Platform Engineering Guide

In the landscape of modern cloud adoption, organizations often encounter a

scenario where numerous DevOps teams, each utilizing distinct tools and
technology stacks, are engaged in application development. This diversity, while
offering flexibility, introduces a complex array of challenges.

ifferent Tech Stacks

D

D I F F E R E N T C O N F I G U R AT I O N S

Required Tools in a

Diverse DevOps Ecosystem

When managing applications across a diverse landscape, certain tools become

essential.

Version Control
Systems (VCS): Continuous Continuous
Integration (CI): Deployment (CD):
Essential for tracking and
managing changes in the Automates the Automates the delivery of
codebase. integration of code applications to selected
changes, ensuring early infrastructure.
detection of issues.

Runtime
Environment: Logging and
Monitoring:
Ensures the application Infrastructure
runs smoothly in a stable Provisioning: Critical for observing
and scalable application performance
environment. Involves automated setup and identifying issues.
of required infrastructure,
aligning closely with
Infrastructure as Code

(IaC) practices.

Security:
Encompasses measures
to protect applications
from threats and
vulnerabilities.

1/9
 P l at f o r m E n g i n e e r i n g G u i d e

Challenges in Traditional App

Deployment

Scaling Difficulties: Diverse Expertise

Required:
As new teams form,
replicating expertise and
Teams need to possess
maintaining standards
expertise in multiple
becomes challenging.
domains such as
Kubernetes, cloud
technologies, security,

Organizational and compliance, which

can be demanding and
Inconsistency: unrealistic.

Varied practices across

teams can result in a lack
of uniformity in Inefficient Security
processes and
and Compliance:
standards.

Having one team for

security and compliance
In light of these challenges, the traditional working with multiple
mantra of "You build it, you run it" teams, each with
becomes less feasible. different tech stacks,
leads to inefficiency and
inconsistency.

Role of Platform Engineering

In the role of Platform Engineering, the primary focus is to

establish a "paved road" that is easy to use and meets
company standards, enabling developers to deploy their
applications effortlessly. The objective is to minimize
developer friction within the framework of company
regulations. This approach aims to eliminate barriers that
hinder developers from delivering their work by making the
process straightforward and user-friendly.



Essentially, it's as simple as, "Place your application here, and the Platform
Engineering Team will take care of the deployment for you. The team guarantees
that the deployment complies with company standards and regulations.

Subsequently, they develop a layer of abstraction over these tools,

incorporating an intuitive interface, such as a UI, API, CLI-based or simply
code-based. This enables software development teams to independently
access and utilize any service or tool they require through self-service
capabilities using a catalog.

2/9
 P l at f o r m E n g i n e e r i n g G u i d e

CI Service Catalog / Developer Security

Portal / Platform UI
Circle CI Codefresh Github Bitbucket Azure Sentinel Snyk Gremlin
Backstage LeanIX Port

Gitlab Gitlab Actions CodeDeploy

Platform Orchestrator Armo Tigera

Jenkins Travis Azure DevOps Humanitec

Logging

Google Cloud Build

CD / Operators Google Stack Driver Fluentbit Logzio

Registry Jenkins ArgoCD Datadog

Docker Azure Container Registry JFrog Kubernetes Control Plane IoC

Kubermatic Redhat Rafay GiantSwarm

Harbor AWS ECR Registry Terraform Pulumi Cloud Formation

Ambassador Okteto DNS

Google Container Registry

Messaging Database & Storage CloudFlare Route53 Google Public DNS

Aiven PostgresSQL Redis Cloud Providers

RabbitMQ Kafka ActiveMQ

Infrastructure Control Plane Amazon S3 MariaDB MySQL

Azure Google Cloud Platform

Amazon Web Services

Terraform Atlantis Spacelift
ElasticSearch MongoDB

These services are made accessible through a user-friendly interface,

simplifying the interaction and usage for software development teams.

This arrangement forms a platform. Given that developers can log in and

independently access resources or services without the necessity of contacting

specific individuals or the platform team and waiting for resources, it operates as

an Internal Developer Platform (IDP), effectively acting as a Platform as a Service

(PaaS) for our internal developers.

Self-service
pipelines

Infrastructure
Software Delivery Team A Provisioning

Self-Service Container
Platform
I n t e r n a l

D e v e l o p e r

P l at f o r m ( I D P )

Software Delivery Team B

Monitoring Tools

Identity
Software Delivery Team C Management

3/9
 P l at f o r m E n g i n e e r i n g G u i d e

State of DevOps Report:Platform

Engineering Edition 2023
by

What services should fall within the platform team's scope of work?

59% 59% 57% 45% 42% 40% 37% 32%

Building and Automating Services that enable Access control Building and Building and Managing costs and Involvement in app
managing workflows and application Managing developer Managing resources architecture
infrastructure to processes development teams environments deployment
support product to build, deploy, and pipelines
teams run their applications

What capabilities does the self-service platform offer?

43% 43% 42% 42% 37% 35% 32%

Deployment Operation of Monitoring Built-in security and Project Planning Compiling and Testing of
infrastructure production compliance bulding code codebases
applications

What are the benefits of platform engineering?

60% 59% 58% 57% 55% 53%

Improves system Improves efficiency / Speeds up delivery Improves our Improves overall Increased
realiability productivity of my time workflow and security standadization
work process standards reduces duplication
of work

Download the
Full Report

4/9
 P l at f o r m Engineering Guide

Daily Tasks of Platform Engineering Role

Members of platform engineering teams have the primary responsibility of

constructing, deploying, and managing the Internal Developer Platform or IDP that
equips software developers with essential tools, APIs, services, and data storage
solutions, enabling them to create new products.

In their daily activities,

Design, implement and Engage with the product Monitoring the overall
maintain a company's development, architecture, system to assess its
Technology Infrastructure governance and performance, security, and
such as servers, network compliance, management reliability.
resources, storage teams and other
solutions, and cloud stakeholders to ensure that
services. the platform team
constructs the platform
correctly.
Creating comprehensive
documentation of
configurations and
Embedding security procedures to facilitate
measures and compliance different teams'
protocols in the platform, Investigating and understanding and use of
including encryption and integrating cutting-edge the platform.
access control. technologies into the
platform, while evaluating
their potential implications.

Debugging and Resolving

infrastructure and
application issues

Roadmap to become a
Platform Engineer

Basics of Computing and Networking

(1-2 months)

W h at to L e a r n :

WHY:
Linux Fundamentals: Understand scripting, Knowledge of Linux and networking is
filesystem, memory, processes, package fundamental for troubleshooting, system
management, and basic security.
administration, and understanding how
Networking Basics: Learn about TCP/IP, applications communicate over the network.
UDP, HTTP/HTTPS, DNS, SSH, and the ISO-
OSI model. Understanding network Technologies:
protocols is essential for troubleshooting
and designing scalable systems. Also, Proxy, Linux (Ubuntu or CentOS
Firewall, Reverse-Proxy and Network Basic networking tools (ping, traceroute,
topologies knowledge is a must. netstat)

Linux Ubuntu CentOS

5/9
 P l at f o r m E n g i n e e r i n g G u i d e

Programming and Version Control

(2 months)

W h at to L e a r n :

WHY:

Programming Languages: Python and Go Programming skills are necessary for

are widely used for their simplicity and automating tasks, writing infrastructure as
efficiency in automation, respectively.
code, and developing internal tools. Version
Version Control: Git, to manage code control is essential for collaboration and
changes and collaborate with others. managing codebases.

Technologies:

Python, G
Git, GitHub/GitLab
Python Go Git Github

Database and Storage Concepts

(1 month)

W h at to L e a r n :

WHY:

Types of Databases: Differentiate between Mastery of databases is crucial for choosing

SQL and NoSQL databases; learn usage effective data storage solutions,
scenarios for PostgreSQL, MySQL, administration, and troubleshooting in
MongoDB, and Cassandra.
platform egineering, directly impacting
Database Operations: Understand CRUD application performance and scalability.

operations, transactions, and basic Cloud-based database services offer

performance optimization techniques.
managed, scalable, and highly available
Cloud-based Database Services: Explore data storage solutions, reducing the
AWS RDS, Google Cloud SQL, Azure SQL overhead of manual database
Database, and NoSQL services like administration.
DynamoDB, Firestore, and Cosmos DB.

Caching, CDN

Technologies:

SQL Databases: PostgreSQL, MySQ

NoSQL Databases: MongoDB, Cassandr
Cloud Services: AWS RDS, Google Cloud SQL, Azure SQL
Database, DynamoDB, Firestore, Cosmos DB PostgreSQL MongoDB AzureSQL

Cloud Fundamentals
(1-2 months)

W h at to L e a r n :

WHY:

Cloud Service Models: Understand SaaS, Cloud computing is the backbone of modern
PaaS, IaaS, and serverless computing.
platform engineering, offering scalability,
Major Cloud Providers: Basics of AWS, reliability, and a wide array of services for
GCP, and Azure, focusing on compute, building and running applications.
storage, and networking services.

Technologies:

AWS, GCP, Azur

Serverless frameworks (AWS Lambda, Google
Cloud Functions) AWS GCP Azure

6/9
 P l at f o r m E n g i n e e r i n g G u i d e

Infrastructure as Code (IaC) and

Configuration Management
(2 months)

W h a t t o L e a r n :

WHY:
IaC Concepts: Automate infrastructure IaC and configuration management enable
provisioning using code.
scalable, reproducible, and manageable
Configuration Management: Automate the infrastructure provisioning and maintenance.
configuration of software and systems.

Technologies:

Terraform, CloudFormatio
Ansible, Puppet, Chef, Pulumi T erraform CloudFormation Ansible P ulumi

Continuous Integration and Continuous

Deployment (CI/CD)
(3 months)

W h a t t o L e a r n :

WHY:
CI/CD Concepts: Automate the building, CI/CD practices are essential for fast,
testing, and deployment of applications.
reliable software releases and are central to
CI/CD Tools: Implement pipelines that DevOps practices.
integrate code changes efficiently and
reliably.

Technologies:

Jenkins, GitLab CI, GitHub Action

ArgoCD, FluxCD for GitOps
Jenkins GitLab CI ArgoCD FluxCD

Containers and Orchestration

(3 months)

W h a t t o L e a r n :

WHY:
Container Basics: Docker, container Containers and orchestration tools are key
registries, and container runtime.
to developing, deploying, and managing
Container Orchestration: Kubernetes applications consistently and efficiently
fundamentals, including pods, deployments, across different environments.
services, and ingress.

Technologies:
Docke
Kubernetes, Helm
Docker Kubernetes H elm

7/9
 P l at f o r m E n g i n e e r i n g G u i d e

Observability
(1-2 months)

W h a t t o L e a r n :

WHY:
Monitoring and Logging: Collect and Observability is crucial for maintaining
analyze metrics, logs, and traces to system reliability, performance, and
understand system behavior.
troubleshooting issues proactively.
Alerting and APM: Implement alerting
strategies and application performance
monitoring.
Technologies:
Prometheus, Grafan
Elasticsearch, Logstash, Kibana (ELK Stack

Datadog, New Relic rometheus

P G rafana LK Stack.
E J aeger

Security and Compliance

(2 months)

W h a t t o L e a r n :

WHY:
DevSecOps: Integrate security practices Security is paramount in protecting data,
throughout the DevOps lifecycle.
ensuring privacy, and maintaining trust in
Security Fundamentals: Understand IAM, platform services.
encryption, network security, and
compliance standards.
Technologies:

Vault, OP
SAST/DAST tools, container scanning
T rivy Vault OPA

10

Advanced Cloud-Native Technologies

(2-3 months)

W h a t t o L e a r n :

WHY:
Service Mesh: Istio, Linkerd for advanced Advanced cloud-native technologies offer
network traffic control, and security.
sophisticated patterns for scaling,
Serverless and Microservices: Best managing, and securing microservices and
practices, patterns, and pitfalls. serverless applications.

Technologies:

Istio, Linker
Knative, Open FaaS, Kubeless
Istio Linkerd Knative Open FaaS

8/9
 P l at f o r m Engineering Guide

11

Soft Skills
(Continuous)

W h at to L e a r n :

WH Y:
Communication: Effective writing, Effective communication, teamwork and
speaking, Team working and collaboration collaboration is crucial for platform
skills.
engineers, who manage the infrastructure
Problem-Solving: Critical thinking and the essential for product development teams
ability to navigate ambiguity.

Puppet's 2023 State of Platform Engineering Report highlights:

61%
54%
45%
37%

prioritize value collaboration emphasize appreciate

communication skills. skills. translating user questioning
requests into established
requirements. practices

Download the
Full Report

Resources
video blog blog video

What Is a Platform Laying the Platform Engineering What is

Team and What foundation for a Tools: 12 Types of Platform
Problems Do They career in platform Tools to Use in Your Engineering? |
Solve? engineering Platform KodeKloud

blog ebook LEARNING PAT H conference

Platform Platform Platform Join the #1

Engineering 101: Engineering 101: Engineer platform
Get Started with Get Started with Learning engineering virtual
Platforms Platforms Path conference

Embark on your journey to

master Platform Engineering
Platform Engineer Learning Path

★★★★☆ 4.8

https://kode.wiki/490bRp3

9/9