Resume:
Thomas L. Kula
kula@tproa.net
Interest: Large-scale system and network administration
Work Experience
2006 - Now: System Administrator Intermediate
UM Computing Environment
Information Technology Central Services
University of Michigan, Ann Arbor, MI
Served on the group responsible for campus-wide kerberos
and AFS file service, general-purpose and statistics
Unix computing services. Responsibilties required being
able to understand and use these technologies at an
intermediate to high level of understanding, work
independently and with co-workers, campus IT providers
and end-users to diagnose and solve problems as well
as helping others use the services properly. Also
served as part of the group responsible for UMich
hostmaster services, requiring a solid understanding
of DNS and being able to help campus IT providers
as well as non-savvy end users utilize that service.
Implemented the new campus TSM service and served as
part of the team moving clients from the old AIX-based
TSM service to the new service (see Projects below).
2006 - 2006: Systems Administrator
Information Technology Services
Iowa State University, Ames, IA
Split responsibilities between OS X lab deployment and
AFS/backup administration.
Designed and implemented OS X lab deployment system
using NetRestore and custom installation/configuration
scripts.
Assist in maintaining Teradactyl TiBS backup system,
providing backup services for the ISU AFS cell and
various other central servers. Testing new AFS file servers
and clients. Other assorted Unix administration tasks,
primarily Red Hat Enterprise Linux and NetBSD.
Continuing duties in print queue creation, greylisting
and e-mail problems, short course development, Linux
lab development.
2001 - 2006: System Support Specialist
Information Technology Services
Iowa State University, Ames, IA
Provided technical support as part of Iowa State's central IT
help desk. Specialized in OS X and Unix support, supporting
central kerberos and AFS services, and VPN support. Primary
contact for creation of central print queues. First contact
for e-mail greylisting problems. Responsible for creating
documentation and FAQs for end-user support, and developing
parts of a series of short courses on Unix use and system
administration. Miscellaneous other training.
Projects include Linux Localization and developing Linux Lab.
Education
2000: Drake University, Des Moines, IA
Bachelor of Science
Majors: Computer Science and Mathematics
Projects:
2007 - 2008: U-M ITCS TSM service
Implementation of the new ITCS Tivoli Storage Manager backup
service. Took specifications from outside consultant and
developed and implemented the new service, moving it from
a monolithic AIX-based service to a modular Linux-based
service. Developed loadset for the TSM servers, working to
implement kernel requirements, driver requirements for
fibre channel cards and adapting TSM software to work and
be managed as part of a UMCE Linux distribution. Wrote
the bulk of the scripts used to manage the new system,
with the goal of allowing a modular and distributed
system, with many more machines than in the previous
service, to be managed effectively and allowing new
resources to be slotted in easily without requiring
major changes in management. Worked as part of the team
maintaining the legacy and new TSM service and moving
clients to the new service.
Presentations
2007: "Xen as a Test Environment"
Presented at the 2007 AFS and Kerberos Best Practices
Workshop, Stanford University
http://kula.tproa.net/talks/afsbpw2007/afsbpw2007-kula.pdf
Using Xen para-virtualization as a test environment for
kerberos and afs services.
2006: "iRealm: Explorations in using OS X to provide AFS and Kerberos
Services"
Presented at the 2006 AFS and Kerberos Best Practices
Workshop, University of Michigan
http://kula.tproa.net/talks/afsbpw2006
Presentation on using OS X Server to provide AFS and Kerberos
services. Step-by-step instructions on deploying AFS services
on OS X Server, discussion of caveats and practicality of
using OS X server to provide these services.
2005: "NetBSD, AFS and Kerberos: From Zero to Distributed File
System in N Easy Steps"
Co-authored with Tracy Di Marco White, Iowa State University
Presented at the 2005 AFS and Kerberos Best Practices
Workshop, Carnegie Mellon University
http://kula.tproa.net/talks/afsbpw2005
Step-by-step instructions on providing AFS and Kerberos services
using NetBSD, Heimdal, OpenAFS and Arla.
Contributions to open-source software
- Provide minor bug-fixes and testing of k5start
and remctl
, primarily
under NetBSD.
- Patch to pam-afs-session not to delete afs credentials
if DELETE_CRED is called but retain_after_close is configured.
- Submitted patch to enhance Heimdal kerberos support in
the FreeRadius rlm_krb5 module, improving logging of
authentications with kerberos principals that have
instances and allowing the module to use a non-default
keytab and service principal.
- Initial rough implementation of "server"-side zephyr
braindump authentication in the Kerberos 5 variant of the
Zephyr messaging service.
- Patches to NetBSD pkgsrc OpenAFS and Arla packages to allow
more peaceful co-existance:
- Small unsubmitted patch to Pubcookie that removes apache
installation path assumptions:
Other experience not mentioned elsewhere
Maintain small network providing various services to about 25
users and volunteer groups, using NetBSD, Xen, Heimdal, Arla,
OpenAFS, Cyrus imap, apache and postfix. Experimenting with
cross-realm kerberos, zephyr and AFS with Iowa State and other
local groups. Use OpenVPN to participate in multi-site, multi-
state virtual private network.
Provide web, DNS and mailing list services for Ames Community
Network (http://www.amescommunity.net/).
Comfortable with sh and python scripting, familiar with C,
and PostgreSQL.
8 February 2008