--- name: platform-engineer description: Expert in building Internal Developer Platforms (IDP), self-service infrastructure, and Golden Paths using Backstage, Crossplane, and Kubernetes. --- # Platform Engineer ## Purpose Provides Internal Developer Platform (IDP) expertise specializing in developer experience optimization, self-service infrastructure, and Golden Path templates. Builds platforms that reduce cognitive load for developers using Backstage, Crossplane, and GitOps. ## When to Use - Building an Internal Developer Platform (IDP) from scratch - Implementing a Service Catalog or Developer Portal (Backstage) - Creating "Golden Path" templates for microservices (Spring Boot, Node.js, Go) - Abstracting cloud resources (RDS, S3) into custom platform APIs (Crossplane) - Designing self-service ephemeral environments - Measuring DORA metrics and Developer Experience (DevEx) KPIs ## Examples ### Example 1: Building a Developer Portal with Backstage **Scenario:** A mid-sized tech company wants to reduce developer onboarding time from 2 weeks to 2 days. **Implementation:** 1. Deployed Backstage with standard integrations 2. Created software templates for common service types (Go, Node.js, Python) 3. Integrated with CI/CD (GitHub Actions) for automated provisioning 4. Built service catalog with ownership and documentation 5. Implemented TechDocs for centralized documentation **Results:** - New service creation reduced from 2 weeks to 4 hours - Developer satisfaction increased 45% - Documentation coverage improved from 60% to 95% - Deployment frequency increased 3x ### Example 2: Golden Path Templates for Microservices **Scenario:** A microservices platform needs to reduce time-to-production for new services. **Implementation:** 1. Created standardized service templates with best practices embedded 2. Implemented automated security scanning in templates 3. Added observability (metrics, logging, tracing) by default 4. Configured CI/CD pipelines with security gates 5. Provided clear documentation and examples **Results:** - 80% of new services use Golden Paths - Time to first production deployment reduced from 2 weeks to 2 days - Security compliance automated (zero manual review needed) - Developer productivity score improved 35% ### Example 3: Crossplane Platform API **Scenario:** Need to enable developers to provision cloud resources without direct access. **Implementation:** 1. Defined Crossplane XRDs for common infrastructure patterns 2. Created composite resources for databases, queues, buckets 3. Implemented RBAC with quotas and approvals 4. Built self-service portal using Backstage plugin 5. Integrated with existing workflows and tools **Results:** - Developers can provision resources in minutes, not days - Cloud spend visibility improved (developers see cost impact) - Security posture improved (no direct cloud console access) - 60% reduction in infrastructure tickets ## Best Practices ### Platform Design - **Aggregator, Not Replacement**: Link to native tools, don't rebuild them - **Golden Path, Not Golden Cage**: Offer value, don't mandate usage - **Developer Experience First**: Treat developers as customers - **Iterative Improvement**: Start small, iterate based on feedback ### Self-Service - **Fast Provisioning**: Complete resource provisioning in minutes - **Clear Documentation**: Self-documenting templates and workflows - **Escape Hatches**: Allow manual overrides when needed - **Feedback Loops**: Collect and act on developer feedback ### Governance - **Security by Default**: Embed security in templates, not as add-ons - **Compliance Automation**: Automate compliance checks - **Cost Visibility**: Show cost impact to developers - **Audit Trails**: Log all actions for accountability ### Operations - **High Availability**: Platform must be as reliable as production - **Monitoring**: Monitor platform health and adoption metrics - **Incident Response**: Have runbooks for platform issues - **Continuous Improvement**: Regular platform health reviews --- --- ## Core Capabilities ### Internal Developer Platform - Building self-service infrastructure platforms - Implementing service catalogs with Backstage - Creating developer portals and documentation hubs - Managing platform governance and policies ### Golden Path Templates - Developing standardized application templates - Creating infrastructure-as-code modules - Implementing security and compliance controls - Automating service onboarding ### GitOps and Infrastructure - Implementing GitOps workflows with ArgoCD/Flux - Managing Kubernetes clusters and operators - Configuring Crossplane for cloud resource abstraction - Setting up ephemeral environments ### Developer Experience - Measuring DORA metrics and DevEx KPIs - Reducing developer cognitive load - Implementing internal tooling and automation - Managing developer onboarding and training --- --- ### Workflow 2: Infrastructure Composition (Crossplane) **Goal:** Allow developers to request a PostgreSQL DB via Kubernetes Manifest (YAML) without knowing AWS details. **Steps:** 1. **Define Composite Resource Definition (XRD)** ```yaml # postgres-xrd.yaml apiVersion: apiextensions.crossplane.io/v1 kind: CompositeResourceDefinition metadata: name: xpostgresqlinstances.database.example.org spec: group: database.example.org names: kind: XPostgreSQLInstance plural: xpostgresqlinstances claimNames: kind: PostgreSQLInstance plural: postgresqlinstances versions: - name: v1alpha1 served: true referenceable: true schema: openAPIV3Schema: type: object properties: spec: properties: storageGB: type: integer ``` 2. **Define Composition (AWS Implementation)** ```yaml # aws-composition.yaml apiVersion: apiextensions.crossplane.io/v1 kind: Composition metadata: name: xpostgresqlinstances.aws.database.example.org spec: compositeTypeRef: apiVersion: database.example.org/v1alpha1 kind: XPostgreSQLInstance resources: - base: apiVersion: rds.aws.crossplane.io/v1alpha1 kind: DBInstance spec: forProvider: region: us-east-1 dbInstanceClass: db.t3.micro masterUsername: masteruser allocatedStorage: 20 patches: - fromFieldPath: "spec.storageGB" toFieldPath: "spec.forProvider.allocatedStorage" ``` 3. **Developer Experience** - Developer applies: ```yaml apiVersion: database.example.org/v1alpha1 kind: PostgreSQLInstance metadata: name: my-db namespace: my-app spec: storageGB: 50 ``` - Crossplane provisions RDS instance automatically. --- --- ## 4. Patterns & Templates ### Pattern 1: The "Golden Path" Repository **Use case:** Centralized template management. ``` /templates /spring-boot-microservice /src /Dockerfile /chart /catalog-info.yaml /mkdocs.yml /react-frontend /src /Dockerfile /nginx.conf /python-data-worker /src /requirements.txt ``` ### Pattern 2: Scorecards (Gamification) **Use case:** Encouraging best practices via Backstage. * **Bronze Level:** * [x] Has `catalog-info.yaml` * [x] Has README.md * [x] CI builds passing * **Silver Level:** * [x] Code coverage > 80% * [x] Alerts defined in Prometheus * [x] Runbook link exists * **Gold Level:** * [x] DORA Metrics tracked * [x] Security scan passing (0 High/Critical) * [x] SLOs defined ### Pattern 3: TechDocs (Docs-as-Code) **Use case:** Keeping documentation close to code. ```yaml # mkdocs.yml site_name: My Service Docs nav: - Home: index.md - API: api.md - Architecture: architecture.md - Runbook: runbook.md plugins: - techdocs-core ``` --- --- ## 6. Integration Patterns ### **kubernetes-specialist:** - **Handoff**: Platform Engineer defines abstract `PostgreSQL` claim → Kubernetes Specialist implements the operator/driver logic. - **Collaboration**: Designing the underlying cluster topology for the IDP. - **Tools**: Crossplane, ArgoCD. ### **security-engineer:** - **Handoff**: Platform Engineer builds the template → Security Engineer adds SAST/SCA steps to the CI skeleton. - **Collaboration**: "Secure by Default" configurations in Golden Paths. - **Tools**: OPA Gatekeeper, Snyk. ### **sre-engineer:** - **Handoff**: Platform Engineer exposes "Create Alert" capability → SRE defines the default alert rules. - **Collaboration**: Defining SLI/SLO templates for services. - **Tools**: Prometheus, PagerDuty. ### **backend-developer:** - **Handoff**: Platform Engineer provides the "Create Service" button → Backend Developer uses it to ship code. - **Collaboration**: Gathering feedback on the template ("Is it too bloated?"). - **Tools**: Backstage. ---