Abdullah Mustaqeem
$15/hr
2x AWS | 1x GCP | 1x Kubernetes | 1x Terraform Certified DevOps Specialist
Abdullah Bin Mustaqeem
2x AWS | 1x GCP | 1x Kubernetes | 1x Terraform
Certified DevOps Specialist
linkedin.com/in/abdullah-bin-mustaqeem-House 953, Street 15/A,
Mehmoodabad 04, Karachi, Pakistan.
-
Profile
I am a certified Cloud Native and DevOps Professional with great experience in AWS Cloud, GCP, Kubernetes,
CI/CD, Terraform Infrastructure as Code, and Security.
Skills
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
❖
Kubernetes (EKS, AKS, GKE, VMs)
Docker (AWS Fargate, AWS ECS, AWS ECR, Cloud Run, GCR)
Amazon Web Service - AWS
Google Cloud Platform - GCP
CI / CD (AWS CodePipeline, CodeBuild, Gitlab, Github Actions)
Terraform
Helm 3
Istio Service Mesh
NodeJS
Python
Ansible
Shell/bash scripting
Security (IAM, Service Account, CloudTrail, RBAC, Falco)
Monitoring (CloudWatch, Cloud Operations, Kube-Prometheus-Stack)
Centralized Logging (CloudWatch, ElasticSearch, Fluent-bit, Kibana)
Licenses & Certifications
Amazon Web Services DevOps Engineer - Professional - Amazon Web Services (AWS)
Issued Mar2021ExpiresMar2024
0KJE425DK1F11G51
Amazon Web Services Developer - Associate - Amazon Web Services (AWS)
Issued Mar2020ExpiresMar2023
J5CNFLYC3EEQQ3WZ
CKAD: Certified Kubernetes Application Developer - The Linux Foundation
Issued Jan 2019 - Expires Jan
2022 CKAD-
Google Cloud Associate Cloud Engineer - Google Cloud
Issued November 2024
Expires: November 2027
bd18c1f4e-af80bf79d4a8c05
HashiCorp Certified: Terraform Associate - HashiCorp
Issued Jul 2020 - Expires Jul 2022
Experience
DevOps Consultant
High Plains Computing
Nov 2021 – June 2022
July 2023 – Aug 2024
AWS Fargate using Terraform with GitHub Actions
○
○
○
○
○
○
○
○
Set up AWS VPC for the Infrastructure.
Created AWS Faraget cluster using Terraform
Created ECS Task Definition with CPU and memory limits.
Created ECS Task roles and Execution roles with minimum permissions.
Created ECS Service with circuit-breaker capability that will always failover to a running
docker image
ECS Services are in Private Subnets for security.
Created AWS Application Load balancer for public access to the ECS service
All the infrastructure is setup using Terraform and automated by Github Actions
Bare-metal Kubernetes cluster setup using Ansible (Kubespray)
○
○
○
○
○
○
Used Ansible for Kubernetes setup on cloud virtual machines
The control plane was in public subnets while the workers deployed in private subnets.
Used OpenEBS for Kubernetes storage service
Used NGIN Ingress Node Port for internal network communication
Used Calico as a Kubernetes Communication Networking Interface (CNI)
Separate NGINX instance to proxy traffic for application public access
AWS EKS cluster using Terraform
○
○
AWS Identity Authentication and Authorization in K8s Cluster using Aws-Auth Configmap
and ClusterRoleBinding
Enable K8s Control Plane (Master Components) Logging
○
○
○
○
Scale K8s worker nodes using Cluster Autoscaler (CA)
Create EKS Cluster in the private subnet using Terraform Remote Module for EKS
Encrypt AWS EBS Volumes used by AWS EKS Worker Nodes
Configure Pod Level Authorization using IRSA (IAM Role for Service Account)
Terraform Infrastructure as Code (IaC)
○
○
○
○
○
○
○
○
○
Terraform EKS module
AWS Managed Node Groups for worker nodes
ALB Ingress Controller resource
Helm resource
Cluster Autoscaler resource
IRSA
Kube_manifest resource
The Role, ClusterRole resource
RBAC
Istio Service Mesh on Kubernetes Cluster
○
○
○
○
○
Istio API Gateway for prefix based routing to different Kubernetes service
Microservices internal requests Tracing with Jaeger
Microservice internal communication visualization with Kiali
Service-to-Service in-flight encryption with mutual TLS (mTLS)
Configured Canary deployment for weighted routing using Istio built-in functionality
DevOps Consultant
HAMS Technology Ltd.
Aug 2022 – June 2023
AWS EKS cluster setup using Terraform
○
○
○
○
○
○
○
Cluster Autoscaler for scalability
Prometheus and Grafana for resource monitoring
FLuent-Bit and OpenSearch for Application logging
Falco for runtime security
RBAC for Kubectl user authorization
Load balancer controller for ingress
All the infrastructure is automated using Terraform IaC (Infrastructure as Code)
Centralized, Cross-Account Kubernetes (EKS) Monitoring using AWS Managed
Prometheus (AMP)
and AWS Managed Grafana (AMG)
○
○
○
○
Installed Kube-Prometheus-Stack Helm chart
Prometheus server in EKS to export data to AMP
Visualize AMP (Prometheus) data in AMG (Grafana)
Prometheus and alertmanager rules in AMP
○
AWS Simple Notification Service SNS for email alerts
Kubernetes Security
○
○
○
○
Falco Kubernetes Runtime Engine deployment using Helm chart
Configure Pod Level Authorization using IRSA (IAM Role for Service Account)
Users authorization using Role-Based Access Control (RBAC)
IAM authorization using IAM Groups
Centralized Kubernetes (EKS) Logging using Fluent Bit, AWS OpenSearch
and AWS OpenSearch Dashboard
○
○
○
Fluent Bit Helm chart to collect and ship the container logs
AWS OpenSearch creation using Terraform to index and search the logs
AWS OpenSearch Dashboard to visualize
DevOps Engineer
Shispare Pvt Ltd
May 2021 - October 2021
GitLab CI/CD with Terraform for AWS Static Website Hosting:
Environment provisioning using Terraform:
○
○
○
○
○
○
Different Terraform scripts for different environments, i.e., Dev, UAT, Prod
The domain using AWS Route53
SSL/TLS certificate using AWS Certificate Manager
Edge optimization using AWS CloudFront Distribution
AWS S3 bucket for static content
Bucket Policies for Security
Angular Front-end Build using NodeJS
○
○
Creates Angular Build Artifact
Different artifacts for different environments, i.e., Dev, UAT, Prod
Angular Deploy using S3
○
○
Uses build artifacts from the previous stage to deploy it on the above-created
infrastructure.
Different artifacts for different environments, i.e., Dev, UAT, Prod
Environment teardown using Terraform (Manual)
○
○
Terraform script to clean the above-created infrastructure.
Different Terraform scripts for different environments teardown, i.e., Dev, UAT, Prod
DevOps Engineer
Cloud Coherence
Jul 2020 – March 2021
AWS Organization/ AWS Control Tower:
○
○
○
○
○
AWS Organization: Created AWS Landing Zone of multiple shared accounts for isolated
environments and managed them centrally using “AWS Control Tower”.
Set up Multi-accounts using AWS Control Tower.
Set up guardrails and Service Control Policies (SCP) for security and compliance
Set Organizational Units (OUs).
Integrated AWS Single Sign-On (AWS SSO) for multi-account access.
CI/CD Pipeline for Cross-Account Deployments:
○
○
○
○
○
○
○
○
○
Designed Cross-account CI/CD Pipeline using AWS CodePipeline for Serverless
Framework.
Source code from GitHub
AWS CloudFormation template to create the Pipeline
AWS CodePipeline
AWS IAM role for cross-account deployment
AWS CodeBuild to build the application
AWS SSM Parameter Store for API keys.
S3 bucket to save the artifacts
AWS CodeBuild to deploy the application
React Static website hosting:
○
○
○
○
AWS S3 bucket creation
AWS CloudFront CDN creation
AWS Route 53 Record A creation
AWS ACM for SSL certificate creation and DNS validation
DevOps Engineer
Arpatech (Pvt) Ltd (Pakistan Official)
Mar 2020 - June 2020
LEMP stack server:
o
o
o
o
Linux
NGINX
MySQL
PHP
AWS Fargate service:
o
o
o
o
AWS Fargate cluster
Fargate Task Definition
Fargate Service
AWS ECR
Three-tier applications on AWS Fargate:
o
o
o
React Front-end container on Fargate.
NodeJS microservices on AWS Fargate
AWS ALB for routing
Kubernetes Engineer
Upwork
April 2019 - Feb 2020
Google Kubernetes Engine:
○
○
○
Node-pools
Service accounts
Helm deployment
Linode Kubernetes Engine (LKE):
o
o
o
o
Ran Springboot containerized Application
Ran MySQL containers
Set-up NFS server on Linode and attached as a Persistent Volume for MySQL containers.
Helm charts deployments
Education
University of the People
Bachelor’s Degree in Computer Science
