
Hello, my name is Ashish Goel and as a DevOps/Cloud manager with over 10 years of experience in the tech industry, I have honed my skills in leading cross-functional teams and implementing efficient and innovative solutions. My passion for driving continuous improvement and delivering high-quality products has allowed me to successfully navigate complex projects and exceed business objectives.
My passion for automation and streamlining processes has led me to specialize in DevOps and SRE, where I have successfully implemented and managed various client projects across multiple industries. My expertise in these areas has allowed me to optimize operations, reduce downtime, and increase business efficiency.
My expertise lies in developing and implementing Devops practices, optimizing processes, and fostering collaboration between development and operations teams. I have a strong technical background, with a deep understanding of cloud technologies, such as Terraform, Kubernetes, Cost Optimization, CI/CD, Azure, AWS, and Scripting languages like Shell, PowerShell, and Python. This, combined with my leadership skills, allows me to drive a culture of continuous integration and delivery, resulting in faster delivery times and improved product quality.
One of my key strengths is my ability to adapt to new technologies and environments quickly. This has enabled me to stay ahead of the curve and continuously enhance my skills to provide the best solutions for my clients. I am always eager to learn and stay updated with the latest trends and techniques in the industry.
In addition to my technical skills, I am also well-versed in cost optimization strategies, helping businesses save resources and increase their bottom line. My strong analytical skills and attention to detail have enabled me to identify areas for improvement and implement cost-saving measures.
I am a strong team player and thrive in collaborative environments. If you're looking for a dedicated DevOps/SRE professional who can drive operational excellence and deliver tangible results, I would love to connect. Let's explore how we can work together to achieve your business objectives.
Principal Architect
AbinbevDevOps Engineer
Cerner Healthcare Services Pvt LtdAWS Linux Engineer
Tata Consultancy Services LtdLinux Admin
Infosys LtdAzure

AWS

Terraform

Azure Defender for Cloud

Prometheus
.jpg)
Grafana
.png)
Jenkins

Gitlab CI/CD
.png)
Docker

EC2

ELB

CloudWatch

SonarQube

Maven

ArgoCD

VPC

S3

Route53

SNS

EBS
I have a role with 10 years of experience. I started my career as a Linux admin, where I worked for 3 years. I performed a lot of Linux-related tasks, including issues related to NFS and server performance. Then I moved towards the cloud and the DevOps world. Initially, I worked on AWS and implemented CICD Jenkins pipelines. In my current role, I'm majorly working on Azure and AWS cloud with Terraform and Kubernetes, and I also do scripting in PowerShell and share.
So if you have to securely transmit data between two AWS services, you can use either a VPC gateway endpoint or a private endpoint. So you have to create those endpoints between the services and make sure the traffic passes through those endpoints. You'll have to create endpoints and a route so that all traffic passes via those endpoints only.
Yeah. In order to do a full tolerance in an AWS RDS database, we can have another replica of the database in another region. We can also have a read replica in another zone so that all read queries will be routed to that read replica. We basically have to create redundancy of that application or database into another region.
So to automatically scale a high traffic application, we can use an auto scaling group in which we'll have to create a load balancer. And in the back end, we'll have to post our virtual machines. So virtual machines can be a part of the auto scaling group. We can have an application load balancer which will basically route the traffic to the virtual machines. And based on the metrics defined in their auto scaling group, the scaling will happen. So to monitor this item, we can use a CloudWatch rule or any third party tool like Datadog or Nagios. The problem in reference.
Yeah. In order to use encryption, we can either use a platform managed key or a customer managed key, but customer managed key is always the case. So we can use a customer managed key to do the encryption in S3 and RDS. So we'll have to create our own key, which we are the owner of. That is not managed by AWS, but by us only. So we'll use that key. We can put that key into the vault, and then you can call S3 or RDS to use that key.
So in order to manage traffic and security policies in AWS VPC, we will need to have a VPC in which we can define a route table with the Internet gateway for the public subnet and the NAT gateway for the private subnet. We'll have to define the route tables. We'll have to configure network security, such as network ACLs on a subnet level, similarly, a security group from the instance level. And we can also have an endpoint so that the services communicate with each other privately. And, maybe we can have load balances so that the traffic is evenly distributed between the back end.
Expiration in days can be changed from 365 to 30 or 60 days. And then, from a cost optimization point of view. Also, we can enable bucket policies on the screen from a security point of view.
So, we can use approved AMI instead of using some random AMI. Similarly, we can have virtual networks and subnets and the security groups configured for the EC2 instance from a security point of view. And, also, we can use a stance type which is more inclined towards the requirement instead of using a small one.
So in order to do a migration, we need to check if we can do a migration onto the virtual machines in which we can basically do a lift and shift migration to some virtual machines. And if we have to use some PaaS services, then we can use some PaaS components like Lambda, in which we can deploy the.NET code of the application into AWS.
So with the CICD pipelines, the standards will be maintained. It went through various levels of testing, including unit testing and integration testing. Then we can have a smart queue for code coverage and code analysis. We can also push our jar file, created for a Java application, or the file created for a.NET application into a Nexus repository or a JFrog repository. Then with the help of Docker, we can create an image, and then we can deploy it onto the Kubernetes cluster via the ML files. And we can also have a scanning tool, such as Trivy, to scan the images. So we'll have a CICD pipeline that adheres to a lot of standards. We can have scanning tools in between, and all the things are automated, reducing manual errors. Moreover, this is faster than a manual effort. So we'll just have to push the code pipeline. We'll have to create a pipeline, and then all the stages will happen. We can get more errors since we have a lot of tools, such as Sonarqube for code analysis, unit testing, and integration testing. So it will be a good practice.
So we can use CICD pipelines in which the pipeline will first go through unit and integration testing, followed by the scenario code, and then this will go through, and then the image is created by Docker and goes to the container history. And then deployments will use that image to do the orchestration. So you can do the deployment via the ROCD tool into the Kubernetes cluster. And