service provider or internally.

Salary is often:

A taboo subject, you should not talk about the salary you receive and even less with your colleagues
Seen as the only criterion for recruiting: If we don’t recruit, it’s because we don’t pay enough, if employees leave, it’s because of the salary

Today, I give you my vision on this point.

For an effective security posture

Mon, 01 Feb 2021 06:57:00 +0000

I’ve been working in the IT field for more than 10 years now and I’ve worked with a lot of “security” teams within the companies I’ve been in. I’ve been a security guy (Cloud Security Architect) for a little over a year now.

During these years, I often noticed a blocking posture of the security teams, sometimes even disconnected from the field, leading to slowdowns and tensions in the projects.

The danger of Grey IT in companies

Mon, 18 Jan 2021 07:48:00 +0000

Confined spaces have changed our work habits a lot. Telecommuting has become something more common than it was just a year ago.

With the implementation of telecommuting very quickly, new risks have appeared. Today, I suggest talking about Grey IT.

What is Grey IT?

In a company, in a classical way, the applications used are referenced in a service catalog.

For example, if your company uses Slack, the office service knows it, and will configure this application so that it works with the company’s security and confidentiality standards.

Create Vagrant boxes easily using Packer

Mon, 11 Jan 2021 06:42:00 +0000

A few months ago, I wrote a post to explain how to easily create a local Kubernetes cluster leveraging Vagrant and Traefik. You can find it here:

Create a local Kubernetes cluster with Vagrant

Testing Kubernetes is quite easy thanks to solutions such as Minikube. However, when you want to test cluster-specific features, such as load balancing or failover, it is not necessarily suitable anymore. It is possible to build your Kubernetes infrastructure on servers, or by using managed services…

Teddy FERDINAND

Today, I suggest to see how we can accelerate this creation by building ourselves the box used by Vagrant, preconfigured with our tools. This post is the continuation of the one above. Some notions will not be discussed again.

Cyberpunk 2077: Analysis of an agile method failure

Thu, 24 Dec 2020 06:20:00 +0000

On December 10th, one of the most anticipated games of the year was released: Cyberpunk 2077.

Personally, I enjoy playing it, but it’s not the case for everyone.

With an outside look of an IT professional, I suggest you see today the “mistakes” that I think were made in this project, and how some mistakes could have been avoided. This article is not about the game itself, but rather about the organizational and technical aspects.

Test your antivirus with a cryptolocker (mastered)

Fri, 04 Dec 2020 06:00:00 +0000

Computer attack patterns have evolved in recent years. Cryptolockers have become the spearhead of many hackers.

Does your antivirus vendor promise you that you are protected against these new threats? OK, prove it before you get stuck by a real attack.

Let’s talk about cryptolocker

The principle of a cryptolocker is quite simple: encrypt target files (often.doc, .txt, . odt, etc.) and then demand a ransom. A ransomware has nothing to gain by destroying the underlying OS, so system files are rarely touched.

Turn off the Internet: AWS is no longer responding!

Mon, 30 Nov 2020 17:53:04 +0000

A few days ago, an incident impacting the AWS cloud provider had a significant impact on many companies and services directly affected by this instability.

I saw on social networks many reactions, often beside the subject (unfortunately) and I thought it could be useful to give you my analysis of the subject.

Rewind

Let’s start by recalling the incident a bit.

On Wednesday evening (French time), AWS encountered a growing number of errors in some of its services in the us-east-1 (North Virginia) region.

Create a local Kubernetes cluster with Vagrant

Tue, 15 Sep 2020 07:00:57 +0000

Testing Kubernetes is quite easy thanks to solutions such as Minikube.

However, when you want to test cluster-specific features, such as load balancing or failover, it is not necessarily suitable anymore.

It is possible to build your Kubernetes infrastructure on servers, or by using managed services from a cloud provider (Kapsule at Scaleway, AKS at Azure, GKE at GCP or EKS at AWS for example).

Nevertheless, these solutions cost money. When you just want to test functionalities or self-training, it’s not necessarily appropriate.

Being a hacker isn't like being in the movies!

Sun, 23 Aug 2020 18:19:46 +0000

Hackers … we often see them in movies and TV shows. These experts are able to hijack NSA satellites with a string and a nail clipper (#MacGyver)! (Cover image from the movie Die hard 4)

I decided today to tell you about hacking in “real life”. I consider myself to be a white hat (an ethical hacker) and I’m going to tell you about the common methods a hacker uses. I will focus here on the simplest part: websites.

AWS IAM: Between dream and nightmare

Sun, 16 Aug 2020 04:51:07 +0000

I have been using AWS professionally for over 4 years now.

To be a bit old-fashioned, when I started on AWS, the following services and features did not exist:

The ALB/NLB
ACM
ElasticSearch Service
Lambda inside a VPC or with the duration of more than 5 minutes
ECS/EKS/ECR

During these 4 years, I had the opportunity to do a lot of IAM, essential to deploy secure solutions on Amazon.

IAM and least privilege

Identity and Access Management (IAM) is the AWS service that defines users or roles and their associated permissions.

Traefik 2.3 + ECS + Fargate : Reverse proxy serverless in AWS

Wed, 29 Jul 2020 15:45:30 +0000

Traefik is a reverse proxy that we have already mentioned on this blog in the past. Very powerful coupled with containers, it allows a fine and light management of traffic.

A few days ago, Containous, the editor of Traefik, announced the release of Traefik 2.3.0-rc2. This new version brings some changes, including :

The addition of a new service: Traefik Pilot.
The ability to add plugins to Traefik
The addition of the ECS provider

I have already covered the first two points on this blog and I will focus here on the support of the ECS (Elastic Container Service) backend on AWS via a new Traefik provider.

Traefik 2.3 : Towards plugins and beyond!

Thu, 23 Jul 2020 06:38:07 +0000

Traefik 2.3 (codename: Picodon - picodon is a cheese, which you can see in the banner of this article) is available as a release candidate since a few days. More than a simple version increment, it brings a lot of new features.

Two big new features caught my attention:

The new service of Traefik : Traefik Pilot
Adding plugin management

Another new feature, compatibility with ECS will be covered in a future article.

Why and how I got rid of Disqus

Mon, 20 Jul 2020 08:00:00 +0000

Lately, I’ve made some changes to this blog, discreetly. One of the main changes is the management of comments, goodbye Disqus, hello Commento. I’ll explain why…

A bit of history of this blog

At the beginning (I’m talking about February 2019, not old times) of this blog, my goal was rather simplistic: I wanted to share my knowledge, my vision on certain subjects and talk about anecdotes of all kinds. A year and a half and forty posts later, goal achieved!

What the Twitter hack teaches us (or reminds us of)

Fri, 17 Jul 2020 22:00:00 +0000

A few days ago, Twitter was the target of a hack inviting, via “verified accounts”, users to send BitCoins to receive double the amount. I suggest a small post on what we can learn from this attack, from a computer security point of view.

Disclaimer

The purpose of this article is not to make an umpteenth analysis of this attack, but rather to recall some basic rules of computer security that this attack reminds me of.

"We need to recruit women in IT."

Fri, 17 Jul 2020 19:45:09 +0000

I see and hear regularly that “we need to recruit more women in IT”. However, there is a lot behind this sentence.

In this post, I will give you my opinion on the presence of women in IT jobs.

False preconceptions

For several decades now, we have been repeating over and over again that IT is a man’s world, we repeat it so much that we end up believing it’s real…

Is teleworking (really) the answer?

Wed, 08 Jul 2020 20:00:00 +0000

Since the beginning of containment (in France, 2020/03), telework has become the norm for many, including myself, however, the return to the office is looming, and I can already hear the first discontents about it. A short post about my point of view.

Let’s talk about CoVid

With the spread of CoVid and containment, teleworking has become mandatory for many companies so that they are not forced to close down. Some companies even boasted that they were in the business of teleworking the most when 2 months earlier they were struggling to allow 2 to 3 days in a month… but nevermind.

Turn your AWS DevSecOps Pipeline into bunker - Part 1

Thu, 18 Jun 2020 20:02:35 +0000

This post was co-authored by Victor Grenu. Who is working as Cloud Architect

Introduction

In this series, we will talk about the emergence of the DevSecOps movement, and more especially, what are the benefits of introducing a DevSecOps approach on your existing CI/CD Pipelines.

CI/CD Pipeline

To give you some context, you will find in the diagram below a standard CI/CD Pipeline.

DevSecWhat?

DevSecOps could be defined as a shift from a central internal security team to the inclusion of security practices into the existing DevOps teams: DevSecOps

My teleworking setup

Thu, 11 Jun 2020 20:18:00 +0000

Like many, I’ve been “forced” to telework for several weeks. Long before CoVid, I already regularly teleworked and I had invested some time (and money) to have a setup that allowed me to work as well as possible from home. A little overview…

The Amazon links you’ll find below are not sponsored, and are simply put as a reference.

My need

I have a desk with a personal computer, I have two screens, a keyboard and a good mouse. My goal is to be able to use this equipment on my own and my client’s PC.

The difficulty of antibot fight on the web

Wed, 03 Jun 2020 06:36:01 +0000

Robots, more commonly known as bots, are now plentiful on the Internet. They account for a significant share of global Internet traffic.

Today, I propose you to discover the world of Internet bots.

Bots… but what for?

The first question one might ask would be why bots are roaming freely on the Internet.

You use, sometimes unknowingly, bots every day when you surf the Internet. You have run a search on a search engine, a bot has indexed it before for you. A large part of the messages from companies on social networks come from bots that publish them in their name.

Why do I care about my personal data

Mon, 25 May 2020 11:41:51 +0000

I’ve been in IT long enough to know the value of personal data. It’s very valuable data for companies, allowing them to target their audience ever more effectively.

I worked for 3 years for Médiamétrie which, in France, carries out studies and surveys for companies as well as most of the audience measurements for TV channels and radios.

What often comes out of the studies is the same thing, what is interesting is not the mass, it’s the CSP (socio-professional category). Knowing that TF1 had an audience of 12% the day before is a piece of information, knowing that “people in charge of purchasing” (from memory, commercial name for “housewife/man”) aged 30 to 40 years old represented 26% of the market share is much more valuable.

Accelerate the test of your lambda functions with Docker

Mon, 27 Apr 2020 06:00:00 +0000

Lambda is a very powerful AWS tool. Executing scripts in serverless mode drastically reduces the cost and complexity of managing a scalable infrastructure, however, testing its functions directly on Lambda can sometimes be frustrating as it requires round trips between the development station and the AWS environment.

There are testing features built into the AWS toolkit for the most popular editors (for Microsoft Visual Studio Code / PyCharm, for example), however, this restricts the possible editors and creates an adherence that is not particularly desirable.

What are the differences between end-to-end encryption and encryption in transit?

Mon, 20 Apr 2020 15:34:51 +0000

With the coronavirus crisis, the use of external technologies is necessary.

For this post, I will talk (among others) about Zoom, the trendy application for video conferencing that plays on the terms for securing their solution.

Encrypting exchanges, why?

Why do we do encryption? There can be many reasons, the most obvious is to avoid data interception.

In the case of an encrypted exchange, even if my data stream were intercepted, the impact would be nil, since the attacker would be unable to read this stream, assuming of course that I have set up a strong enough encryption.

Automatically deploy your Ghost themes with CircleCI

Tue, 07 Apr 2020 07:26:59 +0000

As you can see, this site uses the Ghost CMS. Moreover, I use a theme that I modify from time to time according to my needs, as for example to add the multi-author that was not active natively.

Nevertheless, the default is that Ghost requires each time to redeploy the theme via the backoffice. It must also be compressed with a unique name each time.

Nothing too much blocking, except that when working on some improvements, the back and forth for tests can be numerous.

Traefik 2 - Reverse proxy in Kubernetes

Wed, 01 Apr 2020 20:01:29 +0000

Today, we deploy more and more applications and micro-services in Kubernetes. Managing all the entry points of these applications can be problematic. To facilitate this management, there are ingress controllers, Traefik is one of them.

Disclaimer : This post is a translated version of the blog post I made for my company, you can find the french version here, on WeScale blog.

Traefik 2 - One ingress controller to control them all

Pourquoi utiliser Traefik ?

I got phished, but its for science!

Mon, 30 Mar 2020 05:00:00 +0000

We often hear about scam, phising.

Today, I have a special note for you: I was deliberately phished to show you the other side of the world!

Point VERY important!

The manipulations that you will see below (and in particular the fact of voluntarily going on a phishing site) can be dangerous for your system and/or your personal data. They have been made in a sandbox environment and must not be reproduced without prior protection.

Containment: Danger to SI

Mon, 23 Mar 2020 07:49:00 +0000

For a week now, many of us have been housebound. Telework has been the weapon that many companies have drawn to keep their business going, so many do not understand why some companies that used to do little or no telework are now able to operate full telework. Similarly, some do not understand that even in the IT field, there are still people who have to work on-site. A brief overview…

I tested for you: Raspberry Pi imager

Tue, 10 Mar 2020 09:08:00 +0000

A few days ago, the Raspberry Pi foundation announced the release of a new utility to deploy its OS on its Raspberry.

Having 2 Raspberries to reinstall, I thought I would test it for you. A little overview.

User friendly installation

As I was talking about last week, one of the challenges of Linux is to make it more accessible to non-technical users.

This utility is particularly aimed at this type of user, since the installation is very simple compared to the existing alternatives.

All operating systems are bad!

Mon, 02 Mar 2020 08:25:00 +0000

I’ve been working in the IT world since I came of age, a little over 14 years now.

One of the only constant rules I’ve always found is that the OS you love is always better than all the others.

The gems I’ve heard around me

Among the phrases I can often hear, I could mention a few:

How do you want to develop under Windows?
A MacBook is a PC with a 1K apple on it.
Linux is like a Mac, but without the stability

I could go on like this for a long time.

The impostor syndrome

Mon, 24 Feb 2020 06:57:00 +0000

Just over a year ago, I started this blog. More than a hobby, it has helped me to gain confidence in myself and my abilities.

I’ve already talked about it in the past, because of my non professional training, I’m often surrounded by highly qualified and competent people, and I’ve always had this discomfort of not feeling in my place, of being an impostor in my position.

A human problem more than a technical one

When I look, however, in all my missions, I have very rarely had negative comments. My clients have always been satisfied with my work. Nevertheless, I felt like I was usurping a job that I didn’t deserve as much as people who had studied long and hard to achieve it.

GAFAM: Smile, you offer your data

Tue, 18 Feb 2020 07:33:00 +0000

GAFAMs, they are everywhere, sometimes clearly visible, like when you go on Google, sometimes much less so, like for example Amazon which owns the IMDB site.

What are the GAFAMs?

I make this little point for those who don’t know what the GAFAMs are. What is commonly called GAFAM are none other than :

Google
Apple
Facebook
Amazon
Microsoft

These five companies now largely dominate the Internet, and it is very difficult to really do without them.

Is it really greener in the cloud?

Mon, 10 Feb 2020 09:00:00 +0000

“It’s greener on AWS”, I can’t count the number of times I’ve heard this sentence at Amazon conferences.

Is this mantra that companies repeat to look cool true?

Ecology, the new spearhead of companies

Year after year, companies, and especially large groups, put forward their efforts always to be “greener”. Each company is, of course, more committed than its competitor. I wonder how we can still have problems related to pollution with so much commitment?

Traefik 2 - TLS Configuration (Rank A+ on SSLLabs)

Mon, 03 Feb 2020 06:50:00 +0000

Disclaimer: Due to the descriptions I give below, this post will be longer than my usual posts.

Security is everyone’s business. As a security architect, I’m quite sensitive to these subjects.

As I talked about it recently, I migrated the reverse proxy of this blog from Traefik 1 to Traefik 2 recently. So I decided to configure the TLS part afterwards, my goal being to have a secure site (and therefore safe for my users) by letting Traefik manage all this part.

Extraction of Traefik accesslogs and dashboard creation

Thu, 16 Jan 2020 20:21:00 +0000

A few weeks ago, I wrote an article explaining the migration from Traefik 1 to Traefik 2, but this time I propose to address a crucial point in the implementation of an application, its monitoring.

This article explains how I set up my dashboarding, it doesn’t explain in any case the “enterprise” dashboarding that should be more reliable and complete on some points.

During this article, I will explain how to create this type of dashboard in a very basic way.

The difficulty of implementing DevOps in a company

Mon, 13 Jan 2020 08:17:36 +0000

“DevOps”, that word, one can no longer see an IT job offer for infrastructure or development positions without it being mentioned. Many companies are turning to DevOps, ideas and concepts are mixed, the target is often blurred, while the objectives are clear, leading this transformation is therefore far from being an easy task.

This article is written in collaboration with Pierre Galdon, a SysOps engineer friend with whom I worked for several years.

Small migration guide from Traefik 1 to Traefik 2

Mon, 06 Jan 2020 06:03:56 +0000

I recently moved the front of this blog from Traefik 1 to Traefik 2, and to say the least, it’s no picnic.

My Traefik use case

I use Traefik as a load balancer/reverse proxy front in a Kubernetes infrastructure. My use is very basic. Depending on certain path and/or domain, I redirect to separate pods. In the case below, I will consider that I have only one pod, this blog. I also manage my certificates with Traefik via Let’s Encrypt.

"When I grow up, I want to be a YouTuber."

Mon, 30 Dec 2019 07:21:27 +0000

Today, I am proposing a post inspired by a sentence my wife recently wrote, who works with children in primary and nursery schools. When she asks what the children want to do later, the answer is often the same: YouTuber.

This article is written in collaboration with Julien Monrousseau, an operations analyst friend of mine, who is launching his little YouTube channel centered around video games.

YouTube, Star “2.0” creator

At Christmas, don't give the keys to your house to hackers.

Sun, 22 Dec 2019 20:46:56 +0000

The Christmas period is a good time for hacks in companies, with the end-of-year holidays, there is indeed less staff, and therefore less reactivity. But it would be simplistic to see only this aspect.

Hell has a gift-wrapping

In recent years, connected objects of all kinds have become fashionable: speakers, watches, scales, vacuum cleaners, and this year’s fashionable object, connected cameras. All these gadgets can be very useful and have very nice features, but they are also the perfect access to your home for a pirate. Unfortunately, these devices are very often “light” in terms of embedded security. One might think that this is not too annoying, but from a compromised device, it may eventually be possible to infect an entire network to extract data for example.

Understanding the success of the "Serverless" model

Thu, 19 Dec 2019 12:30:30 +0000

Anyone who has ever done infrastructure on a cloud provider has already heard of the serverless model, behind this name is actually hiding many aspects. Let’s take a look…

The serverless model: logical evolution of containers?

For several years now, we have been talking about containers. A revolution over the last 5 years, containers (and orchestrators) have profoundly changed the approach to infrastructure, allowing applications composed of microservices to be deployed more and more simply and quickly. I won’t talk about this evolution here.

Terraform VS CloudFormation: Which tool to deploy on AWS?

Fri, 13 Dec 2019 11:00:00 +0000

Terraform or CloudFormation, the two tools are often pitted against each other, asking DevOps to decide and choose one tool or the other. However, from my point of view, these two tools do not necessarily address the same needs.

Asking the question of one’s exact need

Before knowing which tool to go to, it is important to know the exact need to be addressed:

Do I want to deploy only on AWS?
Do I need to interface with existing tools (especially CI/CD)?
Do I want to host the deployment solution myself or depend on a managed service?
Do I already use other tools from the HashiCorp ecosystem (Nomad, Packer, Consul or Vault for example)?

Indeed, with these questions you can already target the tool you want to use more easily.

"Stop playing video games, that's not the way to get a real job!"

Wed, 04 Dec 2019 21:01:05 +0000

“Stop playing video games, that’s no way to get a real job!” I can’t count the number of times I’ve heard that line. As you can see, today I want to talk to you about one of my passions, video games.

In the minds of many people, playing games is something futile, which cultivates only one thing: idleness. Not to say that it’s completely false, because there’s a bit of truth in that, but I don’t necessarily agree.

No, the padlock next to your address bar doesn't mean a site is "reliable."

Sat, 21 Sep 2019 07:27:39 +0000

I regularly see this message on shopping sites, and I see that confusion is often made about what a secure connection is.

Securing the exchange with the web server

The presence of a lock near the address bar means that this site is using a TLS certificate to exchange data with you. This ensures that the data exchanged with you is encrypted. The primary purpose of a TLS certificate is to prevent “man in the middle” attacks.

Linux without SSH? It's possible with Amazon SSM

Thu, 18 Jul 2019 07:10:54 +0000

In a computer park with linux machines, SSH is something classic. Very often scanned, regularly badly secured, it is also a possible entry point for attacks. Moreover, the problem of SSH traceability often pushes companies to set up specific processes.

On Amazon, it has been possible since last year to log in using SSH without the need for a key, login or password… and without SSH.

SSM - Systems Manager Agent: Amazon-style configuration manager

Amazon makes it easy to deploy server fleets, however, deploying a server is easy, maintaining it is not necessarily. Many companies will probably choose to use Ansible, Puppet, Chef or another manager configuration.

How to install Docker on a Raspberry Pi

Mon, 15 Jul 2019 17:13:20 +0000

I have a number of raspberries at home, these microcomputers the size of credit cards. Small and powerful, they have many uses, such as having a mediacenter on a TV set too old to do it natively.

I even recently fell for the Raspberry Pi 4 released last month (I’m weak against a new toy) to turn it into an application server, with its 4Gb of RAM, there’s plenty to do.

Seasonal jobs, gateway for pirates

Thu, 11 Jul 2019 20:18:49 +0000

With the summer vacation period beginning, it also means the start of seasonal employment. But beware, it also means that this is the gateway for pirates!

Ignorance of the company

By definition, the seasonal worker is not particularly familiar with your company, working methods, contacts etc… This means that he will probably be more sensitive to phising attempts. Why is this? Someone who does not know the company’s habits might not be surprised to receive an email with an Excel invoice file attached, for example, if they are unaware that these are not your ways of working.

Chaos day, a tool to bring Devs and Ops closer together?

Tue, 09 Jul 2019 07:50:10 +0000

I’ve been with my current employer for several years, and I’ve noticed, as with other employers, that there are unfortunately divisions between developers (Devs) and production engineers (Ops).

A different role in IT

Can you really blame people with different jobs, training, expectations and goals for having difficulty understanding each other?

Be careful, I’m not throwing stones at either side, but I have to admit that the roles of the two parties are not the same, even though dev and ops are complementary in order to have an efficient and effective production, while being innovative.

Security: A major new challenge for companies

Fri, 31 May 2019 07:11:54 +0000

Security is a term we often hear these days, yet behind this simple word lie many aspects.

This article contains many links to sources or definitions of certain terms, feel free to click on them. (Several links are in french language)

LinkedIn, WhatsApp, iCloud, Renault : What do these companies have in common? They have all been victims at one time or another of a compromise of their information system.

IT Recruitment: The Roles Have Reversed

Wed, 15 May 2019 20:52:17 +0000

Like many people in today’s working world who are being hunted today, I am present (among others) on social networks such as LinkedIn. However, because of my professional background, I am one of those people who had a hard time getting their first job.

I am indeed one of those people who do not have a higher diploma, my schooling having stopped at the baccalaureate.

2006: First job - Hotliner

In 2006, I landed my first job, I was a hotliner, I answered calls to help individuals on their computers and EGP (Consumer Electronics - TV, DVD player etc…) for the Fnac and Surcouf. To get this job, I had to send a hundred CVs and cover letters.

Migrate your infrastructure to AWS in an optimal way

Fri, 12 Apr 2019 12:39:56 +0000

The Cloud appears to be an Eldorado for many companies: simpler application deployment, cost reduction, use of innovative technologies, so many advantages that Amazon promises to its potential customers, but is it that simple?

AWS, and the cloud more generally, can be an excellent lever on the points mentioned above, however it is quite easy to lose feathers. In this article, I will list what, for me, seems to be the mistakes to avoid.

AWS Summit 2019 - Paris: Between success and disappointment

Thu, 04 Apr 2019 18:27:27 +0000

I was at the AWS Summit in Paris a few days ago. For those of you who don’t know this event, it’s a full day of conferences around Amazon’s cloud, AWS. This meeting is quite interesting because it allows us to get feedback from a lot of companies coming from different backgrounds.

I was going for the second time, the first time being in 2017. I was waiting for this day given the announced conference schedule.

What if we figured the cloud is just another data center like any other?

Thu, 28 Feb 2019 19:54:58 +0000

I work daily on Amazon’s cloud infrastructure (AWS for short), and I’m thinking about the best way to implement new technical solutions on this platform.

Amazon, and the cloud in general, has brought an impressive freedom:

Deploy on tailor-made infrastructures
Bringing elasticity to infrastructures
Benefits from machines on demand

However, these new approaches to infrastructure have also brought their share of negatives.

Previously, to deploy an application in the data center, it was necessary to prepare and properly size its hosting before even starting any deployment, linked to the purchase of suitable hardware, or at least to a resource reservation that had to be amortized over several years.