Hey!, I'm Ankit SRE | DevOps Engineer | Platform Engineer | 2X AWS | AWS Certified Solutions Architect Professional | CKA | CKAD

video illutration

About Me

I am a passionate DevOps Engineer

who enjoys interesting projects and challenges. I love to work on Cloud and DevOps related technologies. I have been working on various projects involving technologies like terraform, AWS, GCP, ansible etc. I have 5 years of experience in total. I am always eager to learn and try new things. Recently I took on the challenge of getting cerfified as AWS Solutions Architect Professional and completed the same with an effort of ~290hrs.

I have following certifications

  • AWS Certified Solutions Architect Professional
  • CKAD
  • CKA
  • AWS Certified Solutions Architect Associate

Experience

DevOps Engineer @ Tradeling

01/2020 - Ongoing

  • Set up Infrastructure on self-managed kubernetes cluster from scratch on AWS using ansible, terraform and poseidon/typhoon. Generated k8s manifests using php.
  • Migrate all backend APIs to AWS Edge Optimized API Gateway and EKS. Also used AWS WAF, API Throttling, API Caching, Network LB and VPC Link
  • Caching APIs at AWS Cloudfront with dynamic origins thereby reducing the homepage response time by 75% (105ms to 25ms). Also used custom CORS and caching policies.
  • Reduced the avg website load time in China by 80% (2500ms to 500ms) by testing with Zenlayer Global Accelerator, Huawei CloudConnect, Alibaba Global Accelrator, Geolocation Records and reduced the cost of solution from 3500$ to 70$ i.e. 98%
  • Closed around 70 plus vulnerabilities reported in ASV, Network VAPT, Web Application PT to make the infrastructure PCI compliant Level 1
  • Set up Monitoring for Infrastructure from scratch using ELK stack, metricbeat, journalbeat and ansible which collects data from 50+ servers across 3 environments
  • Set up CI-CD on Github Actions and Docker Jenkins using ansible running 15000 jobs daily. Maintained jenkins jobs using groovy scripts
  • Created Monitoring Dashboards in Kibana for API Performance, MongoDB, NATS, MySQL, Kubernetes, Hosts , System Monitoring and Docker.
  • Daily Automated Releases using python script (2000+ lines of code) sending automated email change log of 50+ repositories to respective teams. Attend stand-ups and sprint planning sessions

marketing illustration
web development illustration

DevOps Engineer @ Accelya Group

11/2018 - 01/2020

  • Setting up Infrastructure of the new customers for Development, UAT and Production Environments on Weblogic and Tomcat Platforms.
  • Migration of the build-jobs of 66+ customers to separate the 'Builds & Deployments' phases.
  • Build JIRA Dashboard for the team. This was extensively used by all teams to log tickets and follow the DevOps Approach

Software Engineer @ Walmart Labs

01/2017 - 10/2018

  • Set up Infrastructure for microservices on OneOps with DR enabled involving 1000s of servers across two data centers
  • Created DevOps Automation Dashboard using Django, Python to automate splunk alert actions.

cloud hosting illustration

Projects

Have worked on following projects in the past

By caching the GET APIs at AWS Cloudfront the response time was reduced by 75% (105ms to 25ms).
  • Created dynamic origins with custom caching and custom CORS policy.
  • Was able to achieve single digit millisecond latency for some GET APIs endpoints.

Improved the security and performance of all the backend APIs by using Edge Optimized AWS REST API gateway.
  • Applied AWS WAF at AWS API Gateway to improve the security of APIs.
  • Also used API throttling, API keys and custom domain names.
  • Used Edge Optimized REST API gateway to improve performance by using caching features
  • Other AWS Services used : Network Load Balancer, EKS and VPC Links.

Improved the website performance in China by reducing the avg website load time by 80% (2500ms to 500ms). This project was multi-cloud and was implemented in 3 phases.
  • Initially used Alibaba Global Accelerator and geolocation records. Cost of the project was around $3500 per month. Also purchased dedicated bandwidth from HongKong to India.
  • Later used Huawei Cloud Connect, SNAT, DNAT, NLB, geolocation records. The cost was around $1500 per month.
  • Finally we used Zenlayer Global Accelerator with geolocation records. This had the least cost of $100 per month. This was based on data-transfer per month.

  • MySQL was migrated to AWS RDS MySQL
  • MongoDB was migrated to MongoDB Atlas
  • Elasticsearch was migrated AWS ElasticSearch
  • Self managed kubernetes cluster using kops was migrated to EKS.

Monitoring and Logging Setup from scratch to set up dashboards
  • ELK i.e. Elastic Search, Logstash and Kibana was used. All were set up on individual instances using docker-compose and ansible playbooks
  • Journalbeat was used to set up logging for kubernetes. Metricbeat was used for getting metrics of kubernetes, instances, mongodb, mysql and NATs.
  • Dashboards set up for Kubernetes, System, Host, MongoDB, MySQL, NATs, Docker monitoring. URL monitoring and Alerts on slacks using Prometheus, Alertmanager, BlackboxExporter.
  • Prometheus, Alertmanager, Blackbox-exporter set up done using ansible, docker-compose

  • Created using AWS, Terraform and OpenSource poseidon/typhoon repository.
  • Used reserved and spot Instances to save cost
  • The cluster was self healing. Whenever spot instance was terminated, lamda function would trigger a webhook in Jenkins which would run ansible playbook task to drain the corresponding kubernetes cluster node.

  • Python script with 2000+ lines of code and triggered via ansible-task to automate release to staging environment which was in turn triggered through Jenkins
  • Automated Change Log-Email sent to the dedicated audience after the release
  • Live Updates of the release on Slack Channel showing status of builds and deployments

  • Setting up 3 environments - Prod, Stage, Dev
  • Each environment consisting of VPCs, EC2, Route53 records, Route tables, Security Groups, Bastion hosts, NAT Gateways etc
  • Planning regular upgrades of self managed services like MongoDB, MySQL, NATs

Infrastructure was made PCI-DSS complaint L1 by closing ~70 vulnerabilities across different scans : ASV, Network VAPT and Web Application Penetration Testing.
  • Used AWS KMS to encrypt card holders data before it was saved to the database
  • Provided necessary documentation and closed all the gaps that were high-lighted.

Skill Set

I have worked on following technologies

Worked at campanies

Campany 3 logo
Campany 1 logo
Campany 2 logo