Austin Heiman - Cloud Solutions Architect
Education and Certifications
- Bachelor of Science Degree, Management of Information Systems May 2015
Kansas State University, Manhattan, KS - 3.4 GPA
- AWS Certified Solutions Architect - Associate June 2019
- CNCF Certified Kubernetes Administrator March 2018
Senior DevOps Consultant, New Context Services August 2017 - Present
- Provisioned and managed client AWS EKS clusters with auto scaling and a mixture of spot and on-demand instances using eksctl in a CI/CD pipeline. Migrated legacy JBOSS and modern Spring Boot applications into the clusters and exposed services to encrypted web traffic using AWS ALB and AWS ACM. Forwarded Kubernetes pod logs to AWS Elasticsearch service using Fluentd daemonset.
- Developed admissions webhook APIs to enforce Kubernetes resource configuration across client Kubernetes clusters.
- Migrated client AWS EC2 based applications to Fargate for ease of management.
- Created a reusable Terraform module for a client to deploy static websites to AWS S3 protected with CloudFront and WAF and served at a custom domain using Route53 and ACM. Enabled automated testing of the module in a CI/CD pipeline.
- Deployed Hashicorp Vault as a secrets management solution for a client to be accessed by IAM entities from multiple AWS accounts and Kubernetes clusters.
- Created a Cloud Custodian pipeline for a client to safely remediate hundreds of AWS CIS benchmarks violations across multiple AWS accounts in preparation for an upcoming SOC 2 audit.
- Architected and implemented a reusable GitLab CI/CD workflow to build, test, and deploy applications into Kubernetes using Helm.
- Developed a reusable pattern for a client to run microservices on AWS Lambda + API Gateway using the serverless.com and Golang Gin web frameworks. Created training videos and instructed classes for client engineers to migrate to this approach.
- Deployed a fleet of GitLab runners for teams within a large client. Used Packer for AMI builds and Terraform for deployment and configured each runner to have the least necessary IAM permissions for its assigned team.
- Implemented a system for a client to provision on-demand Cloud Foundry stateful services on AWS infrastructure using Chef and custom Ruby tooling. Created a thorough integration test suite for the services.
Systems Engineer, Cerner Corporation June 2015 - August 2017
- Developed Chef cookbooks and custom Ruby automation for deploying and managing distributed systems (Apache Hadoop, Storm, Kafka) in clusters of 1000+ Red Hat servers in Cerner data centers. Replicated this architecture from United States to United Kingdom data centers.
- Migrated big data platform (Apache Hadoop, Storm, and Kafka) into AWS from Cerner data centers using Cloudformation to deploy EC2, Route53, ELB, RDS and other resources. Configured the EC2 applications subject to NIST and HIPAA regulations in a “lift and shift” approach using the same automation developed for Cerner data center environment.
- Collaborated across teams and organizations to implement automated deployment pipelines for Tomcat and Ruby on Rails applications.
- Deployed Jenkins and integrated with internal GitHub site for continuous integration and deployment of internal applications.
- Championed a Kanban operations methodology to continuously prioritize work.
- Monitored and troubleshot distributed systems using Zabbix and Cloudwatch.
Web Developer, Kansas State University August 2014 - May 2015
- Developed and maintain Python sites and REST APIs using the Django and Flask web frameworks
- Worked with university stakeholders to design and iterate on apps in an agile environment
- Automated deployments to AWS EC2 using Fabric
- Awarded the honor of Student Employee of the Year out of 24 student employees
Web Systems Engineer, Kansas State University August 2013 - May 2014
- Migrated Linux infrastructure from traditional sysadmin management practices to use Chef for configuration management allowing changes to be peer reviewed in GItHub before being automatically applied across groups of servers.
- Automated common tasks and service requests to free up engineering time for innovation.
- Trained new student employees in the fundamentals of Linux, networking, and infrastructure.
- “Vault-mutating-webhook” - Kubernetes mutating admission webhook that can configure pods to authenticate and retrieve secrets from a Hashicorp Vault server.
- “Better-chef-rundeck” - Integration to import Chef nodes into Rundeck. Rundeck can be configured to query this Sinatra API that will transform the query and send it to a Chef server to retrieve a list of nodes.
- “Remove-element” - Chrome extension that allows users to right click and delete objects from the HTML DOM.
Languages and Technologies
Tools: Terraform, Atlantis, Vault, Chef, Vagrant, Git, Docker, GitLab, Jenkins, Github
AWS Services: IAM, S3, EC2, CloudFormation, ECS / Fargate, EKS, Lambda, API Gateway, Cognito, Route53, RDS, CloudWatch, VPC
Other Systems: Kubernetes, Linux, Nginx, HAProxy, Passenger, VMWare, CloudFoundry, Mesosphere DC/OS, Apache HTTPd, Apache Tomcat, JBOSS / Wildfly, MySQL, Windows Server