Bernd Kuhlens portfolio
Let’s start with technical skills on AWS.
| EC2 | runing servers on elastic computer cloud either on demand or spot instances, manually launched or driven by autoscaling groups or stacks like CloudFormation. Any related and deeply integrated topics like securitygroups, networks access lists or VPCs are part of the job. |
| storage | EBS is the normal way to go on EC2, but sometimes you need EFS or S3 as well. EBS in contrast to ephemeral storage can be kept even after an instance has been terminated. |
| S3 | If you do not need to run a posix compliante filesystem but and object storage with high durability this is the way to go. Different storage classes and lifetime cycles opt for possible costs savings. |
| ACM | Being responsible for some 200 domains and their certificates it is a pleasure to get TLS certificates free to use and automatically redeployed. |
| CloudFront | Coming from an Akamai background I switched to using AWS’ CDN solution as it is deeply integrated with your AWS portfolio. |
| CloudFormation and Cloud Development Kit. | Coding infrastructure with versioning tools like git offers so much flexibility and ease of deploying changes and backing up your infrastructure. |
| Cloudwatch | Cloudwatch is the builtin AWS monitoring solution offering alarms, Logging facilities (log groups) and scaling integrations as well as dashboards. For professional dashboards I prefer (and use) tools like grafana and prometheus though. |
| Eventbridge | The backbone on AWS. With events you can almost do anything like restarting servers, notifying IT staff, triggering lambda functions and many more. The event bridge helps to make sofisticated workflows like triggering a pipeline on an event like a picture upload to S3 etc. |
| loadbalancers and targetgroups | Many web applications that I transferred to the cloud make use of CDN, loadbalancers and autoscalinggroups. Once you have a functional image of a webserver running your application, you can deploy your loadbalancer and CDN and activate autoscaling on metrics like requests, queue length or CPU/memory consumption. The setup makes manual intervention a rare event. |
| lambda | Serverless compute for event based jobs. lambda makes sense for workloads that don’t take long and have unpredictable load. My lambdas are python (boto3) based and do jobs like finding old unsed AMIs or user cli keys and post them to our slack channel or modify S3 images etc. |
| databases | RDS is a fully managed AWS service were you can run relational databases. For NoSQL your can find solutions like DynamoDB. |
| EFS | Elastic Filesystem for data sharing between EC2 instances. I used this in wordpress solutions where (for redundancy) several instances shared one EFS volume to hold their data (alongside an RDS based shared database). |
| ECS | So far I have only spun up containers and container based services for educational projects. ECS and EKS makes your infrastructure more flexibel and take the idea of autoscalibility to the next level as containers are more light weight compared to servers. |
| EKS | AWS kubernetes solution. Easy to set up and maintain kubernetes cluster. Have used it in one project so far for internal computations triggered by API calls. |
| IAM | Defining roles in policies for different groups of developers or stacks is my daily routine including MFA and CLI key management. |
Other technical skills
| Linux / Unix | Have worked with different Linux distributions so far and with FreeBSD. Got LPI certified around 2010. Usual admin work like running user accounts, enabling ssh connections, firewalling installing and configuring software packages etc. |
| Ansible and puppet | Introduced Puppet to my company as the number of servers grew for ease of management. Going to transfer this to Ansible now and therefore have had serveral courses on Ansible. |
| monitoring | Introduced datacenter monitoring to my company in 2006 and started with Nagios and Zabbix. Nagios then at some point got replaced by checkmk as this more fitted our needs. In terms of dashboards, Zabbix was switched to Grafana. |
| Apache and TLS-certificates. | Was responsible for Webserver administration (Apache 2.2 and 2.4) for some 12 years. As https became state of the art I also was responsible for bying them and binding them to our webservers (was a pain years ago and is dead easy now thanks to ACM). |
| DNS | Maintaining our domains and also maintained our bind server for many years. |
| VMWare | Running servers in our datacenters with usual administrational work like attaching storage, changing storage sizes, defining DRS updating ESX etc. As specialization goes on we are happy to have a partner doing this for us today. |
soft skills
| team | I am used to work in teams as well as to lead teams. |
| projects | Have led many projects in my life including hardware intergrations in datacenters (try and buy, planning, testing) or introducing new components like content delivery networks or new monitoring systems. |
| presenting | I am used to present my company or technical topics in front of larger audiences in either German or English. |
| perspective | I do not concentrate on my topic alone but always try to see the “whole picture” like what possibilities new components offer to other teams. Taking into account differnet aspects of projects/solutions like technical view, product view, billing view etc. |