Suresh Perumalla

Project : 1

Client : AT&T ( IoT GW)

Technical Work: Infrastructure & Security Design, End to End Infra Setup/Enhancements

on Kubernetes, DR, Deployments, Monitoring & Alerting, Benchmarking,

Maintenance, Production Issues, Load Balancing and High Availability.

Technology: Kubernetes (AWS EKS, Azure AKS), AWS (EC2, VPC,CloudWatch) Jenkins, ShellScript,UptimeRobot,

MFA (Google Authenticator), IP Blocking (Fail2Ban), Command Tracing.

Role: DevOps Engineer

Team Size: 10

• Coordinated with cross-department teams like QA, DevOps, and Support to ensure seamless end-to-end software delivery process.
• Single-handedly created Kubernetes Setup on Azure and AWS from scratch for PROD, DR, UAT and QA. Implemented ISTIO for effective network management and visualization. Done Calico implementation for secured network policies. Templatised platform components for easy image building. Made kubernetes deployment single button click by integrating Jenkins.
• Created highly available, auto-scaling and secured kubernetes infrastructure using AWS ELB, Autoscaling Groups, Private Subnets, Bastion servers, MFA authentications, Defined User Access, Hardened Security Groups and IP Blocking. Made Kubernetes access, application calls and Database (RDS, ElastiCache ) access completely private via private network.
• Complete Kubernetes and application monitoring with dedicated dashboards for production namespaces which include pods count, network transmit & receive, CPU usage, memory usage, persistent volume, istio service monitoring etc using Grafana (Graphical View), Prometheus (DataSource), Kiali (Packets Flows) and Jeagar (API Tracing). Implemented Voice Call, Email & SMS alerts using UptimeRobot.
• Enabled OWASP security using AWS WAF and lambda function for frontend applications and implemented the same for backend (For applications installed in kubernetes) using EnvoyFilter which is a kube-istio CRD.
• Setting up superset cluster by enabling auto-scaling with AWS ELB, integrating with AWS RDS and AWS ElastiCache for stability and high availability.
• Complete migration of AWS resources from one account to other which includes Route53, domain hosting service, CDN, RDS, ELB, Elastisearch, Kube Configurations, Lambda functions with minimal downtime to production applications and website.
• Created complete end to end SLA for Post Actions for Alerts.
• Took initiatives in designing and architecting infrastructure to be cost effective, secured, robust, highly available and reliable.
• Performed benchmarking for the new platform and created multiple documents for resource sizing, security measures, networking strategy, load balancing, scaling and DR strategies based on RTO & RPO requirements of clients.
• AWS cleanup, Cost optimization & Effective resource utilization by implementing right resource for right usage.
• Implemented cronjobs for S3bucket backups and RDS backups. Created logging setup using logstash and integrated superset cluster with application for graph visualization

Project 2

Client : CITI BANK

Technical Work: Infrastructure & Security Design, End to End Infra Setup/Enhancements

on Kubernetes, DR, Deployments, Monitoring & Alerting, Benchmarking,

Maintenance, Production Issues, Load Balancing and High Availability.

Technology: Kubernetes (AWS EKS, Azure AKS), AWS (EC2, VPC,

CloudWatch) Jenkins, ShellScript.

MFA (Google Authenticator), IP Blocking (Fail2Ban), Command Tracing.

Role: DevOps Engineer

Team Size: 30

Roles and Responsibilities:

• Single-handedly created Kubernetes Setup on Azure and AWS from scratch for PROD, DR, UAT and QA. Implemented ISTIO for effective network management and visualization. Done Calico implementation for secured network policies. Templatised platform components for easy image building. Made kubernetes deployment single button click by integrating Jenkins.
• Created highly available, auto-scaling and secured kubernetes infrastructure using AWS ELB, Autoscalling Groups, Private Subnets, Bastion servers, MFA authentications, Defined User Access, Hardened Security Groups and IP Blocking. Made Kubernetes access, application calls and Database (RDS, ElastiCache ) access completely private via private network.
• Complete Kubernetes and application monitoring with dedicated dashboards for production namespaces which include pods count, network transmit & receive, CPU usage, memory usage, persistent volume, istio service monitoring etc using Grafana (Graphical View), Prometheus (DataSource), Kiali (Packets Flows) and Jeagar (API Tracing). Implemented Voice Call, Email & SMS alerts using UptimeRobot.
• Enabled OWASP security using AWS WAF and lambda function for frontend applications and implemented the same for backend (For applications installed in kubernetes) using EnvoyFilter which is a kube-istio CRD.
• Setting up superset cluster by enabling auto-scaling with AWS ELB, integrating with AWS RDS and AWS ElastiCache for stability and high availability.
• Complete migration of AWS resources from one account to other which includes Route53, domain hosting service, CDN, RDS, ELB, Elastisearch, Kube Configurations, Lambda functions with minimal downtime to production applications and website.
• Created complete end to end SLA for Post Actions for Alerts.
• Took initiatives in designing and architecting infrastructure to be cost effective, secured, robust, highly available and reliable.
• Performed benchmarking for the new platform and created multiple documents for resource sizing, security measures, networking strategy, load balancing, scaling and DR strategies based on RTO & RPO requirements of clients.
• AWS cleanup, Cost optimization & Effective resource utilization by implementing right resource for right usage.
• Implemented cronjobs for S3bucket backups and RDS backups. Created logging setup using logstash and integrated superset cluster with application for graph visualization.

Project 3

Technical Work: Infrastructure & Security Design, End to End Infra Setup/Enhancements

on AWS Cloud, DR, Deployments, Monitoring & Alerting, Benchmarking,

Maintenance, Production Issues, Load Balancing and High Availability.

Technology: AWS (EC2, VPC, S3, Glacier, Cloud Watch, Cloud Trail, Cloud Front,

IAM, ElasticSearch, ElastiCache) Jenkins, Shell Scripting,

InfluxDB, Terraform, UptimeRobot,

MFA (Google Authenticator), IP Blocking (Fail2Ban), Command Tracing.

Role: DevOps Engineer

Team Size: 25

Roles and Responsibilities:

• Migrated whole setup from native services on EC2 to dockerized services on EC2 instances from scratch for PROD, DR, UAT and QA. And automated deployments via one-click using Jenkins and Terraform templates.
• Complete infrastructure and application monitoring setup using Grafana (Graphical Visualisation), Telegraf (Metrics Collector) and InfluxDB (Datasource). Implemented Voice Call, Email & SMS alerts using UptimeRobot.
• Created highly available, auto-scaling and secured infrastructure using AWS ELB, Autoscalling Groups, Private Subnets, Bastion servers, MFA authentications, Defined User Access, Hardened Security Groups and IP Blocking. Made setup access, application calls and Database (RDS, ElastiCache and ElasticSearch) access completely private via private network.
• Created complete end to end SLA for Post Actions for Alerts.
• Took initiative in finding alternatives to AWS CDN without compromising performance and cost effective. Validated couple of products in market like Akamai, Netmagic, StackPath and Incapsula. Finalized Incapsula, implemented POC setup for migrating AWS CDN to Incapsula and done performance, load testing. Incapsula will help us reducing our AWS CDN cost
• Handled SOC 1&2 Audit by implementing firewall setup, controls (Security, Access and Backups), collecting proofs and documentation.
• Took initiative in understanding and analyzing AWS Partner Network for availing AWS POC funding and other AWS market related opportunities.
• Performed benchmarking and created multiple documents for resource sizing, security measures, networking strategy, load balancing, scaling and DR strategies based on RTO & RPO requirements of clients.
• AWS cleanup, Cost optimization & Effective resource utilization by implementing right resource for right usage.
• Implemented cronjobs for S3bucket backups, RDS backups and created logging setup using Rsyslog.
• Implemented docker log rotation and docker auto restart policies.

Project 4

Technical Work: Infrastructure & Security Design, End to End Infra Setup/Enhancements

on On-Premise, DR, Deployments, Monitoring & Alerting, Benchmarking,

Maintenance, Production Issues, Load Balancing and High Availability.

Technology: Physical Servers (Vmware & Openstack), Jenkins, Shell Scripting,

InfluxDB, Terraform, UptimeRobot,

MFA (Google Authenticator), IP Blocking (Fail2Ban), Command Tracing,

MongoDB, PostgreSQL.

Role: DevOps Engineer/Release engineer

Team Size: 30

Roles and Responsibilities:

• Single-handedly created On-Premise Setup on Vmware and Openstack VMs from scratch for PROD, DR, UAT and QA. Templatised platform components for easy image building. And automated deployments via one-click using Jenkins
• Created highly available, auto-scaling and secured infrastructure using VMware (NSX LoadBalancer), Private Subnets, Bastion servers, MFA authentications, Defined User Access, Hardened Security Groups and IP Blocking.
• Created On-Premise HA clusters for ElasticSearch, MongoDB and Redis. Made setup access, application calls and Database (MongoDB) access completely private via private network.
• Successfully implemented 2-Servers highly redundant PostgreSQL for on-Premise setup.
• Complete infrastructure and application monitoring setup using Grafana (Graphical View) (Metrics Collector) and InfluxDB (Datasource).
• Created complete end to end SLA for Post Actions for Alerts.
• Implemented cronjobs for backing up ElasticSearch, MongoDB and PostgreSQL data. Also implemented data replication to DR setup.
• Implemented docker log rotation and docker auto restart policies.

Project 5

Technical Work: Deployments, Monitoring & Alerting using NASTEL TOOL

Maintenance, Production Issues

Technology: Physical Servers (LINUX & WINDOWS)

Role: Release engineer

Team Size: 10

• Nastel Navigator provides Middleware management for a multitude of different middleware platforms IBM (WebSphere MQ), TIBCO, and Kafka. Allowing for daily management functions to be delivered simply and securely, including migrations, queue management, upgrades, and updates, as well as allowing middleware operators to setup secure methods for middleware users to manage their own queues.

Project 6

Technical Work: Deployments, Monitoring & Alerting using NASTEL TOOL

Maintenance, Production Issues, Load Balancing and High Availability using TIBCO BW and EMS middleware tools

Technology: Service Now 2.0 (Incident management, change management,Patching, Problem management) TIBCO BW/EMS

Role: Release enginner

Team Size: 18

• ·Working with Autosys job scheduling tool
• Expert in TIBCO EMS administration and basic knowledge in development of BW through designer
• Proficient in implementation/installation/maintenance/support (Level 1-2 Production Support) of BW/BE/Adapters Farms
• Installation/Up gradation/Implementation of TIBCO EMS
• Instance creation/ version migration/performance tuning/ User management across all environments
• Defining SSL frame work and Fault Tolerant (secondary servers) setup.
• Enabling JNDI module to restrict external applications accessing the EMS server directly
• Client code bug fixing in the platform of Java, . Net, WebLogic, Business Works and Business Events
• Expertise in routing logic configuration and maintenance (both with and without SSL)
• Configuration and maintenance of runtime monitoring using SL RTView.
• Leading the Technical Production Support and Maintenance of TIBCO BW/BE/Adapters Farm and defining best practices for Deployment standards.
• Installation/Up gradation/Implementation of TIBCO Products i.e. BW, BE, Adapters etc on BW Farms (TIBCO Administrator) following standard practices across the firm for DEV, SIT(QA), STAGE(UAT) and PROD(LIVE) Environments.
• Defining the Secondary Servers/Clusters/Failover/DR configuration and Failover/DR Strategies for BW/Adapters PROD Farms.
• Technical Production Support for BW/BE/Adapters Farm (TIBCO Administrator) including Deploying Applications, Debugging Issues, giving access, permissions, etc.
• Installation and Defining of Hawk Rule Templates for the BW/BE/Adapters applications.
• Defining Best Practices and standardization of Deployment Process.
• XML canon configuration for domain and configuration XMLs used for deployment
• ·Post deployment bug fixing also involved in setup of entire new infrastructure for Tibco

Project 7

Technical Work: Deployments, Monitoring & Alerting using NASTEL TOOL

Maintenance, Production Issues, Load Balancing and High Availability using TIBCO BW and EMS middleware tools

Technology: Service Now 2.0 (Incident management, change management,Patching, Problem management) TIBCO BW/EMS

Role: Team member

Team Size: 20

• Analyzed the design document and work on the TIBCO BW code.
• Worked with Tibco Middleware team to build and support CITI Tibco Middleware
• Conducted Unit testing of the complete flow with all the functionalities to remove any bug
• Provided fix to the issues identified in the Unit testing phase
• Developed Manual testing and deploying the code through Server (AppManage) or Administrator
• As per the functional &technical documents, designing &developing the best possible workflows & solutions
• Administered the system Integration and User Testing
• Prepared the Deployment Instructions spread sheets for Production deployments
• Handled Change requests, Bug fixing and performance tuning
• Generated the EAR file for deployment
• Deployed and executing the EAR file at Tibco Administration Server using web browser based Tibco Administrator GUI
• Interacted with client & other vendors to finalize the functionality and requirements