Janak Kumar Shrestha

Janak Kumar Shrestha

Kathmandu, Nepal
+977 9826894008
[email protected]
Portfolio Website

Aspiring DevOps Engineer with hands-on expertise in architecting and automating scalable cloud infrastructure and CI/CD pipelines. Hands-on experience in containerization (Docker, Kubernetes), infrastructure as code (Terraform, Ansible), and cloud-native deployment on AWS. Holds the AWS Solutions Architect – Associate certification and possesses deep, practical experience across AWS services including EC2, S3, VPC, IAM, RDS, and CloudWatch. Passionate about implementing resilient, secure, and automated systems that enhance operational efficiency and accelerate software delivery.

Projects & Experience

Experience
Broadway Infosis Pvt. Ltd.
Kathmandu, Nepal • May 2025 — Jul 2025
DevOps Training
  • Covering Linux fundamentals, networking, cryptography, source control management (Git), RDBMS, establishing a strong foundation in DevOps prerequisites and best practices.
  • Hands-on experience with containerization and orchestration technologies including Docker and Kubernetes, building multi-container applications with Docker Compose, managing pods and deployments, and implementing CI/CD pipelines with Jenkins for automated application delivery.
  • Automated infrastructure provisioning using Ansible playbooks and Infrastructure as Code (IaC) with Terraform, reducing manual configuration efforts and ensuring consistent environments.
  • Gained hands-on experience with AWS cloud services including EC2, VPC, S3, Load Balancers, and IAM policies and deploying scalable applications.
Adex International Pvt. Ltd.
Lalitpur, Nepal • Nov 2025 — Dec 2025
AWS Solutions Architect Associate - Apprenticeship
  • Completed comprehensive AWS Academy Cloud Architecting program covering 16 modules including compute, storage, databases, networking, security, and serverless architectures aligned with the AWS Well-Architected Framework.
  • Designed and implemented scalable, highly available solutions through hands-on labs involving Amazon EC2, S3, RDS, VPC, Lambda, and CloudFormation, demonstrating proficiency in building production-grade AWS architectures.
  • Automated infrastructure deployment using AWS CloudFormation and built decoupled serverless applications with Lambda, API Gateway, and SQS, reducing manual provisioning efforts and improving system resilience.
  • Successfully completed capstone project and course assessment, applying disaster recovery patterns, cost optimization strategies, and security best practices including IAM policies, encryption, and VPC security configurations.
Datahub Nepal Pvt. Ltd.
Lalitpur, Nepal • May 2025 — Jul 2025
System Administrator - Intern
  • Monitored datacenter infrastructure using Zabbix monitoring system, tracking server health, resource utilization, and system performance metrics to ensure optimal uptime and proactive issue detection.
  • Managed cloud resources including virtual machines and VPC configurations across multiple cloud platforms, provisioning and maintaining client environments in accordance with service level agreements.
  • Performed compute resource upgrades on client VMs, scaling CPU, memory, and disk resources based on performance requirements, and configured NFS and LVM storage solutions for enhanced data management.
  • Worked with enterprise datacenter infrastructure including Pure Storage flash arrays, VMware ESXi hypervisors, Fortigate firewalls, and host units, gaining hands-on experience with the underlying components powering cloud services.
  • Provided customer support and system troubleshooting as a system administrator, resolving technical issues, responding to service requests, and maintaining system stability in a datacenter environment.
Projects
Quickmail - MERN Stack Email Service
Project Link
  • A quickmail service built by learning gmail smtp with Mern Stack, containerized via Docker multi-stage builds. It offers flexible persistence with support for both MongoDB Atlas and local MongoDB.
  • Security is paramount with enterprise-grade protection (helmet, rate-limiting) and deep email validation. Uniquely, "Ghost Mode" enables zero-trace client-side messaging for maximum privacy.
Enterprise Linux Storage Management with LVM
Project Link
  • Implemented Logical Volume Management (LVM) to dynamically manage server storage, creating scalable volume groups and logical volumes for flexible resource allocation.
  • Executed critical system maintenance by migrating system directories like `/var/log` to dedicated logical volumes, preventing root partition saturation and ensuring server stability.
Secure Multi-Protocol Remote Access with Cloudflare Tunnel
Project Link
  • Implemented Cloudflare Tunnel to securely expose local Linux services (SSH, RDP, Node.js) to the internet without opening inbound ports, ensuring zero-trust network security.
  • Configured persistent systemd services and secure ssh and rdp connections to ensure high-availability connections for SSH and Remote Desktop (RDP) workflows.
Multi-Environment Remote Desktop Infrastructure with XRDP
Project Link
  • Deployed XRDP with 7 distinct Desktop Environments (KDE, GNOME, XFCE) on a single Ubuntu server, enabling versatile, low-latency remote graphical access tailored to user resource needs.
  • Engineered custom .xsession configuration and systemd Display Manager services to seamlessly manage user sessions and ensure secure, high-performance RDP connectivity.
Self-Hosted Cloud Collaboration Platform with Nextcloud AIO
Project Link
  • Deployed a secure, self-hosted Nextcloud All-in-One (AIO) instance using Docker on Ubuntu, ensuring complete data sovereignty and compliance as a private cloud alternative.
  • Configured optimized Docker containers for Nextcloud Office and Talk, enabling real-time document collaboration and secure video conferencing behind an automated reverse proxy.
MySQL Master-Slave Replication for High Availability
Project Link
  • Implemented MySQL Master-Slave replication architecture on Ubuntu to enable read scalability and database redundancy, offloading analytics queries to slave nodes.
  • Resolved critical authentication compatibility issues using mysql_native_password plugin, ensuring secure and stable replication connections across VPC networks.
Infrastructure as Code with Terraform on AWS
Project Link
  • Provisioned AWS EC2 instances and Security Groups using Terraform, automating the deployment of scalable cloud infrastructure while adhering to Free Tier limits.
  • Configured SSH key pair authentication and infrastructure output variables to facilitate secure, immediate administrative access to provisioned resources.
Centralized Network Storage with NFS
Project Link
  • Deployed Network File System (NFS) infrastructure to centralize storage across multiple Linux servers, enabling seamless file sharing and collaborative access.
  • Configured secure NFS exports with granular access controls and firewall rules, implementing network segmentation to restrict client access to trusted subnets.
Multi-Master Database Clustering with MariaDB Galera
Project Link
  • Architected a multi-master MariaDB Galera Cluster with synchronous replication across three nodes, achieving zero-lag active-active database operations for mission-critical applications.
  • Configured cluster-wide wsrep parameters and firewall rules to ensure fault tolerance, automatic node recovery, and seamless data consistency across distributed database infrastructure.
Production WordPress Deployment with Docker & SSL
Project Link
  • Deployed production-ready WordPress with Docker Compose, orchestrating multi-container architecture with MariaDB backend and persistent volume management for data integrity.
  • Configured Apache reverse proxy with Let's Encrypt SSL automation, implementing HTTPS encryption and certificate auto-renewal for secure web hosting.
Traditional LAMP Stack with WordPress & phpMyAdmin
Project Link
  • Deployed full-stack LAMP environment (Linux, Apache, MariaDB, PHP) on Debian, configuring Apache virtual hosts and phpMyAdmin for database administration.
  • Installed and configured WordPress CMS with database integration, implementing proper file permissions and directory structure for secure web hosting.
Cloud-Native Django Application Deployment on AWS EC2
Project Link
  • Deployed production Django application on AWS EC2 using Python virtual environments and Docker containerization, configuring security groups and network access controls.
  • Implemented multi-stage deployment strategy with Docker image builds, container orchestration, and background process management using nohup for continuous service availability.
High-Availability Load Balancing with AWS ALB & ACM
Project Link
  • Architected highly available infrastructure using AWS Application Load Balancer across multiple availability zones, implementing target groups and health checks for fault-tolerant traffic distribution.
  • Configured end-to-end SSL/TLS encryption with AWS Certificate Manager (ACM) and Cloudflare DNS validation, ensuring secure HTTPS communication and automated certificate renewal.
Scalable Load Balancing with Nginx on AWS EC2
Project Link
  • Implemented Nginx reverse proxy load balancer across multiple AWS EC2 instances, configuring upstream server groups with health checks for distributed traffic management.
  • Configured security group rules and SSL termination for secure multi-instance architecture, enabling horizontal scaling and fault tolerance for containerized applications.
Full-Stack PHP Application Deployment with Docker & Nginx
Project Link
  • Deployed containerized PHP/MySQL application on AWS EC2 using Docker Compose, implementing reverse proxy architecture with Nginx for production-grade web hosting.
  • Configured automated SSL/TLS certificates with Let's Encrypt (Certbot), establishing secure HTTPS connections with custom domain integration and certificate auto-renewal.
Container Orchestration with Docker Compose for PHP Applications
Project Link
  • Architected multi-container application using Docker Compose, orchestrating PHP/Apache web server and MariaDB database with persistent volume management and health checks.
  • Implemented service networking and environment-based configuration with automated database initialization, enabling reproducible development environments and seamless container lifecycle management.
Infrastructure as Code with Terraform on Azure
Project Link
  • Provisioned Azure infrastructure using Terraform IaC, automating VM deployment with networking, security groups, and SSH key authentication through declarative configuration.
  • Configured Azure service principal authentication and resource group management, implementing automated infrastructure lifecycle with init, plan, apply, and destroy workflows.
Hybrid Cloud Storage & Migration with AWS Storage Gateway
Project Link
  • Deployed AWS Storage Gateway (S3 File Gateway) to mount an NFS file share on on-premises Linux servers, enabling seamless hybrid cloud storage and data migration to Amazon S3.
  • Configured Cross-Region Replication and S3 Lifecycle policies to automate data redundancy and optimize storage costs.
Deploying Scalable Relational Database Infrastructure
Project Link
  • Provisioned a high-availability MySQL instance on Amazon RDS within a secure VPC environment.
  • Implemented robust security controls using AWS Secrets Manager for automated credential management and secure application connectivity.
Enterprise Database Migration & Modernization
Project Link
  • Executed a zero-data-loss migration of a legacy MariaDB system to Amazon RDS using custom dump strategies.
  • Re-architected the application layer to utilize managed database services, significantly reducing operational overhead and improving reliability.
Architecting a Secure Virtual Private Cloud (VPC)
Project Link
  • Engineered a custom Amazon VPC architecture with segmented public and private subnets to enforce granular network security boundaries.
  • Configured Internet Gateways and Route Tables to establish secure connectivity for public-facing application servers while isolating private resources.
Establishing Secure Inter-VPC Peering & Network Monitoring
Project Link
  • Established private, low-latency connectivity between isolated Amazon VPCs using Peering Connections to enable secure cross-network data transfer without internet exposure.
  • Implemented VPC Flow Logs and configured complex Route Tables to audit traffic patterns and validate secure communication channels between application and database tiers.
Architecting Scalable & Highly Available Web Infrastructure
Project Link
  • Designed a fault-tolerant Multi-AZ architecture using Auto Scaling Groups and Application Load Balancers to ensure high availability for mission-critical web applications.
  • Configured dynamic scaling policies driven by CloudWatch CPU utilization metrics to automatically adjust compute capacity, optimizing performance and cost-efficiency under fluctuating traffic.
Infrastructure as Code Automation with AWS CloudFormation
Project Link
  • Automated the deployment of multi-tier infrastructure (VPC, Application) using layered AWS CloudFormation templates to ensure consistent, repeatable environments.
  • Managed full stack lifecycles including updates and deletion policies to retain critical data (EBS Snapshots) upon stack termination.
Automating Multi-Region Infrastructure with CI/CD & IaC
Project Link
  • Developed modular CloudFormation templates to provision replicable network and application layers, establishing a robust Infrastructure as Code (IaC) foundation.
  • Implemented a continuous delivery pipeline using AWS CodePipeline and CodeCommit to automate stack updates and enable seamless multi-region deployments.
Architecting Decoupled Event-Driven Applications
Project Link
  • Refactored a tightly coupled monolithic application into a decoupled microservices architecture using Amazon SQS and Amazon SNS to improve scalability and fault tolerance.
  • Configured event-driven workflows triggered by Amazon S3 uploads and implemented efficient message polling mechanisms to process asynchronous image processing tasks.
Building Scalable Serverless Architectures on AWS
Project Link
  • Built a fully serverless inventory tracking system using AWS Lambda triggered by Amazon S3 events to automatically process and ingest data into Amazon DynamoDB.
  • Integrated Amazon SNS for real-time low-stock notifications and visualized data via a serverless dashboard, eliminating server management overhead and optimizing costs.

Education

JMC College affiliated with TU
Kathmandu, Nepal • 2020 — 2025
Bachelor in Computer Applications
  • Completed 3 major projects: Dictionary application, Pong 2D Android game, and HAMRO BANK: a signature forgery detection system using machine learning for banking security.
Pentagon International College
Kathmandu, Nepal • 2018 — 2019
Higher Secondary Education
  • Studied in Science (Physical Group) with a focus on Physics and Mathematics.

Certifications & Badges

AWS Certified Solutions Architect – Associate (SAA-C03)
AWS
AWS Academy Graduate - Cloud Foundations - Training Badge
AWS
AWS Academy Graduate - Cloud Security Foundations - Training Badge
AWS
AWS Educate Getting Started with Networking - Training Badge
AWS
LFS101: Introduction to Linux
Linux Foundation
Networking Basics
Cisco
DevOps Engineer
Broadway Infosys
Full Stack Development
Mino

Additional Information

Profiles

LinkedIn GitHub Credly Blog Website

Awards

  • MSS Science exhibution 2074
  • 2nd place in quiz competition - AWS Secure the Cloud Event 2025

IT Skills

  • Tmux
  • Git
  • Linux
  • Docker & K8s
  • Database Operation
  • Web Hosting
  • DNS Management
  • SSL/TLS Certificate
  • CI/CD
  • Jenkins
  • Github Actions
  • Ansible
  • Terraform
  • Bash Scripting
  • Zabbix
  • Nextcloud
  • NFS & LVM
  • Server Management

References

Joseph Lama

Senior DevOps Engineer at Khalti

[email protected]
+977-9801856310

Rojan Sedhai

AWS Solutions Architect/Cloud Trainer at Adex

[email protected]
+977-9702036160