Petar is available for hire

Petar Denev

Verified Expert in Engineering

Security Developer

Location

Cham, Switzerland

Toptal Member Since

July 25, 2019

Peter has over ten years of experience as a DevOps engineer, with a strong focus on Java projects and payment providers such as PCI-DSS compliance for eMerchantPay, and Concardis. He has built, migrated, and re-architectured many projects, specializing in turning a large monolith architecture into an elegant microservice. Peter writes and debugs Java Spring, OSGI, Terraform, Ansible, Puppet, BASH, GO, and Perl.

LDAP Debugging Debian Packaging VMware ESXi GitOps Apache Cassandra Bash Regex GCC Tcpdump OWASP Zed Attack Proxy (ZAP)Linux MySQL PostgreSQL ANSI SQL

Portfolio

Toptal Project

Amazon Web Services (AWS), Linux, Bash, PHP, Bitbucket, GitLab CI/CD, Jenkins...

Crypto Startup in Switzerland

Amazon Web Services (AWS), Pulumi, Apache Kafka, Kubernetes, Amazon EKS, GitLab...

Enya Inc.

Amazon Web Services (AWS), Blockchain, Ethereum, AWS CloudFormation...

Experience

MySQL - 12 years Security - 11 years Amazon Web Services (AWS) - 11 years Jenkins - 9 years Terraform - 6 years Kubernetes - 5 years TypeScript - 3 years

Availability

Part-time

Preferred Environment

Jenkins, Workflow, Git, Apache JMeter, Linux, GitLab CI/CD, Docker

The most amazing...

...project I've built was a replacement for an API Gateway, using Nginx and a Java daemon.

Work Experience

Senior DevOps

2019 - PRESENT

Toptal Project

Built a DevOps software solution with AWS CodeCommit and AWS CodeDeploy for maintaining Groovy microservices pipelines and allowing the execution of automated tests using docker based on branch name with AWS CloudFormation.
Built a DevOps software solution with AWS Cloudformation to deploy a PHP microservices application to AWS ECS with BASH.
Created an AWS CodeCommit to trigger builds in Jenkins for a Java PCI-DSS application hosted in AWS. Once the Jenkins build was complete, it was initiated with AWS CodeDeploy taking JAR files from AWS S3 and deploying them to EC2 instances.

Technologies: Amazon Web Services (AWS), Linux, Bash, PHP, Bitbucket, GitLab CI/CD, Jenkins, Groovy, Java

Lead DevOps Engineer

2021 - 2022

Crypto Startup in Switzerland

Created a config-driven provision and deployed system with Python and Pulumi, with a focus on AWS.
Provisioned AWS EKS environment with Amazon MSK (Apache Kafka) and all other services needed, including monitoring infrastructure, before deploying the HFT services.
Monitored the infrastructure (Grafana/Loki/Promtail/Prometheus) to avoid storing any information on the AWS EKS clusters. All of the services store their data outside the EKS cluster.
Implemented global observability with AWS Transit Gateway, AWS Organizations, Grafana, Loki, Promtail, Prometheus, and Thanos.

Technologies: Amazon Web Services (AWS), Pulumi, Apache Kafka, Kubernetes, Amazon EKS, GitLab, GitLab CI/CD, Python

DevOps Engineer

2021 - 2022

Enya Inc.

Created a complete CI/CD solution with Github Actions. Added a local Devenv so that the developers can test their code locally.
Added BlockExplorer to the stack and a tool to manage the service configurations securely with AWS secrets manager.
Automated deployment of the services to an auto-scalable AWS ECS and EKS infrastructure.

Technologies: Amazon Web Services (AWS), Blockchain, Ethereum, AWS CloudFormation, GitHub Actions

Senior DevOps Software Engineer Team Lead

2019 - 2021

EGT Interactive

Built microservice architecture and CI/CD architecture from scratch.
Revamped all old architecture with GlassFish to run in Docker containers.
Updated all Ansible roles and improved the maintenance procedure.
Built the Git workflow and integrated it into the CI/CD pipelines.
Built front-end CI/CD architecture for games. This involves far more complex challenges than what is normally found with software products.
Utilized Jenkins and git tag push for GIT workflow's release logic, getting a container with the tag.
Completed documentation for every aspect of the DevOps solution, created with a proposal, then PoC, and then implementation. This way, the CTO would have a clear view of future implementation and approve/change logic.

Technologies: Jenkins, MySQL, GlassFish, Docker, Java

Senior DevOps Software Engineer

2017 - 2019

Endava

Built a .NET Sitecore CI and CD pipeline for https://www.randa.org/ hosted in AWS within three months. I used the Git workflow integration and utilized AWS CloudFormation PowerShell automation to provision the Sitecore application stack.
Automated the build and deployment of NuGet packages with JetBrains TeamCity, and Octopus Deploy. The stack ran on Windows 2012 servers with PowerShell DSC modules.
Succeeded in dropping the Sitecore CloudFormation application stack provision time to 47 seconds. It took 16 minutes for the building and deploying of the Sitecore NuGet packages. This was done with Octopus.
Developed a small Java SpringBoot project with image recognition in under two weeks. The development environment was created with Docker-Compose. https://play.google.com/store/apps/details?id=com.citizenwatch.android&hl=bg.
Built, deployed, and ran performance tests in BASH.
Created a payment gateway monolith with Java Spring, OSGI, MariaDB, Apache Karaf, Apache Ignite, ELK stack, and Docker. https://concardis.com/.
Oversaw performance improvements on the Docker and MariaDB layers.
Analyzed and proposed moving the monolith architecture to a microservice involving Kubernetes, Apache Kafka, and a MongoDB cluster.
Excluded PCI-DSS-related services to separate the network, lowering the scope of the PCI-DSS audit to be done only on particular microservices.

Technologies: Amazon Web Services (AWS), RHEL, Fluentd, ELK (Elastic Stack), Apache Ignite, MariaDB, MongoDB, AWS CloudFormation, Docker, Bash, OSGi, Spring

Senior DevOps Engineer

2016 - 2017

eMerchantPay

Built a local development environment used by software engineers to deploy source code changes and run a payment gateway application stack.
Reverse engineered clones of all VMs part of the staging Devenv. Connected all of them to a PuppetMaster using Puppet2 architecture, as this was the original setup done from the datacenter engineers.
Wrote Jenkins files to allow developers to independently deploy different services on the local Devenv with server-lock during deployment, and automated unlock after the QA tests were completed.
Fixed all pre- and post-deployment issues, providing the company with a fully automated way to deploy to all environments (development, staging, and production) using Jenkins files.
Created a Docker development environment with one container used only for Ruby Gems cache, allowing a quick rebuild of all modules which improved the development process on the stage.
Managed a team of two DevOps engineers. Guided them in the application stack architecture, and provided knowledge on different problem debugging techniques.

Technologies: Cluster, MariaDB, VMware ESXi, Puppet, Ruby on Rails (RoR), Ruby

Senior DevOps Software Engineer

2015 - 2016

SoftServe

Built a complex API gateway with Nginx that was managed from a Java daemon, allowing a dynamic API key rate limit and scaling based on the load of the particular cluster of Nginx machines.
Developed tools to improve the ability to rapidly deploy, and effectively monitor custom applications in a large-scale UNIX environment.
Designed cross data center worldwide systems with a high availability mindset.
Built an automated ETL (in this case DB anonymization) process to provide developers the ability to always be able to do performance tests with the latest production data.
Integrated EU GDPR rules in emoDB for Bazaarvoice.
Migrated the whole ops project from Puppet3 to Puppet4.

Technologies: Jenkins, Apache ZooKeeper, Spring, NGINX, Apache Spark, Puppet, Cassandra, Java

System Specialist

2012 - 2015

Comptel

Installed, configured, maintained, troubleshot, and optimized Red Hat Enterprise Linux servers, VMware ESXi, and HA environments.
Wrote custom tools on Groovy, PHP, PowerShell, Bash, and Perl to improve the internal IT and development environments.
Troubleshot and optimized GIT, and SVN-like software version control.
Built three site Artifactory clusters.
Built a Groovy confluence and Jira plugin that provisioned VMware virtual machines to help the Comptel support engineers create customer environments such as RHEL with OracleDB and Java JDK via a drop-down menu in Confluence.

Technologies: Artifactory, Mercurial, Perl, Bash, Windows PowerShell, PHP, Jenkins, Groovy, RHEL, VMware ESXi

System Administrator

2011 - 2012

MochaHost

Built a cPanel plugin to deploy Java WAR files in shared hosting accounts.
Deployed PERL automations to clean old, shared web hosting accounts.
Created a Puppet automation to provision and manage CentOS virtual machines used for shared web hosting servers.

Technologies: Apache Tomcat, CentOS, cPanel, PHP, Perl

Linux System Administrator

2009 - 2011

ResellersPanel

Implemented Puppet automation for managing shared web hosting servers.
Initiated PERL automation for provisioning cPanel servers.
Developed PostgreSQL triggers to help manage the shared web hosting customer plans.
Implemented MySQL clusters to manage the payments of the resellers of the shared hosting account.

Technologies: PostgreSQL, MySQL, Puppet, Bash, cPanel, Perl, Debian, CentOS

Experience

PCI-DSS Compatible EFK Stack

https://github.com/petardenev/efk-stack-pci-dss

PCI-DSS compliant Elasticsearch, FluentD, Kibana, and Search Guard for security compliance. The setup utilized Docker Containers. Each service ran on a different virtual machine. The setup consisted of Ansible roles for two Elasticsearch Data Nodes, two Elasticsearch Master Nodes, two FluentD Aggregator Nodes, one Elasticsarch Cross Search Node, and a SearchGuard Container for managing security, all done as Docker containers.

Ansible Role of PCI-DSS MariaDB Cluster Hardened Configuration

https://github.com/petardenev/pci-dss-mariadb-cluster

This MariaDB Cluster Hardened service configuration provides security configurations for MariaDB. It is intended to set up production-ready MariaDB instances that are configured with minimal surface for attackers. Furthermore, it is intended to be compliant with the PCI-DSS v3.2.1.

Nginx Patched to work with Ey-balancer and Delay Modules with OpenSSL

https://github.com/petardenev/ngx-delay-haproxy-queue

Nginx 1.11.2 patched to work with Ey-balancer and delay modules. Included in the repository are:

EY-Balance: https://github.com/ezmobius/nginx-ey-balancer
Nginx-Delay: https://github.com/perusio/nginx-delay-module
OpenSSL: https://github.com/openssl/openssl

The setup is suitable for implementation of Java micro caching with low request-response answers. The Ey-balancer patch was created with the possibility to use the least_conn method of distributing incoming requests to the back end. This improved the response time in the critical part of the library.

PowerShell Desired State Configuration (DSC) Generator

https://github.com/petardenev/dsc-generator

If you are interested in using PowerShell Desired State Configuration to manage your web server configuration, the DSC Generator can help you get started. You can run the DSC Generator on an existing server, and it will generate a DSC configuration code for your IIS app pools, sites, and virtual directories. The DSC Generator will also generate Desired State Configuration for the Windows features on your IIS site.

Ruby DSL for Creating CloudFormation Templates

https://github.com/petardenev/cloudformation-ruby-dsl

This is a Ruby DSL and helper utilities for building CloudFormation templates dynamically.

Motivation:
CloudFormation templates often contain repeated stanzas, information which must be loaded from external sources, and other functionality that would be more easily handled as code, instead of configuration.

Consider when a user data script needs to be added to a CloudFormation template. Traditionally, you would rewrite the script by hand in a valid JSON format. Using the DSL, you can specify the file containing the script, and generate the correct information at runtime.

:UserData => base64(interpolate(file('userdata.sh')))

Additionally, CloudFormation templates are just massive JSON documents, making general readability and reusability an issue. The DSL allows not only a cleaner format (and comments), but will also allow the same DSL template to be reused as needed.

Reverse Engineer Server Configuration

https://github.com/petardenev/blueprint

Blueprint looks inside popular package managers, finds changes and configures files, then archives software you built from source. It runs on Debian and RPM-based Linux distros with Python >= 2.6 and Git >= 1.7.

Blueprint reverse-engineers servers.
Easy configuration management.
Detects relevant packages, files, and source installs.
Generates reusable server configurations.
Converts blueprints to Puppet, Chef or CFEngine 3.
No DSLs, no extra servers, no workflow changes.

Skills

Languages

Bash, Regex, Bash Script, PHP, Java, Python, Ruby, Groovy, Perl, TypeScript

Frameworks

AWS HA, Ant Design, Laravel, Spring, OSGi, Ruby on Rails (RoR), Apache Spark, Windows PowerShell

Libraries/APIs

Jenkins Job DSL, Jenkins Pipeline, Spring LDAP, ODBC, Jira REST API

Tools

Jenkins, Docker Compose, Puppet, Gradle, Apache Maven, Amazon EBS, GCC, GPG, Tcpdump, Packer, ActiveMQ, AWS CloudFormation, Terraform, Nagios, ELK (Elastic Stack), Logstash, Fluentd, OWASP Zed Attack Proxy (ZAP), Git, Jira, Confluence, Artifactory, AWS CodeDeploy, AWS CodeCommit, AWS CodeBuild, Apache Karaf, Ansible, Atom, Apache JMeter, Apache Ignite, Cluster, NGINX, Apache ZooKeeper, Mercurial, Apache Tomcat, GitLab CI/CD, Bitbucket, Amazon EKS, GitLab

Paradigms

REST, Scrum, Kanban, Agile, Extreme Programming

Platforms

Amazon Web Services (AWS), Docker, Apache Kafka, Nexus, Linux, cPanel, CentOS, Debian, Blockchain, Ethereum, Kubernetes, Azure

Storage

Amazon S3 (AWS S3), MySQL, PostgreSQL, ANSI SQL, Redis, NoSQL, DRBD, MongoDB, Oracle RDBMS, MariaDB, Cassandra

Other

Groovy Scripting, Apache Cassandra, Grep, Secure Copy Protocol (SCP), RSync, NFS, LDAP, Crontab, RPM Packaging, Debian Packaging, VMware ESXi, Debugging, GitOps, DNS, PCI DSS, Security, Workflow, RHEL, GlassFish, GitHub Actions, Pulumi

Education

2005 - 2010

Bachelor's Degree in Computer Engineering

Plovdiv University Paisii Hilendarski - Plovdiv, Bulgaria

Certifications

MARCH 2013 - PRESENT

Red Hat Certified System Administrator

Red Hat, Inc.