Krishnakumar Ambily, Developer in Thiruvananthapuram, Kerala, India
Krishnakumar is available for hire
Hire Krishnakumar

Krishnakumar Ambily

Verified Expert  in Engineering

Amazon Route 53 Developer

Thiruvananthapuram, Kerala, India

Toptal member since August 23, 2019

Bio

Krishna is an infrastructure and cloud consultant who's spent the past 15 years working in Unix server administration. Along with hands-on experience with all leading cloud providers such as AWS and GCE, he's a certified ethical hacker with certifications in Microsoft Windows and Red Hat Linux. Krishna is passionate about DevOps and is an expert in Ansible, Terraform, Git, Jenkins, and Docker.

Portfolio

BioReference Laboratories - Main
Linux, Azure, DevOps, CentOS, LEMP, LAMP, SSL, Azure Virtual Machines...
CliffSupport
Amazon Web Services (AWS), Docker, Packer, Terraform, Subversion (SVN)...
Unifimoney
Amazon Web Services (AWS), DevOps, JavaScript, APIs...

Experience

  • Amazon Web Services (AWS) - 5 years
  • Amazon EC2 - 5 years
  • AWS IAM - 5 years
  • Amazon Route 53 - 5 years
  • Ansible - 5 years
  • Amazon CloudFront CDN - 5 years
  • Amazon CloudWatch - 3 years
  • Terraform - 3 years

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Git, Docker, Google Compute Engine (GCE), Terraform, Ansible, Jenkins

The most amazing...

...thing in my career has been acting as the CTO for a leading server management company and supporting web hosting companies from all around the globe.

Work Experience

Linux System Administrator

2022 - PRESENT
BioReference Laboratories - Main
  • Steered the management of Linux VMs on Azure Cloud, along with installing and configuring CarbonBlack, Sophos Antivirus, and SIEM agents on Linux VMs. Streamlined Linux OS installation to RHEL 9 while assisting the team in deploying applications on Linux VMs.
  • Upgraded application gateways. Secured key vaults by configuring private endpoints. Integrated Azure AD SSH with Linux VMs for Azure users to merge SSH into VMs using Azure credentials.
  • Handled the installation configuration of an Azure monitoring agent, data collection rules, and log analytics workspace. Managed NSG rules for Azure instances.
Technologies: Linux, Azure, DevOps, CentOS, LEMP, LAMP, SSL, Azure Virtual Machines, Azure Key Vault, Azure Storage, Azure Application Gateway

CTO | Cloud and Infrastructure Consultant

2013 - PRESENT
CliffSupport
  • Managed AWS, GCE, DigitalOcean, Azure, and other types of cloud platforms.
  • Implemented CI/CD using Ansible, GitHub, SVN, and Jenkins.
  • Optimized the billing and hardened the cloud infrastructure.
  • Coordinated with the development team to deploy the application on the cloud.
  • Designed and deployed a cloud infrastructure based on client requirements.
  • Configured load balancing and auto-scaling to make an application highly available.
  • Helped to migrate the development team to a cloud infrastructure.
  • Configured and deployed CDN, DNS, and cloud storage.
  • Customized monitoring tools to monitor the cloud infrastructure.
  • Used configuration management tools like Ansible and Chef to manage multiple servers. Managed source code repositories using Git and SVN.
Technologies: Amazon Web Services (AWS), Docker, Packer, Terraform, Subversion (SVN), DigitalOcean, Ansible, Git, Jenkins, Google Compute Engine (GCE), DevOps

AWS DevOps Engineer

2021 - 2023
Unifimoney
  • Managed the AWS infrastructure securely and cost-effectively and supported the development team. Created IAM user accounts, policies, and roles per the project requirement. Fixed issues with the code pipeline, Lambda, and API gateway.
  • Configured real-time monitoring using CloudWatch and integrated the alerts into a Slack channel. Built, secured, and integrated S3 buckets CloudFront distributions. Created the CI/CD of a React project using Jenkins, S3 buckets, and CF distribution.
  • Created an AWS CodePipeline for Lambda deployment. Integrated Jenkins and SonarQube stages with AWS CodeBuild. Configured and managed Aurora Serverless DB, Secret Manager, SQS, SNS, and SES. Configured and managed Docker containers using Amazon ECS.
  • Secured the AWS infrastructure as per SOC 2 compliance requirements. Configured multi-region deployment for disaster recovery.
Technologies: Amazon Web Services (AWS), DevOps, JavaScript, APIs, Site Reliability Engineering (SRE), Troubleshooting, Monitoring, Systems Monitoring, Amazon CloudFront CDN, Amazon Route 53, Amazon EC2, Jenkins, Jenkins Pipeline, AWS CodePipeline, SonarQube, Amazon RDS, Amazon Aurora, Amazon CloudWatch, AWS CodeBuild, Amazon S3 (AWS S3), AWS IAM, Amazon Elastic Container Service (ECS), API Gateways, AWS Lambda

IT Manager

2010 - 2023
CliffSupport
  • Installed, configured, and managed OpenVZ, KVM, and Xen virtualization technologies.
  • Installed and managed virtualization control panels like Proxmox, SolusVM, and Xen.
  • Performance-tuned and secured hardware nodes and VMs.
  • Constructed KVM, OpenVZ, and Xen templates for VM creation.
  • Planned, configured, and managed backup and contingency strategies.
  • Managed teams of varying sizes and supported clients from all around the globe.
Technologies: Proxmox, SolusVM, KVM, OpenVZ, Xen, Linux

AWS DevOps Expert

2020 - 2021
Museum of Applied Arts and Sciences
  • Integrated AWS CloudFront with WordPress and configured AWS WAF rules to block malicious traffic.
  • Performed load testing of WordPress sites and ensured they could handle more traffic.
  • Integrated Varnish Cache with WordPress. Configured CloudFront rules based on header values.
Technologies: Amazon CloudFront CDN, Amazon Web Services (AWS), WordPress, Cloudflare, Ansible, DevOps, Amazon EC2, Docker

Senior System Administrator

2004 - 2010
Self-employed
  • Provided high-end technical support to multiple clients from all around the globe.
  • Installed, optimized, and configured new servers and application upgrades in an existing network environment as per requirements.
  • Installed, configured, troubleshot, monitored, and hardened cPanel, Plesk, Webmin, and DirectAdmin.
  • Installed, configured, troubleshot, monitored, and hardened operating systems such as CentOS, Ubuntu, Debian, Windows Server, and Red Hat Enterprise Linux (RHEL).
  • Installed, configured, troubleshot, monitored, and hardened Apache, Nginx, Litespeed, Varnish (caching Web Server), Exim, Sendmail, Postfix, Dovecot, Bind, Vsftp, MySQL, PostgreSQL, MariaDB, iptables, CSF, ModSecurity (WAF), Fail2ban, and OpenVPN.
  • Performed daily team administration routines and team development and people management activities to boost team productivity.
  • Developed and implemented a security management system for Windows and Linux servers.
  • Installed and configured Nagios, Cacti, and MRTG to monitor servers and infrastructure.
  • Developed Bash and Perl scripts to automate admin tasks and custom Nagios plugins.
Technologies: PHP, Squid, BIND, Sendmail, Postfix, Exim4, PostgreSQL, MySQL, NGINX, Apache, Plesk, cPanel, CentOS, Linux, Bash, Apache2, ProFTPD, Pure-FTPd

Migration of the Physical Servers into OpenVZ and KVM Virtualization

I assisted one of the data centers in migrating more than 500 physical servers into OpenVZ and KVM VMs to reduce the infrastructure cost. I also implemented configuration management using Ansible scripts for the smooth management of VMs.

Worldwide Prosperity Index Website

I designed and deployed a highly available, fault-tolerant, and cost-effective infrastructure for a worldwide prosperity-index website, using AWS EC2 instances, Elastic Load Balancers, Auto Scaling, AWS S3 buckets, and AWS RDS.

Blockchain Infrastructure for a Cryptocurrency Project

I configured and managed client nodes on cloud providers like AWS, GCE, DigitalOcean, Linode, and Vultr. I installed a Stellar test network and configured the Stellar core, bridge, and compliance servers. I also installed, configured, and managed an on-premise Atlassian stack for this project, consisting of Jira, Confluence, Bitbucket, and the Crowd server.

Site Reliability Engineer for an Indian eCommerce Firm

I designed, configured, and managed AWS infrastructure for an eCommerce firm. I also configured the development and production environment for the development team.

Technologies:
• The website works on Magento and is hosted on an AWS EC2 instance.
• RDS is used for the database, and Cloudflare is used for DNS and CDN management.
• AWS billing was optimized according to the client's budget.
• EC2 servers are configured for Magento hosting.
• RDS is configured with a multi-availability zone to eliminate single-point failures.
• DNS records are configured using Cloudflare.
• Cloudflare CDN is configured to serve static files.

Site Reliability Engineer for a US-based Mobile Gaming Firm

I designed, configured, and managed AWS infrastructure for a mobile game project. I also configured the development, staging, and production environments to help the development team.

Technologies:
• The project is configured using EC2 instances to host a Laravel application and RDS as a database.
• ElasticCache (Redis) is used to eliminate the bottleneck of reading and writing data from a relational database.
• Redis's lazy loading strategy is used to improve the read queries, and the write-through strategy is used to improve the DB write queries.
• EC2 servers are configured with auto scale-in and scale-out policies to handle massive traffic and eliminate single-point failures.
• S3 bucket is used to store static files.
• RDS is configured with a multi-availability zone, and reading replicas to handle the traffic and eliminate single-point failures.
• An Elastic Load Balancer is used to distribute traffic among multiple servers.
• GitLab is used for version control.
• Gitlab CI/CD is used for automatic and hassle-free deployment to development, staging, and production environments.
• AWS Route 53 is used for DNS management.

Design and Automation of the Deployment of a Three-tier Node.js Application

I designed a fault-tolerant, highly available, and secure three-tier infrastructure on AWS using EC2, ELB, CloudFront, S3, and RDS master-slave replication. I also automated the whole infrastructure using Terraform, Packer, and Jenkins.

Site Reliability Engineer for a US-based Live Video Streaming Firm

In addition to designing, configuring, and managing the project, I configured the development and production environments to help the development team. The project was configured with the Wowza cloud platform for video streaming and AWS infrastructure to host their application developed in PHP's CodeIgniter framework. Wowza's cloud is configured to store live streams in the AWS S3 bucket and serve as VOD content once the live streaming is completed.

Configuration details:
• Wowza cloud stores VOD files on the S3 bucket.
• S3 permission protects the VoD content.
• An EC2 instance hosts the application using PHP's CodeIgniter framework.
• EC2 servers with auto scale-in and scale-out policies handle huge traffic and eliminate single-point failures.
• RDS with a multi-availability zone and reading replicas handle the traffic and eliminate single-point failures.
• An Elastic Load Balancer is used to distribute traffic among multiple servers.
• AWS Route 53 is used for DNS management.

CloudFront and WordPress Integration

https://www.maas.museum
Configured CF in front of the WordPress website to handle more connections without increasing computing resources and improving website performance.

AWS Web Application Firewall (WAF) was configured with CloudFront to block MySQL injection and malicious requests.

Technologies Used

• AWS CloudFront to cache WordPress static files.
• Integrated WordPress with CloudFront and Varnish.
• Configured Varnish to cache static files at the server-side.
• Configured WAF rules to prevent PHP and WordPress attacks.
2000 - 2004

Bachelor's Degree in Computer Science

University of Calicut - Kerala, India

JUNE 2023 - JUNE 2025

HashiCorp Certified: Terraform Associate

HashiCorp

MAY 2023 - MAY 2026

AWS Certified Solutions Architect – Professional

Amazon Web Services Training and Certification

JANUARY 2022 - JANUARY 2025

AWS Certified Solutions Architect Associate

AWS

AUGUST 2017 - PRESENT

Blockchain for Business

edX

AUGUST 2017 - AUGUST 2020

Certified Ethical Hacker

EC-Council

DECEMBER 2005 - DECEMBER 2010

Red Hat® Certified Engineer (RHCE®)

Red Hat

Libraries/APIs

jQuery, Amazon API, Jenkins Pipeline

Tools

Terraform, Packer, Google Compute Engine (GCE), Parallels Plesk Panel, Webmin, Amazon Virtual Private Cloud (VPC), AWS IAM, Amazon Elastic Block Store (EBS), Syslog, Jenkins, Git, Apache, Exim4, Subversion (SVN), AWS ELB, Amazon Elastic Container Service (ECS), Amazon CloudFront CDN, Wowza, Vultr, Atlassian, Confluence, Bitbucket, Ansible, Amazon CloudWatch, NGINX, Jira, Plesk, Postfix, Sendmail, Squid, Iptables, OpenVPN, Amazon Simple Queue Service (SQS), AWS CLI, SonarQube, AWS CodeBuild, Azure Key Vault, Azure Application Gateway

Frameworks

AWS HA, CodeIgniter, CodeIgniter 3, Laravel

Paradigms

DevOps, Agile Software Development

Platforms

Amazon Web Services (AWS), Linux, Ubuntu, Amazon EC2, cPanel, Debian, AWS NLB, Windows, Django CMS, Docker, KVM, Magento 2, WordPress, Linode, Apache2, DigitalOcean, Xen, Proxmox, CentOS, AWS ALB, AWS Security Token Service (STS), AWS Lambda, Azure, LEMP, LAMP

Storage

Amazon Aurora, MySQL, PostgreSQL, Amazon S3 (AWS S3), Redis Cache, GlusterFS, VSFTPD, LiteSpeed for SQL Server, MariaDB, Databases, Azure Storage

Languages

Bash, PHP 7, C, PHP, JavaScript

Other

BIND 9, Amazon Route 53, NFS, SSH, Configuration Management, DirectAdmin, Pure-FTPd, Web Security, Site Reliability Engineering (SRE), BIND, Cloudflare, VM, Elastic Load Balancers, Autoscaling, System Administration, OpenVZ, SolusVM, Dovecot, ProFTPD, ModSecurity, Amazon RDS, Web Application Firewall (WAF), AWS CodePipeline, SELinux, Computer Skills, IT Networking, Algorithms, Data Structures, Operating Systems, APIs, Troubleshooting, Monitoring, Systems Monitoring, API Gateways, SSL, Azure Virtual Machines

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring