David is available for hire
Hire David大卫Sumsky
验证专家 in 工程
AWS云开发人员
Location
布拉格,捷克共和国
至今成员总数
2019年10月11日
David is a cloud enthusiast, enabling organizations to develop on AWS successfully. 他持有AWS解决方案架构师专业证书和AWS认证安全专业证书. 他专门从事安全架构设计, 高Availability, scalable, 具有成本效益的云解决方案. David与客户密切合作,以DevOps为重点,定义想法并交付云就绪解决方案, CI/CD, 自动化工具.
Portfolio
Alpsee Limited(通过Toptal)
亚马逊网络服务(AWS), PHP, Bitbucket都管道, 亚马逊ElastiCache, LB...
Mobeezio(来自Toptal)
亚马逊网络服务(AWS), 负载测试, Security, Artillery, GitLab CI / CD...
SAP/Concur
亚马逊网络服务(AWS), Git, Bash, Boto 3, Python, 持续交付(CD)...
Experience
Availability
Part-time
首选的环境
Linux
最神奇的...
...thing I've designed was a 高Availability and scalable SaltStack architecture on AWS, 谁管理着成千上万的盐小黄人.
工作经验
AWS顾问
2020 - 2020
Alpsee Limited(通过Toptal)
- Consulted and designed AWS ECS infrastructure hosting derivative trading software.
- Designed infrastructure automation using AWS CloudFormation.
- 确定基础设施的痛点, provided guidance how to remove them and how to establish best practice AWS environment.
技术:亚马逊网络服务(AWS), PHP, Bitbucket都管道, 亚马逊ElastiCache, LB, AWS Fargate, 关系数据库服务(RDS), Identity & 访问管理(IAM), ECS, AWS CloudFormation
DevOps工程师
2019 - 2020
Mobeezio(来自Toptal)
- 设计并实现了一个生产就绪且可扩展的Kubernetes/AWS EKS基础设施,托管一个移动应用程序.
- 使用Artillery进行负载测试,并分析结果以优化基础设施.
- Automated the infrastructure deployment with Terraform Enterprise, CircleCI, and Weave Flux.
- 保护了CircleCI CI/CD管道,包括漏洞扫描和Dockerfile检测等.
- Took care of the AWS public cloud optimal and secure usage.
技术:亚马逊网络服务(AWS), 负载测试, Security, Artillery, GitLab CI / CD, CircleCI, Terraform, 关系数据库服务(RDS), Kubernetes, Amazon EKS
AWS开发者
2018 - 2019
SAP/Concur
- 设计并实现了一个配置框架,该框架按照最佳实践蓝图和推荐的护栏自动创建多账户AWS环境.
- 设计并实现了一个无服务器测试框架,用于执行多账户AWS环境的冒烟测试.
- 与应用程序团队合作,从手动部署的内部部署产品迁移到基于云的全自动多租户解决方案.
- 在敏捷/scrum环境中工作,与不同时区的团队成员进行两周的迭代.
- Evangelized the AWS platform and full-stack usage of AWS services within the organization.
- Took care of and developed a previous generation of the AWS environment.
技术:亚马逊网络服务(AWS), Git, Bash, Boto 3, Python, 持续交付(CD), 持续集成(CI), Jenkins, Linux
云工程师
2017 - 2018
巴克莱(Barclays) / ABSA
- 开发无服务器DNS系统,动态注册和地址AWS EC2和ELB资源,自定义主机名和域名后缀.
- Built Terraform modules to provision a private and secure docker-registry service.
- Constructed Terraform modules to simplify the configuration of AWS SSM Patch Manager.
技术:亚马逊网络服务(AWS), Git, Bash, Boto 3, Python, Ansible, Terraform, Docker, Jenkins, Linux
云自动化工程师
2013 - 2017
Infor
- 评估可用的配置管理系统,选择一个适合内部使用的.
- 在AWS之上设计并实现了一个SaltStack基础设施服务,用于配置基于ec2的工作负载.
- 领导组织内部对SaltStack的采用, 指导团队, 并定义了如何使用它的最佳实践.
- Developed a serverless "limit checker" service to monitor AWS service limits.
- 在AWS之上构建“Linux补丁”服务,为基于CentOS和OEL Linux的EC2实例打补丁.
- Created a serverless "scheduler" service to perform common AWS management tasks like backup, EC2自动停止/启动, EBS快照过期, and so on.
- 设计并实现了“Linux黄金镜像构建和分发”服务,用于定制CentOS和OEL ami,并将其分发到组织的AWS账户中.
- 与应用程序团队合作. Ensured that applications were designed properly for interacting with AWS, 明确的技术要求, and wrote end-to-end automation to deploy them in AWS.
- Oversaw resource usage and cost optimization strategies across multiple AWS accounts.
- Designed, 实现, and deployed various cloud infrastructure services for AWS.
技术:亚马逊网络服务(AWS), Jira, Git, Bash, Boto 3, Python, Docker, Security, SaltStack, 持续交付(CD), 持续集成(CI), Jenkins, Linux
Unix工程师
2011 - 2013
德意志交易所
- Implemented a Red Hat satellite infrastructure to replace legacy kickstart/build servers.
- Designed and built a high-performant trading infrastructure on Dell servers.
- 加强了交易基础设施的安全性.
- 在戴尔刀片和EqualLogic磁盘阵列上设计和构建虚拟化的SunGard Front Arena基础设施.
Technologies: VMware, Bash, Solaris, Red Hat Linux, Linux
Unix / Linux工程师
2006 - 2013
自由职业
- Provided Unix/Linux platform consultancy services and support.
- Designed, 实现, 维护运行web托管服务(LAMP堆栈)和基于服务器的应用程序(Postfix)的Linux系统, Squid, OpenVPN, BIND, iptables, Samba, and more).
- Resolved customer issues with the Linux/Unix systems.
Technologies: Bash, Iptables, Squid, LAMP, Red Hat Linux, Linux, Unix
Experience
Mobeezio -可扩展的Kuberenetes/EKS基础设施
客户需要生产就绪, scalable Kubernetes infrastructure to host a mobile application API layer. 它运行在由Terraform模块提供的AWS EKS服务上,并通过Terraform企业平台交付.
Based on load-testing performed with Artillery and performance metrics analysis, the infrastructure was tuned with cloud-native auto-scaling, 水平吊舱缩放, and cluster over-provisioning to mitigate cluster auto-scaling latencies. Further recommendations were given on how to optimize the application itself.
Finally, 我们改进了CircleCI CI/CD管道(为应用程序提供Docker镜像),实现了Docker镜像漏洞扫描和Dockerfile检测,以提高基础设施的整体安全性.
Based on load-testing performed with Artillery and performance metrics analysis, the infrastructure was tuned with cloud-native auto-scaling, 水平吊舱缩放, and cluster over-provisioning to mitigate cluster auto-scaling latencies. Further recommendations were given on how to optimize the application itself.
Finally, 我们改进了CircleCI CI/CD管道(为应用程序提供Docker镜像),实现了Docker镜像漏洞扫描和Dockerfile检测,以提高基础设施的整体安全性.
SAP/Concur - AWS环境配置框架
客户需要一种解决方案,该解决方案可以根据最佳实践和建议的护栏快速设置多账户AWS环境. It provided a baseline configuration to get started with a multi-account architecture, identity, 访问管理, governance, 数据安全, 网络设计, and logging. 该解决方案克服了以前基于多租户帐户的AWS解决方案的局限性.
该环境是一组相互连接的AWS帐户,托管应用程序和工具,具有以下设置:
• AWS VPC with the network setup including VPC Peering connections, subnets, SGs and NACLs
• AWS CloudTrail and Config with visibility into users and resources activity
• AWS IAM with a set of roles and policies and identity federation
• AWS Organizations to manage accounts creation and their cost
•与第三方工具(如obvious)集成.Okta的云健康公司
• Centralized shipping logs to a central logging account
•应用程序配置界面
•资源标记
框架的特点:
• Scalable and delivers an environment in a few minutes
• Automated with Sceptre, AWS CloudFormation, Python/Boto 3, and Jenkins pipelines
•遵循IaC模式
•可复制和可扩展
该环境是一组相互连接的AWS帐户,托管应用程序和工具,具有以下设置:
• AWS VPC with the network setup including VPC Peering connections, subnets, SGs and NACLs
• AWS CloudTrail and Config with visibility into users and resources activity
• AWS IAM with a set of roles and policies and identity federation
• AWS Organizations to manage accounts creation and their cost
•与第三方工具(如obvious)集成.Okta的云健康公司
• Centralized shipping logs to a central logging account
•应用程序配置界面
•资源标记
框架的特点:
• Scalable and delivers an environment in a few minutes
• Automated with Sceptre, AWS CloudFormation, Python/Boto 3, and Jenkins pipelines
•遵循IaC模式
•可复制和可扩展
SAP/Concur - AWS环境测试框架
To increase the stability of multi-account AWS environments, 客户需要一个测试框架,在将新设置的环境交付给最终用户之前对其执行冒烟测试.
The framework is based on AWS Lambda and Step Functions services, 是谁策划了烟雾测试的执行. A smoke test is represented by a CloudFormation template, which is declaring execution of related "atomic" tests (e.g., 通过HTTP代理访问互联网, VPC内的连通性, AWS CloudTrail/VPC Flow日志事件, 允许所需连接的安全组, and more).
当从模板创建堆栈时, 启动一个AWS EC2实例, or an AWS Lambda function is invoked to initiate smoke testing. 测试结果由CloudFormation信号和测试依赖项报告,其状态由AWS步骤函数驱动. Notifications are sent to SQS queues, processed, and forwarded to Slack channels.
框架的特点:
•完全无服务器
• Automated with AWS CloudFormation, Step Function, Lambda, and Python/Boto 3
• Plugged into multi-account AWS environment delivery pipelines
The framework is based on AWS Lambda and Step Functions services, 是谁策划了烟雾测试的执行. A smoke test is represented by a CloudFormation template, which is declaring execution of related "atomic" tests (e.g., 通过HTTP代理访问互联网, VPC内的连通性, AWS CloudTrail/VPC Flow日志事件, 允许所需连接的安全组, and more).
当从模板创建堆栈时, 启动一个AWS EC2实例, or an AWS Lambda function is invoked to initiate smoke testing. 测试结果由CloudFormation信号和测试依赖项报告,其状态由AWS步骤函数驱动. Notifications are sent to SQS queues, processed, and forwarded to Slack channels.
框架的特点:
•完全无服务器
• Automated with AWS CloudFormation, Step Function, Lambda, and Python/Boto 3
• Plugged into multi-account AWS environment delivery pipelines
Infor - SaltStack基础设施
客户需要一个合适的配置管理系统来简化AWS云中基于Linux和windows的应用程序部署.
When the evaluation phase was finished and SaltStack was chosen, 客户需要构建一个可以在每个云环境中运行的高弹性的SaltStack基础设施. 基础设施在主模式和无主模式下管理数千个盐仆从/EC2实例.
整个基础设施提供了
•高度可用的SaltStack主机的自动化
• Standardized provisioning and configuration of salt minions on EC2 instances
•自定义状态、执行和支柱模块
基础设施使用AWS CloudFormation和Python/Boto 3实现自动化,并利用AWS的EC2等服务, ASG, S3, 和DynamoDB.
When the evaluation phase was finished and SaltStack was chosen, 客户需要构建一个可以在每个云环境中运行的高弹性的SaltStack基础设施. 基础设施在主模式和无主模式下管理数千个盐仆从/EC2实例.
整个基础设施提供了
•高度可用的SaltStack主机的自动化
• Standardized provisioning and configuration of salt minions on EC2 instances
•自定义状态、执行和支柱模块
基础设施使用AWS CloudFormation和Python/Boto 3实现自动化,并利用AWS的EC2等服务, ASG, S3, 和DynamoDB.
Infor - AWS限制检查服务
客户需要一个全面的AWS服务限制和使用情况监控和报告工具. 本机AWS工具(如Trusted Advisor)提供AWS限制的子集,并且只提供每周警报.
该解决方案基于一组用Python编写的AWS Lambda函数,通过“awslimitchecker”工具监控AWS服务限制. This tool takes care of hard-coded limits, API-based limits and data from Trusted Advisor.
它提供了:
•更细粒度的警报
•基于AWS sns的警报
•限制跟踪AWS DynamoDB数据后端
• Automatic support cases opening to increase some limits
该解决方案基于一组用Python编写的AWS Lambda函数,通过“awslimitchecker”工具监控AWS服务限制. This tool takes care of hard-coded limits, API-based limits and data from Trusted Advisor.
它提供了:
•更细粒度的警报
•基于AWS sns的警报
•限制跟踪AWS DynamoDB数据后端
• Automatic support cases opening to increase some limits
Infor — Linux Golden Image Build and Distribution Service
客户需要一个定制的解决方案来构建Linux黄金映像并将其分发到客户的云环境中.
The solution defines automated build process of AMIs for CentOS and OEL which includes:
•自定义系统和服务配置
•安装预定义的和自定义的软件包
•安装安全补丁
•基于CIS基准的安全加固
•安装ENI驱动程序
•生成HVM/PV ami
• AMIs distribution from the build environment to the rest of the environments
整个过程是通过SaltStack和Jenkins管道自动化的,其中任何代码更改提交都会触发一个dry-run构建来验证构建过程. Once a month, a full build is executed to build new AMIs and to distribute them.
The solution defines automated build process of AMIs for CentOS and OEL which includes:
•自定义系统和服务配置
•安装预定义的和自定义的软件包
•安装安全补丁
•基于CIS基准的安全加固
•安装ENI驱动程序
•生成HVM/PV ami
• AMIs distribution from the build environment to the rest of the environments
整个过程是通过SaltStack和Jenkins管道自动化的,其中任何代码更改提交都会触发一个dry-run构建来验证构建过程. Once a month, a full build is executed to build new AMIs and to distribute them.
Infor — Java Application Server Automation (Internal App)
客户需要我们在AWS中设计并实现一个基于java的中间件系统的云就绪自动部署,该中间件系统运行在Windows和Linux上.
最终的解决方案定义:
•基于AWS CloudFormation的基础设施即代码
•基于AWS自动伸缩组和具有深度健康检查的弹性负载平衡器的高Availability和可扩展基础设施
•安装和配置过程是抽象的SaltStack和一组PowerShell脚本
• Patches and updates are distributed with AWS CodeDeploy
• Logging and monitoring facilities are integrated with Sumo Logic
最终的解决方案定义:
•基于AWS CloudFormation的基础设施即代码
•基于AWS自动伸缩组和具有深度健康检查的弹性负载平衡器的高Availability和可扩展基础设施
•安装和配置过程是抽象的SaltStack和一组PowerShell脚本
• Patches and updates are distributed with AWS CodeDeploy
• Logging and monitoring facilities are integrated with Sumo Logic
Education
2000 - 2006
应用信息学硕士学位
马萨里克大学-布尔诺,捷克共和国
认证
2020年5月- 2023年5月
AWS认证解决方案架构师-专业
亚马逊网络服务
2019年8月- 2022年8月
AWS认证安全-专业
亚马逊网络服务
2018年3月至2021年3月
AWS认证开发者助理
AWS
2017年7月至2023年5月
AWS认证解决方案架构师助理
AWS
Skills
Tools
Boto 3, Terraform, AWS CloudFormation, AWS IAM, 亚马逊虚拟私有云(VPC), AWS CLI, AWS步骤函数, Amazon EKS, GitLab CI / CD, Jenkins, GitLab, Git, AWS SDK, GitHub, SaltStack, Jira, VMware, Squid, CircleCI, Artillery, AWS Fargate, 亚马逊ElastiCache, Ansible
Languages
Python, Bash Script, Bash, PHP, SQL
Paradigms
DevOps, Automation, Serverless架构, REST, 持续部署, Scrum, Microservices, 持续集成(CI), 持续交付(CD), Agile, 负载测试
Platforms
Linux, Docker, 亚马逊网络服务(AWS), AWS Lambda, Kubernetes, Unix, Ubuntu, Red Hat Linux, Solaris, LAMP, Windows
Storage
Amazon S3 (AWS S3), Redshift, MySQL, PostgreSQL
Other
云迁移, AWS DevOps, AWS认证解决方案架构师, AWS云架构, TCP/IP, 基础设施即代码(IaC), 数据分析, 集装箱化, IT基础设施, Scaling, Security, Unix / Linux虚拟化, Containers, GitOps, Serverless, Iptables, ECS, Identity & Access Management (IAM), LB, Bitbucket都管道, 关系数据库服务(RDS)
有效的合作
如何使用Toptal
在数小时内,而不是数周或数月,我们的网络将为您直接匹配全球行业专家.
1
分享你的需求
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
选择你的才能
在24小时内获得专业匹配人才的简短列表,以进行审查,面试和选择.
3
开始你的无风险人才试验
Work with your chosen talent on a trial basis for up to two weeks. 只有当你决定雇佣他们时才付钱.
对顶尖人才的需求很大.
开始招聘