Workshops
Platform Engineering
What is platform engineering and how does it solve the challenges of modern software development?
Challenge between developers and operations team
- Developers: works in my laptop
- Operations: doesn't works in production
Solution: DevOps (ssh to the server and run your application)
Challenges of DevOps
- Complexity of the infrastructure
- AWS
- Azure
- GCP
- Kubernetes
- OVHcloud
- etc.
Solution: Platform Engineering
Internal Developer Platform (IDP)
- Platform tools and shared services
- Templates for developers
- Self-service tools
- Best defaults (Golden Path)
Benefits of Internal Developer Platform
- Developers can focus on writing code
- IT teams can focus on building the platform
- Consistency across all environments
- Unified way of working for all teams
Career Path:
- Developer
- Platform Engineer
- Infrastructure Engineer
Common Challenges in Software Development Teams
- Manual Kubernetes setup leads to technical debt and scaling issues.
- Managing multiple environments is challenging and inconsistent.
- Different teams using varied tools and workflows lack mutual support.
- Lack of self-service tools overwhelms IT teams with developer requests.
- Developer-created infrastructure can expose security vulnerabilities.
Platform Engineering Categories
- Infrastructure as Code (Terraform)
- Observability
- Monitoring Metrics and Dashboards (Prometheus, Grafana)
- Centralized Logging (Promtail, Loki)
- Tracing (Jaeger)
- Alerting (Alertmanager)
- Generic Deployment Helm Chart
- Centralized Ingress with SSL offloading (Ingress-Nginx)
- SSL Certificates Management (Cert-Manager)
- Role-Based Access Control
- GitOps Deployments (ArgoCD)
- Data Tools
- Databases (PostgreSQL, Redis)
- Message Brokers (Kafka, RabbitMQ)
- Secret Management (External-Secrets)
- DNS Management (ExternalDNS)
- Authentication and Authorization (Keycloak)
- OIDC
- Single Sign-On (SSO)
- Single Log-Out
- Identity Federation
- Kubernetes Policy Management (Kyverno)Two options for IDP:
- Using Cloud-Specific Services
- Using Kubernetes Clusters
Cloud-Specific Services- Pros:
- Reduced operational overhead
- Seamless cloud integration
- High availability
- Built-in security
- Cons:
- Vendor lock-in
- Limited customization
- Higher costs
- SLA and cloud policy dependency
Inside the Kubernetes Cluster- Pros:
- Greater control and customization
- Consistent environments across clouds adn on-premises
- Open-source tools
- Avoid vendor lock-in
- Cons:
- Higher complexity
- Requires Kubernetes knowledge
- Scaling challenges
- Manage security
Two categories of deployment
- Platform tools
- Developer Applications
Kubernetes Platform Architecture
- Mixed or Separate Kubernetes Cluster per environment (Dev, Test, Staging, Production)
- Mixed or Separate Kubernetes Cluster for Platform Tools and Developer Applications
GitOps
- The code repository is the single source of truth for the entire platform
- Track changes
- Who made the change
- When the change was made
- What the change was
- Why the change was made
- Who approved the change
- In case of failure, the system can be rolled back to the last known working version
- ArgoCD is a popular GitOps tool for Kubernetes
- Auto-Syncing
- Auto-Pruning
- Self-Healing
Kuberise.io
- an open-source Internal Developer Platform for Kubernetes
- GitOps-based deployment with ArgoCD
- DRY (Don't Repeat Yourself) approach
- Same templates for all environments
- Different values for each environment
Installation Steps
- Installation of Kubernetes cluster using IaC tools like Terraform or onprem tools
- Installation and Configuration of Kubernetes tools and microservices using GitOps and ArgoCD or by tools like Kuberise.io