Internal (Developer) Platforms

Transcript

1. Internal (Developer) Platforms Why, What, How

2. WHY and WHAT is an Internal (Developer) Platform

3. DevOps burnout There has been an increase in cognitive load

   / stack complexity Inspired by Daniel Bryant at PlatformCon 2022 https://thenewstack.io/devops-burnout-try-platform-engineering/

4. Shift left = Dump left Shift left Security, Testing... =>

   developer Exhaustion https://blogs.cisco.com/developer/avoiding-shift-left-exhaustion-part-1

5. Software Delivery Performance Impact https://www.usehaystack.io/blog/software-developer-burnout-how-to-spot-early-warning-signs DevOps GitOps FullStack Shift Left

   IaC k8s Cloud Distributed APM Agile ...

6. Software Delivery Performance & Business Outcomes In Digital Businesses, there

   is a direct correlation between Developer velocity and Business Outcomes https://dora.dev/research/

7. Top Developer Velocity Companies are stronger Financially https://nightingalehq.ai/blog/developer-velocity/

8. Enabling Fast Flow

9. Team Topologies for Fast Flow Stream-aligned team Platform team Enabling

   team Complicated Subsystem team Collaboration Team Interaction Modes Fundamental Team Types XaaS Facilitating Flow of change https://teamtopologies.com/key-concepts

10. XaaS Platforms can enable Fast Flow Platform Teams build Platforms

    Platform team Team A Team B Team C Platform XaaS Console Portal API App Organizational view Product/Service view App Engineers Platform Engineers Website sdk AI Chat

11. Internal Developer Platform. What is it? An internal developer platform

    (IDP) is a self-service interface between developers and the underlying infrastructure, tools, and processes required to build, deploy, and manage software. Internal Developer Platform Console Portal API Runtime Platform Tools Website Infrastructure Platform Developer Control Plane Developer Service Plane Developer IDPs provide developers with a unified interface to access tools, automate CI/CD pipelines, manage environments, and monitor performance https://internaldeveloperplatform.org/ Provide self-serve Golden Paths

12. Golden Paths / Paved Roads A Golden Path refers to

    an opinionated, well-documented, and supported way of building and deploying software within an organization https://www.redhat.com/en/topics/devops/golden-paths https://www.redhat.com/en/blog/designing-golden-paths IaC Templates App Templates Build and Deploy Pipelines Repos (Code, Artifacts) Observability Security Policies Runtime Docs Automated /Guided Workflow Infrastructure

13. Golden Paths Balancing Act Standards vs Freedom https://www.port.io/blog/how-internal-developer-portals-help-you-to-pave-and-remain-on-the-golden-path

14. "D" in IDP is not only for App Developers Application

    Golden Path AI/ML Model Golden Path Infra Golden Path Security Golden Path Sysadmin Golden Path Data Analytics Golden Path Learning Golden Path ... As many Golden Paths as Development Journeys DBA Golden Path Testing Golden Path

15. An IDP can improve Developer Productivity & Satisfaction Increase Velocity

    Reduce Cognitive Load Simplify Standardise Increase Satisfaction Better Developer Experience Attract and Retain Talent Reduce Zero to Hero Time in multiple dimensions

16. An IDP can improve SPACE metrics Measuring Developer Productivity. SPACE

    framework https://queue.acm.org/detail.cfm?id=3454124 https://www.packtpub.com/en-gb/product/accelerate-devops-with-github-9781801814676 Example metrics

17. Ref: IDP Reference Architecture https://devops.com/internal-developer-platform-idp-reference-architectures/

18. Ref: IDP Tooling Landscape https://platformengineering.org/platform-tooling

19. HOW to design an XaaS Internal (Developer) Platform Most of

    the Design Tips apply to any XaaS Platform

20. Designing XaaS Platforms Internal (Developer) Platform API • Tenant &

    Resource Model • User Journeys & User Interfaces • API • IAM Model • Quotas & Limit • Metering & Billing Model • Support, SLO, SLA • Scalable, Elastic • * more Design Topics Console Portal Website Developer

21. Following Slides present valid design options My preferred option is

    usually the right one :-) Option 1 Option 2 Option 3

22. High Level Internal (Developer) Platform Architecture Console Portal API Website

    Control Plane Orchestrator IAM Catalogue Security & Compliance Onboarding Tenant Management Monitoring & Observability Application Lifecycle Management Infrastructure Lifecycle Management Security Lifecycle Management Application Performance Management Infrastructure and Capabilities providers Service Plane ML Model Lifecycle Management Developer Interfaces Metering & Billing Resource Manager Operations Runtime Platform https://tag-app-delivery.cncf.io/whitepapers/platforms/ Tools Resources

23. Tenant & Resource Model Outcome Oriented vs Capability Oriented "Application"

    vs "Tenant/Project/Account/Subscription/Namespace/Workspace" tenant1 application1 Code repo Tools Resources Application1 Deployment Deployment config Artifacts CI/CD pipeline Infrastructure Runtime Environment IaC Repo IaC Pipeline IaC Repo IaC Pipeline CI/CD pipeline Code repo Artifact Repository Application2 Deployment Runtime Environment Infra Environment Platform Platform Pro: Good for Application lifecycle golden paths Pro: Can serve any golden path & persona

24. Tenants & Resource Hierarchy Plain vs Tree Platform Root1 Folder

    namespace1 Folder namespace2 Root2 Folder namespace1 namespace3 namespace2 Platform Pro: Simpler to implement Pro: allows more complex Authorization policies

25. Authorization Model ABAC vs RBAC vs ReBAC vs a combination

    of the previous https://atekco.io/en/1687242837077-openfga-an-exellent-tool-for-access-control-authorization/

26. APIs Functionality Internal (Developer) Platform API Tenant Management Users, Groups,

    Roles, Policies Management Resources Lifecycle Management Onboarding* Resource Consumption** *Onboarding: could require humans interaction (approvals) and be a separate process that uses the Platform APIs ** Resource Consumption Interface depends on the Platform Resource model abstractions

27. Level of Abstraction for Resources Abstract away from context (wrapper)

    or not (pure control plane) Internal Developer Platform Console Portal API Runtime Platform Tools Website Infrastructure Platform Management & Usage Time Usage Time Internal Developer Platform Console Portal API Runtime Platform Tools Website Infrastructure Platform Management Time Usage Time Pro: Easy to Control, hiding implementation Pro: easier to extend to leverage existing solutions

28. Level of Abstraction for Resources For IDPs is better not

    to abstract Developers from context Internal Developer Platform 1-CreateTenant(TemplateId) Runtime Platform Tools GitHub Github Actions JFrog Artifactory tenant1 Kubernetes PostgresSQL RabbitMQ Templates Resources 2- Provision Resources 3-Configure Access & Policies GitHub Repo Github Actions Artifactory namespace database Urls to the Tools 4-Use tools Natively via SSO

29. DevEx & Stack Abstraction Fullstack vs Serverless Servers, Storage, Networking

    Virtualization Operating System Kubernetes Middleware Database App Logic , Data Runtime Frameworks Servers, Storage, Networking Virtualization Operating System Kubernetes Middleware Database App Logic , Data Runtime Frameworks Servers, Storage, Networking Virtualization Operating System Kubernetes Middleware Database App Logic , Data Runtime Frameworks Servers, Storage, Networking Virtualization Operating System Kubernetes Middleware Database App Logic , Data Runtime Frameworks Managed by App Engineers Managed by Platform Engineers Infrastructure Application +Velocity +Cognitive Load +Optionality

30. DevEx & App Model. Example App Deployment 12factor like App

    API API Database Storage Bucket Messaging Topic service 1. Auth 2. Create Tenant 3. Configure Runtime Environment 4. Deploy Attached Resources from IaC templates 5. Create App repo from template 6. Configure Deployment (App + Attached Resources) 7. Deploy App 8. Test and Observe App Kubernetes url/connection strings LB DNS VPC API GW tenant1 Tools Resources App1 Deployment IaC Repo IaC Pipeline CI/CD pipelines Code repo Artifact Repository namespace database bucket config topic config CDN secrets Managed by App Engineers Managed by Platform Engineers IDPlatform Developer Journey Runtime Env

31. GitOps vs APIs Cracking a nut with a sledge hammer?

    tenant1 tenant2 tenantN Terraform Actions tenant1 tenant2 Terraform Actions Terraform Actions Platform Engineer PR approval tenant3 Terraform Actions Internal Developer Platform DB API Entities As Files tenant1 tenant2 tenantN Central Repo Distributed Repos Backend with DB Entities Operations implemented as Pipelines API Operations One per user /tenant

32. Platform Orchestrator Out of the box vs Customizable vs Extensible

    Generic vs Specific Actions CI/CD Pipelines Workflow engine By Code step1(c) If c.ouput then ... By Product CRDs & Operators Custom Resource Operator Humanitec Platform Orchestrator Kratix Azure Durable Functions Temporal.io Azure Logic Apps Workato Kubernetes Harness CI/CD Azure DevOps

33. Dealing with Private Environments Internal Developer Platform Control Plane Delegate

    Runtime Infrastructure Firewall Friendly https://developer.harness.io/docs/platform/delegates/delegate-concepts/delegate-overview/ https://developer.hashicorp.com/terraform/cloud-docs/agents Private Environment 3 Do grunt work 1 Manage&Configure 2 Pick up work Harness CI/CD Outbound connectivity from Delegate to Control Plane Firewall Hashicorp Cloud Platform Terraform

34. Designing XaaS Platforms Internal (Developer) Platform API • Tenant &

    Resource Model • User Journeys & User Interfaces • API • IAM Model • Quotas & Limit • Metering & Billing Model • Support, SLO, SLA • Scalable, Elastic • * more Design Topics Console Portal Website Developer

35. Is your IDP your Internal Platform? The Platform for consuming

    any Platform On Prem AWS Google Cloud Platform Azure Hashicorp Cloud Platform Harness.io Software Delivery Platform Github.com DataDog ... Internal (Developer) Platform API Console Portal Website Management Time Usage Time

36. Thanks! https://www.linkedin.com/in/rubengblanco https://medium.com/@ruben.gblanco https://speakerdeck.com/_rubengb