In this episode of The Stream Life Podcast, I chatted with Luca Galante from Humanitec about platform engineering and its impact on observability and security. Listen to the full episode or read below to learn more about how platform engineers are developing toolchains and workflows that facilitate self-service functionalities for software engineering organizations in the era of cloud-native computing.
Platform engineering is the art of effectively taking all the different tech and tools within an organization and binding them together into customized solutions that enable self-service for the developers within that enterprise. The goal of these solutions, referred to as golden paths, is to reduce the cognitive load of individual contributors.
A collection of golden paths is referred to as an intern developer platform (IDP) — a product that’s built by the platform engineering team and delivered to their “customers,” which in this case are the developers mainly within the CI/CD space of the organization.
The developer side of the DevOps world can be overwhelming. If a developer wants to spin up a preview environment to test a small change, it can require them to touch up to ten different tools and three or four different scripts.
Everything from YAML files and Helm charts to Terraform modules and Jenkins transformations is on the table at any given time, so devs need to understand their entire delivery setup and tool chain from end-to-end — just to test small changes. In many cases, they’ll end up pinging their Ops team for help, which eventually becomes a bottleneck to the entire delivery setup.
Since developers have become hesitant to make changes on their own and Ops teams are busy putting out the fires in their support tickets, the need for platform engineers has emerged. The IDPs they can build create a layer on top of this increasingly complex cloud-native tool chain, giving developers access to the tech they need with appropriate levels of abstraction to run and operate their applications.
Operations teams can help define golden paths for platform engineers so they can provide configuration templates to be used by the developers. In a sense, platform engineering enables true DevOps and the ability to deliver on the “shifting left” idea, which has been stuck in neutral for some time. A platform layer between developers and ops, infrastructure, security, and observability teams allows this to happen without the whole thing breaking.
As companies grow, their ability to ship software tends to decrease. Product releases evolve to require complex launches, expensive marketing campaigns, legal contracts, briefing sales teams, and training support staff. The last thing organizations need is another obstacle at the beginning stages of the product life cycle — platform engineers work to prevent this additional friction against shipping software.
Ops teams are typically the ones driving platform engineering initiatives. They’re constantly under pressure, doing a lot of repetitive tasks, and getting distracted from doing anything intellectually stimulating. Effective IDPs allow them to shift their focus back to more exciting tasks.
Developers have to deal with the other side of this experience — they’re often stuck for hours waiting for responses to their Slack messages or for weeks waiting on approval for a preview environment. Platform engineering helps get the wheels turning for them more quickly.
For executives, the benefits include efficiency, shorter times to market, and an overall reduced sense of frustration.
Having a platform layer that sits on top of your entire delivery setup gives you really good insights into your team’s performance and allows security teams to be far more proactive in the decision-making process.
Luka and his team Humanitec rolled out an integration last year with an observability company that is realizing some of these benefits. They plugged into a platform layer built with Humanitec and easily pulled out some DORA metrics to get a good picture of key security information. They’re now able to easily trace who has deployed what and to what environment and easily do rollbacks or rollout fixes to production.
On top of that extra layer of security, they can enforce role-based access controls (RBAC) across the entire CI/C and avoid operating without boundaries within a patchwork of open-source tools. The enterprise version of Humanitec offers full RBAC on three levels — application, organization, and environment — allowing security folks in the enterprise to be granular about who can deploy what, where, and when.
If you have 50+ developers, you’ll likely benefit from a platform engineering practice — check out the full episode of the Stream Life Episode 81 with Luca to hear more and to learn how to get started with one for your organization.
Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.
We offer free training, certifications, and a free tier across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started and continue to build and evolve. We also offer a variety of hands-on Sandboxes for those interested in how companies globally leverage our products for their data challenges.
Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.