大卫Sumsky
验证专家 in 工程
AWS云开发人员
David is a cloud enthusiast, enabling organizations to develop on AWS successfully. 他持有AWS解决方案架构师专业证书和AWS认证安全专业证书. 他专门从事安全架构设计, 高Availability, scalable, 具有成本效益的云解决方案. David与客户密切合作,以DevOps为重点,定义想法并交付云就绪解决方案, CI/CD, 自动化工具.
Portfolio
Experience
Availability
首选的环境
Linux
最神奇的...
...thing I've designed was a 高Availability and scalable SaltStack architecture on AWS, 谁管理着成千上万的盐小黄人.
工作经验
AWS顾问
Alpsee Limited(通过Toptal)
- Consulted and designed AWS ECS infrastructure hosting derivative trading software.
- Designed infrastructure automation using AWS CloudFormation.
- 确定基础设施的痛点, provided guidance how to remove them and how to establish best practice AWS environment.
DevOps工程师
Mobeezio(来自Toptal)
- 设计并实现了一个生产就绪且可扩展的Kubernetes/AWS EKS基础设施,托管一个移动应用程序.
- 使用Artillery进行负载测试,并分析结果以优化基础设施.
- Automated the infrastructure deployment with Terraform Enterprise, CircleCI, and Weave Flux.
- 保护了CircleCI CI/CD管道,包括漏洞扫描和Dockerfile检测等.
- Took care of the AWS public cloud optimal and secure usage.
AWS开发者
SAP/Concur
- 设计并实现了一个配置框架,该框架按照最佳实践蓝图和推荐的护栏自动创建多账户AWS环境.
- 设计并实现了一个无服务器测试框架,用于执行多账户AWS环境的冒烟测试.
- 与应用程序团队合作,从手动部署的内部部署产品迁移到基于云的全自动多租户解决方案.
- 在敏捷/scrum环境中工作,与不同时区的团队成员进行两周的迭代.
- Evangelized the AWS platform and full-stack usage of AWS services within the organization.
- Took care of and developed a previous generation of the AWS environment.
云工程师
巴克莱(Barclays) / ABSA
- 开发无服务器DNS系统,动态注册和地址AWS EC2和ELB资源,自定义主机名和域名后缀.
- Built Terraform modules to provision a private and secure docker-registry service.
- Constructed Terraform modules to simplify the configuration of AWS SSM Patch Manager.
云自动化工程师
Infor
- 评估可用的配置管理系统,选择一个适合内部使用的.
- 在AWS之上设计并实现了一个SaltStack基础设施服务,用于配置基于ec2的工作负载.
- 领导组织内部对SaltStack的采用, 指导团队, 并定义了如何使用它的最佳实践.
- Developed a serverless "limit checker" service to monitor AWS service limits.
- 在AWS之上构建“Linux补丁”服务,为基于CentOS和OEL Linux的EC2实例打补丁.
- Created a serverless "scheduler" service to perform common AWS management tasks like backup, EC2自动停止/启动, EBS快照过期, and so on.
- 设计并实现了“Linux黄金镜像构建和分发”服务,用于定制CentOS和OEL ami,并将其分发到组织的AWS账户中.
- 与应用程序团队合作. Ensured that applications were designed properly for interacting with AWS, 明确的技术要求, and wrote end-to-end automation to deploy them in AWS.
- Oversaw resource usage and cost optimization strategies across multiple AWS accounts.
- Designed, 实现, and deployed various cloud infrastructure services for AWS.
Unix工程师
德意志交易所
- Implemented a Red Hat satellite infrastructure to replace legacy kickstart/build servers.
- Designed and built a high-performant trading infrastructure on Dell servers.
- 加强了交易基础设施的安全性.
- 在戴尔刀片和EqualLogic磁盘阵列上设计和构建虚拟化的SunGard Front Arena基础设施.
Unix / Linux工程师
自由职业
- Provided Unix/Linux platform consultancy services and support.
- Designed, 实现, 维护运行web托管服务(LAMP堆栈)和基于服务器的应用程序(Postfix)的Linux系统, Squid, OpenVPN, BIND, iptables, Samba, and more).
- Resolved customer issues with the Linux/Unix systems.
Experience
Mobeezio -可扩展的Kuberenetes/EKS基础设施
Based on load-testing performed with Artillery and performance metrics analysis, the infrastructure was tuned with cloud-native auto-scaling, 水平吊舱缩放, and cluster over-provisioning to mitigate cluster auto-scaling latencies. Further recommendations were given on how to optimize the application itself.
Finally, 我们改进了CircleCI CI/CD管道(为应用程序提供Docker镜像),实现了Docker镜像漏洞扫描和Dockerfile检测,以提高基础设施的整体安全性.
SAP/Concur - AWS环境配置框架
该环境是一组相互连接的AWS帐户,托管应用程序和工具,具有以下设置:
• AWS VPC with the network setup including VPC Peering connections, subnets, SGs and NACLs
• AWS CloudTrail and Config with visibility into users and resources activity
• AWS IAM with a set of roles and policies and identity federation
• AWS Organizations to manage accounts creation and their cost
•与第三方工具(如obvious)集成.Okta的云健康公司
• Centralized shipping logs to a central logging account
•应用程序配置界面
•资源标记
框架的特点:
• Scalable and delivers an environment in a few minutes
• Automated with Sceptre, AWS CloudFormation, Python/Boto 3, and Jenkins pipelines
•遵循IaC模式
•可复制和可扩展
SAP/Concur - AWS环境测试框架
The framework is based on AWS Lambda and Step Functions services, 是谁策划了烟雾测试的执行. A smoke test is represented by a CloudFormation template, which is declaring execution of related "atomic" tests (e.g., 通过HTTP代理访问互联网, VPC内的连通性, AWS CloudTrail/VPC Flow日志事件, 允许所需连接的安全组, and more).
当从模板创建堆栈时, 启动一个AWS EC2实例, or an AWS Lambda function is invoked to initiate smoke testing. 测试结果由CloudFormation信号和测试依赖项报告,其状态由AWS步骤函数驱动. Notifications are sent to SQS queues, processed, and forwarded to Slack channels.
框架的特点:
•完全无服务器
• Automated with AWS CloudFormation, Step Function, Lambda, and Python/Boto 3
• Plugged into multi-account AWS environment delivery pipelines
Infor - SaltStack基础设施
When the evaluation phase was finished and SaltStack was chosen, 客户需要构建一个可以在每个云环境中运行的高弹性的SaltStack基础设施. 基础设施在主模式和无主模式下管理数千个盐仆从/EC2实例.
整个基础设施提供了
•高度可用的SaltStack主机的自动化
• Standardized provisioning and configuration of salt minions on EC2 instances
•自定义状态、执行和支柱模块
基础设施使用AWS CloudFormation和Python/Boto 3实现自动化,并利用AWS的EC2等服务, ASG, S3, 和DynamoDB.
Infor - AWS限制检查服务
该解决方案基于一组用Python编写的AWS Lambda函数,通过“awslimitchecker”工具监控AWS服务限制. This tool takes care of hard-coded limits, API-based limits and data from Trusted Advisor.
它提供了:
•更细粒度的警报
•基于AWS sns的警报
•限制跟踪AWS DynamoDB数据后端
• Automatic support cases opening to increase some limits
Infor — Linux Golden Image Build and Distribution Service
The solution defines automated build process of AMIs for CentOS and OEL which includes:
•自定义系统和服务配置
•安装预定义的和自定义的软件包
•安装安全补丁
•基于CIS基准的安全加固
•安装ENI驱动程序
•生成HVM/PV ami
• AMIs distribution from the build environment to the rest of the environments
整个过程是通过SaltStack和Jenkins管道自动化的,其中任何代码更改提交都会触发一个dry-run构建来验证构建过程. Once a month, a full build is executed to build new AMIs and to distribute them.
Infor — Java Application Server Automation (Internal App)
最终的解决方案定义:
•基于AWS CloudFormation的基础设施即代码
•基于AWS自动伸缩组和具有深度健康检查的弹性负载平衡器的高Availability和可扩展基础设施
•安装和配置过程是抽象的SaltStack和一组PowerShell脚本
• Patches and updates are distributed with AWS CodeDeploy
• Logging and monitoring facilities are integrated with Sumo Logic
Education
应用信息学硕士学位
马萨里克大学-布尔诺,捷克共和国
认证
AWS认证解决方案架构师-专业
亚马逊网络服务
AWS认证安全-专业
亚马逊网络服务
AWS认证开发者助理
AWS
AWS认证解决方案架构师助理
AWS
Skills
Tools
Boto 3, Terraform, AWS CloudFormation, AWS IAM, 亚马逊虚拟私有云(VPC), AWS CLI, AWS步骤函数, Amazon EKS, GitLab CI / CD, Jenkins, GitLab, Git, AWS SDK, GitHub, SaltStack, Jira, VMware, Squid, CircleCI, Artillery, AWS Fargate, 亚马逊ElastiCache, Ansible
Languages
Python, Bash Script, Bash, PHP, SQL
Paradigms
DevOps, Automation, Serverless架构, REST, 持续部署, Scrum, Microservices, 持续集成(CI), 持续交付(CD), Agile, 负载测试
Platforms
Linux, Docker, 亚马逊网络服务(AWS), AWS Lambda, Kubernetes, Unix, Ubuntu, Red Hat Linux, Solaris, LAMP, Windows
Storage
Amazon S3 (AWS S3), Redshift, MySQL, PostgreSQL
Other
云迁移, AWS DevOps, AWS认证解决方案架构师, AWS云架构, TCP/IP, 基础设施即代码(IaC), 数据分析, 集装箱化, IT基础设施, Scaling, Security, Unix / Linux虚拟化, Containers, GitOps, Serverless, Iptables, ECS, Identity & Access Management (IAM), LB, Bitbucket都管道, 关系数据库服务(RDS)
如何使用Toptal
在数小时内,而不是数周或数月,我们的网络将为您直接匹配全球行业专家.
分享你的需求
选择你的才能
开始你的无风险人才试验
对顶尖人才的需求很大.
开始招聘