Manpreet Singh Nehra
Verified Expert in Engineering
Cloud Security Developer
Manpreet is a system administrator and DevOps engineer. Since 2002, he has worked at several startups and multinational corporations. The bulk of his work provided support for developers and infrastructures like bare-metal, public, and private clouds. He has designed and implemented cloud and infrastructure architectures in highly available, scalable, and cost-effective configurations.
Portfolio
Experience
Availability
Preferred Environment
Open Source, Linux, Amazon Web Services (AWS), Ansible, Terraform
The most amazing...
...thing I’ve built was a CI/CD pipeline with AWS and Ansible, with no manual intervention, fully from end to end.
Work Experience
DevOps and Automation Engineer
SIA Nehra Consultancy
- Implemented the AWS Cloud Networking and Security design.
- Delivered infrastructure automation using the Terraform modules and templates code.
- Deployed application automation using Ansible for the product.
- Set up EKS and Created and maintained the Kubernetes application with helm packages.
- Automated the pipelines using Bash and Python Scripting.
- Set up an Elasticsearch cluster using Ansible and Ansible Galaxy.
- Deployed a Jelastic application using Ansible and REST.
- Completed the GitLab CI and GitHub Actions for CI/CD pipelines.
Senior DevOps Engineer for a Major Agronomy Project
Yara International - DNU - Agoro
- Implemented the AWS Cloud Networking and Security design.
- Delivered infrastructure automation using the Terraform modules and templates code.
- Created and maintained the Kubernetes application with helm packages.
DevOps Engineer
Linedata
- Implemented the AWS Cloud Networking and Security design.
- Delivered infrastructure automation using the Terraform modules and templates code.
- Set up EKS and Kubespray for deployment using the Kubernetes Cluster.
- Automated the pipelines using Bash and Python Scripting.
Senior Infrastructure Engineer
Belzabar Software Pvt. Ltd
- Implemented OpenVPN (routed) to connect all managed locations with failovers using Corosync/Pacemaker.
- Performed a GitLab continuous integration using Docker.
- Completed a GitLab continuous integration using the AWS Platform.
- Set up authentication with Samba 4 for AD-based auth.
- Established an Ansible set up for CI/CD for the app and infra.
Chief Architect
Nehra Consultancy Services
- Created an auto-scaling product and designed high availability.
- Scaled a new product using the OpenNebula auto-scaling tool and built the set up from scratch.
- Implemented Tally on a cloud set up for OpenNebula.
Manager – Systems (Server Support)
Tolexo Online Pvt. Ltd
- Provided server support for a Linux operating system.
- Supported an application (Nginx, PHP, FPM, Go, and Node.js).
- Provided database support for applications using Magento.
- Implemented Zabbix to monitor all of the servers along with Grafana and Datadog.
- Used Samba 4 for central authentication with LDAP/Kerberos.
- Implemented SaltStack for configuration management.
- Built an environment and cloud-based internal storage using ownCloud.
- Wrote scripts to manage LDAP (Perl) and integrated Zabbix and LDAP; also created deployment scripts (Bash) for live/QA deployments.
- Created a VPN network to integrate all production environments and make single-point monitoring possible.
- Administered trouble ticketing, using a request tracker and a documentation program called Foswiki (Markdown).
Senior Systems Administrator
Lazada.com
- Supported a Linux operating system on servers; also provided Nginx and database support for applications.
- Monitored all of the servers and various custom parameters using Zabbix.
- Implemented an LDAP central directory for authentication and authorization.
- Composed scripts to manage LDAP (Perl) and integrate Zabbix and LDAP.
- Implemented Mcrouter and conducted testing for various setups.
- Used Puppet for configuration management and development environment set up scripts.
- Developed a VPN network to integrate all production environments and make single-point monitoring possible.
Systems Administrator
Freelance Work
- Chose and implemented Bacula for central authentication and the streamlining of backups.
- Set up single sign-on testing using OpenLDAP and Kerberos.
- Enabled single sign-on by using Samba 4 as AD and LDAP/Kerberos.
- Enabled master-master replication between MySQL servers (active-passive).
- Set up LDAP and Kerberos for clients (Linux) with samba4 as a server.
- Implemented Cacti and Nagios monitoring with dashboards and alerts.
- Set up Bind and DHCPD with automatic updates and bind replication and a DHCP peer.
Senior Systems Engineer
Yahoo R&D Centre India Pvt. Ltd
- Resolved tickets related to Yahoo media delivery within TAT.
- Worked with team members in defining requirements of tools developed by operations.
- Facilitated and coordinated tasks between different teams (development, QA, and operations); focused on operating-system-related issues.
- Coordinated with developers for application-related issues in production hosts.
- Implemented change management procedures for configuration changes.
- Monitored servers/groups for errors and preemptively checked errors and fixed problems.
- Used Nagios/MRTG to monitor hosts and set up/maintain application jails.
Systems Administrator
Freelance Work
- Provided infrastructure support for local and remote servers; worked with Apache/MySQL servers.
- Implemented load balancing over multiple ISPs (three) using OpenBSD.
- Replaced the firewall for Linux on OpenBSD to allow LB outgoing connections.
- Used Cacti for monitoring along with Zabbix for data collection.
System and Network Manager
eSolutions R&D Lab Pvt. Ltd.
- Built and managed a team of information systems personnel to administer computers, networks, and information systems and provide infrastructure support for local and remote servers; also recruited computer engineers and monitored their training.
- Monitored the budget and department expenditures.
- Planned and executed network security policies for the use of electronic and other infrastructure within the organization.
- Developed software policies for data movement within the organization concerning the code.
- Managed vendors relations sales and purchase of hardware.
- Set up the firewall (iptables) and mail server (Postfix) and remotely hosted mail.
- Successfully set up and maintained TRAC for project management, a wiki for collaboration, and RT for client issues.
- Imparted training to users on the employment of TRAC; also created and managed Perl scripts to modify TRAC configuration and subversion.
Experience
Docker Image for DevOps
https://github.com/iaacautomation/devops-toolsKubernetes Cluster
https://gitlab.com/nehraconsultancy/k8s/clusterGrafana Dashboard for OPNSense
https://grafana.com/grafana/dashboards/19366-opnsense/Kubernetes Services
https://gitlab.com/nehraconsultancy/k8s/coreRESULT
• MetalLB
• NGINX Ingress
• cert-manager
• Storage CSI (Truenas)
• Kubernetes Prometheus stack
• Grafana
• Redis cache
• MariaDB/Galera Cluster
• Graphite (for Truenas monitoring)
All deployments are done using GitLab CI/CD.
https://gitlab.com/nehraconsultancy/k8s/core
https://gitlab.com/nehraconsultancy/k8s/utilities
Grafana Dashboard Truenas
https://grafana.com/grafana/dashboards/19580-truenas/1. Memory
2. CPU
3. ZFS stats
4. Disk IO
5. Networking IO
6. IPMI hardware temperature and power usage
7. Libvirt for virtualization monitoring
Skills
Frameworks
AWS HA
Libraries/APIs
Amazon EC2 API, Amazon API, OpenLDAP, OpenSSL
Tools
Terraform, GitLab, Ansible, AWS CLI, OpenVPN, Amazon CloudWatch, AWS CloudTrail, AWS IAM, NGINX, GitLab CI/CD, Amazon EBS, AWS ELB, AWS Key Management Service (KMS), VPN, Amazon EKS, Git, Let's Encrypt, Amazon Virtual Private Cloud (VPC), Amazon Simple Queue Service (SQS), Amazon Simple Notification Service (Amazon SNS), Pacemaker, Keepalived, Zabbix, Nagios, Grafana, ELK (Elastic Stack), Amazon Simple Email Service (SES), SaltStack, Jira, GitHub, Docker Hub, AWS CodeCommit, AWS CodeDeploy, AWS CodeBuild, AWS CloudFormation, Amazon Elastic Container Service (Amazon ECS), Helm, Kibana, AWS Fargate, Amazon ElastiCache, Logging, Corosync, Amazon Elastic Container Registry (ECR), Amazon CloudFront CDN, Beanstalk, Azure App Service, OPNsense
Paradigms
Continuous Integration (CI), Continuous Delivery (CD), DevOps, DevSecOps, Continuous Deployment, Automation, Continuous Development (CD), Samba, Serverless Architecture, Microservices Architecture, Microservices
Platforms
Linux, Amazon EC2, Debian Linux, Docker, Kubernetes, Amazon Web Services (AWS), AWS ALB, AWS STS, AWS NLB, CentOS, AWS Cloud Computing Services, AWS Lambda, OpenBSD, Apache2, LAMP, AWS Elastic Beanstalk, OpenStack, Azure
Storage
Amazon S3 (AWS S3), MySQL/MariaDB, Elasticsearch, Redis, Amazon DynamoDB, Databases, On-premise, Amazon Aurora, MySQL, MongoDB, Azure Active Directory, NAS Servers, Redshift
Other
AWS Certificate Manager, AWS Security Hub, AWS Secrets Manager, CI/CD Pipelines, Infrastructure as Code (IaC), System Administration, Networking, Cloud Security, Subnet, Infrastructure, AWS DevOps, GitHub Actions, AWS Certified DevOps Engineer, Lambda Functions, DevOps Engineer, Identity & Access Management (IAM), Containers, Cloud Architecture, Cloud Computing, AWS Transit Gateway, AWS Cloud Architecture, Security, Cloud Migration, SFTP, Cloud, AWS Certified Solution Architect, GitOps, Hybrid Cloud Infrastructure, DNS, IaaS, AWS NAT Gateway, SSL Certificates, Amazon Machine Images (AMI), File Servers, Documentation, BIND, Amazon Route 53, Iptables, LDAP, Kerberos, NFS, Architecture, Amazon RDS, Monitoring, IT Security, Server Security, Scalability, AWS CodePipeline, Shell Scripting, Serverless, Cloud Services, Load Balancers, Container Orchestration, Scripting, Cloud Infrastructure, Containerization, Virtualization, Content Delivery Networks (CDN), HAProxy, TrueNAS, Application Monitoring, Network Monitoring, Infrastructure Monitoring, AWS Certified Developer, Firewalls, IT Operations Management (ITOM), Configuration Management, Linux Server Administration, SysOps, Server Administration, AWS Database Migration Service (DMS), SIEM, Control & Cost Analysis, Network Administration, Scripting Languages, Amazon API Gateway, API Gateways, Shield, Azure Administrator, Azure Storage, Azure Virtual Machines, Authentication, PIM, Azure Virtual Networks, Kubespray, Prometheus, Galera Cluster, Container Storage Interface (CSI), Google Workspace, Grafana 2, Redis Clusters, Transport Layer Security (TLS), Amazon Kinesis, Dashboards, Dashboard Development
Languages
Bash, Python 3, Perl, Bash Script, Python
Education
Bachelor of Engineering Degree in Chemical Engineering
Thapar Institute of Engineering and Technology - Patiala, India
Certifications
AWS Certified Database – Specialty
AWS
Microsoft Certified: Azure Administrator Associate
Microsoft
AWS Certified DevOps Engineer Professional
AWS
AWS Certified Solutions Architect - Professional
AWS
AWS Certified Advanced Networking - Specialty
AWS
AWS Certified Security - Specialty
AWS
AWS Certified Solutions Architect Associate
AWS
AWS Certified SysOps Administrator
AWS
AWS Certified Developer Associate
AWS
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring