Bartosz Kruszelnicki

Senior Technical Engineer | Senior Middleware & Integration Specialist

Experience

Senior Middleware Engineer at Project InstantPayments 2.0 in Worldline (October 2018 - Present)

I joined the IP2.0 project approximately six months before the prod launch as part of my student internship program. The project is predominantly based on JAVA applications managed by JBOSS and AMQ servers. With my proficiency in LINUX, particularly with REDHAT 7+, I have been responsible for delivering comprehensive infrastructure setups for our clients over the past few years. This includes provisioning LINUX VMs, managing DB servers, configuring network rules, setting up load balancers, as well as deploying and maintaining JBOSS + AMQ environments. Additionally, I have handled Version Control Systems, automated deployment tools, and provided support for LDAP systems, particularly assisting the identity management group during issue resolutions. All of these responsibilities were carried out while being on-call 24/7 for production support.

I particularly enjoy troubleshooting and optimizing performance issues, making JAVA process tuning one of my core strengths. Given the complexity of the IP2.0 system, a lot of automation and scripting were required. My primary scripting languages are Python and Bash. Over some time, I have also supported my managers in conducting technical interviews. Nowadays, I've been chosen as a single point of contact for our biggest clients. Additionally, I have a passion for sharing knowledge and aiding in onboarding processes, as well as participating in new subprojects such as migrating the entire environment to OpenShift or Google Cloud.

The technology stack utilized in the projects include:

JBOSS: versions 6.*, 7.*

AMQ: versions 6.3, 7.*

LINUX eg Redhat 7+, Ubuntu

Xldeploy

Elasticsearch

Google Cloud

Openshift

Kubernetes

Prometheus

Samba

SVN

GIT

Service Now

LDAP systems: such as Openldap & 389-ds

Bash & Python scripting

Ansible

F5 load balancer

Docker

Nginx Httpd Apache2 web servers

Jenkins

Zabbix

Terraform

Oracle SQL, MYSQL

Jira

Confluence

Top Strenght

Troubleshooting JAVA performance issues

Certificate management

Life cycle management

Debugging apps/scripts

Security & application Hardening

Broad Linux/Network/App Servers Knowledge

Scripting & Automatization

Communication

Wiligness to learn new technologies

Previous Experience

Throughout my high school years (2011 - 2014) at MAK-NET [Internet Service Provider], I served as a technical support specialist. My role encompassed a range of responsibilities, from configuring network devices to installing antennas and links, addressing clients' device issues, and troubleshooting connection hiccups. This multifaceted role immersed me in the intricacies of UNIX-based network infrastructure, particularly with the MIKROTIK variation, enhancing my expertise in this domain.

minor experience

between elementary school and starting university, I operated my own IT service venture, specializing in tasks like OS reinstalls doing some kind of SPA for devices. that time I initially engaged with LINUX/UNIX systems.

Education

Wrocław University of Science and Technology (2014 - 2018)
Bachelor of Science in Systems Engineering with specialization in control systems

Systems Engineering with specialization of control systems was great mixture of mentioned technologies in folowing areas:
IT: including programming, DB, app design, OS knowledge
Automation & Robotics: Mainly in programming area, great example might be creating soft for lifts that control engine.
Al: machine learning algorithms for example face recognition, classifying texts

High School nr 1 in Kępno (2010 - 2014)

Specialization in Information Technology: Operating Systems and Computer Networks

Certificates & Trainings

GOOGLE CLOUD - Associate Cloud Engineer Certification
RHCSA (Red Hat Certified System Administrator)
Kubernetes Administration (LFS458) [one-week training]
Red Hat Custom Openshift On-site Training (CU-OCP-OS) [one-week training]
JBOSS, APACHE, TOMCAT [one-week workshop]

About Me

My journey with ATOS started with a student internship. After getting an offer to join full-time and being part of the Instant Payments 2.0 project, I found a great fit for my passion for IT. I'm into tech and economics, so I spend a lot of my free time reading and learning new stuff. Oh, and I love hanging out with my two awesome parrots!

Contact Information

Email: bartosz.kruszelnicki1@gmail.com

Phone: +48 537-565-469

Home Lab Projects

Home Workstation: Virtualized Network Infrastructure

As a personal project on my home workstation, I developed a fully virtualized network infrastructure that serves as a multi-functional environment for various IT services. Here’s a breakdown of the key elements:

File Server for Local Network: Set up a dedicated file server for seamless local file sharing across the network.
Web Servers with Auto-Renewing SSL Certificates: Hosted several websites accessible over the internet, with SSL certificates that automatically renew on a weekly check using Let's Encrypt. All services are available over HTTPS.
Fedora and Ubuntu Virtual Machines (VMs): Managed over six VMs running either Fedora or Ubuntu. These machines are integrated with LDAP, ensuring unified user management across the entire environment.
Monitoring with Prometheus, Zabbix, and Grafana: Each VM and the workstation itself are continuously monitored using Prometheus and Zabbix, with Grafana providing real-time dashboards for system metrics such as CPU usage, memory, filesystem status, and CPU clock speed. Additional custom metrics include:
- The number of banned IP addresses (via Fail2Ban).
- Total IP bans, unbanned IPs, and blocked connections.
LDAP Authentication Across Components: All critical components, including Zabbix, Grafana, Jenkins, and Kubernetes, are secured with centralized LDAP-based authentication, ensuring a consistent user experience.
Jenkins CI/CD with Kubernetes: Configured Jenkins to build and deploy application images into the Kubernetes clusters running on the VMs. Jenkins itself, along with Kubernetes services, is secured via LDAP credentials.
Kubernetes Cluster Hosting Websites: The Kubernetes cluster manages and hosts these websites and several others, leveraging a proxy and ingress for efficient traffic routing and load balancing between the hosted services.
Fail2Ban Security Layer: To enhance security, the workstation is open to the internet and secured with Fail2Ban, which automatically bans IP addresses after two failed login attempts, with a ban duration of 48 hours.
Secure Communication: All communications between services (HTTPS, LDAPS) are encrypted to ensure the confidentiality and integrity of data.

This project showcases my ability to build and manage a complex virtualized infrastructure with strong security, monitoring, and automated workflows, using technologies such as Kubernetes, Jenkins, Prometheus, Grafana, Zabbix, and LDAP.