Ismail Yenigul
Verified Expert in Engineering
Cloud SRE and Linux Developer
Istanbul, Turkey
Toptal member since July 31, 2020
Ismail is a senior DevOps and SRE with expertise in Linux, AWS (AWS-certified solution architect and developer, IAM, EKS, ECS, EC2, RDS, S3), GCP, Azure, Kubernetes (CKAD, CKA certified, Docker, Helm), Terraform, Terragrunt, CI/CD (Jenkins, GitHub Actions), DevSecOps (AWS Security Hub, CIS benchmarks), and SRE practices. He ensures seamless deployments, infrastructure consistency, and system reliability. Proactive and customer-focused, Ismail leaves no stone unturned to deliver quality results.
Portfolio
Experience
- Linux - 20 years
- System Administration - 20 years
- Site Reliability Engineering (SRE) - 15 years
- Zabbix - 10 years
- DevOps - 10 years
- AWS Certified DevOps Engineer - 5 years
- Terraform - 4 years
- Google Cloud Platform (GCP) - 4 years
Availability
Preferred Environment
Amazon Web Services (AWS), Continuous Delivery (CD), Continuous Integration (CI), Terraform, Google Cloud, Linux, Google Kubernetes Engine (GKE), Amazon EKS, GitHub Actions
The most amazing...
...projects I've done focused on building secure and reliable AWS infrastructures with Terraform.
Work Experience
Senior DevOps Engineer | Site Reliability Engineer
Freelance
- Deployed, automated, managed, and maintained a cloud-based production system, using AWS, Google Cloud, Azure, and DigitalOcean.
- Ensured availability, performance, security, and scalability of production systems, focusing primarily on Linux environments.
- Troubleshot systems and resolved problems across various application domains and platforms. Tracked and fixed issues, using Jira and GitHub.
- Migrated from a manually managed system to a fully automated platform which included creating CI/CD pipelines with Jenkins, GitHub Actions, Argo CD, Flux, Harness, and application of GitOps methodology.
- Managed EKS, ECR, ECS, GKE, DigitalOcean Kubernetes, Docker, and Docker Compose deployments.
- Deployed AWS infrastructure (EKS, EC2, RDS, CloudFront, Route53, OpenVPN, IAM roles/policies and VPC) with Terraform.
- Deployed GKE clusters, Cloud SQL, LoadBalancer, and Compute Engine, and configured GitLab to push Docker images to the container registry.
- Built Docker images and deployed them to AWS Fargate with GitHub Actions.
- Created a Docker build pipeline with GitHub Actions, CircleCI, and Jenkins.
- Applied AWS security best practices and CIS compliance requirements; configured AWS Security Hub, AWS Config, and VPC flow; and hardened GKE cluster security.
Technical Team Lead and DevOps
Vision R&D
- Established the technical vision and provided leadership to department heads.
- Built the development platform and managed the project, using Jira, Confluence, and GitLab.
- Managed the software development and quality assurance teams.
- Identified and integrated new technologies to drive the business strategy and enhance client relationships.
Linux/Unix System Administrator | Site Reliability Engineer
Esys
- Designed and managed a Linux (Red Hat, CentOS, and Ubuntu) and Unix infrastructure.
- Maintained security and mitigated threats as new ones were identified.
- Improved infrastructure services, performance, and reliability.
- Became a Master Affiliate of The Linux Professional Institute (LPI), managed the company's training partner relationship with the institute, and grew the Linux and FOSS communities—all in Turkey.
- Installed and maintained web, DNS, SMTP Server, and FTP on Linux.
- Assisted with shell scripting for a system and application used to automate server tasks.
- Created and maintained a secure and reliable Linux environment. Managed daily activities, including user support and system administration tasks.
International DSL TAC Engineer
Alcatel Lucent
- Managed the Unix servers for AWS products deployed for telecom operators.
- Provided Unix and Linux support remotely or on-site in the EMEA region.
- Matured into a successful and valued member of the Unix/DSL support team in the EMEA region.
Software Developer
Oyak Teknoloji
- Developed host switch servers for debit and credit card systems in C++.
- Built a banking software solution based on internal customer requirements.
- Increased the performance of the process, which increased customer satisfaction, gained loyal customers, and maximized profitability.
Unix/Linux Systems Administrator and Developer
RT.NET
- Participated in designing, implementing, securing, and maintaining Linux and the Solaris ISP for its test, development, and production environment.
- Provided Linux, Solaris, and infrastructure support for internal and external clients.
- Created and modified scripts and applications to perform tasks.
- Improved the stability, security, efficiency, and scalability of the environment.
Experience
CIS Compliant AWS Infrastructure
Migration from Docker Compose to AWS EKS Cluster
Tasks accomplished:
Migrated all docker-compose files to k8s manifests.
Deployed AWS EKS cluster with the following components:
AWS Load Balancer Controller
Sealed Secret to keep secrets encrypted on git repository.
External DNS to manage route 53 records automatically
Argo-CD to implement GitOps methodology
IAM assume roles to access EKS cluster
Everything was deployed with Terraform.
Implement IaC Scanner for Terraform Codes for AWS Resources
Checkov is a static code analysis tool for infrastructure-as-code.
It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts,Kustomize, Dockerfile, Serverless, Bicep, or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.
I implemented Terraform scanning in GitHub Actions on every push. Also created scripts to use in the Harness pipeline to check Terraform code security before deploying apps to AWS. I also contributed to the Checkov open source project by submitting code fix PR, docs, and feature requests.
AWS Cost-saving Project
Managing Multiple AWS Accounts Access with AssumeRole and Terraform
Now, through Terraform, IAM roles are defined with specific privileges, enabling seamless access within or across accounts. This implementation enhances security posture and simplifies access control, all thanks to the power of AssumeRole and Terraform.
Amazon EKS with Terraform
GitHub Actions to Build Docker Image and Update AWS Lambda
Implement GitLab Pipeline for Google Kubernetes Engine (GKE) Deployment
By leveraging GitLab pipelines, we reduced manual intervention, minimized errors, and accelerated our deployment velocity. This approach not only enhances the reliability and consistency of our deployment process but also promotes collaboration and innovation across our teams. With seamless integration between GitLab, Google Artifact Registry, and Google Cloud GKE, we established a robust CI/CD pipeline that empowers our teams to deliver high-quality software with greater efficiency.
CI/CD Pipeline Implementation with Argo CD GitOps, GitHub Actions, and Amazon EKS
By embracing GitOps principles, we enhanced the reliability, scalability, and security of our deployment process. This approach reduces manual intervention, minimizes errors, and accelerates the delivery of changes to our Kubernetes environment. With Argo CD and GitHub Actions working in tandem, we established a robust CI/CD pipeline that promotes collaboration and innovation while ensuring the stability of our infrastructure.
Jenkins CI/CD for Amazon EKS and Amazon ECR
Furthermore, I implemented several pipelines to facilitate the seamless updating of Kubernetes deployment images through Argo CD GitOps. This approach ensures that our infrastructure stays up to date with the latest changes while minimizing manual intervention and reducing the risk of errors.
By integrating Jenkins, Terraform, and Argo CD GitOps, we established a robust and automated deployment pipeline that enhances the reliability, scalability, and efficiency of our operations. This setup empowers our teams to deliver changes to production swiftly and confidently, fostering a culture of continuous improvement and innovation.
SRE on Google Cloud Platform
Moreover, I spearheaded the maintenance of Ansible Playbooks for our on-premises instances, fostering consistent configuration management and automation practices across our hybrid infrastructure. Leveraging Ansible's robust capabilities, I streamlined routine tasks, enforced configuration standards, and facilitated seamless deployment of updates and patches with minimal disruption.
Additionally, I utilized existing Terraform modules within Jenkins pipelines to swiftly create new instances on Google Cloud Platform (GCP). By integrating Terraform's infrastructure as code principles with Jenkins automation, I enabled rapid and reliable provisioning of GCP resources, ensuring scalability and agility in our cloud environment.
HIPAA-compliant AWS Infrastructure Implementation
GCP Observability Solution with Managed Prometheus and Grafana Cloud
Packer AMI Creation for AWS EKS and Jenkins
Automated GCP Cloud SQL Exports
Bitbucket Pipeline for GKE Updates
Service Migration from ECS to EKS
GCP Cost Optimization
NFS CSI Driver Implementation on Amazon EKS and Google Kubernetes Engine (GKE)
Education
MBA in Business Administration
Istanbul Kemerburgaz University - Istanbul, Turkey
Bachelor's Degree in Computer Science
Istanbul Technical University - Istanbul, Turkey
Certifications
Certified Kubernetes Administrator (CKA)
Cloud Native Computing Foundation
Certified Kubernetes Application Developer Certification (CKAD)
Cloud Native Computing Foundation
AWS Certified Developer - Associate
AWS
AWS Certified Solutions Architect - Associate
AWS
The Linux Professional Institute — LPIC-1
The Linux Professional Institute
Skills
Libraries/APIs
Terragrunt, Jenkins Pipeline
Tools
Git, Google Kubernetes Engine (GKE), Postfix, Docker Compose, GitHub, OpenVPN, Grafana, Zabbix, AWS ELB, Terraform, AWS Fargate, Bitbucket, Amazon CloudWatch, AWS CloudTrail, Amazon Elastic Container Service (ECS), NGINX, MongoDB Atlas, Packer, Amazon Simple Email Service (SES), Shell, Amazon EKS, CircleCI, Jenkins, GitLab, Docker Hub, AWS IAM, Amazon Virtual Private Cloud (VPC), Amazon Elastic Container Registry (ECR), GitLab CI/CD, Helm, SendGrid, Kustomize, Nagios, Amazon CloudFront CDN, Confluence, Amazon Elastic Block Store (EBS), Observability Tools, Apache, Azure Kubernetes Service (AKS), OpenTofu, Logstash, AWS CloudFormation, Jira, Ansible, VPN, Kibana, Keycloak, ELK (Elastic Stack), Docker Swarm, HashiCorp, Checkov, Celery, Istio
Languages
Bash Script, Bash, SQL, YAML, Python
Frameworks
SPF, Flux, Django
Paradigms
DevOps, Continuous Integration (CI), Continuous Delivery (CD), DevSecOps, Continuous Development (CD), Microservices, Continuous Deployment, Serverless Architecture, HIPAA Compliance, Automation
Platforms
Linux, Kubernetes, Docker, DigitalOcean, FreeBSD, Ubuntu Linux, Amazon Web Services (AWS), Amazon EC2, Google Cloud Platform (GCP), Red Hat Linux, Ubuntu, Unix, CentOS, AWS NLB, LAMP, AWS Cloud Computing Services, AWS Elastic Beanstalk, Red Hat OpenShift, Azure, AWS Lambda, Solaris, Harness, Apache Kafka
Storage
Google Cloud, MySQL, Amazon S3 (AWS S3), Redis, AWS Elastic File System, Redis Cache, Amazon EFS, Amazon Aurora, Memcached, PostgreSQL, MongoDB, Google Cloud SQL, Elasticsearch, Amazon DynamoDB, Datadog
Other
System Administration, Security, AWS Certified Solution Architect, LPIC-1, GitOps, Qmail, Prometheus, Shell Scripting, GitHub Actions, AWS DevOps, AWS Transfer for SFTP, SSH, Ubuntu Server, Cloud Security, Systems Monitoring, Cloudflare, Gruntwork, IT Security, Containers, CI/CD Pipelines, Linux Server Administration, Site Reliability Engineering (SRE), Argo CD, Infrastructure as Code (IaC), SecOps, DevOps Engineer, Identity & Access Management (IAM), Containerization, Amazon RDS, RHEL, Site Reliability, Leadership, Relational Database Services (RDS), AWS Certified DevOps Engineer, SSL Certificates, SSL Configurations, Transport Layer Security (TLS), AWS Cloud Architecture, Monitoring, AWS Certified Developer, Networking, SOC 2, Cloud Services, ECS, Cloud Migration, Load Balancers, DomainKeys Identified Mail (DKIM), Domain DNS Setup, Spam Filtering, Email, Cloud, Mail Servers, AWS NAT Gateway, Cloud Infrastructure, Cost Reduction & Optimization (Cost-down), Web Security, Scripting, NFS, VPC, NAT, DMARC, IT Infrastructure, Cloud Monitoring, AWS Cloud Security, Certified Kubernetes Administrator (CKA), Cloud Architecture, HIPAA Electronic Data Interchange (EDI), Podman, Linux System Administration, HashiCorp Cloud, AWS CodePipeline, HAProxy, SMTP, DNS, Networks, Computer Science, Karpenter, Cost Analysis, Encryption, Elastic Load Balancers, Data Migration
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring