Platform Engineering is something that grew out of a mix of what software developers and sysadmins had been doing for years.
The only real difference is that most software these days either lives somewhere in some cloud or various services that support it do. Meaning that someone needs to design it, scale it and support it. This is not traditionally within the scope of a software engineer’s day job and requires a range of specialisms oftentimes not found with a developer’s direct focus.
This has all become a massively complex piece of the pie, with billions of people having access to the internet and oftentimes hundreds of millions of people having access to platforms that need to run seamlessly, continuously.
There are a range of job titles that have spun off the back of this, they are often called DevOps, SREs or Platform Engineers; and while there is a decent amount of overlap, each of these finds their own niche in the amount of time spent either architecting hosting components, addressing security, setting up authentication or writing code to automate environment creation.
Platform Engineers in 2020 often need to focus on most of the following things.
Architecting software pipelines
While the broader Engineering teams tend to focus on the applications – whether that be the frontends or backends – the Platform team is more centred around deployment, configuration and scalability of these applications in the greater hosting world.
Creating pipelines that test, archive and deploy application components is at the centre of any successful Platform team.
Understanding, designing and configuring optimised networking structures allows for applications and services to communicate unhindered, securely, all while cost saving where possible. As many clouds still charge absolute fortunes for bandwidth usage.
Setting up Virtual Private Networks, Routing Tables, Domain Name Servers, Hosted Zones, Subnets and the relevant Security Groups to go along with it all is crucial to every single cloud environment.
Let’s face it, the amount of cybersecurity issues out there is simply ridiculous, from lone hackers looking for and manipulating available systems and networks to academic penetration testers scanning all ports on large blocks of IP ranges and running many different types of simulated attacks on found hosts.
Keeping security at the forefront of every architectural and platform related task is so important that businesses would not be able to exist on the internet without it. Staying abreast of industry updates is as important.
Infrastructure as Code
Gone are the days of creating everything manually. There was a time when a single machine was enough to power a popular website or application, the server was initially setup by someone with the skills that could SSH into the box and configure the required things. Once this was done, the DNS was updated to point to the server and you were done.
What happens when you need to be able to replicate that exact machine multiple times, or add more instances of it when there is a traffic spike, or even remove instances when you don’t need so much available resource? The manual methods simply don’t cut it anymore.
This is where Infrastructure as Code, or simply IaC for short, comes into the mix.
Enter CloudFormation or Terraform. These tools have become the centre-piece of many Platform teams and the folks who work in them.
Being able to write code that can provision environments and change or destroy them on the fly is critical to cost-saving and overall automation.
Hosting in general
By now it should be really apparent that hosting in general, is where it’s all at. Knowing about which cloud provider supports a specific feature or offering as opposed to all the other competitors is key in being a high flyer in the Platform Engineering world of 2020.
Do you only care about AWS, GCP or Azure, or do you also know and use Digital Ocean, Vultr, Linode, Hetzner, OVH and others where the need arises? If you don’t use them, you really should at least know about them and what they bring to the table by comparison.
Following on from our earlier point on IaC, being able to scale an application as demand for utilisation adjusts will help your organisation immensely. Why pay for resources that you don’t use and only ever need to use during a traffic spike?
Knowing multiple techniques to achieve scaling is ideal, especially if you want to compare speeds of resource adjustment or perform any type of cloud performance benchmarking.
Containerisation and Orchestration
Ever heard the phrase “works on my machine”? Well, you shouldn’t have to hear that anymore in 2020. Thanks to containerisation techniques from the likes of Docker and a few others.
Deploying software used to be quite complicated. You would have to match up dependencies on development environments and install sets of small changes until the application worked as expected. Not with containers, you can just dump the application and all dependencies into a container and commit that as a fully working and contained application that can be promoted between environments at will.
With the addition of Orchestration, one can now control how many containers run from where and how they connect to one another and many other more advanced features. The current big player in this category is Kubernetes, which many organisations are currently changing over to for its vast features and stability.
Understanding of multi-cloud
Being able to deploy applications and make sure everything is operating perfectly is great, but quite often a business is not prepared to be entirely vendor locked into any particular cloud. Another potential reason is when within an organisation, different services live within different clouds. Perhaps a global organisation prefers to have one geopolitical region tied to a certain cloud, whereas in another, a different cloud makes sense for them.
This is where cloud agnosticism kicks in.
Knowing about how each cloud works, what their own benefits are and how to compare like for like, makes for a very well rounded and highly desirably Platform Engineer.
Hardcoding passwords into your version control system, or storing them in plain text is simply unacceptable. There are many better ways of doing this these days. One can even rotate passwords on the fly and reassign them on expiry based timescales directly to all environments, even if production is the only one that they tell you to do it on.
Systems such as AWS Secrets Manager, Google Secrets Manager or Hashicorp’s Vault provide a world of features that can dramatically enhance security to your digital real estate. While these tools exist, there are a plethora of alternatives that are always worth watching.
Continual growth and exploration
Staying up to date with software systems, programming languages, techniques for deployments, numerous packages managers and alternate hosting offerings. As well as current security notifications and worldwide alerts are all in a day’s work for a Platform Engineering team. This is not to say that a single engineer should or even could be doing all of these things continually, but being aware of what it takes and knowing how to achieve these objectives will help drive your organisation’s platforms ahead.