DevOps
Platform Engineering
In 2020, Spotify published the Backstage concept and golden paths. By 2023, 1800+ companies use Backstage and Platform Engineering has become a recognized discipline. The insight: developer productivity is an infrastructure problem, and it deserves the same engineering investment as reliability.
- **Spotify** built Backstage for 2000+ engineers - the Software Catalog contains 10,000+ components; creating a new service takes 2 minutes instead of 2 weeks.
- **Airbnb** uses golden paths for service creation - all new services automatically get SAST scanning, Datadog monitoring, and PagerDuty integration without manual setup.
- **Zalando** implemented Crossplane for self-service databases - developers create PostgreSQL in AWS via `kubectl apply`; the Platform team is not a bottleneck for 200+ teams.
Internal Developer Platform (IDP)
An Internal Developer Platform (IDP) is a set of tools and processes that allow developers to independently provision infrastructure, deploy applications, and manage services without creating tickets to a DevOps team. It removes the DevOps team as a bottleneck.
IDP success metric: DORA metrics. Deployment frequency, lead time for changes, MTTR, and change failure rate all improve when developers can self-serve without coordination overhead.
What main problem does an Internal Developer Platform solve?
Golden Paths
A Golden Path (Spotify term) is a recommended, documented, and automated way to accomplish a task. Golden paths include security scanning, monitoring, and testing by default. They are called 'recommended' not 'mandatory' to reduce friction and edge case blocking.
Golden paths provide leverage: one Platform Engineer builds a template, 200 developers use it. Best practices (security scanning, structured logging, health endpoints) are baked in by default - not optional.
Why are golden paths called 'recommended' rather than 'mandatory'?
Backstage
Backstage is an open-source Developer Portal from Spotify. Key components: Software Catalog (all services, their owners, runbooks, and SLOs), TechDocs (documentation as code), Software Templates (golden paths), and Plugins (Datadog, PagerDuty, Kubernetes, GitHub integrations).
Software Catalog becomes the source of truth for service ownership. When a dependency fails, engineers can immediately find who owns it without Slack archaeology or org chart navigation.
What problem does the Backstage Software Catalog solve during a 3am incident?
Self-Service Infrastructure
Self-service infrastructure allows developers to request resources (database, queue, storage bucket) through a UI or kubectl without creating tickets to the DevOps team. Crossplane implements this as Kubernetes-native provisioning: developers apply a YAML claim, the platform provisions the actual cloud resource.
Crossplane vs Terraform for self-service: Terraform requires running `terraform apply` and managing state files. Crossplane runs as a Kubernetes controller with continuous reconciliation - if someone manually deletes the RDS instance, Crossplane recreates it automatically.
Platform Engineering is just DevOps with a different name
DevOps is the collaboration model between development and operations teams. Platform Engineering is a specialization: building internal products (IDP) that serve other engineering teams as customers.
DevOps engineers deploy applications and maintain infrastructure. Platform Engineers build the tooling that allows other engineers to deploy their own applications and provision their own infrastructure. The customer is different: DevOps serves the business, Platform Engineering serves other engineers.
How does Crossplane differ from Terraform for self-service infrastructure?
Summary
- **IDP** eliminates developer cognitive load from infrastructure concerns and removes the DevOps team as a bottleneck; developers self-serve production-ready services through a UI.
- **Golden Paths + Backstage** - recommended templates with built-in security and monitoring; Backstage as the single source of truth for all services in the organization.
- **Self-Service via Crossplane** - Kubernetes-native infrastructure provisioning via kubectl; Platform team defines compositions, developers use them as abstractions.
Related Topics
Platform Engineering integrates security, K8s patterns, and developer workflow:
- DevSecOps — Security scanning is embedded in golden path templates - every new service automatically gets SAST/DAST without manual setup.
- K8s: Advanced Patterns — Crossplane, ArgoCD, and Backstage run on the Kubernetes API as custom controllers.
Вопросы для размышления
- At what team and service count does investing in a full IDP with Backstage make sense?
- How do you measure the success of a Platform Engineering team? What metrics to use?
- What is the difference between 'platform as product' and traditional DevOps when working with internal customers?