Rishi Gautam, Developer in Berlin, Germany
Rishi is available for hire
Hire Rishi

Rishi Gautam

Verified Expert  in Engineering

Bio

Rishi has been working as a freelance DevOps and DevSecOps consultant for many years. He started as a system engineer, working with the underlying infrastructures, and he loves playing with Linux and shell scripts. As a solo achiever and a team player, Rishi believes that his leadership capability, quick learning ability, and quest to learn newer technologies are his greatest strengths.

Portfolio

Amalgamated Token Services Inc., dba CoinList
Amazon Web Services (AWS), DevOps, Docker, AWS IoT, Terraform...
Stop the Traffik
Agile, Machine Learning, IBM Cloud, Kubernetes...
Spoon Guru Ltd
Terraform, DevOps, Google Cloud, DevOps Engineer, Google Cloud Platform (GCP)...

Experience

  • Linux - 8 years
  • Amazon Web Services (AWS) - 5 years
  • Google Cloud Platform (GCP) - 5 years
  • Terraform - 5 years
  • Security - 5 years
  • Kubernetes - 5 years
  • Azure Cloud Services - 5 years
  • Cloud Architecture - 5 years

Availability

Part-time

Preferred Environment

Linux, Amazon Web Services (AWS), Google Cloud Platform (GCP), Kubernetes, Azure, Python

The most amazing...

...thing I've successfully implemented is the secure and reliable architecture for the 1st online examination portal for Nepalese governmental jobs.

Work Experience

Infrastructure Engineer

2023 - 2023
Amalgamated Token Services Inc., dba CoinList
  • Designed a completed infrastructure for a time-sensitive project on AWS to get it live.
  • Created a centralized logging system for multiple AWS accounts to collect audit logs, application logs, metrics, monitoring logs, and agent logs to a central AWS account.
  • Refactored the Terraform modules and created the release pipelines.
  • Helped the company to manage seecurity audits to align with security complainces.
Technologies: Amazon Web Services (AWS), DevOps, Docker, AWS IoT, Terraform, Ruby on Rails (RoR), Data Modeling, ETL, ECS, Grafana, Monitoring, Logging, IT Audits, AWS CloudTrail, Centralized Logging, FastAPI

MLOps Engineer (Volunteer)

2023 - 2023
Stop the Traffik
  • Developed MLOps pipelines for sentiment analysis jobs in a Kubernetes cluster with GPU nodes.
  • Conducted a data science model review, including code refactoring and optimization, containerization, deployment, versioning, and monitoring of its quality.
  • Designed a solution for the sequential trigger of cron jobs. Used init containers and kubectl patch techniques.
  • Implemented AWS SageMaker with GPU to run the model training. Also enabled HPA to automatically spawn the pods based on CPU utilization for the ML job.
Technologies: Agile, Machine Learning, IBM Cloud, Kubernetes, Identity & Access Management (IAM), Cron, Sentiment Analysis, Incident Response, Artificial Intelligence (AI), ETL Tools, Docker, Amazon SageMaker, Kubeflow, MLflow, Machine Learning Operations (MLOps), Microservices, Cloud Services, Scalability, VPN, Cloud Environments, Bash, GitHub Actions, Containerization, Cloud Infrastructure, Software Architecture, PostgreSQL, Azure Functions, Continuous Delivery (CD), Splunk, Auth, JavaScript, ECS, AWS Key Management Service (KMS), Microservices Architecture, APIs, Backup & Recovery, Event-driven Architecture, GPU Computing, Containers, AWS CLI, AWS ALB, Microsoft SQL Server, AWS VPN, Cost Reduction & Optimization (Cost-down), Natural Language Processing (NLP), Amazon EventBridge, YAML, Deployment, Scalable Application, Azure VDI, HTTPS, Scripting Languages

Terraform Expert

2023 - 2023
Spoon Guru Ltd
  • Created a Terraformed proof of concept (POC) project replica for the production environment.
  • Upgraded the security fixes and CI/CD pipeline procedures by integrating GitHub Actions and Google Cloud Builds.
  • Designed the dynamic branch deployment. If a developer pushes a feature branch, a new isolated test environment is created where the test can be done. After code merging, the environment gets deleted.
  • Conducted training and handover with the proper documentation.
Technologies: Terraform, DevOps, Google Cloud, DevOps Engineer, Google Cloud Platform (GCP), Serverless, Google Cloud Functions, Google Cloud SQL, Web Security, Cloud Security, BigQuery, Google BigQuery, Google Cloud Datastore, Google Cloud Build, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, VPN, Cloud Environments, GitHub Actions, Cloud Infrastructure, Configuration Management, Software Architecture, PostgreSQL, Google Compute Engine (GCE), Continuous Delivery (CD), Control & Cost Analysis, Auth, Google Cloud Storage, JavaScript, ECS, AWS Key Management Service (KMS), Microservices Architecture, Backup & Recovery, Event-driven Architecture, Containers, AWS CLI, AWS ALB, Data Synchronization, YAML, Deployment, Scalable Application, Observability Tools, HTTPS

Senior Platform Engineer and Kubernetes Expert

2022 - 2023
Soobr
  • Designed and suggested the infrastructure architecture in Google Cloud Platform for the company's SaaS application.
  • Transformed existing unmanaged cloud resources to managed infrastructure as code (IaC) using Terraform and enabled management of GitLab variables, GitLab Agents, Helm charts, and Kubernetes object deployment using Terraform.
  • Implemented metrics and optimized resources to reduce costs. Used private networks and a NAT gateway to improve security saving $4,000 per month after optimization.
  • Trained the company's existing colleagues on the proper management of resources using IaC with Terraform and carried out a successful handover of the works with appropriate documentation.
  • Decided on tech stacks to be implemented for automation and application delivery pipelines.
Technologies: Terraform, Google Cloud Platform (GCP), Google Cloud SQL, Documentation, Training, Google Kubernetes Engine (GKE), Cost Analysis, Security, Cloud Architecture, GitLab, GitLab CI/CD, Helm, GitLab Runner, Microservices, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, VPN, Cloud Environments, GitHub Actions, SOC 2, Cloud Infrastructure, AWS Cloud Architecture, Continuous Delivery (CD), Control & Cost Analysis, Single Sign-on (SSO), Auth, Google Cloud Storage, JavaScript, ECS, AWS Key Management Service (KMS), Microservices Architecture, Backup & Recovery, Containers, AWS CLI, AWS ALB, Data Synchronization, AWS VPN, Cost Reduction & Optimization (Cost-down), YAML, Deployment, Scalable Application, Observability Tools, IT Security, HTTPS, Kubernetes Security

Senior Cloud Solution Architect | Cloud Security Consultant

2020 - 2023
CloudHero
  • Migrated clients' monolithic applications to microservices, using Kubernetes and on-premise applications to cloud platforms.
  • Designed a secure and reliable infrastructure architecture based on application requirements. Created a proof-of-concept for application migration and security auditing.
  • Developed a secured and automated migration, deployment, and monitoring process, which resulted in easier application management, quick delivery, and enhanced performance.
  • Refactored cloud resources for one of my clients, saving them $9,000 monthly.
  • Implemented security auditing for one of my clients and provided a solution that protected their infrastructure from numerous attacks.
  • Managed multiple DNS zones with SSL termination on Cloudflare. Implemented access, page, firewall, and rate-limiting rules to secure access control. Also used Cloudflare analytics for performance monitoring.
  • Implemented Logstash, Elasticsearch, and Kibana to collect, process, filter, and visualize application data.
  • Configured external storage with Amazon EBS and EFS for persistent volumes on EKS.
  • Implemented the idea for major upgrade tasks of some resources in GCP using Google Tasks.
  • Developed an ETL process in Azure, from data scraping and extracting, transforming and cleaning, loading to the destination data warehouse, and exporting to Azure functions for application deployment.
Technologies: Agile, Linux, Team Leadership, Automation, Kubernetes, Google Cloud Platform (GCP), Terraform, Ansible, Python, Shell Scripting, Scrum, Helm, Jira, Troubleshooting, Monitoring, New Relic, Cloud Architecture, DevOps, Amazon Web Services (AWS), Argo CD, PagerDuty, Datadog, Elasticsearch, ELK (Elastic Stack), Amazon EKS, AWS IAM, DevSecOps, Team Management, Technical Hiring, Source Code Review, Interviewing, Site Reliability Engineering (SRE), Identity & Access Management (IAM), Bash Script, Continuous Integration (CI), Continuous Deployment, Cloudflare, NGINX, Cloud, IT Project Management, DNS, Azure DevOps, Leadership, Amazon CloudFront CDN, Amazon Route 53, Amazon Inspector, Kibana, Azure DevOps Services, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), AWS CloudFormation, AWS Certified Solution Architect, DevOps Engineer, Lambda Functions, AWS Certified DevOps Engineer, Amazon DynamoDB, Apache Kafka, Terragrunt, AWS DevOps, Cloud Migration, Amazon S3 (AWS S3), Google Apps, Scripting, Amazon Virtual Private Cloud (VPC), Node.js, Oracle, Oracle Cloud, Disaster Recovery Plans (DRP), Azure SQL, Azure Data Lake, Azure Data Factory, Azure Databricks, Big Data, Data Warehousing, Data Engineering, PCI DSS, Azure Cloud Services, Open Neural Network Exchange (ONNX), Enterprise Architecture, Microservices, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, Go, VPN, Cloud Environments, GitHub Actions, Bash, TCP/IP, Fuzz Testing, Azure Migrate, Databricks, Windows Server, Server Administration, PHP, AWS IoT, Ruby on Rails (RoR), SOC 2, Containerization, Kubernetes Operations (kOps), Cloud Infrastructure, Direct Connect (DC), Ceph, Configuration Management, AWS NAT Gateway, SSL Certificates, Microsoft Dynamics 365, AWS Cloud Architecture, Software Architecture, Architecture, Amazon Simple Email Service (SES), On-premise, Azure Automation, IIS, PostgreSQL, Google Compute Engine (GCE), Azure Functions, Continuous Delivery (CD), Control & Cost Analysis, Back-end Performance, Amazon Simple Notification Service (SNS), Single Sign-on (SSO), Auth, Google Cloud Storage, Redis, JavaScript, SysOps, Apache Solr, ECS, AWS Key Management Service (KMS), Microservices Architecture, API/Services Architecture, Event-driven Architecture, Containers, AWS CLI, AWS ALB, Licensing, Data Synchronization, AWS VPN, Orchestration, AWS Cloud Development Kit (CDK), SDKs, Cost Reduction & Optimization (Cost-down), Amazon EventBridge, YAML, Deployment, Azure VDI, Microsoft Azure, Observability Tools, IT Security, HTTPS, Scripting Languages, Microsoft Dynamics CRM, CircleCI, SIEM, Multitenancy, API Integration, Redshift, Azure IaaS, Azure PaaS, Amazon Elastic Block Store (EBS), Redis Clusters, Azure Cloud Security, AWS Amplify

AWS DevOps Lead Engineer

2022 - 2022
TakePart (Toptal Project)
  • Designed the Infrastructure architecture skeleton and decided on tools, technologies, methods, and processes to achieve the company's product goal.
  • Researched the ETL tool and included AWS Glue in the ETL process. Achieved the goal of collecting data catalogs from different countries to our data warehouse, transforming them to our required formats, and making them visible via the application.
  • Created the MVP on AWS using a modular approach. Used terraform to automate resource creation for different environments and assumed the role of pipelines and deployments. Focused mainly on security, IAM, SSO, and caching.
  • Decided to adopt Agile and helped the company hire required software engineers for the development.
  • Was re-hired by the client to train their DevOps for infrastructural development and application support after the completion of the project.
  • Trained developers and DevOps on AWS and its resources with the use case for our product development. I guided software engineers from not knowing about AWS to being capable of creating applications on AWS.
Technologies: DevOps, Amazon Web Services (AWS), Security, Cloudflare, DevSecOps, API Gateways, AWS Lambda, Amazon CloudFront CDN, Notion, Figma, Jira, Agile, Identity & Access Management (IAM), Multiple Factor Analysis (MFA), Amazon Cognito, ETL, AWS Glue, Amazon RDS, OpenVPN, GitHub Actions, Amazon Virtual Private Cloud (VPC), Node.js, Big Data, Data Engineering, Data Warehousing, Data Science, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, VPN, Cloud Environments, AWS IoT, Containerization, Cloud Infrastructure, AWS NAT Gateway, AWS Cloud Architecture, Software Architecture, Architecture, Continuous Delivery (CD), Control & Cost Analysis, TypeScript, Prisma, Single Sign-on (SSO), Auth, ECS, AWS Key Management Service (KMS), Microservices Architecture, Containers, AWS CLI, AWS ALB, Licensing, Data Synchronization, AWS VPN, AWS Cloud Development Kit (CDK), SDKs, Cost Reduction & Optimization (Cost-down), IT Security, HTTPS, API Integration

Senior Site Reliability Engineer

2022 - 2022
Motional (Toptal Project)
  • Created Grafana monitoring and alerting system with VM metrics as a Prometheus Agent with tens of EKS clusters. Implemented Kubecost monitoring to determine the cost of every cluster and its components.
  • Automated Argo CD deployment with Argo CD Image Updater, which replaces the deployment pipelines for deploying newer application image tags.
  • Enhanced Atlantis parallel builds to handle multiple PRs for Terraform deployments.
  • Managed Slurm cluster monitoring and alerting with minute descriptions of GPU components, NFS usage per user, disk IOPS, and network interface ingress and egress traffic.
Technologies: Amazon Web Services (AWS), Amazon EKS, Grafana, Virtual Machines, Prometheus, Slurm Workload Manager, Argo CD, Atlantis, Kubecost, Terraform, AWS IAM, Source Code Review, Site Reliability Engineering (SRE), Identity & Access Management (IAM), Bash Script, Continuous Integration (CI), Continuous Deployment, Cloud, DNS, Agile, Amazon Route 53, AWS CloudFormation, AWS Certified Solution Architect, DevOps Engineer, AWS DevOps, Amazon S3 (AWS S3), Amazon Virtual Private Cloud (VPC), Microservices, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, VPN, Cloud Environments, GitHub Actions, TCP/IP, AWS IoT, Containerization, Kubernetes Operations (kOps), Cloud Infrastructure, Direct Connect (DC), AWS NAT Gateway, Continuous Delivery (CD), Single Sign-on (SSO), Auth, ECS, AWS Key Management Service (KMS), Microservices Architecture, Containers, AWS CLI, AWS ALB, Data Synchronization, AWS VPN, HTTPS

Senior DevOps Engineer

2020 - 2021
Itonics GmbH
  • Helped the company to migrate the applications from EC2 ASG to a serverless architecture.
  • Developed Single Sign-on (SSO) functionality with the research and development on AWS Cognito and IdP.
  • Migrated CI/CD pipelines from Bitbucket to the self-hosted Jenkins server on ECS Fargate.
  • Managed AWS cross-account functionalities with proper IAM access management for users and roles via the SSO and MFA.
  • Helped hundreds of clients to achieve SSO via their external emails.
  • Researched, tested, and integrated SNS and SES to track failed and bounced emails.
Technologies: Amazon Web Services (AWS), Serverless, AWS Lambda, Amazon API Gateway, Amazon CloudFront CDN, Amazon Route 53, Terraform, Bitbucket, Jenkins, Amazon Cognito, Amazon Elastic Container Service (ECS), AWS IAM, Amazon Inspector, Cloud, Shell Scripting, Team Leadership, DNS, Agile, Leadership, Amazon EKS, AWS CloudFormation, AWS Certified Solution Architect, DevOps Engineer, Lambda Functions, Amazon DynamoDB, AWS DevOps, Amazon S3 (AWS S3), Google Apps, Scripting, Amazon Virtual Private Cloud (VPC), Enterprise Architecture, Microservices, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, VPN, Cloud Environments, GitHub Actions, TCP/IP, PHP, Containerization, Cloud Infrastructure, AWS NAT Gateway, AWS Cloud Architecture, Architecture, Continuous Delivery (CD), Amazon Simple Notification Service (SNS), Single Sign-on (SSO), Auth, Redis, ECS, AWS Key Management Service (KMS), Microservices Architecture, Backup & Recovery, API/Services Architecture, Containers, AWS CLI, AWS ALB, Licensing, Data Synchronization, HTTPS, API Integration, Redis Clusters, AWS Cloud Computing Services

Senior DevSecOps Engineer

2019 - 2020
ESR Technology
  • Designed 3-tier architecture in Google Cloud Platform for applications, including access plane, data plane, and security plane.
  • Migrated in-premise Docker containers to Google Cloud Run, along with the implementation of Cloud Scheduler, Cloud Builder, and other dependent resources.
  • Released management of multiple services and applications to production with fully secure and automated principles.
  • Optimized cost and security auditing of resources for best performance. Helped the company to attain HIPAA compliance.
  • Managed and trained DevOps and DevSecOps engineers and focused on their engagement and growth.
  • Implemented a secure, private, and reliable network using Cloudflare for multiple application services.
Technologies: Google Cloud Platform (GCP), Jenkins, Identity & Access Management (IAM), Security, Cloud Architecture, Leadership, Cost Analysis, Cloudflare, Cloud, Shell Scripting, Team Leadership, DNS, Agile, Google Kubernetes Engine (GKE), DevOps Engineer, Telemetry, Cloud Migration, Google Apps, Scripting, Amazon Virtual Private Cloud (VPC), Node.js, HIPAA Compliance, Azure Cloud Services, Enterprise Architecture, Cloud Services, Load Balancers, Scalability, VPN, Cloud Environments, Bash, TCP/IP, Fuzz Testing, Server Administration, PHP, GitHub Actions, Cloud Infrastructure, Google Workspace, Architecture, Continuous Delivery (CD), Control & Cost Analysis, Firebase, Single Sign-on (SSO), Auth, Google Cloud Storage, Redis, Containers, Licensing, IT Security, HTTPS, SecOps, API Integration, Memorystore, Web Platforms, Software Testing Lifecycle (STLC), Data Feeds, Startups

System Engineer | System Administrator

2018 - 2020
F1Soft International Pvt
  • Established the on-premise system architecture design and development, data center, and disaster recovery management. Worked with bare metal servers, VMware, NAS, SAN, switches, firewalls, routers, and other physical layer systems.
  • Implemented application deployment using various CI/CD and automation tools.
  • Focused on clusters, high availability, and load-balancing technologies.
  • Enabled the system hardening function for the company's overall infrastructure to become PCI DSS compliant.
  • Conducted static and dynamic application testing in various stages before deploying to production. Used a shift-left policy in deployment pipelines, reducing production deployment error rates.
  • Worked as a technical interviewer to help the company hire competent staff while collaborating with the CIO of the organization; my focus was on hiring system engineers, DevOps, DevSecOps, security, and cloud engineers.
  • Managed DNS services from Cloudflare for multiple domains.
  • Implemented VMware Vsphere to manage VMware ESXi cluster installed in multiple bare metal servers for enabling virtualizations.
  • Managed 100+ virtual machines with host failover, storage clusters, nic teaming, and authorization administration.
Technologies: Linux, Veeam, NAS Servers, SAS, Universal Router, Firewalls, Cisco Switches, Zimbra, DNS, Microsoft Servers, Azure Active Directory, Shell Scripting, Docker, Rancher, MySQL, Jira, Troubleshooting, Monitoring, Prometheus, SQL, NoSQL, Infrastructure as Code (IaC), Jenkins, GitLab CI/CD, Bitbucket, Solution Architecture, CI/CD Pipelines, Python, Release Management, Masternodes, Blockchain, Team Management, Technical Hiring, Source Code Review, Interviewing, Identity & Access Management (IAM), Bash Script, Docker Swarm, Continuous Integration (CI), Bazel, Continuous Deployment, Cloudflare, Grafana, Ansible, NGINX, Linux Kernel, Cloud, IT Project Management, Team Leadership, Agile, Leadership, Amazon API Gateway, Amazon Route 53, Zabbix, DevOps Engineer, System Administration, Windows, Google Apps, Scripting, Node.js, Reporting, Oracle, Oracle Cloud, VMware, VMware ESXi, VMware vSphere, VMware vCenter, VMware vCloud, Disaster Recovery Plans (DRP), PCI DSS, HIPAA Compliance, Azure Cloud Services, Palo Alto Networks, Enterprise Architecture, Cloud Services, Load Balancers, Scalability, Amazon EC2, Amazon API, Unix, Go, VPN, Cloud Environments, Bash, TCP/IP, Blockchain & Cryptocurrency, Geth (go-ethereum), Fuzz Testing, Windows System Administration, Azure Migrate, Microsoft Exchange, Microsoft 365, Office 365, Databricks, Windows Server, Data Centers, Server Administration, PHP, Networks, Ceph, Configuration Management, Let's Encrypt, SSL Certificates, Architecture, IT Operations Management (ITOM), On-premise, IIS, Java, Continuous Delivery (CD), Control & Cost Analysis, Splunk, Database Performance, Back-end Performance, Single Sign-on (SSO), Auth, System Center Configuration Manager (SCCM), Hyper-V, VM, Redis, SysOps, Linux Server Administration, VPS/VDS, Backup & Recovery, Containers, Memcached, Samba, Licensing, Windows PowerShell, C#, Email, Domains & Hosting, Email Systems, WordPress, Infrastructure, Cost Reduction & Optimization (Cost-down), Role-based Access Control (RBAC), Security Policies & Procedures, IT Security, HTTPS, Scripting Languages, Network Security, Web Application Firewall (WAF), Red Hat Linux, Authentication, LDAP, NVIDIA CUDA, Apache Tomcat, Ruby, Unix Shell Scripting, Server Infrastructure, API Integration, Confluence, Objects, Heroku, Ethereum, RPC, Ubuntu, REST, Redis Clusters, Artifactory, GitOps, Chef, Perl, Transport Layer Security (TLS), AWS Subnets, Database Security, Load Testing, SonarQube, DMARC, IT Infrastructure

Technical Volunteer

2015 - 2018
Help Nepal Network
  • Volunteered to set up and monitor an e-library system (Ubuntu LTSP, client-server architecture with network boot) in rural areas of Nepal.
  • Deployed the e-library to almost 35 districts of Nepal.
  • Taught basic Linux and open source concepts to teachers and students of government schools.
  • Helped the organization select and train new volunteers from different universities to help continue the community development process.
Technologies: Linux, Networking, Git, GitHub, Team Management, Technical Hiring, Source Code Review, Interviewing, Bash Script, Linux Kernel, Shell Scripting, Team Leadership, DNS, Leadership, System Administration, Scripting, Bash, TCP/IP, Data Centers, Server Administration, Networks, IT Operations Management (ITOM), On-premise, VM, SysOps, Linux Server Administration, VPS/VDS, WordPress, Document Management Systems (DMS), Ubuntu, Transport Layer Security (TLS), Database Security, IT Infrastructure

Jibri on Kubernetes

https://github.com/rraj-gautam/k8s-jibri
Jitsi is an online video conferencing tool, and Jibri is a part of the application overseeing recording the sessions. The downside of Jibri is that one instance of Jibri can only record one session at a time, so I implemented Kubernetes pods for multiple Jibri instances to record multiple sessions. My soundcard implementation solution helped a lot of people solve the issue they were stuck with while deploying Jibri in Kubernetes.

AWS SES: Capture Bounced Emails

https://github.com/rraj-gautam/terraform/tree/master/aws/ses-log-bounced-emails
By default, AWS does not keep track of bounced emails. This project implements AWS Lambda, SNS (Simple Notification Service), and CloudWatch to capture the bounced emails sent from AWS SES (Simple Email Service).
All the resources are Terraformed.

Rate Limiting on Istio Ingress Controller - Kubernetes

https://github.com/rraj-gautam/istio-ratelimit
This project is the Helm Charts for rate limiting on Istio. Istio does not have easy ways of implementing rate limiting to the domains. So, this project uses the Envoy filters to implement rate-limiting for any domains based on the Regex URL path. The Envoy filters look after the Istio gateways.

Demo Architecture Applications in AWS, Kubernetes, and Terraform

https://gitlab.com/rraj-gautam/testapp/-/blob/master/testapp-architecture.jpg
This is the demo architecture in AWS with fully automated CI/CD using GitLab. Demo application stacks include:
• AWS cloud resources
• Containerization using Kubernetes orchestration of AWS EKS
• Manifests templated using Helm
• Infrastructure as Code (IaC) using Terraform
• GitLab self-hosted runners in Kubernetes for CI/CD
• AWS Secrets Manager and external secrets
• Cluster Autoscaler and Horizontal Pod Autoscaler
• Identity and Access Management (IAM) roles and service accounts
• Amazon CloudWatch and Fluentd agents for logging and monitoring
• Istio and network load balancer (NLB)
• Cloudflare for Secure Sockets Layer (SSL) termination and Domain Name System (DNS)
• OpenVPN for VPN

GCP Architecture Demo with GKE and Terraform

https://github.com/rraj-gautam/gcp-gke-demo
This is a GCP demo project deploying Google Kubernetes Engine (GKE) and a fully automated hello-world Kubernetes deployment using Terraform. Terraform is also used to manage GitLab environment variables, including:
• Custom VPC
• Private subnetworks
• Cloud NAT and Routers
• VPN to connect private networks
• GKE
• Google storage buckets
• Google projects
• Cloud functions
• Cloud runs
• Cloud SQL
• Kubernetes objects deployed by Terraform
• Helm packages deployed by Terraform
• GitLab environment variables managed by Terraform

Trigger CronJob by CronJob - Python, MongoDB, Kubernetes

https://github.com/rraj-gautam/cronjob-trigger-cronjob
Kubernetes doesn't provide any methods to trigger the cron jobs after the successful completion of any other dependent cron job. This project provides a solution to trigger the execution of a cron job by another. It was tested using a Python Flask API in Kubernetes, which connects with MongoDB and populates the timestamps.
2014 - 2018

Bachelor's Degree in Computer Engineering

Kathmandu University - Dhulikhel, Nepal

DECEMBER 2021 - DECEMBER 2024

AWS Certified Solutions Architect Associate

AWS

JUNE 2021 - JUNE 2024

Certified Kubernetes Administrator (CKA)

The Linux Foundation

MAY 2021 - PRESENT

Beginner's Guide to Linux Kernel Development (LFD103)

The Linux Foundation

Libraries/APIs

Terragrunt, Google Apps, Amazon API, Auth, Node.js, AWS Amplify, REST APIs

Tools

Helm, Terraform, NGINX, Ansible, Jira, Zimbra, Git, Jenkins, GitLab CI/CD, Bitbucket, GitHub, ELK (Elastic Stack), Istio, Logging, Amazon CloudWatch, Amazon EKS, OpenVPN, Fluentd, Grafana, AWS IAM, Docker Swarm, Amazon CloudFront CDN, Amazon Cognito, Amazon Elastic Container Service (ECS), Azure DevOps Services, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), AWS CloudFormation, Notion, Figma, Amazon Virtual Private Cloud (VPC), GitLab, VMware, VMware vSphere, GitLab Runner, Amazon SageMaker, VPN, Geth (go-ethereum), Microsoft Exchange, Google Workspace, Let's Encrypt, Amazon Simple Email Service (SES), Azure Automation, Google Compute Engine (GCE), Splunk, Amazon Simple Notification Service (SNS), System Center Configuration Manager (SCCM), Hyper-V, AWS Key Management Service (KMS), AWS CLI, AWS Cloud Development Kit (CDK), Observability Tools, CircleCI, Apache Tomcat, Confluence, Amazon Elastic Block Store (EBS), Artifactory, Chef, AWS Subnets, SonarQube, Bazel, Kibana, Zabbix, AWS Glue, BigQuery, Open Neural Network Exchange (ONNX), Apache Solr, Cron, Prisma, Microsoft Dynamics CRM, AWS CloudTrail

Languages

Python, Bash Script, Bash, PHP, Java, JavaScript, YAML, Ruby, SQL, Python 3, Go, TypeScript, C#, Perl, C++, C, SAS

Frameworks

Windows PowerShell, Ruby on Rails (RoR), Flask

Paradigms

Agile, Automation, Scrum, DevOps, Azure DevOps, DevSecOps, Continuous Integration (CI), Continuous Deployment, HIPAA Compliance, Microservices, Fuzz Testing, Continuous Delivery (CD), Microservices Architecture, API/Services Architecture, Event-driven Architecture, Samba, Scalable Application, Role-based Access Control (RBAC), Load Testing, ETL, REST

Platforms

Linux, Kubernetes, Docker, Rancher, Google Cloud Platform (GCP), Azure, DigitalOcean, New Relic, Amazon Web Services (AWS), PagerDuty, AWS Lambda, Windows, Amazon EC2, Unix, Databricks, Windows Server, AWS IoT, Microsoft Dynamics 365, Azure Functions, Firebase, AWS ALB, WordPress, Red Hat Linux, Azure IaaS, Azure PaaS, Heroku, Ethereum, Ubuntu, AWS Cloud Computing Services, Blockchain, Apache Kafka, Oracle, Kubeflow, NVIDIA CUDA

Storage

Azure Active Directory, MySQL, Datadog, Elasticsearch, Amazon DynamoDB, Amazon S3 (AWS S3), Oracle Cloud, Azure SQL, Google Cloud, Google Cloud Datastore, Azure Cloud Services, Cloud Environments, Data Centers, Ceph, On-premise, PostgreSQL, Database Performance, Google Cloud Storage, Redis, Memcached, Microsoft SQL Server, Data Synchronization, Database Security, Databases, NoSQL, Google Cloud SQL, Redshift, NAS Servers, MongoDB, JSON

Industry Expertise

Network Security, Cybersecurity

Other

Networking, Shell Scripting, Serverless, Cloud, IT Project Management, Team Leadership, Troubleshooting, Monitoring, Prometheus, DNS, Security, Communication, Veeam, Microsoft Servers, Jitsi, Cloud Architecture, Infrastructure as Code (IaC), Argo CD, Solution Architecture, CI/CD Pipelines, Cloudflare, Virtual Machines, Slurm Workload Manager, Atlantis, Kubecost, Release Management, Team Management, Technical Hiring, Source Code Review, Interviewing, Site Reliability Engineering (SRE), Identity & Access Management (IAM), Leadership, Cost Analysis, Amazon API Gateway, Amazon Route 53, Amazon Inspector, Lambda Functions, DevOps Engineer, AWS Certified Solution Architect, AWS Certified DevOps Engineer, AWS DevOps, Cloud Migration, System Administration, API Gateways, Multiple Factor Analysis (MFA), Amazon RDS, GitHub Actions, Scripting, Reporting, VMware ESXi, VMware vCenter, VMware vCloud, Disaster Recovery Plans (DRP), Documentation, Training, Azure Data Factory, Google Cloud Functions, Web Security, Cloud Security, ETL Tools, Machine Learning Operations (MLOps), PCI DSS, Enterprise Architecture, Cloud Services, Load Balancers, Scalability, TCP/IP, Blockchain & Cryptocurrency, Windows System Administration, Azure Migrate, Microsoft 365, Office 365, Server Administration, SOC 2, Containerization, Kubernetes Operations (kOps), Networks, Cloud Infrastructure, Direct Connect (DC), Configuration Management, AWS NAT Gateway, SSL Certificates, AWS Cloud Architecture, Software Architecture, Architecture, IT Operations Management (ITOM), IIS, Control & Cost Analysis, Back-end Performance, Single Sign-on (SSO), VM, SysOps, Linux Server Administration, VPS/VDS, ECS, APIs, Backup & Recovery, GPU Computing, Containers, Licensing, Email, Domains & Hosting, Email Systems, AWS VPN, Infrastructure, Orchestration, SDKs, Cost Reduction & Optimization (Cost-down), Amazon EventBridge, Deployment, Azure VDI, Microsoft Azure, Security Policies & Procedures, IT Security, HTTPS, Scripting Languages, Web Application Firewall (WAF), SIEM, Multitenancy, Authentication, SecOps, LDAP, Unix Shell Scripting, Server Infrastructure, API Integration, Memorystore, Web Platforms, Software Testing Lifecycle (STLC), Data Feeds, Objects, RPC, Redis Clusters, Startups, GitOps, Azure Cloud Security, Transport Layer Security (TLS), FastAPI, DMARC, IT Infrastructure, Kubernetes Security, Firewalls, Masternodes, Telemetry, Azure Databricks, MLflow, Palo Alto Networks, Natural Language Processing (NLP), Document Management Systems (DMS), Linux Kernel, Universal Router, Cisco Switches, ISO 27001, IBM Cloud, Azure Data Lake, Big Data, Data Warehousing, Data Engineering, Data Science, Google BigQuery, Google Cloud Build, Machine Learning, Sentiment Analysis, Incident Response, Artificial Intelligence (AI), Data Modeling, IT Audits, Centralized Logging

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring