Krishnakumar Ambily
Verified Expert in Engineering
Amazon Route 53 Developer
Thiruvananthapuram, Kerala, India
Toptal member since August 23, 2019
Krishna is an infrastructure and cloud consultant who's spent the past 15 years working in Unix server administration. Along with hands-on experience with all leading cloud providers such as AWS and GCE, he's a certified ethical hacker with certifications in Microsoft Windows and Red Hat Linux. Krishna is passionate about DevOps and is an expert in Ansible, Terraform, Git, Jenkins, and Docker.
Portfolio
Experience
- Amazon Web Services (AWS) - 5 years
- Amazon EC2 - 5 years
- AWS IAM - 5 years
- Amazon Route 53 - 5 years
- Ansible - 5 years
- Amazon CloudFront CDN - 5 years
- Amazon CloudWatch - 3 years
- Terraform - 3 years
Availability
Preferred Environment
Amazon Web Services (AWS), Git, Docker, Google Compute Engine (GCE), Terraform, Ansible, Jenkins
The most amazing...
...thing in my career has been acting as the CTO for a leading server management company and supporting web hosting companies from all around the globe.
Work Experience
Linux System Administrator
BioReference Laboratories - Main
- Steered the management of Linux VMs on Azure Cloud, along with installing and configuring CarbonBlack, Sophos Antivirus, and SIEM agents on Linux VMs. Streamlined Linux OS installation to RHEL 9 while assisting the team in deploying applications on Linux VMs.
- Upgraded application gateways. Secured key vaults by configuring private endpoints. Integrated Azure AD SSH with Linux VMs for Azure users to merge SSH into VMs using Azure credentials.
- Handled the installation configuration of an Azure monitoring agent, data collection rules, and log analytics workspace. Managed NSG rules for Azure instances.
CTO | Cloud and Infrastructure Consultant
CliffSupport
- Managed AWS, GCE, DigitalOcean, Azure, and other types of cloud platforms.
- Implemented CI/CD using Ansible, GitHub, SVN, and Jenkins.
- Optimized the billing and hardened the cloud infrastructure.
- Coordinated with the development team to deploy the application on the cloud.
- Designed and deployed a cloud infrastructure based on client requirements.
- Configured load balancing and auto-scaling to make an application highly available.
- Helped to migrate the development team to a cloud infrastructure.
- Configured and deployed CDN, DNS, and cloud storage.
- Customized monitoring tools to monitor the cloud infrastructure.
- Used configuration management tools like Ansible and Chef to manage multiple servers. Managed source code repositories using Git and SVN.
AWS DevOps Engineer
Unifimoney
- Managed the AWS infrastructure securely and cost-effectively and supported the development team. Created IAM user accounts, policies, and roles per the project requirement. Fixed issues with the code pipeline, Lambda, and API gateway.
- Configured real-time monitoring using CloudWatch and integrated the alerts into a Slack channel. Built, secured, and integrated S3 buckets CloudFront distributions. Created the CI/CD of a React project using Jenkins, S3 buckets, and CF distribution.
- Created an AWS CodePipeline for Lambda deployment. Integrated Jenkins and SonarQube stages with AWS CodeBuild. Configured and managed Aurora Serverless DB, Secret Manager, SQS, SNS, and SES. Configured and managed Docker containers using Amazon ECS.
- Secured the AWS infrastructure as per SOC 2 compliance requirements. Configured multi-region deployment for disaster recovery.
IT Manager
CliffSupport
- Installed, configured, and managed OpenVZ, KVM, and Xen virtualization technologies.
- Installed and managed virtualization control panels like Proxmox, SolusVM, and Xen.
- Performance-tuned and secured hardware nodes and VMs.
- Constructed KVM, OpenVZ, and Xen templates for VM creation.
- Planned, configured, and managed backup and contingency strategies.
- Managed teams of varying sizes and supported clients from all around the globe.
AWS DevOps Expert
Museum of Applied Arts and Sciences
- Integrated AWS CloudFront with WordPress and configured AWS WAF rules to block malicious traffic.
- Performed load testing of WordPress sites and ensured they could handle more traffic.
- Integrated Varnish Cache with WordPress. Configured CloudFront rules based on header values.
Senior System Administrator
Self-employed
- Provided high-end technical support to multiple clients from all around the globe.
- Installed, optimized, and configured new servers and application upgrades in an existing network environment as per requirements.
- Installed, configured, troubleshot, monitored, and hardened cPanel, Plesk, Webmin, and DirectAdmin.
- Installed, configured, troubleshot, monitored, and hardened operating systems such as CentOS, Ubuntu, Debian, Windows Server, and Red Hat Enterprise Linux (RHEL).
- Installed, configured, troubleshot, monitored, and hardened Apache, Nginx, Litespeed, Varnish (caching Web Server), Exim, Sendmail, Postfix, Dovecot, Bind, Vsftp, MySQL, PostgreSQL, MariaDB, iptables, CSF, ModSecurity (WAF), Fail2ban, and OpenVPN.
- Performed daily team administration routines and team development and people management activities to boost team productivity.
- Developed and implemented a security management system for Windows and Linux servers.
- Installed and configured Nagios, Cacti, and MRTG to monitor servers and infrastructure.
- Developed Bash and Perl scripts to automate admin tasks and custom Nagios plugins.
Experience
Migration of the Physical Servers into OpenVZ and KVM Virtualization
Worldwide Prosperity Index Website
Blockchain Infrastructure for a Cryptocurrency Project
Site Reliability Engineer for an Indian eCommerce Firm
Technologies:
• The website works on Magento and is hosted on an AWS EC2 instance.
• RDS is used for the database, and Cloudflare is used for DNS and CDN management.
• AWS billing was optimized according to the client's budget.
• EC2 servers are configured for Magento hosting.
• RDS is configured with a multi-availability zone to eliminate single-point failures.
• DNS records are configured using Cloudflare.
• Cloudflare CDN is configured to serve static files.
Site Reliability Engineer for a US-based Mobile Gaming Firm
Technologies:
• The project is configured using EC2 instances to host a Laravel application and RDS as a database.
• ElasticCache (Redis) is used to eliminate the bottleneck of reading and writing data from a relational database.
• Redis's lazy loading strategy is used to improve the read queries, and the write-through strategy is used to improve the DB write queries.
• EC2 servers are configured with auto scale-in and scale-out policies to handle massive traffic and eliminate single-point failures.
• S3 bucket is used to store static files.
• RDS is configured with a multi-availability zone, and reading replicas to handle the traffic and eliminate single-point failures.
• An Elastic Load Balancer is used to distribute traffic among multiple servers.
• GitLab is used for version control.
• Gitlab CI/CD is used for automatic and hassle-free deployment to development, staging, and production environments.
• AWS Route 53 is used for DNS management.
Design and Automation of the Deployment of a Three-tier Node.js Application
Site Reliability Engineer for a US-based Live Video Streaming Firm
Configuration details:
• Wowza cloud stores VOD files on the S3 bucket.
• S3 permission protects the VoD content.
• An EC2 instance hosts the application using PHP's CodeIgniter framework.
• EC2 servers with auto scale-in and scale-out policies handle huge traffic and eliminate single-point failures.
• RDS with a multi-availability zone and reading replicas handle the traffic and eliminate single-point failures.
• An Elastic Load Balancer is used to distribute traffic among multiple servers.
• AWS Route 53 is used for DNS management.
CloudFront and WordPress Integration
https://www.maas.museumAWS Web Application Firewall (WAF) was configured with CloudFront to block MySQL injection and malicious requests.
Technologies Used
• AWS CloudFront to cache WordPress static files.
• Integrated WordPress with CloudFront and Varnish.
• Configured Varnish to cache static files at the server-side.
• Configured WAF rules to prevent PHP and WordPress attacks.
Education
Bachelor's Degree in Computer Science
University of Calicut - Kerala, India
Certifications
HashiCorp Certified: Terraform Associate
HashiCorp
AWS Certified Solutions Architect – Professional
Amazon Web Services Training and Certification
AWS Certified Solutions Architect Associate
AWS
Blockchain for Business
edX
Certified Ethical Hacker
EC-Council
Red Hat® Certified Engineer (RHCE®)
Red Hat
Skills
Libraries/APIs
jQuery, Amazon API, Jenkins Pipeline
Tools
Terraform, Packer, Google Compute Engine (GCE), Parallels Plesk Panel, Webmin, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon Elastic Block Store (EBS), Syslog, Jenkins, Git, Apache, Exim4, Subversion (SVN), AWS ELB, Amazon Elastic Container Service (ECS), Amazon CloudFront CDN, Wowza, Vultr, Atlassian, Confluence, Bitbucket, Ansible, Amazon CloudWatch, NGINX, Jira, Plesk, Postfix, Sendmail, Squid, Iptables, OpenVPN, Amazon Simple Queue Service (SQS), AWS CLI, SonarQube, AWS CodeBuild, Azure Key Vault, Azure Application Gateway
Frameworks
AWS HA, CodeIgniter, CodeIgniter 3, Laravel
Paradigms
DevOps, Agile Software Development
Platforms
Amazon Web Services (AWS), Linux, Ubuntu, Amazon EC2, cPanel, Debian, AWS NLB, Windows, Django CMS, Docker, KVM, Magento 2, WordPress, Linode, Apache2, DigitalOcean, Xen, Proxmox, CentOS, AWS ALB, AWS Security Token Service (STS), AWS Lambda, Azure, LEMP, LAMP
Storage
Amazon Aurora, MySQL, PostgreSQL, Amazon S3 (AWS S3), Redis Cache, GlusterFS, VSFTPD, LiteSpeed for SQL Server, MariaDB, Databases, Azure Storage
Languages
Bash, PHP 7, C, PHP, JavaScript
Other
BIND 9, Amazon Route 53, NFS, SSH, Configuration Management, DirectAdmin, Pure-FTPd, Web Security, Site Reliability Engineering (SRE), BIND, Cloudflare, VM, Elastic Load Balancers, Autoscaling, System Administration, OpenVZ, SolusVM, Dovecot, ProFTPD, ModSecurity, Amazon RDS, Web Application Firewall (WAF), AWS CodePipeline, SELinux, Computer Skills, IT Networking, Algorithms, Data Structures, Operating Systems, APIs, Troubleshooting, Monitoring, Systems Monitoring, API Gateways, SSL, Azure Virtual Machines
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring