DevOps Engineer · Eatery Club
We are building the infrastructure that powers restaurant ordering, real-time WebSockets, and multi-tenant CDN delivery for thousands of users across Eastern Europe. Our platform runs on AWS EKS with Karpenter-managed node pools, served through CloudFront edge, and backed by MySQL RDS, Redis, and SQS — all provisioned through Terraform across three environments (dev / staging / prod). We are looking for a DevOps Engineer who takes ownership of production systems and builds things that last. Not someone who runs commands — someone who designs the pipeline, writes the module, monitors the result, and fixes the alert at 10PM if needed. This role owns the Kubernetes platform at the cluster level — you will administer node pools, manage upgrades, design topology changes, and support engineering teams deploying PHP/Laravel and Next.js workloads daily. What you’ll do Infrastructure Manage and evolve AWS infrastructure using Terraform — modules, multi-region, Terraform Cloud remote state across workspaces Operate and tune Karpenter NodePools (spot + on-demand) for workload-specific isolation: backend, queue, transaction, websocket, and more Own EKS cluster lifecycle — version upgrades, node group migrations (currently AL2 → AL2023), IRSA, Velero backups CI/CD Maintain Jenkins pipelines (EC2-hosted, x86 + ARM64 agents) with Groovy shared libraries Enforce security gates: Trivy container scanning, Hadolint Dockerfile linting, SonarQube quality checks Manage multi-arch Docker builds and ECR repositories per service Observability Operate the ELK stack — Filebeat, Metricbeat, Elasticsearch, Kibana Maintain Grafana dashboards, Elastic APM, Pyroscope continuous profiling, and OpenTelemetry collector Tune CloudWatch alarms and Falco runtime threat detection Security & Edge Manage CloudFront distributions with WAFv2 — IP allowlists, geo-blocking, rate limiting, origin header verification Administer secrets via AWS Secrets Manager + External Secrets Operator Maintain WireGuard VPN and network-level access controls What we’re looking for Required 3+ years of hands-on DevOps or platform engineering in production Terraform at team scale: modules, remote state, peer review, deployed to production — not just local experiments AWS: EKS, VPC, CloudFront, WAF, RDS, ALB, IAM, Secrets Manager, SQS, S3 — at depth, not surface level Kubernetes: cluster-level thinking — RBAC, ingress, PodDisruptionBudgets, node group management, helm charts, troubleshooting OOMKills and failed rollouts Jenkins or equivalent CI/CD tool with real pipeline ownership Python or Bash scripting for automation Nice to have Karpenter (NodePool / EC2NodeClass design) ELK stack operations (Filebeat, Metricbeat, Elasticsearch index lifecycle) Velero, AWS Backup, disaster recovery playbooks Falco or similar runtime security tooling Experience deploying PHP/Laravel and Next.js workloads in containers Maxwell CDC, RDS Proxy, or Redis operations experience Our stack at a glance Terraform · AWS EKS · Karpenter · Helm · Jenkins · Docker · ECR · CloudFront · WAFv2 · RDS MySQL · ElastiCache Redis · SQS · Elasticsearch · Grafana · Elastic APM · OpenTelemetry · Pyroscope · Falco · Velero · WireGuard Відгукнутись на вакансію