NFQ Asia | 8Bit Rockstars
accelerate startups and scale enterprises as DevOps Engineer
August 2017 - Now
General & Process:
- Cover A-Z from kicking off startups: techstack, build infra from scratch to micro-services, tracing problems, maintain & scale.
- Taking strong responsibility/ownership during on-call periods, identifying failures and execute actions for resolving live issues: postmortem, prevention plan, achieve goals on basic SLA, uptime & MTTR.
- Producing DEVOPS evaluation standards for team: 4 levels (Assoc, Std, Senior, Principal), 17 technical topics and 70-mindset/30-tech ratio.
- Designing modular, pluggable & standardized IaC with bottom-up approach: base-network, base-env, webapp/services & internal tools.
- Working, contributing & guiding standards on ~20 terraform modules with ~30 ansible roles.
- Solid skills on GNU/Linux: top, vmstat, sysstat, iotop, dmesg, logger, mount/fstab, systemd, cron, supervisord, strace, time, tuning linux.
- Building & deep operating MySQL/MongoDB internals, replication, sharding, multi-AZ, HA failover, backup/restore on VM-based, RDS, CloudSQL, MongoDB Atlas with VPC peering.
- Designing networking: external/internal DNS, VPC, NAT, subnet, Cloudflare, ALB, NLB, Nginx, HAproxy, OpenVPN, Wireguard VPN, CDN.
- Building monitoring/logging/APM tracing: Sentry, ELK, telegraf, influxdb, grafana, NewRelic, monit, Cloudwatch, Datadog.
- Dockerize legacy vm-based webapps, building Dockerfile, docker-compose, microK8s, podman for local & testing environment
- Handling micro-services by using Kubernetes on GCP, evolved from DEIS architecture to GKE with Helm
- Operating multiple GKE clusters across regions (EU & ASIA)
- Buiding main routing application traffic by using nginx-ingress on both name-based & path-based
- Config Cloud Nat gateway on GKE for limiting outbound IP
- Scaling up/down services during high traffic ~50K rpm
- Streaming logs from stdout/syslog-protocol to Logentries & ELK
- Deploying & patching GKE deployment using jenkins, GCR with fully automation Gitflow
- Proposing HA & scalable scheduler/one-off architecture by using internal HTTP endpoint.
- Designing database migration process for multi tenancy DBs using pub/sub queue worker.
- Investigating performance bottle-neck: Redis caching, MySQL/MongoDB index & performance schema, tuning PHP/NodeJS backend.
- Guiding & setup Gitflow with auto CI/CD on multi clouds: Jenkins, Ansistrano, pipeline, parallel, webhook, cron, notification.
Codebox Solutions - HCM city
work as DevOps Engineer for SalesHood - San Francisco
August 2016 - June 2017
Maintain, troubleshoot CI/CD infrastructure issues, multi environments on AWS.
Build and manage MySQL replication, handle SPOF execution processes.
Monitor infrastructure, log management, investigating performance issues. Implement penetration testing, run security audit and fixing vulnerabilities to pass OWASP.
Design and execute scenarios for stress test.
- Solid experience with GNU/Linux operating systems: dmesg, syslog, auth, ssh, service's log on hvm virtualization AWS.
- Knowledge on system's resource: cpu, mem, swap, cache, performance problems, OOM issue. Estimating and choosing the right instance/server and applicable use cases based on benchmarking and workloads.
- Deep understanding in MySQL master-slave, identify and cure slave lag, binlog, slow query logs.
- Manage deployment workflows on Jenkins CI, writing bash, python scripts and aws cli, s3.
- Optimize, handle webapp centralized log & data pipeline: Rsyslog, Logstash, Elasticsearch, Kibana.
- Experience with locust.io, gatling.io for performing screnario loadtest.
- Basic knowledge about ZAP, Burp and Metasploit for discovering vulnerabilities, pass security audit from Salesforce.
work as Mobile Developer - freelancer
October 2015 - April 2016
Develop windows phone apps and publish to Microsoft store. Learning and using RESTful API for building features.
- Youtube player: using Youtube API.
- Network speed test: building from scratch by calculating download/upload time.
- Spinner game: learning animation.