← В ленту
Регистрация: 21.08.2023

Pavel Gural

Специализация: Lead DevOps
Bash Docker Jenkins Python GitLab Kubernetes Maven Helm
Bash Docker Jenkins Python GitLab Kubernetes Maven Helm

Портфолио

EPAM Systems

1. Implemented high-available hybrid (Linux and Windows) AKS (k8s) cluster via ARM template in Azure. Achieved reproducible AKS deployments across multiple envs. 2. Deployed the following services via ARM template in Azure: VNET, HDInsight, EventHub, Storage Account, Private Link, and Private Endpoint. 3. Implemented ElasticSearch deployment/update in Elastic Cloud via ecctl. 4. Implemented KEDA as an autoscaling tool to be able to scale up and down apps based on the Prometheus metrics and CPU. 5. Created CI/CD pipeline for infrastructure deployment for multiple envs via GitHub Actions. 6. Created CD pipeline for application deployment for multiple envs via GitHub Actions. Applications are packed into helm charts. 7. Implemented cloud-cost optimization: • Saved $44k/year by implementing Spot Node Pool for 5 non-prod envs. • Saved $35k/year by implementing Cert-manager. Moreover, it saved 100+ staff hours due to automatic cert renewal. • Deployed application features in a separate k8s namespace. A k8s ns is removed automatically once the PR is merged or a PR is older than 8 hours. • Created a separate DB in the PostgreSQL instance instead of creating the PostgreSQL instance itself for every application PR. A DB is removed automatically once the PR is merged or a PR is older than 8 hours. 8. Migrated the pipeline from Azure DevOps to GitHub Actions for Azure infrastructure. 9. Temporarily assumed project management duties in the absence of the assigned project manager.

EPAM Systems

1. Deployed the following AWS infrastructure in multiple envs via Terraform: VPC, EKS (k8s), and RDS (PostgreSQL). 2. Deployed cluster autoscaler for the EKS cluster. 3. Created CI/CD pipeline for the infrastructure deployment via GitLab.

SoftClub

1. Deployed and administrated centralized anti-virus ESET. 2. Developed an anti-virus protection policy. 3. Developed a method for finding spyware using Open Source software. 4. Administrated the Kerio Control Firewall. 5. Set up virtual machines on hypervisors: VMWare Workstation, VMWare Player, Oracle VirtualBox. 6. Troubleshot issues on Windows-based VMs. 7. Set up the switch Aruba 2920.

Скиллы

ACR
AKS
Alertmanager
Ansible
ARM templates
AWS
AWS CDK
Azure
Azure DevOps
Bash
Cert-manager
Cloudformation
CoreDNS
Docker
EFK stack
ElasticSearch
GitHub Actions
GitLab
Gradle
Grafana
Helm
Istio
Jenkins
Kafka
KEDA
Kubernetes
Maven
OpenShift
PostgreSQL
Prometheus
Python
Terraform
Vault
VNET

Опыт работы

DevOps Tech/Team Lead
04.2023 - 04.2023 |EPAM Systems, NDA, E-commerce
Terraform: VPC, EKS (k8s), RDS (PostgreSQL), GitLab
1. Deployed the following AWS infrastructure in multiple envs via Terraform: VPC, EKS (k8s), and RDS (PostgreSQL). 2. Deployed cluster autoscaler for the EKS cluster. 3. Created CI/CD pipeline for the infrastructure deployment via GitLab.
DevOps Tech/Team Lead
10.2021 - 04.2023 |EPAM Systems, NDA, Cloud Computing
Azure DevOps, GitHub Actions, VNET, HDInsight, EventHub, Storage Account
1. Implemented high-available hybrid (Linux and Windows) AKS (k8s) cluster via ARM template in Azure. Achieved reproducible AKS deployments across multiple envs. 2. Deployed the following services via ARM template in Azure: VNET, HDInsight, EventHub, Storage Account, Private Link, and Private Endpoint. 3. Implemented ElasticSearch deployment/update in Elastic Cloud via ecctl. 4. Implemented KEDA as an autoscaling tool to be able to scale up and down apps based on the Prometheus metrics and CPU. 5. Created CI/CD pipeline for infrastructure deployment for multiple envs via GitHub Actions. 6. Created CD pipeline for application deployment for multiple envs via GitHub Actions. Applications are packed into helm charts. 7. Implemented cloud-cost optimization: • Saved $44k/year by implementing Spot Node Pool for 5 non-prod envs. • Saved $35k/year by implementing Cert-manager. Moreover, it saved 100+ staff hours due to automatic cert renewal. • Deployed application features in a separate k8s namespace. A k8s ns is removed automatically once the PR is merged or a PR is older than 8 hours. • Created a separate DB in the PostgreSQL instance instead of creating the PostgreSQL instance itself for every application PR. A DB is removed automatically once the PR is merged or a PR is older than 8 hours. 8. Migrated the pipeline from Azure DevOps to GitHub Actions for Azure infrastructure. 9. Temporarily assumed project management duties in the absence of the assigned project manager.
DevOps Tech/Team Lead
11.2020 - 09.2021 |EPAM Systems, NDA, Cloud Computing
VPC, RDS, EFS, MSK (Kafka), EKS (k8s), and Global Accelerator via CloudFormation(CFN) template
1. Created AWS infrastructure such as VPC, RDS, EFS, MSK (Kafka), EKS (k8s), and Global Accelerator via CloudFormation(CFN) template. 2. Infrastructure deployment was implemented via a declarative multi-branch pipeline Jenkins. 3. Autoscaling of apps was implemented via KEDA based on Prometheus metrics, CPU, and memory. 4. Delivered a highly available application with fast failover for multi-Region EKS clusters via Global Accelerator. 5. Created AWS infrastructure such as VPC and EKS (k8s) via AWS CDK as a PoC.
Senior DevOps Engineer
11.2019 - 10.2020 |EPAM Systems, NDA, Cloud Computing
Zookeeper, Kafka, PostgreSQL, ElasticSearch, Vault
1. Deployed OpenShift cluster via OKD 3.11 for stateless services. 2. Deployed the following stateful services (Zookeeper, Kafka, PostgreSQL, ElasticSearch, Vault), and stateless CoreDNS (for DNS resolution) in docker containers via Ansible. 3. Created k8s manifest files for deploying on top of the OpenShift cluster. 4. Implemented EFK (ElasticSearch, Fluentd, Kibana) as a logging solution. 5. Created a Python script to implement an ES indices retention policy and creation of Kibana index pattern. 6. Implemented Prometheus, Grafana, and AlertManager as a PoC.
DevOps Engineer
10.2018 - 10.2019 |EPAM Systems, NDA, Cloud Computing
VPC, RDS, EFS, EC2
1. Migrated monolithic Java apps to the docker containers. 2. Created AWS infrastructure such as VPC, RDS, EFS, EC2, and Lambda functions via CloudFormation(CFN) template. • The Java app was running on the EC2 VM in the docker container. Docker logs sent to Cloud Watch. • EFS is used as a storage for Java heap dumps. • Created Python wrapper to deploy/update/delete CFN stacks. • Wrote the Lambda functions on Python using boto3 and cfnresponse libraries for different purposes: - delete record sets in Amazon Route 53 DNS service when a CloudFormation stack is deleted; - detach and remove network interfaces associated with a specific VPC when a CloudFormation stack is deleted.
DevOps Engineer
05.2018 - 09.2018 |EPAM Systems, NDA, FinTech
AKS (k8s), Python, Azure Storage Accounts
1. Deployed a hybrid AKS (k8s) cluster with both Linux and Windows nodes through an ARM template. 2. Implemented a declarative multi-branch CI pipeline for a Java application. 3. Developed a Python-based file server that connects Artifactory and Azure Storage Accounts, resulting in annual cost savings of $14,000 by eliminating the need for an Enterprise license.
System Engineer
11.2016 - 01.2018 |SoftClub, FinTech
VMWare Workstation, VMWare Player, Oracle VirtualBox
1. Deployed and administrated centralized anti-virus ESET. 2. Developed an anti-virus protection policy. 3. Developed a method for finding spyware using Open Source software. 4. Administrated the Kerio Control Firewall. 5. Set up virtual machines on hypervisors: VMWare Workstation, VMWare Player, Oracle VirtualBox. 6. Troubleshot issues on Windows-based VMs. 7. Set up the switch Aruba 2920.

Образование

Management Information Systems and Services, Management of the Security Production Process
2017 - 2018
BSUIR
Information Security in Telecommunication Systems
2012 - 2017
BSUIR

Языки

АнглийскийВыше среднего
BashDockerJenkinsPythonGitLabKubernetesMaven