Tomas Doran
Principal level Site Reliability Engineer (SRE), web and back-end development expert, architect, leader.
Profile
I have extensive experience across systems, networks, and applications, particularly within LAMP stacks. My expertise enables me to develop robust web applications, optimise databases, automate deployments (applications and infrastructure), and manage complex networking, datacenter operations, and global site performance.
My proficiency covers a wide array of programming languages and systems environments, with a strong focus on virtualization, cloud platforms, and containerization technologies. I am an active contributor to the open-source community, maintaining and developing software in multiple languages. My contributions can be found on GitHub, CPAN, RubyGems, and Puppetforge.
As a recognized expert in development, architecture, and systems deployment I have spoken at many events, from small meetups to large industry conferences such as PuppetConf and DockerConf 2014, where I shared insights on open-source software, system design, writing maintainable code and systems architecture.
Employment History
Timeline:
Group Technical Lead - Core Infrastructure
2022 - August 2024
Technical Lead
2017 - 2022
Site Reliability Engineer
July 2013 - 2017
- Project lead for a complete redesign of the data streaming infrastructure and platform, optimising reliability, ease of maintenance and development, and to better support business goals. Utilising Flink sqlclient, AWS Flink, Kafka & AWS MSK, Apache Paimon, AWS Redshift & Athena, AWS Glue & Confluent Schema registry.
- Rebuilt the telephony system in Typescript on Twilio Flex; a platform new to the company. I worked with stakeholders across the business, achieving significant productivity improvements, customer retention, and satisfaction gains in sales and customer success teams.
- Raised the standard for systems being built and delivered across engineering.
- Built standardised deployment library using AWS CDK to automate the deployment of serverless applications.
- Built IaC (Infrastructure as Code) systems around Hashicorp Terraform to automate the deployment of AWS Infrastructure and ensure consistency, quality and security of internal systems.
- Responsible for adoption of a new configuration management driven monitoring system, improving the quality of system monitoring and alerting.
- Driver of the initial adoption of Prometheus as a platform monitoring system.
- Key architect of system configuration management tooling, driving Puppet installation upgrades across multiple major versions.
- Driver of the incorporation technology stacks from multiple company acquisitions into Yelp, while ensuring business continuity and minimising maintenance overheads.
Senior Systems AdministratorJun 2012 - Jul 2013
- Built a system that orchestrated the deployment of a suite of complex application stacks, including allocating servers, provisioning virtual machines, and deploying applications and databases onto those virtual machines.
- Built a system for continuous integration of system level config and automation. Included custom providers to configure network switches, plus custom orchestration and application deployment solutions based around the mcollective project.
- Upgraded hardware in the data centres, without downtime. Worked as a database administrator and coached developers on how to write applications that were performant and stateless.
- Introduced application logging and aggregation using ZeroMQ, via an open source framework, into an Elasticsearch/Logstash/Kibana stack to provide better observability and debugging tools.
Web and backend developerApr 2008 - Jun 2012
- Responsible for designing and delivering the initial platform API; allowing third party customers and partners to search, ingest, and integrate music metadata, and providing streaming of transcoded music files at telco scale.
- Built a new web and SFTP based workflow for the ingestion of digital assets into the platform, utilising state machines and job queueing to manage concurrency and resource use.
- Optimised this new ingestion system, allowing the company to scale from ingesting music from indie labels to ingesting content of major labels, and halving the average time taken for a new release to become available.
- Introduced agile development practices such as unit testing, formal refactoring and code review into the organisation's development practices.
- Re-architected the web frontend for the 'Greedbag' family of online stores for independent labels, removing all per-retailer customisation by making the new platform more generic and flexible without code modifications.
- Implemented caching at multiple layers - for common database lookups in memcached and HTML fragments which were expensive to generate in Varnish.
- Driver for the utilisation of Puppet for system configuration.
- Extensively patched third party open source software to mitigate major operational pain points, fix bugs, and resolve performance issues.
Timeline:
Development Manager - Quality
2007 - Apr 2008
Senior Developer
Sep 2006 - 2007
- Reviewed changes to the platform and deploying/managing new platform releases.
- Managed a development team, and subsequently also the quality assurance team.
- Developed new release and patch processes, making software releases less time consuming, more efficient, and less risky.
- Staff training.
- Contributed to a new caching framework which was able to mitigate performance bottlenecks.
Timeline:
Head of Research and Development
2004 - Sept 2006
Deveoper
April 2003 - 2004
- Developed and launched a new and integrated platform to automate infrastructure and web application testing, data collection and report generation.
- Developed a framework that allowed the easy authoring and integration of new vulnerabilities into the automated testing engine, and automatic reporting on those vulnerabilities.
- Ported and optimised this framework to be able to run from a single laptop when doing on-site tests.
- Expanded the testing framework to take input from a range of existing open source vulnerability scanning tools - such as the Nessus project - and integrated in-house tools.
- Led development teams in the UK and launched a development organisation in Malaysia.
- Provided mentoring and training to developers and vulnerability testers.
- Developed and launched the company's wireless network vulnerability testing program
- Led multiple on-site testing projects for large organisations in the UK and Europe including councils, banks and financial institutions, and global software and electronics companies.
- Built a host configuration management system which provided the highest levels of isolation for sensitive customers.
- Introduced unit and integration testing, continuous integration, daily software delivery and deployment across the core platform.
Developer and Customer support Engineer1999 - March 2003
- Provided customer support on-site and via telephone for customers across a range of industries. This included troubleshooting issues with Windows PCs and network software, internet issues, Linux server issues.
- Developed new features for the company's internal platform based on a custom Linux distribution using OpenLDAP for directory and configuration management store.
- Created custom slipstreamed Windows XP and Windows 2000 installation CDs which allowed a zero touch setup of new or repaired workstations.
- Created an automated system to generate customised access controls for Windows PCs deployed in a high school educational environment.
- Integrated Linux software RAID into the platform and redesigned the backup system to be more reliable and operate faster.
- Managed the switch from ISDN links to DSL, including supplying and configuring routers and learning Cisco IOS.
Education
- 1998 - 2002 Victoria University of Manchester - MEng Electronic Systems Engineering (hons)
- 1996 - 1998 Blackpool Sixth Form College - A-Levels in Maths, Physics, Chemistry, Electronics
Programming Languages
- Go
- Javascript/Typescript/nodejs/React
- Python
- Ruby
- Perl
- SQL (multiple dialects)
- SRE DSLs - Terraform, Puppet, Ansible
- Rust
- bash
- Java/Scala
- PHP
- C
Open Source Projects
- the.internet.never.works: This website, built using Remix.run and deployment with AWS CDK. (Typescript + React)
- liminal-umbrella: Discord bot and Web interface to simplify and automate multi-step processes in a community Discord I help to run (Typescript + React)
- Catalyst Framework: Ex Core team member. Framework has powered significant applications like the BBC iPlayer v3 (perl)
- AWSnycast: Anycast type failover, but in AWS (Go)
- terraform-provider-nsone: Initial version - was renamed and adopted upstream (Go)
- mayhem: port / re-implementation of the classic game 'Chaos: The Battle of Wizards' (Go)
- mayhem-rs: port / re-implementation of the above (Rust)
- rustmoon: Fully working port of Lua 5.3 (Rust)
- puppet-aws_api: Provider to manage AWS VPC resources in puppet - predating Terraform (Ruby)
- terraform-example-mesos-cluster: Example repo for launching a cluster (Terraform - pre 1.0)
- Message-Passing: Simple event interoperability framework with multiple inputs/outputs (perl)
- arduino-mumble-mic-ptt: Simple sketch turning an Arduino into a keyboard to allow digital IO to press keys, to make a PTT CB mic for Mumble (C)
- CatalystX-JobServer: framework for concurrency limited / queued jobs (perl)
- acme-UNIVERSAL-cannot: joke module globally adds `->cannot()` and `->can't()` methods to perl (an inverse mirror of the in built in '->can()' method) (perl)