About

Learn more about me

DevOps Engineer

  • Website: www.mohamadsoufi.ir
  • Phone: +989125332802
  • City: Tehran, Iran

I am an experienced DevOps Engineer and System Administrator with ~8 years of expertise across diverse areas, including Linux and Windows system administration, network management, and large-scale enterprise environments such as core banking systems. As a Kubernetes expert and KubeStronaut, I excel in designing scalable clusters, optimizing workloads, and implementing efficient CI/CD pipelines to support modern application delivery. My broad skill set and extensive experience in cloud-native solutions and DevOps practices enable me to deliver robust and efficient infrastructure tailored to complex enterprise needs.

Happy Clients

Projects

Hours Of Support

Awards

Skills

Containerization 90%
Prometheus & Grafana80%
ArgoCD 80%
Terraform 80%
Helm 80%
AWS 70%
Kubernetes 90%
Docker80%
LINUX (LPIC 1 - LPIC 2) 80%
Gitlab 80%
ZABBIX 60%
Ansible 70%
CI/CD 90%

Interests

Ansible

Kubernetes

Bash Scripting

Open Source

Docker

Red Hat bases

Debian Bases

Centos

Ubuntu

Routing & Switching

Data Centers

Virtualization

Resume

Check My Resume

Professional Experience

Senior DevOps Engineer

Duration: 2025 - Present

Yarai

  • Built Kubernetes HA clusters from scratch (Kubespray, HAProxy, Keepalived) with 99.95% uptime.
  • Deployed and managed GPU workloads (NVIDIA H100 with GPU Operator), accelerating AI pods and cutting model runtime by 40% using Kserver & Kuberay.
  • Implemented end-to-end GitOps pipelines (GitLab CI, Helm, Argo CD, RBAC), reducing deployment lead time by 60%.
  • Deployed and scaled AI apps such as OpenWebUI, Flux, ComfyUI, Whisper, Ollama, vLLM, pyTTS, and pySTT, enhancing application performance and user experience.
  • Automated TLS management with cert-manager + DNS webhooks (Cloudflare, Arvan), eliminating cert-related outages.
  • Developed reusable Helm charts supporting probes, initContainers, HPA, VPA, RuntimeClasses, and conditional resources.
  • Enhanced security posture by configuring PodSecurityContext, enabling least-privilege containers and automated Trivy image scanning.

    DevOps Engineer

    Duration: 2023 - 2024

    Dotin - Core Banking

  • Implemented and managed Kubernetes clusters (kubeadm/kubespray) for Java & Python microservices, while running .NET projects on Windows Server/IIS; integrated GitLab, Jenkins, Nexus to standardize CI/CD (≈95% pipeline success).
  • Provisioned Ceph RBD/CephFS for dynamic provisioning storage (20+ TB) for pods to support stateful services with ≥99.9% availability.
  • Deployed Nginx for edge load balancing & high availability of enterprise applications,using Keepalived VIPs for fast failover (<1 min).
  • Rolled out the kube-prometheus stack (Prometheus, Alertmanager, Grafana) and Zabbix, with ELK for logs—cut detection latency by ~50% and reduced MTTR ~35%.
  • Managed ELK stacks for comprehensive log monitoring across Kubernetes clusters and servers.
  • Automated 5,000+ Linux/Windows servers with Ansible + shell, and standardized Dockerfiles, shortening release cycles by ~30%.
  • Developed reusable Helm charts supporting probes, initContainers, HPA, VPA, RuntimeClasses, and conditional resources.
  • Enhanced security posture by configuring PodSecurityContext, enabling least-privilege containers and automated Trivy image scanning.

    Professional Experience

    Senior DevOps Engineer

    Duration: 2024 - Present

    RasadCo

    • Operated air-gapped Kubernetes clusters (kubeadm/kubespray), handling multistage upgrades and scaling node capacity.
    • Designed and implemented GitOps (GitLab + Argo CD), migrating 50+ services from legacy workflows and improving reliability by 70%.
    • Built HA strategies for etcd/control plane, delivering 99.9% uptime for production clusters.
    • Developed AWS infrastructure automation (EC2, VPC, S3, IAM) with Terraform and Ansible, reducing provisioning time by ~60%.
    • Authored optimized Dockerfiles (Go, Node.js) with probes + HPAs, improving availability and reducing overprovisioning by 25%.
    • Built monitoring with Prometheus + Grafana and integrated Nexus/Harbor registries, reducing deployment failures by 30%.
    • Configured Zabbix + SMTP alerts, cutting mean detection time (MTTD) by 50%.
    • Developed reusable Helm charts supporting probes, initContainers, HPA, VPA, RuntimeClasses, and conditional resources.
    • Enhanced security posture by configuring PodSecurityContext, enabling least-privilege containers and automated Trivy image scanning.

    DevOps Engineer

    Duration: 2018 - 2022

    Ipec - Pipe Line & Process

    • Built Kubernetes HA clusters (kubeadm, HAProxy, Keepalived), ensuring 99.9% uptime for oil-industry workloads.
    • Introduced GitOps (GitLab + Helm), cutting deployment downtime by 50%.
    • Automated infra provisioning and server init with Ansible, boosting efficiency by ~70%.
    • Expanded virtualization platform on ESXI and VCenter and implemented Veeam backup.
    • Managed IIS, Tomcat, and Nginx reverse proxies; automated MySQL/PostgreSQL backups with Ansible.
    • Migrated file services to Active Directory + DFS, reducing access tickets by 30%.
    • Managed Mikrotik routers for tunneling, connectivity, and traffic shaping, improving network reliability and throughput.

    Certificate

    My Certs

    • All

    Contact

    Contact Me

    My Address

    Social Profiles

    Email Me

    [email protected]

    Call Me

    +98-9125332802

    Loading
    Your message has been sent. Thank you!
    © mohamadsoufi.ir.