YU HSUAN CHEN

Cloud Architect / SRE


  • e-mail:  [email protected]
  • phone number:  0917577377
  • home number:  0289419847
  • home address:   Minquan Rd., Yonghe Dist., New Taipei City  , Taiwan (R.O.C.)

Certificates

  • AWS Practitioner
  • GCP Professional Cloud Architect

Skills

Programming Stack

  • Node.js (eslint)
  • Python
  • Ansible
  • Terraform 
  • Sql

Operating System

  • MacOS
  • Ubuntu
  • Debian
  • Raspbian

DevOps

  • CICD Solution
    • Terraform CICD
    • Argocd CICD
  • CICD Platform
    • Azure DevOps
    • Gitlab CI
    • Jenkins

Monitoring

  • Grafana
  • Prometheus
  • Elasticsearch
  • Kibana
  • Cloud Watch
  • Cloud Monitoring
  • Cloud Logging

DB/Storage

  • AWS S3
  • AWS ES
  • AWS Athena
  • AWS DDB
  • AWS RDS Mysql/Postgresql
  • GCP BQ
  • GCP GCS
  • GCP DataStore
  • GCP CloudSql Mysql/Postgresql

Compute/ Container

  • K8s
  • Docker
  • AWS EC2
  • AWS Lambda
  • GCP GKE
  • GCP GCE
  • GCP Cloud Run
  • GCP App Engine
  • GCP Cloud Function

Network

  • VPC
  • Subnets
  • NAT
  • LB
  • VPN
  • CDN
  • DNS
  • Router
  • GCP Shared VPC
  • GCP VPC peering
  • GCP Armor (WAF)
  • AWS SG / GCP firewall

Work Experience                                         Project  Involve


工作經歷

SRE

AWOO

CLOUD INFRASTUCTURE Dept.

Dec 2022 -  Present
Taipei, Taiwan

  • Terraform Infra CICD Pipeline 

Gitlab / GKE gitlab runner / Helm / Terraform

  • Argocd CICD Pipeline 

Gitlab / GKE Argocd / Kustomization / Helm

  • GCP Organization Migration 

HA VPN / Cloud Router / Shared VPC / Subnet  / VPC Peering / GKE IP Range / Cloud SQL IP Range / Redis IP Range / PSC (hybrid, centralized network)

Build Organization Infa (Terraform Infra CICD Pipeline)

Build Application (Argocd CICD Pipeline)

Mongodb Dump Restore / Continuous CloudSql Database Migration

GCE Migration / Public IP Migration / Firewall Rule / Network Tag

Minimize downtime when switching traffic to a new application

Prometheus / Node Exporter / Grafana / Uptime Check / Cloud Monitoring / Cloud logging (centralized monitoring)

  • GCP Saving Plan

    Kube Cost / GKE Cost Optimization

    GKE 100% Spot Instance

    Redis on GKE

    MongoDB on GKE

    Nginx Ingress Replace Internal LB

    On Demand VM Cover By CUD

    BQ/ GCS Data Lifecycle

    Cloud Logging Exclusion

    Scheduled GCE stop and restart

    Scheduled delete unattached disk

    Scheduled delete unattached IP

    BQ query quota per day per project


  • GCP Service Monitoring

    Grafana / Prometheus / Cloud Monitoring / Cloud Logging / Elasticsearch / Kibana / Uptime Check 

    RPS for different status codes in the LB

    API response times based on percentiles

    CPU loading

    Memory usage

    Prometheus black box API test

    Redis hit ratio

    Pubsub subscription unacked  message

    Prometheus black box API test



  • GCP Infra Architecture




  • GCP Security Improvement







Cloud Engineer

CLOUDMILE

CLOUD INFRASTUCTURE Dept.

Mar 2022 -  Dec 2022
Taipei, Taiwan

  • Terraform Infra CICD Pipeline (Manufacturer)

Gitlab / GCS / GKE gitlab runner

  1. push code to Gitlab repo
  2. merge request to trigger CI (main)
  3. CI : (different folder each main branch)
    • terraform scan / init / validate / plan
  4. merge main branch reviewer manual trigger CI 
  5. CI : (different folder each main branch)
    • terraform scan / init / validate / plan / apply
  6. gitlab runner executor pod start worker pod build common infra

  • Official Website GCP SOLUTION (Manufacturer)

VPC - Custom mode / Subnet / Firewall Rule (network)

  • VPC network

Wordpress / LB / WAF Armor/ DNS / Unmanaged Instance Group / GCE / CloudSql / GCS / CDN (web service)

  • Build web server
  • Able to access the web server (Wordpress) through custom domains
  • Implement security WAF solution - Armor
  • Build wordpress db
  • Mount additional storage - GCS
  • Cache static content

  • MLaaS GCP SOLUTION (Bank)

HA VPN / Shared VPC / Subnet / Cloud Router / GKE IP Range / Cloud SQL IP Range / Redis IP Range (hybrid, centralized network)

  • SharedVPC network
  • Hybrid Cloud
  • Subnet IP Range Planning
    • K8s Control Plane  
    • K8s Worker Nodes Primary IP range
    • K8s Worker Pod, Service Secondary  IP range
    • Cloud SQL, Redis (psc)

LB / DDOS Armor / DNS / Unmanaged Instance Group / logging / GCS / GKE / CloudSql / DMS (ml api )

  • HTTPS LB 
  • Implement security solution - Armor
  • Able to access the MLaaS through custom domains
  • URL map redirect to ingress Nginx reverse proxy, then route to different service
  • Log management retention requirements (import to GCS)
  • Start the "model training" job on-prem, and use the GPU to train the model on the GKE
  • Build ML training model db
  • DB continuously migrate

AzureDevOps / Artifact Registry / Argo CD (application cicd)

  1. push code to Azure DevOps repo
  2. merge request to trigger CI
  3. CI :
    1. unit test
    2. build ML model training into the container image
    3. push the container image to the artifact registry
  4. CD :
    1. apply application on argoCD
    2. argoCD will sync of k8s manifests on the Azure DevOps repo with GKE via tracking and deployment strategies
    3. start ML model training task on GKE

  • BAS ETL GCP SOLUTION (Telecom Co.)

HA VPN / Shared VPC / Subnet / Cloud Router / Firewall Rule (hybrid, centralized network infra)

  • Shared VPC network
  • Hybrid Cloud

Dataflow / GCE / GCS / SNAT / Custom Route / Informix / BQ (jdbc data flow)

  • Dataflow uses JDBC to connect to the Informix
  • Dataflow template to copy data from Informix with available JDBC drivers into BQ
  • Worker node with JDBC driver installed to rewrite original IP address through SNAT 

  • AWS Migrate to GCP  Project 

      (Food Delivery Platform)

VPC / Subnet / NAT / VPC peering / Firewall Rule (network)

  • STG / PRD env VPC network 

LB / Unmanaged Instance Group / Nginx /  GCE  (network proxy)

  • Deploy web server 
  • To connect to a web server through Nginx

Jenkins / GCE (cicd)

  • Migration of Jenkins CI/CD
  • Deploying ReactJS and Java application to App Engine using Jenkins.

App Engine / MongoDB / GCE / DMS / CloudSql / Redis / private service access (web application)

  • Deploy Application 
  • Migrate Beanstalk App to GCP App Engine 
  • ReactJS and Java Application connect to DB and Redis

Associate Cloud Engineer

ASKEY COMPUTER CORP

CLOUD DEVELOPMENT Dept.

Mar 2020 - Mar 2022
Taipei, Taiwan

  • z47 raspberry pi for shuttle bus and bus station

Node.js / AWS / IoT Core / MQTT / Websocket / raspberrypi / gpio

  • One of the components in smart transportation
  • Provide IoT services between smart stations, shuttle buses and the cloud

  • Smart Home Capability API

Node.js / GCP / CloudFunction / IoT Core / PubSub / DataStore / MQTT

  • Smart appliances without public access connect to cloud services via gateways
  • Smart appliances update new capability to cloud via IoT services

  • Dynalink Management Site Report API

Node.js / GCP / BQ / CloudFunction / API Gateway / HTTPS 

  • Services for managing Dynalink WiFi 6 Router
  • Get account register report  and device onboarding report via dynalink management site

  • Scheduled Email Delivery

Node.js / AWS / CloudWatch Scheduled Event / SES / S3 / Html

  • Assist in managing cloud accounts for all departments of the company
  • Automatically forward bills to other departments

  • CloudWatch Alert Setting

Node.js / AWS / SNS / CloudWatch Alert

  • Assisting maintenance staff in building automated tools to set system alerts

  • Monitor Cloud Services Publish Message

Node.js  / AWS / CloudWatch Alert / SNS / Lambda / IAM /  Webhook / Ansible

  • Push cloud Monitoring alert notifications to third-party services

  • FOTA Billing Report  API

Node.js / AWS / CloudWatch Scheduled Event  / S3 / Athena / Lambda / DynamoDB /  API Gateway  / HTTPS

  • FOTA is a service that helps devices update firmware over the air
  • We charge for providing FOTA services

  • iDVR Billing Report API                                     

Node.js / AWS / CloudWatch Scheduled Event / S3 / Athena /Lambda / DynamoDB / API Gateway / HTTPS

  • iDVR is a fleet management service
  • We charge for providing FOTA services

  • AI Search Service API

Python / AWS / S3 / Lambda / Rekognition / SNS / SQS / Elasticsearch / API Gateway / HTTPS

  • AI Search Service provides video analysis, search and download


Operation Engineer

  • ISO 27001 Service Monitor

AWS CloudWatch Dashboard / AWS CloudWatch Metrics

  • iDVR, FOTA System Quarterly Report

  • AVT, Nissan System Monthly Report

Business PM

  • iDVR Business Analysis                             

Google Analytics / Tag Manager

  • FOTA Billing Analysis

AWS S3 / Google BQ / Sql / Data Studio / Schedule email delivery

  • FOTA, DMP, iDVR Billing Analysis

AWS / Azure

Data Analyst Intern

WILWIN GLOBAL CORPORATION

DATA ANALYSIS Dept.

Jun 2019 - Jan 2020
Taipei, Taiwan

  • Data Analysis of Smart Fleet System   

 

Powered By
CakeResume