Software Engineer Cloud
Resume:
•More than ** years of programming experience including 4 years of management experience
•In depth, practical experience with Cloud methodologies (IaaS, PaaS, SaaS), automation, orchestration, trends and industry-leading cloud vendor offerings
•4+ years practical experience designing, building, and automating solutions on AWS, Azure
•Python, Scripting, Golang, Git, Linux/UNIX (or similar)
•Cloud orchestration (CloudFormation, Terraform, Helm/Chart)
•AWS IaaS and Infrastructure as Code capabilities
•Configuration management (Ansible, Chef, Puppet)
•Cloud Security technology and best practices
•Rich experience in networking security and protocols (DDOS, DNS, VPN…), Global CDN solution
•DDoS mitigation and intrusion detections methods and experience
•Hands on experience with Docker and container orchestration
•CI/CD, Jenkins, Kubernetes, Docker, Mesos, Rancher, Windows/Linux container
•Excellent oral and written communication skills
•Proven leadership and excellent communication skills by managing teams of different size to complete projects within timeline
EXPERIENCE:
Oct.2018 - Current Netbrain Canada Inc. TORONTO, BOSTON
Senior Software Engineer
Project: Application Performance Monitor Cloud Platform
Elastic APM is an application performance monitoring system built on the Elasticsearch. It allows you to monitor software services and applications in real time — collect detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly. Elastic APM also automatically collects unhandled errors and exceptions. Errors are grouped based primarily on the stack trace, so you can identify new errors as they appear and keep an eye on how many times specific errors happen. Metrics are another important source of information when debugging production systems. Elastic APM agents automatically pick up basic host-level metrics and agent specific metrics, like JVM metrics in the Java Agent, and Go runtime metrics in the Go Agent.
Responsibilities:
Designed and implemented IaaS based on Azure
Designed and implemented the APM cloud platform based on Kubernetes/Docker/Helm/Chart (Another solution based on Helm/chart and Rancher is not adopted)
Designed and implemented snapshot and restore functions based on Cronjob
Set up multi-region disaster recovery environment
Designed and implemented devops tools: rolling update, rollback, scaling out, data migration…
Project: Multiple Operating System CI/CD cloud platform
Based on Elasticsearch/MongoDB/RabbitMQ/Redis and network data
collection and analysis services on Windows, Netbrain application
provides network visibility and automation services for any IT workflow.
Multiple operating system CI/CD cloud platform provide scalable
reliable, secure services continuous integration and deployment platform
for developers and testers.
Responsibilities:
Designed and implemented CI pipeline based on Github, Jenkins
Designed and implemented the CD platform for Windows and Linux services based on Kubernetes/Docker/Flannel/etcd (Another solution based on Helm/chart and Rancher is not adopted)
Designed and implemented the CD production and implemented the DevOps tools (rolling update, rollback, A/B testing, gray release, blue green deployment, red black deployment…)
Designed and implemented the log system based on Elasticsearch/Logstash/Kibana
Designed and implemented the monitor system, alert system and disaster recovery system
Built Kubernetes operator system: packaging, deploying and managing Kubernetes applications
Apr.2018 - Sep.2018 Rose Rocket Inc. TORONTO
Senior Software Engineer
Project: DevOps CI/CD Cloud Platform
Rose Rocket is cloud transportation management software (TMS) that helps manage the unique business requirements of Less-Than-Truckload (LTL) carriers.
Based on Jenkins/Gitlab/Docker/Kubernetes/Spinnaker/AWS - EC2,
ECR, S3, Load balancer, RDS (PostgreSQL, MySql, mangoDB, Influxdb). DevOps platform provides the CI/CD pipelines to testers and developers for verifying their codes in the isolated environments and delivering a production-ready release on demand. DevOps tools are provided at the same time, e.g: rolling update, rollback, canary deployment, blue-green deployment.
CI/CD pipelines shorten the problem isolation and identification tasks which consume the most time often reducing the overall resolution time by at least 50 percent to a total saving of up to 28 percent in developer’s productivity.
Responsibilities:
•Designed and implemented the CI pipeline which can be cooperation with GitHub in 2 weeks
•Designed and implemented the CD production and implemented the DevOps tools (rolling update, rollback…) in 3 months
•Designed and implemented the resource computing module and strategy based on Kubernetes, e.g: schedule according to CPU, memory, disk usage, network throughput
•Design and implemented the resource isolation function of the hybrid cloud platform to increase the stability of production environment
•Implemented, deployed, and maintained highly available, fault tolerant, and scalable services
•Implemented data locality function based on AWS, RDS, PostgreSQL
•Implemented automation configuration management tools based on Puppet, Chef, Ansible to accelerate DevOps platform initiatives and operations Participate in code review and leading scrums (Python/Golang)
•Set up Prometheus, Heapster, Grafana, InfluxDB for querying and visualizing Metrics
•Migrated log centre from ELK to Pandora to have a better log collection and data analysis
Mar.2017 - Apr.2018 HULU BEJING, LOS ANGELES
Senior Software Engineer
Project: DevOps Cloud Platform
Hulu is a video streaming service with an extensive catalog of TV episodes, movies and original programs. Hulu has a rather extraordinary micro service architecture, hosted primarily on a PaaS system called DevOps Cloud Platform.
Based on Kubernetes, Mesos and Docker, this platform provides the isolated environments to developers and testers for deploying and verifying their services. This cloud platform contains schedulers and executors, which receive users’ requirements, (e.g: deploy a long job, deploy a stateless service), and executor will run the related containers according to the Mesos’ resource offers.
Responsibilities:
•Designed and implemented the scheduler, executor, resource computing functions based on Kubernetes, Mesos, Docker
•Designed and implemented service discovery, metric collector, Log centre functions
•Designed and implemented the network bandwidth limitation function to isolate the hybrid cloud environments
•Implemented Redis cluster as a service platform based on Mesos, Golang
•Set up the distributed file system based on Ceph, Glusterfs for log storage
•Designed and implemented DAGFlow module
•Designed and implemented AI platform: TensorFlow as a service on Marathon, Mesos, Kubernetes, Python
Feb.2016 - Mar.2017
Cloudin Co. Ltd. BEIJING
Architect, Team Leader: DevOps Team, Private Cloud Team
Project: Intelligent Cloud Platform
The Cloudin Cloud Platform provides a broad set of infrastructure services, such as computing power, storage options, networking, and databases that are delivered as a utility: on-demand, available in seconds, with pay-as-you-go pricing. From data warehousing to deployment tools, directories to content delivery, over 20 Cloudin services are available. Intelligent Cloud Platform is a highly scalable, high-performance container management service that supports Docker containers. Based on the Kubernetes, Flannel/Calico, etcd, Ansible, Docker, intelligent Cloud Platform allows you to easily run applications on a managed cluster, e.g: Amazon EC2 instances. Intelligent Cloud Platform eliminates the need for you to install, operate, and scale your own cluster management infrastructure. With simple API calls, you can launch and stop Docker-enabled applications, query the complete state of your cluster, and access many familiar features like security groups, Load Balancing. You can use this platform to schedule the placement of containers across your cluster based on your resource needs and availability requirements.
Responsibilities:
•Designed and implemented the intelligent cloud platform
•Set up the intelligent cloud platform
•Implemented configuration tools by Ansible, Puppet
•Set up the distributed file system by Ceph, Glusterfs
•Implemented the DevOps platform based on Mesos and Kubernetes
•Optimized the performance of connection between container instances
•Implemented disaster recovery system, monitor system and alert system
•Implemented various DevOps tools, e.g: rolling update, scale up, scale down
•Set up the monitor system by using Heapster, Prometheus
•Led the development and managed a team of infrastructure developers to deliver cloud platform in 5 months
•Worked closely with designers and project managers on planning the project
Nov.2014 - Feb.2016
Didi Co. Ltd. BEIJING
Senior Software Engineer
Project: DIDI Infrastructure Platform
Didi Co. Ltd. is a peer-to-peer ridesharing, taxicab, food delivery, bicycle-sharing, and transportation network company headquartered in Beijing, China, with operations in 185 metropolitan areas worldwide. DIDI Infrastructure Platform redefines how you modernize, innovate, and compete in a digital world. Leveraging the new self-driving, self-securing, and self-repairing autonomous capabilities, organizations are able to lower cost, reduce risk, accelerate innovation, and get predictive insights.
Responsibilities:
•Designed and implemented the DIDI Infrastructure Platform on Docker, Kubernetes
•Implemented the CI/CD DevOps pipeline based on Bash, Ansible, Flannel, Kubernetes and Docker
•Reduced the latency of the connection between containers by using Calico network
Dec.2010 - Nov.2014
Wind River System Inc. BEIJING
Senior Software Engineer
Project Name: PFG (Platform for Gateway)
As an IoT (Internet of Things) production, Wind River Platform for Gateways provides original equipment manufacturers (OEMs) and original design manufacturers (ODMs) a pre-integrated, fully supported reference platform to create products that aggregate and manage devices and services at the network edge.
Responsibilities:
Implemented networking features:
•Firewall
•Layer 2/3 network packet filtering
•NAT
•DDOS
•VPN:
•IPSEC
•L2TP
•GRE
•PPPoE
•IPv6
•IGMP
•QoS
•VLAN (based on ARM)
Environment: Wind River Linux 4.3; ARM
Project Name: M2M Machine to Machine) Home Gateway
The Wind River M2M is a commercial-grade Linux development platform for original equipment manufacturers (OEMs) to launch smart services that take advantage of cloud computing.
Responsibilities:
3G Connection
SIM Card Control
phone book management
SMS/ MMS management
IPv6 over IPv4 Tunneling
GRSecurity:
oIt allows the system administrator to define a least privilege policy for the system, in which every process and user have only the lowest privileges needed to function.
Connection Daemon:
oIt monitors all the types of connection (Ethernet/3G/WiFi) for network traffic controlling and auto switching.
Environment: Wind River Linux 5.0; x86
Sep.2009 - Dec.2010
CIeNET Co. Ltd. BEIJING
Senior Software Engineer
Project Name: Motorola (China) Mobility Corporation – Android
Phone development
MOTO MT810 a smart phone which is based on Linux OS and using the Android system.
Responsibilities:
Implemented the PS module, it provides the IP address to upper level applications by PPP channel. My work is to modify the pppd open source code for setting up the PPP channel with BP which will provide IP address to other AP modules.
Project Name: Ericsson Connected Home Gateway
The Ericsson Connected Home has two key components: the Ericsson Connected Home Gateway and the Remote Access clients for Mobile phones and PCs. This production (Ericsson Connected Home Gateway) can be used to control all the UPnP devices which connect to it when you are out of home by Web page or mobile phones.
Responsibilities:
•Implemented remote access module: A Home-to-Home (H2H) connection is bidirectional which means that all UPnP devices in both networks are replicated to the other network. The VPN between the two Connected Home Gateways makes use of IPSEC in tunnel mode
•Maintained the TCP/IP stack in kernel space of Broadcom • Implemented firewall module between LAN and WAN
Operation System: Linux (Ubuntu 8.04, Kernel version: 2.6.21.5)
Mar.2007 - Sep.2009
Huawei BEIJING
Software Engineer
Project Name: Eudemon 8000E Firewall
The E8000E adopts the architecture of independent control modules, interface modules, and service processing modules. Based on the dual NP, the interface module ensures the line-speed forwarding of interface traffic. Based on the multi-core and multi-thread architecture, the service processing module ensures the high- speed concurrent processing of multiple services, such as the Network Address Translation (NAT), Application Specific Packet Filter (ASPF), Anti-DDoS, and VPN. E8000E adopts the distributed concurrent processing mechanism, which greatly enhances the product performance. Thus, users can expand capacities with low pre-phase investment.
Responsibilities:
•Implemented the TCP/IP stack for embedded security modules to deal with the DOS defend, including TCP flood, UDP flood, ICMP flood and TCP proxy and so on
•Implemented NAT / NAT server modules to protect the private IPs
•Designed and implemented blacklist module to drop the network packages from the source IP listed in the blacklist Operation System: Vxworks; NP/RMI
Project Name: Packer Filter & Monitor Tool
This software is a kind of network package filter tool based on the Netfilter architecture (Linux Kernel Version: 2.4.31), it can show and manage the network packages which overpass it.
Responsibilities:
Implemented and hacked kernel modules of network protocol in Linux
Kernel (Linux Kernel Version: 2.4.31)
Nov.2006 - Mar.2007
IBM BEIJING
Software Engineer (CO-OP)
Project Name: Java/C++ API Testing on ECM
The ECM is a kind of middleware used on different platforms; There are 4 levels in this architecture, Disk, DB2, WAS and web pages for management. It provides the API for the programmers to build their own network file storage system.
Responsibilities:
Implemented tests cases in Java/ C++ on Solaris 10, Solaris 9, SUSE 10, SUSE 9, Red Hat E4
Mar.2006 - Nov.2006
Huawei BEIJING
Software Engineer (CO-OP)
Project Name: XLog Network Analysis & Monitor System
This product provides the basic functions to analyze network traffic. It can tell what kinds of network applications are being used by the clients. (e.g: MSN, QQ, and other STUN protocol applications)
Responsibilities:
Implemented the monitor function to check the network packages from certain applications
Operation System: FreeBSD
EDUCATION:
Sep.2004 - Jun.2007 Nankai University TIANJIN, CHINA
Master’s degree in Computer Science
Sep.2000 - Jun.2004 Tianjin University TIANJIN, CHINA
Bachelor’s degree in Computer Science
CERTIFICATION:
Sep.2000 - Jun.2001 Tianjin University Scholarship
Sep.2001 - Jun.2002 Tianjin University Scholarship
Contact this candidate